Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

AWS CodeArtifact token update

Tags:

maven

amazon-web-services

aws-codeartifact

I created AWS CodeArtifact repository, obtained token with aws codeartifact get-authorization-token command, and set it correctly to .m2/settings.xml (my project is using maven as build tool & package manager).

The problem is that the token expires after 12 hours. This means that I and all the developers working on the project have to fetch a new token and set the new token in settings.xml file. And same has to be done for ci/cd server that also needs to have a connection to CodeArtifact in order to push the artifacts after building.

There has to be a way to solve this problem but unfortunately, I wasn't able to find the solution.

like image 656
Nemanja Žunić Avatar asked Jan 19 '26 14:01

Nemanja Žunić

2 Answers

Why not just use the ~/.mavenrc file, and add something like this?

CA_TOKEN_FILE=~/.m2/.ca_token

# is our token file more than 12 hours old (or missing?)
if [[ $(find $CA_TOKEN_FILE -mmin -710 2> /dev/null) != $CA_TOKEN_FILE ]]; then
    # Do we need to refresh AWS creds?
    if ! aws sts get-caller-identity --profile default &> /dev/null; then
        # refresh your creds here
    fi

    echo "export CODEARTIFACT_AUTH_TOKEN=$(aws codeartifact get-authorization-token --domain <domain> --domain-owner <ownerid> --query authorizationToken --output text)" > $CA_TOKEN_FILE
fi
# source the env file
. $CA_TOKEN_FILE

The AWS refresh is optional, but typically that would prompt for creds as necessary.

You also need to add something like this to .m2/settings.xml

<server>
    <id>ca-servername</id>
    <username>aws</username>
    <password>${env.CODEARTIFACT_AUTH_TOKEN}</password>
</server>
like image 129
Mike Patnode Avatar answered Jan 21 '26 03:01

Mike Patnode

I went ahead and made a proof-of-concept Maven extension that automatically fetches and then uses the authorization token to setup a repository for your Maven project: https://github.com/brcolow/codeartifact-maven-extension

It is not super flexible at the moment. I took care to document exactly what the setup should be for the extension to work (Codeartifact repository with Maven central upstream configured, IAM profile credentials, etc.). It works for the single user/tester so far - me :).

like image 20
brcolow Avatar answered Jan 21 '26 04:01

brcolow
Sign in to Comment

Related questions

Remote debugging in Visual Studio Code
How to load native libraries in AWS Lambda?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!