Access Gitlab Maven Repo

[max-grossmann]

Hi! I don't manage to include a private maven repository from gitlab maven repos (https://docs.gitlab.com/ee/user/packages/maven_repository)

Using the library from gradle in intellij works, but not with kscript dependencies. Is this currently supported? Details below.

Thank you very much!

Snippet from .kts-File:

#!/usr/bin/env kscript

@file:MavenRepository("gitlab-timolia","https://gitlab.timolia.de/api/v4/projects/446/packages/maven", user="Private-Token", password="xxx")
@file:DependsOn("de.timolia.admin:foldermonitoringapi:1.0")

Error from kscript:

[kscript] [ERROR] Failed while connecting to the server. Check the connection (http/https, port, proxy, credentials, etc.) of your maven dependency locators. If you suspect this is a bug, you can create an issue on https://github.com/holgerbrandl/kscript
[kscript] [ERROR] Exception: java.lang.RuntimeException: File 'de.timolia.admin:foldermonitoringapi:1.0' not found
org.eclipse.aether.resolution.DependencyResolutionException: Could not find artifact de.timolia.admin:foldermonitoringapi:jar:1.0 in maven central (https://repo.maven.apache.org/maven2/)
org.eclipse.aether.resolution.DependencyResolutionException: Could not find artifact de.timolia.admin:foldermonitoringapi:jar:1.0 in https://gitlab.timolia.de/api/v4/projects/446/packages/maven (https://gitlab.timolia.de/api/v4/projects/446/packages/maven)

Working gradle code:

repositories {
    mavenCentral()
    maven {
        url "https://gitlab.timolia.de/api/v4/projects/446/packages/maven"
        name "GitLab"
        credentials(HttpHeaderCredentials) {
            name = 'Private-Token'
            value = 'xxx'
        }
        authentication {
            header(HttpHeaderAuthentication)
        }
    }
}

dependencies {
    implementation('de.timolia.admin:foldermonitoringapi:1.0')
}

[MaaxGr]

Okay. I looked into the problem again.

The Problem seems the following:

• Gitlab authenticates via HTTP Headers (e.g. Key=Private-Token Value=MyPassword)
• These headers are not added with the current AetherResolveSession implementation in kotlin.script.experimental.dependencies.maven.impl, which is instantiated by MavenRepositoryCoordinates, also part of kotlin.script.experimental.dependencies.maven, which is one of the CompoundDependenciesResolver's specified in DependencyUtil.kt of this library
• Headers can be added into the Property with Key "aether.connector.http.headers" (https://maven.apache.org/resolver-archives/resolver-LATEST/configuration.html) to repositorySystemSession (Part of the AetherResolveSession)
• I created a new ExternalDependencyResolver, added it to CompoundDependenciesResolver, modified some lines to pass the username/password speified in the file:MavenRepository Annotation to the aether header variable und reused a lot of stuff of MavenDependenciesResolver and AetherResolveSession
• These are my changes: https://github.com/Timolia/kscript/commit/c7fa9bf38c966e74fd6d6ac7deaa7c1821e64db4 (I added comments to the important changes. The rest is copy paste boilerplate code)
• The code is not pull request worthy. This implementation changes should probably be done in the Kotlin-Repo

[holgerbrandl]

Thanks @MaaxGr for this great analysis.

@ligee Would you agree that this is rather an upstream issue which may be better addressed in kotlin-scripting? To me, an upstream fix seems the best solution here, since with the change-set mentioned above the resolver-API feels a bit cumbersome. Or is it rather a rare edge case in your opinion which should not be supported in kotlin-scripting-resolver?

[ligee]

Of course, it will be better to extend/fix authentication support right in the kotlin-scripting-dependencies-maven, and I would happily accept a good PR for it to the kotlin repo. :) But if nobody volunteers, I have already a few auth-related issues in YT, so it most likely will be done at some point.

[holgerbrandl]

Thanks, maybe you could point to the corresponding reference YT ticket in case users want upvote the issue.

[MaaxGr]

I'm not quite sure what the best implementation also for the dsl of this library would be:

The Gradle documentation points out, that there are three types of authentication: BasicAuth, DigestAuth and HttpHeaderAuth https://docs.gradle.org/current/userguide/declaring_repositories.html#sec:authentication_schemes

In gradle we have to specify explicitly, which type of authentication should be used.

How should kscript handle this matter:

• Own Annotation for each auth types?
• New enum parameter, that specifies the type of authentication?
• Should the MavenDepencyResolver figure it out by itself and we change nothing in this API?
• Is this a new resolver, that has to be added to CompoundResolver?

[ileasile]

Hi @MaaxGr @holgerbrandl! The problem with authorization should be fixed in the Kotlin master: https://github.com/JetBrains/kotlin/commit/b77a8228220c272f9f97dbe9673f9e1d14fe3400

The solution was to switch to another transporter factory (from HTTP to Wagon) that actually supports username and password in the authorization. MavenRepositoryCoordinates are considered deprecated now, please use Options instead. Usage example is given here in the test: https://github.com/JetBrains/kotlin/commit/b77a8228220c272f9f97dbe9673f9e1d14fe3400#diff-7e5be2a922d8dcb241e12de7e8a63130f727a8a4da27a7ffb7ff461563b723feR90-R101

[ileasile]

@holgerbrandl Could you please try it with other repositories?

[holgerbrandl]

I would certainly extend the test suite, but I don't know any other repos with authentication which I could use here.