quarkus: Quarkus maven plugin 3.0.1.Final artifact upload broken, Authentication failure in Azure Devops
Describe the bug
Ok, this is a very weird one.
Context:
I have an Azure devops pipeline, that uses the MavenAuthenticate@0 task, followed by a Maven@3 task with the goal deploy. In order to upload the artifact to [https://](https://pkgs.dev.azure.com/<redacted>/
After upgrading to Quarkus 3.0.1.Final, the upload started to fail. And after extensive debugging, the only difference between a successful upload and failing upload is the quarkus-maven-plugin version, 2.16.6.Final works, 3.0.1.Final does not.
Output logs from the failing build:
` 2023-05-03T20:39:35.9123766Z [DEBUG] Using transporter WagonTransporter from ClassRealm[extension>io.quarkus.platform:quarkus-maven-plugin:3.0.1.Final, parent: jdk.internal.loader.ClassLoaders$AppClassLoader@5cb0d902] with priority -1.0 for https://pkgs.dev.azure.com/<redacted>/<redacted>/_packaging/redacted/maven/v1
2023-05-03T20:39:35.9124994Z [DEBUG] Using connector BasicRepositoryConnector with priority 0.0 for https://pkgs.dev.azure.com/<redacted>/maven/v1
2023-05-03T20:39:35.9144143Z Downloading from <redacted>: https://pkgs.dev.azure.com/<redacted>/<redacted>/_packaging/<redacted>/maven/v1/<redacted>/<redacted>/1.0.0-SNAPSHOT/maven-metadata.xml
2023-05-03T20:39:35.9998946Z [WARNING] Could not transfer metadata <redacted>:<redacted>:1.0.0-SNAPSHOT/maven-metadata.xml from/to <redacted> (https://pkgs.dev.azure.com/<redacted>/<redacted>/_packaging/<redacted>/maven/v1): authentication failed for https://pkgs.dev.azure.com/<redacted>/<redacted>/_packaging/<redacted>/maven/v1/<redacted>/<redacted>/1.0.0-SNAPSHOT/maven-metadata.xml, status: 401 Unauthorized `
Output logs from the older plugin version
` 2023-05-03T20:43:00.5915785Z [DEBUG] Using transporter WagonTransporter from ClassRealm[extension>io.quarkus.platform:quarkus-maven-plugin:2.16.6.Final, parent: jdk.internal.loader.ClassLoaders$AppClassLoader@5cb0d902] with priority -1.0 for https://pkgs.dev.azure.com/<redacted>/<redacted>/_packaging/<redacted>-artifacts/maven/v1
2023-05-03T20:43:00.5916616Z [DEBUG] Using connector BasicRepositoryConnector from ClassRealm[extension>io.quarkus.platform:quarkus-maven-plugin:2.16.6.Final, parent: jdk.internal.loader.ClassLoaders$AppClassLoader@5cb0d902] with priority 0.0 for https://pkgs.dev.azure.com/<redacted>/<redacted>/_packaging/<redacted>-artifacts/maven/v1
2023-05-03T20:43:00.5917265Z Downloading from <redacted>-artifacts: https://pkgs.dev.azure.com/<redacted>/<redacted>/_packaging/<redacted>-artifacts/maven/v1/<redacted>/<redacted>/1.0.0-SNAPSHOT/maven-metadata.xml
2023-05-03T20:43:00.5917565Z [DEBUG] [org.apache.http.client.protocol.RequestAddCookies] CookieSpec selected: compatibility
2023-05-03T20:43:00.5918033Z [DEBUG] [org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection request: [route: {s}->https://pkgs.dev.azure.com:443][total available: 2; route allocated: 0 of 20; total allocated: 2 of 40]
2023-05-03T20:43:00.5918599Z [DEBUG] [org.apache.http.impl.conn.PoolingHttpClientConnectionManager] Connection leased: [id: 2][route: {s}->https://pkgs.dev.azure.com:443][total available: 2; route allocated: 1 of 20; total allocated: 3 of 40]
2023-05-03T20:43:00.5919012Z [DEBUG] [org.apache.http.impl.execchain.MainClientExec] Opening connection {s}->https://pkgs.dev.azure.com:443
2023-05-03T20:43:00.5919270Z [DEBUG] [org.apache.http.impl.conn.DefaultHttpClientConnectionOperator] Connecting to pkgs.dev.azure.com/13.107.42.20:443
