Search code examples
jenkinsjenkins-pipelineartifactory

Jenkins Artifactory Plugin vs. Maven

A couple of questions:

  1. Is there something obvious that I am missing in terms of authorization with credentials and the plugin?
  2. Why the does the upload fail on the the pom file but not the actual artifact?
  3. What is the advantage of using Jenkins Artifactory Plugin instead of just using Maven commands?

I have been trying to configure a Jenkins pipeline using the Jenkins Artifactory Plugin. I keep running into a 401 response from Artifactory when the step containing rtMavenRun is reached. In the logs I see this:

Note: I replaced the urls with for brevity

Downloading from eti-artifacts-snapshot: http://<URL>/work-queue-api/1.1.0-SNAPSHOT/maven-metadata.xml
Uploading to eti-artifacts-snapshot: http://<URL>/work-queue-api/1.1.0-SNAPSHOT/work-queue-api-1.1.0-20200407.120051-1.jar
Progress (1): 0.5/66 MB
Progress (1): 1.0/66 MB
....
Progress (1): 64/66 MB
Progress (1): 65/66 MB
Progress (1): 66/66 MB
Progress (1): 66 MB   

Uploading to eti-artifacts-snapshot: http://<URL>/libs-snapshot/com/etisoftware/work-queue-api/1.1.0-SNAPSHOT/work-queue-api-1.1.0-20200407.120051-1.pom
Progress (1): 4.1/7.2 kB
Progress (1): 7.2 kB    

[main] INFO org.apache.maven.cli.event.ExecutionEventLogger - ------------------------------------------------------------------------
[main] INFO org.apache.maven.cli.event.ExecutionEventLogger - BUILD FAILURE
[main] INFO org.apache.maven.cli.event.ExecutionEventLogger - ------------------------------------------------------------------------
[main] INFO org.apache.maven.cli.event.ExecutionEventLogger - Total time:  01:06 min
[main] INFO org.apache.maven.cli.event.ExecutionEventLogger - Finished at: 2020-04-07T08:00:57-04:00
[main] INFO org.apache.maven.cli.event.ExecutionEventLogger - ------------------------------------------------------------------------
[main] ERROR org.apache.maven.cli.MavenCli - Failed to execute goal org.apache.maven.plugins:maven-deploy-plugin:2.7:deploy (default-cli) on project work-queue-api: Failed to deploy artifacts: Could not transfer artifact work-queue-api:jar:1.1.0-20200407.120051-1 from/to eti-artifacts-snapshot (http://<URL>/libs-snapshot): Transfer failed for http://<URL>/artifactory/libs-snapshot-local/com/etisoftware/work-queue-api/1.1.0-SNAPSHOT/work-queue-api-1.1.0-20200407.120051-1.jar 401 Unauthorized -> [Help 1]

Notice that it seems to be uploading the jar file, but it fails on the pom. So the obvious answer seems to be that the user does not have authorization to upload some things. The artifactory configuration in Jenkins is using the same credentials as my m2/settings.xml file. When I run mvn clean package deploy it works as expected.

I then changed my Jenkinsfile to just use mvn commands directly and it too worked as expected. Again this would be using the settings.xml file.

This is the pipeline when using the plugin. This does not work, I get the 401 response. 

pipeline {
    agent any
    stages {
        stage ('Artifactory configuration') {
            steps {
                rtMavenDeployer (
                    id: "RT_MAVEN_DEPLOYER",
                    serverId: "ETI_ARTIFACTORY",
                    releaseRepo: "libs-release-local",
                    snapshotRepo: "libs-snapshot-local"
                )

                rtMavenResolver (
                    id: 'RT_MAVEN_RESOLVER',
                    serverId: 'ETI_ARTIFACTORY',
                    releaseRepo: 'libs-release',
                    snapshotRepo: 'libs-snapshot'
                )   
            }
        }        
        stage('Maven exec') { 
            steps {
                rtMavenRun (
                    pom: 'pom.xml',
                    goals: 'clean package deploy',
                    tool: 'M2_TOOL',
                    resolverId: 'RT_MAVEN_RESOLVER',
                    deployerId: 'RT_MAVEN_DEPLOYER'
                )
            }
        }
        stage ('Publish build info') {
            steps {
                rtPublishBuildInfo (
                    serverId: "ETI_ARTIFACTORY"
                )
            }
        }
        stage('Build a Docker image and push to Artifactory'){
            steps {
                sh 'mvn docker:build docker:push'
            }
        }
    }
}

This is the pipeline setup with shell commands, this does work. 

pipeline {
    agent any
    stages {
        stage('Maven exec') { 
            steps {
                sh 'mvn clean package deploy'
            }
        }
        stage('Build a Docker image and push to Artifactory'){
            steps {
                sh 'mvn docker:build docker:push'
            }
        }
    }
}
Solution

  • This answer focuses on the advantages of using the Artifactory pipeline APIs vs. invoking maven directly (the other question about the 401 response has already been answered here). There are three main advantages for using the Artifactory pipeline APIs.

    1. Parallel maven deployments - We recently published this blog post which discusses this advantage.

    2. Security - When using the Artifactory pipeline APIs, you can manage the credentials in Jenkins, instead of storing them in the settings.xml or as environment variables. Jenkins takes care of the credentials encryption and management for you.

    3. Better control - With the Artifactory pipeline APIs, you no longer need manage the Artifactory servers URLs and the repositories in the settings.xml or pom.xml. You have full control over the build's resolution and deployment targets from within the pipeline script. You can read more about this here.