search

nulldriver / maven-resource

Maven Repository Manager Concourse Resource
Apache License 2.0
21 stars 49 forks source link

Introduce workaround for missing Java certificates after invention of Concourse Certificate Propagation #21

Closed elgohr closed 6 years ago

elgohr commented 6 years ago

This invents a quick workaround for https://github.com/patrickcrocker/maven-resource/issues/20, so that at least using repository_cert with Concourse 3.9.0 works.

Why no test coverage? We would need to import a valid certificate, using keytool (which checks x509 validity). There is no openssl in the container, so I assume tests would need to be written in itest. Because I have no clue what is possible on this nexus (at least I see a call to openssl), I have no idea how I could write tests and check them locally. So please be gentle :)

patrickcrocker commented 6 years ago

This actually goes a bit deeper... this is broken even if you use a valid ssl cert on your repository and omit the maven-resource params for skip_cert_check and repository_cert:

[INFO] Scanning for projects...
[INFO] 
[INFO] ------------------------------------------------------------------------
[INFO] Building Maven Stub Project (No POM) 1
[INFO] ------------------------------------------------------------------------
[INFO] 
[INFO] --- maven-deploy-plugin:2.7:deploy-file (default-cli) @ standalone-pom ---
Uploading: https://nexus.anvil.pcfdemo.com/repository/maven-milestones/com/aviato/aviato-profile/1.2.0-rc.10/aviato-profile-1.2.0-rc.10.jar
Uploading: https://nexus.anvil.pcfdemo.com/repository/maven-milestones/com/aviato/aviato-profile/1.2.0-rc.10/aviato-profile-1.2.0-rc.10.pom
[INFO] ------------------------------------------------------------------------
[INFO] BUILD FAILURE
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 1.008 s
[INFO] Finished at: 2018-03-20T14:17:13Z
[INFO] Final Memory: 10M/141M
[INFO] ------------------------------------------------------------------------
[ERROR] Failed to execute goal org.apache.maven.plugins:maven-deploy-plugin:2.7:deploy-file (default-cli) on project standalone-pom: Failed to deploy artifacts: Could not transfer artifact com.aviato:aviato-profile:jar:1.2.0-rc.10 from/to remote-repository (https://nexus.anvil.pcfdemo.com/repository/maven-milestones/): java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty -> [Help 1]
[ERROR]

I'm looking into the broader fix between Maven, the OpenJDK Docker Image and how it is used within Concourse.

elgohr commented 6 years ago

I know, that's why I called it a quick fix... At least this enables people to continue working. I don't say this is the solution.

patrickcrocker commented 6 years ago

Abandoning this PR in favor of the work done here which provides a permanent fix: https://github.com/patrickcrocker/maven-resource/commit/b71caebc7d9b2086885363d799a3d2f9b6acd09e