Hello and good day,
I am trying to establish a setup with multiple projects on gitlab.com and some of these projects publish maven artifacts to the gitlab maven repository. I want to include those artifacts in other projects via dependencies in maven builds.
The following section within the pom.xml is the same for all projects:
<repositories>
<repository>
<id>gitlab-maven
<url>https://gitlab.com/api/v4/groups//-/packages/maven
</repository>
</repositories>
<distributionManagement>
<repository>
<id>gitlab-maven
<url>${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/maven
</repository>
<snapshotRepository>
<id>gitlab-maven
<url>${CI_API_V4_URL}/projects/${CI_PROJECT_ID}/packages/maven
</snapshotRepository>
</distributionManagement>
As far as I have read from the documentation, you need to publish to the project. Hence the distribution management links are on a project level. The repository is on a group level, with the intent of importing multiple libraries which were published from other projects. Since no CI_GROUP_ID variable exists, I used the hard-coded URL. Group ID was copied from group overview on gitlab.com
This setup however is not working.
I have pushed an artifact successfully with the following result:
However, during the build of the dependent project, the artifact cannot be included with the error:
Failed to execute goal on project thirdpartyauth: Could not resolve dependencies for project de.xxx:thirdpartyauth:jar:1.0.0: Failed to collect dependencies at de.xxx:datalayer-lib:jar:1.0.1: Failed to read artifact descriptor for de.xxx:datalayer-lib:jar:1.0.1: Could not transfer artifact de.xxx:datalayer-lib:pom:1.0.1 from/to gitlab-maven (https://gitlab.com/api/v4/groups/xxxxx355/-/packages/maven): authorization failed for https://gitlab.com/api/v4/groups/xxxxx355/-/packages/maven/de/xxx/datalayer-lib/1.0.1/datalayer-lib-1.0.1.pom, status: 403 Forbidden → [Help 1]
I have set up a ci_settings.xml file which looks like this in each project:
<settings xmlns=“http://maven.apache.org/SETTINGS/1.1.0” xmlns:xsi=“http://www.w3.org/2001/XMLSchema-instance”
xsi:schemaLocation=“http://maven.apache.org/SETTINGS/1.1.0 http://maven.apache.org/xsd/settings-1.1.0.xsd”>
<servers>
<server>
<id>gitlab-maven
<configuration>
<httpHeaders>
<property>
<name>Job-Token
<value>${CI_JOB_TOKEN}
</property>
</httpHeaders>
</configuration>
</server>
</servers>
</settings>
I am using the setting via "-s ci_settings.xml " in the maven options within the gitlab-ci.yml
What has worked in the past is to use a personal access token in the ci_settings.xml, set the project Id to the project the current project is dependent on and run ‘mvn deploy’ from my local machine. That way, the jar war present in the project repository. But this is not feasible to deploy the same package into every project where it is needed.
I am sure that I am overlooking something and it is a small detail, but I can’t find an issue at the moment.
Does anyone have a likewise setup and it is working for them? Or can you spot a mistake I am making.
Thank you for reading,
Sebastian