1. 技术文章
  2. How to use the default AWS credentials chain for an S3 backed Maven repository in a Gradle build?

How to use the default AWS credentials chain for an S3 backed Maven repository in a Gradle build?

安稳与你 提交于 2020-03-18 04:54:23

问题


According to Gradle documention (Example 50.27), we can use S3 backed Maven repositories with Gradle 2.4. However, the only example given in the docs passes explicit AWS credentials to the S3 repository declaration:

repositories {
    maven {
        url "s3://someS3Bucket/maven2"
        credentials(AwsCredentials) {
            accessKey "someKey"
            secretKey "someSecret"
        }
    }
}

I need to do the same thing, but I want Gradle to use the DefaultAWSCredentialsProviderChain, from the AWS JDK, instead of explicit credentials. Something like:

repositories {
    maven {
        url "s3://someS3Bucket/maven2"
        credentials(AwsCredentials) {
            // Default AWS chain here?
        }
    }
}

This way, it would find the Instance Profile Credentials that I have configured for my EC2 instances where the Gradle build would be running.

Is there a way to accomplish this? Or, is Gradle only capable of authenticating against S3 with explicit credentials given in the build file?


回答1:


More recent versions of Gradle provide a built-in way to use credentials from the default provider chain, eg:

maven {
    url "s3://myCompanyBucket/maven2"
    authentication {
       awsIm(AwsImAuthentication) // load from EC2 role or env var
    }
}

This avoids the need to manually create an instance of the provider chain and pass in the credential values.




回答2:


Untested, but I would try:

buildscript { 
    repositories { 
        mavenCentral() 
    } 

    dependencies { 
        classpath 'com.amazonaws:aws-java-sdk:1.10.58' 
    } 
}

import com.amazonaws.auth.DefaultAWSCredentialsProviderChain

repositories {
    maven {
        url "s3://someS3Bucket/maven2"
        credentials(AwsCredentials) {

            def defaultCredentials = new DefaultAWSCredentialsProviderChain().getCredentials()
            accessKey defaultCredentials.getAWSAccessKeyId()
            secretKey defaultCredentials.getAWSSecretKey()
        }
    }
}



回答3:


I managed to accomplish the pom.xml generation, as well as the upload to S3, with the following build.gradle:

apply plugin: 'java'
apply plugin: 'maven-publish'

buildscript {
    repositories {
        mavenCentral()
    }
    dependencies {
        classpath 'com.amazonaws:aws-java-sdk:1.10.58'
    }
}

publishing {
    publications {
        mavenJava(MavenPublication) {
            groupId 'com.acme'
            artifactId 'sample-gradle-dependency'
            version '1.0'
            from components.java
        }
    }
    repositories {      
        maven {
            url "s3://my-bucket/releases"
            credentials(AwsCredentials) {
                def defaultCredentials = new com.amazonaws.auth.DefaultAWSCredentialsProviderChain().getCredentials()
                accessKey defaultCredentials.getAWSAccessKeyId()
                secretKey defaultCredentials.getAWSSecretKey()
            }
        }       
    }   
}

This one requires apply plugin: maven-publish, which apparently is the new version of apply plugin: maven.

This one runs with:

$ gradle publish


来源:https://stackoverflow.com/questions/35852475/how-to-use-the-default-aws-credentials-chain-for-an-s3-backed-maven-repository-i

标签
maven
gradle
amazon-s3
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!