1

We've started using an AWS CodeArtifact Maven repository. Before connecting, developers must run a command ("aws") to acquire a temporary access token. How can I configure Maven to acquire and use this token automatically, without requiring running a script, configuring an IDE or changing the simple command line "mvn install"?

Maybe there's a trick I'm overlooking.

The token must be "interpolated" in the element <server>/<password> in settings.xml. This file will pre-process either an environment variable ({$env.token}) or a Java system property ({$token}). It will not process a project property.

  • The repository password cannot be specified within the POM file.
  • The settings.xml file cannot use project properties.
  • The exec-maven-plugin cannot set an environment variable in the parent process (Windows). It can write to a file.
  • The properties-maven-plugin cannot set a dynamic system property (e.g., from a file or script output).
  • The surefire plugin binds to the test phase and forks a JVM.
  • The Windows setx command does not affect the running process.

UPDATE: Maven downloads repository metadata before the first phase, so no plugin will solve the problem.

Improve this question
4
  • 1
    Have you already taken a look at AWS CodeArtifact Maven Proxy?
    – Andrey B. Panfilov
    Commented Oct 5, 2022 at 3:38
  • I'm fascinated that somebody else has thought about the problem and created a solution. Make it an answer and I'll accept it. Though, a more convenient solution would be a wagon that sets certain system properties, including a TTL, from a shell script. That would work with AWS SSO as well.
    – Steve Mitchell
    Commented Oct 5, 2022 at 11:26
  • well, there is wagon extension on GH: github.com/OneGeek/codeartifact-maven-wagon
    – Andrey B. Panfilov
    Commented Oct 5, 2022 at 17:29
  • That's better. No configuration is needed in settings.xml and the token is not written to a file. However, it connects to AWS twice for every repository access. It's open source and simple code, so caching could be added. Thanks!
    – Steve Mitchell
    Commented Oct 6, 2022 at 7:27
Related questions
4
Maven server authentication as profile properties
17
Can I inject properties from Maven (passwords defined in settings.xml) into my Spring container?
1
how to configure maven to use credentials
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Browse other questions tagged or ask your own question.