Profile-derived automation of Code Artifact authentication with Gradle

Introduction

The repository will be managed and it will be very convenient. However, when I read [Official Document] doc, I should load the token in the environment variable ... Do you do such annoying things every time? do not want to!

So I wrote to read from the profile that would have been set in the AWS CLI.

Premise

You have already set up an AWS CLI profile that allows you to access any CodeArtifact

How to use

Copy the whole below

build.gradle


buildscript {
	repositories {
		mavenCentral()
	}
	dependencies {
		classpath 'com.amazonaws:aws-java-sdk-codeartifact:1.11.801'
	}
}

import com.amazonaws.services.codeartifact.AWSCodeArtifactClient;
import com.amazonaws.auth.profile.ProfileCredentialsProvider;
import com.amazonaws.services.codeartifact.model.GetAuthorizationTokenRequest;
def setAuthorizationToken = {mavenArtifactRepository, profile ->
	def domainLevels = mavenArtifactRepository.url.getHost().split('\\.')
	def artifactDomain = domainLevels[0].substring(0,domainLevels[0].lastIndexOf("-"))
	def artifactOwner = domainLevels[0].substring(domainLevels[0].lastIndexOf("-")+1)
	def region = domainLevels[domainLevels.length -3]

	def client = AWSCodeArtifactClient.builder()
		.withCredentials(new ProfileCredentialsProvider(profile))
		.withRegion(region)
	.build();

	def result = client.getAuthorizationToken(new GetAuthorizationTokenRequest()
		.withDomain(artifactDomain)
		.withDomainOwner(artifactOwner)
	);

	mavenArtifactRepository.credentials {
		username "aws"
		password result.authorizationToken
	}
}


apply plugin: 'java'
apply plugin: 'eclipse'

repositories {
	maven {
		url 'https://trial-558497472117.d.codeartifact.us-west-2.amazonaws.com/maven/trial/'
		setAuthorizationToken(owner, "profileName")
	}
}

dependencies {
	implementation platform('com.amazonaws:aws-java-sdk-bom:1.11.801')
	implementation 'com.amazonaws:aws-java-sdk-codeartifact'
}

If you replace the following `here` with the profile name, it's OK

setAuthorizationToken(owner, "here")//← Profile name

Reference

Digression

If it is s3, it is not necessary to pull it with buildscript from ( lib \ plugins \ aws-java-sdk-s3-1.11.xxx.jar) in the wrapper of gradle. Since the buildscript aws-java-sdk-codeartifact cannot be closed at first, it cannot be made stand-alone with only complete CodeArtifact. I can do it after caching locally, but ... There wasn't a AWSCodeArtifactReadOnlyAccess -like thing in the AWS management policy yet. (Can you do it in the future? Note that CodeArtifact is not enough and you also need `` `sts: GetServiceBearerToken```!

Recommended Posts

Profile-derived automation of Code Artifact authentication with Gradle
Until you run Hello World of JavaFX with VS Code + Gradle
Static code analysis with Checkstyle in Java + Gradle
[Java] Explanation of Strategy pattern (with sample code)
Using Gradle with VS Code, build Java → run
Java Repository of Eclipse with Maven: Missing artifact ~
The procedure I did when I prepared the environment of gradle + Java with VS Code (Windows 10)
Build ruby debug environment with VS Code of Windows 10
Implement the UICollectionView of iOS14 with the minimum required code.