Maven release plugin fails : source artifacts getting deployed twice

匿名 (未验证) 提交于 2019-12-03 01:27:01

问题:

We are using the maven release plugin on hudson and trying to automate the release process. The release:prepare works fine. When we try to do the release:perform , it fails because it tries to upload a source artifact twice to the repository.

Things that I tried,

  1. removing the profile which does include the maven source plugin from the super pom ( did not work)
  2. specifying the goals on hudson for release as -P!attach-source release:prepare release:perform. Which I thought will exclude the source plugin from getting executed. (did not work).
  3. tried specifying the plugin phase to some non existent phase in the super pom.(Did not work)
  4. tried specifying the plugin configuration, forReleaseProfile as false. ( guess what?? Did not work too)

It still spits out this error.

[INFO] [DEBUG] Using Wagon implementation lightweight from default mapping for protocol http [INFO] [DEBUG] Using Wagon implementation lightweight from default mapping for protocol http [INFO] [DEBUG] Checking for pre-existing User-Agent configuration. [INFO] [DEBUG] Adding User-Agent configuration. [INFO] [DEBUG] not adding permissions to wagon connection [INFO] Uploading: http://xx.xx.xx.xx:8081/nexus/content/repositories/releases//com/yyy/xxx/hhh/hhh-hhh/1.9.40/hhh-hhh-1.9.40-sources.jar [INFO] 57K uploaded  (xxx-xxx-1.9.40-sources.jar) [INFO] [DEBUG] Using Wagon implementation lightweight from default mapping for protocol http [INFO] [DEBUG] Using Wagon implementation lightweight from default mapping for protocol http [INFO] [DEBUG] Checking for pre-existing User-Agent configuration. [INFO] [DEBUG] Adding User-Agent configuration. [INFO] [DEBUG] not adding permissions to wagon connection [INFO] Uploading: http://xx.xxx.xx.xx:8081/nexus/content/repositories/releases//com/xxx/xxxx/xxx/xxx-xxx/1.9.40/xxx-xxx-1.9.40-sources.jar [INFO] [DEBUG] Using Wagon implementation lightweight from default mapping for protocol http [INFO] [INFO] ------------------------------------------------------------------------ [INFO] [ERROR] BUILD ERROR [INFO] [INFO] ------------------------------------------------------------------------ [INFO] [INFO] Error deploying artifact: Authorization failed: Access denied to: http://xx.xxx.xx.xx:8081/nexus/content/repositories/releases/com/xxx/xxx/xxx/xxx-config/1.9.40/xxx-xxx-1.9.40-sources.jar 

Any help regarding this will be really appreciated.

回答1:

Try running mvn -Prelease-profile help:effective-pom. You will find that you have two execution sections for maven-source-plugin

The output will look something like this:

    maven-source-plugin2.0.4attach-sourcesjarjar

To fix this problem, find everywhere you have used maven-source-plugin and make sure that you use the "id" attach-sources so that it is the same as the release profile. Then these sections will be merged.

Best practice says that to get consistency you need to configure this in the root POM of your project in build > pluginManagement and NOT in your child poms. In the child pom you just specify in build > plugins that you want to use maven-source-plugin but you provide no executions.

In the room pom.xml:

org.apache.maven.pluginsmaven-source-pluginattach-sourcesjar

In the child pom.xml:

org.apache.maven.pluginsmaven-source-plugin


回答2:

I know this question is old but it was google hit #1 today so I'll add my answer appropriate for recent versions of maven 3.

The symptom is that sources and javadoc jars are deployed twice when doing a release build with some versions of maven 3. If you're using maven to deploy your artifacts to a Sonatype Nexus repository that only allows a release artifact to be uploaded once (which is totally reasonable behavior), the build fails when the second upload attempt is rejected. Argh!

Maven versions 3.2.3 thru 3.3.9 have bugs - see https://issues.apache.org/jira/browse/MNG-5868 and https://issues.apache.org/jira/browse/MNG-5939. Those versions generate and deploy sources and javadoc jars twice when doing a release.

If I read the Maven issue tracker correctly, those bugs are not scheduled for fix as of this writing (the burned 3.4.0 release probably affected these).

Instead of a complex tweak to my pom, my simple workaround was to fall back to Maven version 3.2.1.



回答3:

Just having hit the same problem, I analyzed it a bit. mvn release:perform evaluates the release.properties file, then checks out the tag in a temporary directory and invokes there something like

/usr/bin/mvn -D maven.repo.local=... -s /tmp/release-settings5747060794.xml     -D performRelease=true -P set-envs,maven,set-envs deploy 

release:prepare and invoked this:

mvn -D performRelease=true -P set-envs,maven,set-envs deploy 

I got the same result: It was trying to upload the -sources.jar twice.

