Maven cannot see latest dependency version deployed in gitlab package registry repository

skls1337 · June 9, 2023, 10:21am

I deployed a Maven project in a private gitlab and after couple of versions deployed, the pom.xml cannot recognize the new dependency, and maven returns that the dependency with that specific version is missing from gitlab package, even if it’s there. I deleted some artifacts from there and the pom.xml is still seeing them, so I am assuming there is a de-sync between the gitlab remote and intellij, but still the maven can’t retrieve latest artifacts from the package registry from gitlab.

My pom.xml looks something like this:

<repositories>
		<repository>
			<id>gitlab-maven</id>
				<url>https://my.gitlab.company/api/v4/projects/my-project-id/package/maven</url>
		</repository>
	</repositories>

	<distributionManagement>
		<repository>
			<id>gitlab-maven</id>
				<url>https://my.gitlab.company/api/v4/projects/my-project-id/package/maven</url>
		</repository>

		<snapshotRepository>
			<id>gitlab-maven</id>
			<url>https://my.gitlab.company/api/v4/projects/my-project-id/packages/maven</url>
		</snapshotRepository>
	</distributionManagement>

	<dependencies>
		<dependency>
			<groupId>com.mycompany</groupId>
			<artifactId>myartifact</artifactId>
			<version>0.0.1-SNAPSHOT</version>  <-- this version works
		</dependency>
              <dependency>
			<groupId>com.mycompany</groupId>
			<artifactId>myartifact</artifactId>
			<version>0.0.4-SNAPSHOT</version>  <-- this version is not found in gitlab even though it is deployed and I can see it in package registry
		</dependency>
       </dependencies>

Any tips? Thanks

xenomachina · June 9, 2023, 2:22pm

I don’t use maven, but I use the GitLab maven repo with Gradle. (Just providing this context to let you know I can’t help with maven syntax, but am familiar with some of the issues that come up when using GitLab’s maven repository.)

How are you telling maven the credentials for GitLab? GitLab will return a 404 (ie: Not Found) status if authorization fails, which can be really confusing. Is it possible that the versions that appear to work are actually coming from somewhere else, like your local machine?

skls1337 · June 9, 2023, 2:44pm

When I pulled the dependency with maven it didn’t require me any form of authorization because I provided the remote from where to pull the dependency in the pom.xml. At some point I could retrieve my library from gitlab without any issue, but when I made new version of it, gitlab couldn’t find that library with that new version. I don’t know what is causing this problem.

xenomachina · June 9, 2023, 6:34pm

Is the maven repository in question publicly accessible? If not, then you need to provide a token to authenticate with the package registry.

To debug, you can try to work out the URL that the artifact should exist at, and use curl to retrieve it. Remember that GitLab returns a “not found” response rather than returning “not authorized” even in cases where the URL is correct but you are not authorized.