I have the same problem. Did you open an issue ? arnaud
On 10/26/06, Ryan, Scott D <[EMAIL PROTECTED]> wrote:
I will give the line 187 thing a shot and see how it works although with the latest build it seems to be working again and all repositories are accessed via the proxy. This has shown me that I really need some way to control what is accessed via the proxy and the order so it looks like I have to make all my accesses via a repoid. I have not had any luck with the repoid but let me try again. I want to avoid getting artifacts from the wrong repo. We actually package our ears with different build plans and properties for different environments so we actually need to keep copies of the artifacts for the various environments. Also for different environments various people have access to different repositories. For example dev cannot access the Qa, stage, or prod artifacts. Other groups can see some and not others. In reviewing the security overview that was implemented it seemed to indicate there might be a way to secure repositories from update based on the framework. I would think this would require you to do deployments via the archiva url. Maybe this is coming in the future. Any way lets keep up this discussion and it will ferret out some of the needs for the offering and we can document a complex enterprise usecase for others to benefit from. I will make the fix and see how it works then I can clarify my actual final implementation of repositories. Another thing I am struggling with is how to separate the artifacts during the build phase. In maven 1 I used a property to dynamically change the local repo based on the build profile. For example for dev builds I used c:mavenrepodev and for stage c:mavenrepostage. Since maven 2 does not allow you to do much with properties inside the pom I can't seem to find a solution. I tried using the group id and changing it based on a property but that is not working. For example if my group id was Scott I might use dev.scott for dev and qa.scott for qa etc. I am still trying to find a way to separate the artifacts based on build environment. It is pretty easy to change the remote repositories based on a profile however I cannot figure out how to change the local repository or the artifact name to insure I am always using consistent artifacts. For example if artifact 1 relies on artifact 2 I want to make sure when I build for dev I get the two artifacts that were built with the dev profile and qa etc. This discussion is useful and I look forward to more information coming onto this list and getting more of the functionality worked out and some best practices documented. So to clarify my current repo layout I have the following repos: Oss - proxied to the maven repos Snapshot oss - proxied to maven snapshot repos Internal - Internally developed libraries that are not built by our group Licensed - Licensed software jars OtherOss - jars not available via proxy like jta and mail Dev - dev artifacts that we build from our source Qa - qa artifacts that we build from our source Stage - stage artifacts that we build from our source Prod - production artifacts we build from our source I will probabaly create a snapshot repo to use for our continuum and cruise control builds so I can delete artifacts and manage the size. That is a good I idea I had not thought of that you suggest. I am still struggling with the checksum issue when downloading up to 30% of my artifacts from the proxy. Another issue I am seeing is that many of my artifacts are not being indexed. I wonder if this is because not all the related artifacts are stored in the archiva repository due to the checksum issue or just do to the checksum issue itself. I will look in to the logs more to see what is going on. Thanks for the dialog!! Scott D. Ryan Senior Java Developer/Architect -----Original Message----- From: Mohni, Daniel [mailto:[EMAIL PROTECTED] Sent: Thursday, October 26, 2006 12:00 AM To: archiva-users@maven.apache.org Subject: RE: download artefacts from managed repositories Hi Scott Answers inline... > I am having a similar issue. I have defined several managed > repositories but the only ones that are consulted for artifacts are > those that have proxies defined. I got around that by creating dummy > managed repositories and proxying them out to the real ones but that > is not a very secure solution. if you remove line 187 of the 'DefaultProxyManager' you can access all managed repositories without the use of dummies. This was the way it was handled a few revisions earlier... -> the download button on the web-app will not work anymore, but this only works if you have only 1 repository... > Here are some questions that I would love to understand when setting > up my repos. > > > Can I push artifacts to specific managed repositories via the proxy > url. > (ie. http://localhost:8080/archiva/proxy/<repoId>/) As far as I know you currently can not publish tru archiva > Can I download artifacts from only certain repositories if desired > (ie. > http://localhost:8080/archiva/proxy/<repoId>/) Yes > > Can I access specific repositories by name rather than all of them. > For example I have a repository that I push artifacts to for dev, qa, > stage and prod. When I build I want to