As noted by qualidafial in a comment, setting performRelease=false instead omits one of the two attachments of the same file.

I don't really have an idea how the deploy plugin (or any other plugin) uses this property.

We can provide this parameter as a configuration to the maven-relase-plugin:

org.apache.maven.pluginsmaven-release-plugin2.3.2false

I now added the false line to all the POMs, and it looks like releasing now works without an error message.



回答4:

I don't think the probem is in the release plugin, I think you've got the xxx-sources.jar attached two times - that's why the duplicate upload. Why is there a duplicate attachment is hard to tell without seeing the POM. Try running mvn -X and checking the log for who attaches xxx-source.jar another time.

In any case, a good workaround on Nexus would be having a staging repository where you can upload releases several times - and when everything's ready you just close/promote the staging repo. Check the Sonatype OSS setup for an example.



回答5:

I had the same problem. Basically, the error message is issued when an artifacts is sent to Nexus twice. This may be twice to the same Nexus repository or even across different repositories within the same Nexus.

However, the reasons for such a misconfiguration may vary. In my case, the artifacts were uploaded correctly during a mvn clean deploy build step in Jenkins, but then failed when a second deploy had been attempted. This second deploy had been configured in a Jenkins post build step "Publish artifacts in Maven repository".



回答6:

I have been struggeling with this issue for a while and have finally been able to resolve it in our infrastructure. The answers here didn't help me, as we didn't have multiple executions of the source plugin goals and the configuration seemed fine to us.

What we did miss out was to bind the execution of the source plugin to a phase. Extending the example by Bae, including the line install to the execution resolved the issue for us:

maven-source-plugin2.0.4attach-sourcesinstalljar

I suspect the solution lies in this answer here ; different plugins seem to be invoking the jar goal / the attach-sources execution. By binding our execution to a certain phase, we force our plugin only to be run in this phase.



回答7:

Maven plugins in parent and child poms should not have execution. As per standard convention, define all plugin with execution/goals in parent pom in plugin management section. Child pom should not redefine above details, but mention only the plugin (with artifactId, and version) that needs to be executed.

I had similar issue with maven-assembly-plugin with parent pom as below:

maven-assembly-plugin2.6src/assembly/assembly.xmlpackagesingle

And Child pom had maven-assembly-plugin as below:

maven-assembly-plugin2.2-beta-5xyzsrc/assembly/assembly.xmlxyz-distributionpackagesingle

Removing the from child pom rectified the issue. The effective pom had 2 executions performed causing the duplicate install to Nexus repo.



回答8:

FWIW this issue was breaking our build for a while and the answer was none-of-the-above. Instead I had foolishly set the seemingly innocuous appendAssemblyId to false in a maven-assembly-plugin for an artifact that gets attached (read deployed, released) with our main artifact. E.g.:

    ci-groovy-distribpackagesinglemy-extra-assemblyfalsemy-extra-assembly-${project.version}

In summary:

  1. the assembly plugin uses the assemblyId as the classifier for the artifact, hence an essential part of it's unique GAV coordinates in maven terms (actually it's more like GAVC coordinates - C is the classifier).

  2. the name of the file installed, deployed, or released is actually built from these coordinates. It is not the same as the filename you see in your target directory. That's why your local build looks good, but your release will fail.

  3. The stupid element only determines the local build artifact name and plays no part in the rest of it. It's a complete red-herring.

Summary of the summary: The 400 error from Nexus was because our extra attached artifact was being uploaded over top of the main artifact, since it had the same name as the main artifact, because it had the same GAVC coordinates as the main artifact, because I removed the only distinguishing coordinate: the classifier derived automatically from the assemblyId.

The investigation to find this was a long and tortuous path the answer was right there all along in the docs for maven-assembly:

appendAssemblyId

  • boolean

  • Set to false to exclude the assembly id from the assembly final name, and to create the resultant assembly artifacts without classifier. As such, an assembly artifact having the same format as the packaging of the current Maven project will replace the file for this main project artifact.

  • Default value is: true.
  • User property is: assembly.appendAssemblyId.

From http://maven.apache.org/plugins/maven-assembly-plugin/single-mojo.html#attach

The extra bold is mine. The docs should have a big flashing warning here: "Set this to false and abandon all hope"

I got some help from this answer about a different problem maven-assembly-plugin: How to use appendAssemblyId The explanation there from tunaki really helped.



回答9:

I configured the maven release plug-in with releaseProfile=false and dont execute the source artifacts profile. Which did the trick.

org.apache.maven.pluginsmaven-release-plugin2.1-P!source-artifactsfalse-Dmaven.test.skip=true deploy


标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!