In order to make AWS Code Artifact work within a spring boot/maven project, I've had to add ~/.m2/settings.xml to my local machine, which runs great with our build script locally only.
However, when deploying this project, which authenticates with AWS CodeArtifact, I am getting an authorization error. I am not sure if this is because the settings.xml is not available to to the pipeline deploying to the EC2 instance. I am shocked that I am not easily finding documentation on how to reconcile this. Perhaps I'm not asking the right questions. I'm thinking settings.xml needs to be somehow made available to the Code Pipeline deployment. But I am at a loss. I've tried adding settings.xml to the root of my project. Did not fix it.
Moreover, I added the AWSCodeArtifactAdminAccess permission to the ProdServer IAM role and that STILL did not resolve it.
I also noticed that when attempting to run this command on the EC2 instance, it did not understand the command.
export CODEARTIFACT_AUTH_TOKEN=`aws codeartifact get-authorization-token --domain my_domain --domain-owner XXXXXXXXXXXX --region us-east-1 --query authorizationToken --output text`
Figured out that we were running an older version of awscli:
ec2-user@XXXXXXX ~]$ aws --version
aws-cli/1.16.102 Python/2.7.18 Linux/4.14.138-114.102.amzn2.x86_64 botocore/1.12.92
so I upgraded:
sudo yum upgrade awscli
which changed to
[ec2-user@XXXXXXXX ~]$ aws --version
aws-cli/1.18.147 Python/2.7.18 Linux/4.14.138-114.102.amzn2.x86_64 botocore/1.18.6
Then running the export command above worked fine! I was sure that this would fix the issue, but unfortunately, it still did not
Here's the settings.xml:
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 https://maven.apache.org/xsd/settings-1.0.0.xsd">
<localRepository/>
<interactiveMode/>
<offline/>
<pluginGroups/>
<servers>
<server>
<id>backend-test</id>
<username>aws</username>
<password>${env.CODEARTIFACT_AUTH_TOKEN}</password>
</server>
<server>
<id>backend-prod</id>
<username>aws</username>
<password>${env.CODEARTIFACT_AUTH_TOKEN}</password>
</server>
</servers>
<!--OPTIONAL-->
<mirrors/>
<proxies/>
<profiles>
<profile>
<id>backend-prod</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<repositories>
<repository>
<id>backend-prod</id>
<url>https://mydomain.d.codeartifact.us-east-1.amazonaws.com/maven/backend-prod/</url>
</repository>
</repositories>
</profile>
<profile>
<id>backend-test</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<repositories>
<repository>
<id>backend-test</id>
<url>https://mydomain.d.codeartifact.us-east-1.amazonaws.com/maven/backend-test/</url>
</repository>
</repositories>
</profile>
</profiles>
<activeProfiles>
<activeProfile>default</activeProfile>
</activeProfiles>
</settings>