search

NASA-PDS / roundup-action

Do a "roundup", a/k/a PDS-style continuous integration and delivery
Apache License 2.0
1 stars 4 forks source link

Maven deploy no longer works due to Maven central upgrade #138

Closed jordanpadams closed 1 week ago

jordanpadams commented 1 week ago

Checked for duplicates

Yes - I've already checked

๐Ÿ› Describe the bug

Maven deploy now fails with this error:

Error: Failed to execute goal org.sonatype.plugins:nexus-staging-maven-plugin:1.6.13:deploy (injected-nexus-deploy) on project validate: Failed to deploy artifacts: Could not transfer artifact gov.nasa.pds:validate:jar:sources:3.6.0-20240618.215640-16 from/to ossrh (https://oss.sonatype.org/content/repositories/snapshots): authentication failed for https://oss.sonatype.org/content/repositories/snapshots/gov/nasa/pds/validate/3.6.0-SNAPSHOT/validate-3.6.0-20240618.215640-16-sources.jar, status: 401 Content access is protected by token -> [Help 1]

https://github.com/NASA-PDS/validate/actions/runs/9572606207/job/26392285094#step:5:10490

๐Ÿ•ต๏ธ Expected behavior

it would deploy as expected

๐Ÿ“œ To Reproduce

Try a push to main on any java repo using roundup

๐Ÿ–ฅ Environment Info

No response

๐Ÿ“š Version of Software Used

No response

๐Ÿฉบ Test Data / Additional context

No response

๐Ÿฆ„ Related requirements

No response

โš™๏ธ Engineering Details

Per an email from Maven Central:

Dear Maven Central publisher,

We are making changes to the OSSRH authentication backend. For most users this should be a transparent process, and you should be able to continue to use your existing username and password to connect the Nexus UI. In case you need to update your password, please follow our documentation.

To configure a publisherโ€™s plugin authentication you would need to update your plugin settings to use a user token instead of the Nexus UI username and password login.

For more information about publishing to legacy OSSRH please consult our documentation at https://central.sonatype.org/register/legacy/

Thank you, The Central Team

๐ŸŽ‰ Integration & Test

No response

jordanpadams commented 1 week ago

Looks like Sonatype just decided we would not longer be able to use our username/password to authenticate:

https://support.sonatype.com/hc/en-us/articles/360049469534-401-Content-access-is-protected-by-token-when-accessing-repositories

So I needed to generate a "token" in Legacy OSSRH with access to the namespace:

  1. Go to https://oss.sonatype.org/
  2. Login via link in top right corner
  3. Select username from top right corner, and select "Profile"
  4. Select "Summary" dropdown, and select "User Token" Screenshot 2024-06-20 at 2 36 53โ€ฏPM
  5. Select "Generate User Token" button to generate a "token".
  6. The "token" generated appears to just be a randomly generated username:password combination.
  7. Adding those to our Org Secrets appears to have solved the problem. https://github.com/NASA-PDS/registry-common/actions/runs/9604624751