only upload and download to > those repositories and some of my open source repos. This allows me > to build using profiles for all of my environments without risk of > intermixing artifacts from different environments. You defenitly can do this, this implies that the proxy url shoud stay different for any repo. > It would really help to clarify a set of use cases for how to set up a > group of proxied and managed repositories for a complex enterprise. > Once I understand how this all works I am more than happy to write a > section for inclusion in the user guide. I currently have setup 6 repositories -> Maven_Release (proxy to iBiblio and the sun legacy maven repo) -> Maven_Snapshot (proxied to apache snapshot lib) -> Internal_Release -> Internal_Snapshot this repository is populated by continuum with internal snapshot builds... -> thirdParty_Release this are not public jar's in release state (commercial) -> thirdParty_Snapshot this is were the unstable non public jars go (commercial) now when I read your post, i should maybe also have a Milestone repo or even one for pre-integration builds. btw. my idea to build milestones is tho have a separte build project only containing the artifact pom with the correct dependencies... what do you think about this ? Regarding my earlier post: I checked some more code and saw, that the indexer already uses the repo_id. currently org.apache.maven.model.Model to represent the artefacts, and this model doesn't care about repositories and therefore you can not access the repoId from the model. -> one solution is to update the model with a repoId or make an ArchivaModel with the repoId. i can have a look at this if one of the lead developers can give me a hint in what subproject, package the new classes - ArchivaModel extends org.apache.maven.model.Model - ArchivaProject extends org.apache.maven.project.MavenProject - ArchivaProjectBuilder extends org.apache.maven.project.MavenProjectBuilder should go. is this the correct way to go further ???? Any comments on this ? - Daniel > -----Original Message----- > From: Mohni, Daniel [mailto:[EMAIL PROTECTED] > Sent: Tuesday, October 24, 2006 9:42 AM > To: archiva-users@maven.apache.org > Subject: download artefacts from managed repositories > > Hello > > I was checking the daily build for archiva today and I configured > 2 repositories, one proxied to ibiblio and one without proxy. > > Browsing the repository I can only download artefacts from proxied > repositories. Artefacts in managed repositories are not handled. > > I checked the code and found the problem in > > DefaultProxyManager.getProxyGroups() > > Only Proxied Repositories are added to the group, and therefore only > managed repositories will be searched for a requested artefact. > > If I comment line 178 > > // if ( !proxiedRepositories.isEmpty() ) > > then I can only download artefacts when I add the repoId in the url > for the download > > http://localhost:8080/archiva/proxy/<repoId>/... > > now all artefacts are accessible... > > Is this the way it should work, or should this be changed ? > > if only 1 proxied repository is defined, then the downloads will work, > because it is hendled like the default repo (Line 187-190). > > -> as soon as you have more than on proxied repository (release, > snapshot) > you will get problems. > > If the indexer would add the repository_id to the model, the url could > be modified to contain the repo_id > > now, I can have a closer look, if this is the way to go... > > - Daniel > > > > -------------------------------------------------------------- > ---------------- > This message is intended only for the personal and confidential use of > the designated recipient(s) named. If you are not the intended > recipient of this message, you are hereby notified that any review, > dissemination, distribution or copying of this message is strictly > prohibited. This communication is for information purposes only and > should not be regarded as an offer to sell or as a solicitation of an > offer to buy any financial product, an official confirmation of any > transaction, or as an official statement of Aurora Loan Services. > Email transmission cannot be guaranteed to be secure or error-free. > Therefore, we do not represent that this information is complete or > accurate and it should not be relied upon as such. All information is > subject to change without notice. > > ------------------------------------------------------------------------------ This message is intended only for the personal and confidential use of the designated recipient(s) named. If you are not the intended recipient of this message, you are hereby notified that any review, dissemination, distribution or copying of this message is strictly prohibited. This communication is for information purposes only and should not be regarded as an offer to sell or as a solicitation of an offer to buy any financial product, an official confirmation of any transaction, or as an official statement of Aurora Loan Services. Email transmission cannot be guaranteed to be secure or error-free. Therefore, we do not represent that this information is complete or accurate and it should not be relied upon as such. All information is subject to change without notice.
