This is a mobile version, full one is here.

Yegor Bugayenko
3 February 2019

How to Deploy Maven Artifacts to CloudRepo via Rultor

In my previous article, I described how to set up a private Maven repository in Amazon S3 and deploy there via Rultor. This is a great solution if you’re familiar with managing Amazon Web Services (AWS), S3, and AWS Identity and Access Management (IAM). However, if you’re not comfortable administering an AWS account and all the related permissions, you may want to store your Apache Maven Artifacts in some cloud based repository manager instead. Here is how you make Rultor deploy your Maven dependencies to CloudRepo. I wrote this blog post together with Chris Shellenbarger, their founder.

Both repository managers and S3 will allow your build tools to store and retrieve your software libraries in a remote repository or bucket. However, repository managers take care of a lot of the work that you’d have to manage yourself with the S3 solution.

While AWS is quite robust and can be configured to do everything a repository manager can, there are use cases that work directly out of the box when you choose a fully managed solution, like: User/Group Administration, Maven Specific Views, Webhooks, Notifications, Access and Audit Logs, Fully Managed Security, etc. Simply put, they are not just storages of JAR files, but Maven repositories in cloud.

A fully managed, cloud hosted solution will cost you a monthly subscription fee of some sort. At the moment of writing they charge $9 per month and up. They are free for open source, but I don’t see why you would need them if you can use Maven Central. The good news is that they are offering a special discount for my readers: the first 90 days are free, versus the standard 14. This is effectively a 25% discount off of your first year. Simply shoot them an email when your account is created and they’ll take care of you (don’t forget to mention me, to get the discount).

Assuming you have created an account with CloudRepo and setup both a user and maven repository, deploying to CloudRepo requires two steps on the client side: 1) Configure a settings.xml file with credentials, and 2) Add your repository to your pom.xml file’s <distributionManagement> section.

The default location for the settings.xml file is in your ~/.m2 directory. Edit this file and ensure that you have a <server> entry as seen below:

<settings>
  <servers>
    <server>
      <id>io.cloudrepo</id>
      <username>yegor256@gmail.com</username>
      <password>my-secret</password>
    </server>
  </servers>
</settings>

By declaring a server and specifying an id, you can reference the id from within your Maven POM files. When Maven attempts to authenticate against a server it will look for a corresponding key in the settings.xml file.

If you’re worried about storing your password in plaintext on your filesystem, check how Maven recommends fixing that.

Now that your credentials have been set, you must point your pom.xml at your CloudRepo repository. Add a new <repository> element to the <distributionManagement> (to upload them) section of your pom.xml and to the <repositories> (to download them):

<project>
  [...]
  <repositories>
    <repository>
      <id>io.cloudrepo</id>
      <url>https://[your-org-name].mycloudrepo.io/repositories/[your-repository-name]</url>
    </repository>
  </repositories>
  [...]
  <distributionManagement>
    <repository>
      <id>io.cloudrepo</id>
      <name>CloudRepo Maven Repository</name>
      <url>https://[your-org-name].mycloudrepo.io/repositories/[your-repository-name]</url>
    </repository>
  </distributionManagement>
</project>

Once you have a build working in your local environment, you need to deploy it to production with Rultor. First, you’ll need to store your credentials in Git so that Rultor can access them at build and deploy time. However, it is very important to never store your credentials in plaintext in version control (substitute the name of your GitHub project with my/project):

$ gem install rultor
$ rultor encrypt -p my/project settings.xml

This creates an encrypted version of your settings file with the name settings.xml.asc. Add this file to the root directory of your project, then commit and push. It is safe. Only Rultor has the keys to decrypt this file so even if your source code is exposed to others, your credentials will be kept safe.

To enable Rultor, add a .rultor.yml file to the root directory of your project with the following contents:

decrypt:
  settings.xml: "repo/settings.xml.asc"
deploy:
  script: |
    mvn clean deploy --settings ../settings.xml

For more information on the .rultor.yml file, check the Rultor Reference Page.

Now that everything is configured you should be able to deploy to CloudRepo with Rultor by executing the @rultor deploy command. Wait for the response and Rultor will take care of all the rest.

That’s it!