2023-05-03T20:43:00.5919524Z [DEBUG] [org.apache.http.conn.ssl.SSLConnectionSocketFactory] Connecting socket to pkgs.dev.azure.com/13.107.42.20:443 with timeout 0
2023-05-03T20:43:00.5919768Z [DEBUG] [org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled protocols: [TLSv1.3, TLSv1.2]
2023-05-03T20:43:00.5921350Z [DEBUG] [org.apache.http.conn.ssl.SSLConnectionSocketFactory] Enabled cipher suites:[TLS_AES_256_GCM_SHA384, TLS_AES_128_GCM_SHA256, TLS_CHACHA20_POLY1305_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256, TLS_DHE_DSS_WITH_AES_256_GCM_SHA384, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_DSS_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_RSA_WITH_AES_256_CBC_SHA256, TLS_DHE_DSS_WITH_AES_256_CBC_SHA256, TLS_DHE_RSA_WITH_AES_128_CBC_SHA256, TLS_DHE_DSS_WITH_AES_128_CBC_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_DSS_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_DSS_WITH_AES_128_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDH_RSA_WITH_AES_256_CBC_SHA, TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_GCM_SHA384, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA256, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_EMPTY_RENEGOTIATION_INFO_SCSV] 2023-05-03T20:43 … etc `
The only notable difference I could find is when calling mvn help:effective-pom, the org.apache.maven.wagon dependencies have been updated from 3.5.1 to 3.5.3
I have no idea why this is happening in Azure, tried different build agents (windows/linux) and no luck. On my local machine it mvn:deploy works as expected.
Expected behavior
maven deploy goal succeeds (see description)
Actual behavior
Maven deploy goal fails (see description)
How to Reproduce?
Create and Azure devops project, and a new pipeline.
Set-up a pipeline with azure devops with quarkus 3.0.1.Final with the following tasks trigger:
-
main pool: vmImage: ubuntu-latest steps:
-
task: MavenAuthenticate@0 inputs: artifactsFeeds: ‘<redacted>’
-
task: Maven@3 inputs: mavenPomFile: ‘pom.xml’ mavenOptions: ‘-Xmx3072m’ javaHomeOption: ‘JDKVersion’ jdkVersionOption: ‘1.17’ jdkArchitectureOption: ‘x64’ publishJUnitResults: true testResultsFiles: ‘**/surefire-reports/TEST-*.xml’ goals: ‘package’ options: ‘-Dquarkus.profile=xxxx’
-
task: Maven@3 inputs: mavenPomFile: ‘pom.xml’ goals: ‘deploy’ publishJUnitResults: false javaHomeOption: ‘JDKVersion’ jdkVersionOption: ‘1.17’ mavenVersionOption: ‘Default’ mavenAuthenticateFeed: true effectivePomSkip: false sonarQubeRunAnalysis: false
Output of uname -a or ver
No response
Output of java -version
Java version: 17.0.6, vendor: Eclipse Adoptium, runtime: /usr/lib/jvm/temurin-17-jdk-amd64
GraalVM version (if different from Java)
No response
Quarkus version or git rev
3.0.1.Final
Build tool (ie. output of mvnw --version or gradlew --version)
Apache Maven 3.8.8 (4c87b05d9aedce574290d1acc98575ed5eb6cd39)
Additional information
No response
About this issue
- Original URL
- State: closed
- Created a year ago
- Comments: 17 (9 by maintainers)
Some more information on this issue, it is some dependency inside the quarkus-bootstrap-maven-resolver that seems to be the cause.
This workaround fixed it for me:
Inside quarkus-bootstrap-maven-resolver I see that wagon-http version 3.5.1 has been replaced by wagon-http-lightweight 3.5.3 and some other dependencies. At the moment I suspect wagon-http-lightweight to be the cause.