How to use the default AWS credentials chain for an S3 backed Maven repository in a Gradle build?

Question

According to Gradle documention (Example 50.27), we can use S3 backed Maven repositories with Gradle 2.4. However, the only example given in the docs passes explicit AWS credentials to the S3 repository declaration:

repositories {
    maven {
        url "s3://someS3Bucket/maven2"
        credentials(AwsCredentials) {
            accessKey "someKey"
            secretKey "someSecret"
        }
    }
}

I need to do the same thing, but I want Gradle to use the DefaultAWSCredentialsProviderChain, from the AWS JDK, instead of explicit credentials. Something like:

repositories {
    maven {
        url "s3://someS3Bucket/maven2"
        credentials(AwsCredentials) {
            // Default AWS chain here?
        }
    }
}

This way, it would find the Instance Profile Credentials that I have configured for my EC2 instances where the Gradle build would be running.

Is there a way to accomplish this? Or, is Gradle only capable of authenticating against S3 with explicit credentials given in the build file?

Answer 1

More recent versions of Gradle provide a built-in way to use credentials from the default provider chain, eg:

maven {
    url "s3://myCompanyBucket/maven2"
    authentication {
       awsIm(AwsImAuthentication) // load from EC2 role or env var
    }
}

This avoids the need to manually create an instance of the provider chain and pass in the credential values.

Answer 2

I managed to accomplish the pom.xml generation, as well as the upload to S3, with the following build.gradle:

apply plugin: 'java'
apply plugin: 'maven-publish'

buildscript {
    repositories {
        mavenCentral()
    }
    dependencies {
        classpath 'com.amazonaws:aws-java-sdk:1.10.58'
    }
}

publishing {
    publications {
        mavenJava(MavenPublication) {
            groupId 'com.acme'
            artifactId 'sample-gradle-dependency'
            version '1.0'
            from components.java
        }
    }
    repositories {      
        maven {
            url "s3://my-bucket/releases"
            credentials(AwsCredentials) {
                def defaultCredentials = new com.amazonaws.auth.DefaultAWSCredentialsProviderChain().getCredentials()
                accessKey defaultCredentials.getAWSAccessKeyId()
                secretKey defaultCredentials.getAWSSecretKey()
            }
        }       
    }   
}

This one requires apply plugin: maven-publish, which apparently is the new version of apply plugin: maven.

This one runs with:

$ gradle publish