Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Regression in 7.6-rc-1 when using invalid Maven repository name #22582

Closed
pkoenig10 opened this issue Nov 1, 2022 · 1 comment
Closed

Regression in 7.6-rc-1 when using invalid Maven repository name #22582

pkoenig10 opened this issue Nov 1, 2022 · 1 comment
Assignees
@abstratt
Labels
a:regression This used to work in:configuration-cache Configuration Caching in:publishing-plugins ivy-publish maven-publish
Milestone
7.6 RC2

Comments

@pkoenig10
Copy link
Contributor

pkoenig10 commented Nov 1, 2022
edited

Given the following Gradle configuration:

plugins {
    id 'maven-publish'
}

publishing {
    repositories {
        maven {
            name = 'maven-jar'
            url = 'https://example.com/'
            credentials {
                username = 'username'
                password = 'password'
            }
        }
    }

    publications {
        maven(MavenPublication) {
            groupId = 'org.example'
            artifactId = 'example'
            version = '1.0.0'
        }
    }
}

Publishing succeeds on Gradle 7.5.1 (assuming the repository URL, etc. is valid).

Publishing fails on Gradle 7.6-rc-1 with the following error:

FAILURE: Build failed with an exception.

* What went wrong:
Execution failed for task ':publishMavenPublicationToMaven-jarRepository'.
> Identity may contain only letters and digits, received: maven-jar

* Try:
> Run with --info or --debug option to get more log output.
> Run with --scan to get full insights.

* Exception is:
org.gradle.api.tasks.TaskExecutionException: Execution failed for task ':publishMavenPublicationToMaven-jarRepository'.
	...
Caused by: java.lang.IllegalArgumentException: Identity may contain only letters and digits, received: maven-jar
	at org.gradle.api.internal.provider.CredentialsProviderFactory.validateIdentity(CredentialsProviderFactory.java:185)
	at org.gradle.api.internal.provider.CredentialsProviderFactory.provide(CredentialsProviderFactory.java:57)
	at org.gradle.api.internal.provider.DefaultProviderFactory.credentials(DefaultProviderFactory.java:203)
	at org.gradle.api.publish.maven.tasks.PublishToMavenRepository.areCredentialsSafe(PublishToMavenRepository.java:136)
	at org.gradle.api.publish.maven.tasks.PublishToMavenRepository.checkCredentialSafety(PublishToMavenRepository.java:122)
	at org.gradle.api.publish.maven.tasks.PublishToMavenRepository.computeSpec(PublishToMavenRepository.java:110)
	at org.gradle.internal.Try.ofFailable(Try.java:41)
	at org.gradle.internal.serialization.Cached$Deferred.result(Cached.java:53)
	at org.gradle.internal.serialization.Cached$Deferred.get(Cached.java:48)
	at org.gradle.api.publish.maven.tasks.PublishToMavenRepository.publish(PublishToMavenRepository.java:95)

Expected Behavior

Publication configurations that worked on Gradle 7.5.1 continue to work on Gradle 7.6-rc-1.

Current Behavior

Publication configurations that worked on Gradle 7.5.1 do not to work on Gradle 7.6-rc-1.

Context

This regression was introduced in #21282. Specifically, it was introduced in 7c98f02.

Previously the publishing tasks did not call CredentialsProviderFactory.validateIdentity. It's not clear to me whether this was intentional or accidental.

Steps to Reproduce

See the build.gradle reproduction example above.
@pkoenig10 pkoenig10 added a:regression This used to work to-triage labels Nov 1, 2022
@ljacomet ljacomet added this to the 7.6 RC2 milestone Nov 2, 2022
@ljacomet ljacomet added in:publishing-plugins ivy-publish maven-publish in:configuration-cache Configuration Caching and removed to-triage labels Nov 2, 2022
@abstratt abstratt self-assigned this Nov 3, 2022
@abstratt abstratt mentioned this issue Nov 3, 2022
Merged
abstratt added a commit that referenced this issue Nov 4, 2022
@abstratt
Handle repository names invalid as identities
db4adaa 
For credentials provided using credential providers, the repository name
is used as the identity of the provider. Credential provider identities
must be made exclusively of letters and digits. So, when using
credential providers with repositories, the repository name must also be
valid provider identity.

However, for inlined/unsafe credentials, since providers are not used,
we should not impose such limitations.

Coverage for CC is provided in configuration-cache integration
tests.

Issue: #22582
bot-gradle added a commit that referenced this issue Nov 4, 2022
@bot-gradle @abstratt
Merge pull request #22603 Handle repository names invalid as identities
38b9406 
For credentials provided using credential providers, the repository name is used as the identity of the provider. Credential provider identities must be made exclusively of letters and digits. So, when using credential providers with repositories, the repository name must also be valid provider identity.

However, for inlined/unsafe credentials, since providers are not used, we should not impose such limitations.

Issue: #22582

The only change to production code is here: https://github.com/gradle/gradle/pull/22603/files#diff-fd396a32e765394411385b16ada52bcfd99d3dedea41216a77d9500da458d1acR136

Co-authored-by: Rafael Chaves <rchaves@gradle.com>
@abstratt
Copy link
Member

abstratt commented Nov 4, 2022

Thanks for detailed problem report. A fix has now been merged.

@abstratt abstratt closed this as completed Nov 4, 2022
This was referenced Jan 5, 2023
Closed
Closed
Closed
Closed
@github-actions github-actions bot mentioned this issue Feb 12, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@abstratt abstratt

Labels
a:regression This used to work in:configuration-cache Configuration Caching in:publishing-plugins ivy-publish maven-publish
Projects
Stable Configuration Cache
Status: Done
Milestone
7.6 RC2
Development

No branches or pull requests
3 participants
@ljacomet @abstratt @pkoenig10