Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Preventing Overwriting Deployments using Artifactory

Tags:

artifactory

I have setup an instance of Artifactory (4.1.2) which I am using to store java artefacts. I push artifacts to the instance using the gradle plugin configured as below 

artifactory {
    contextUrl = 'http://example.com/artifactory'
    publish {
        repository {
            // The Artifactory repository key to publish to
            repoKey = 'libs-release-local'

            username = artifactory_username
            password = artifactory_password
        }
        defaults {
            publications('releaseJar')
        }
    }
}

I want to be able to prevent overwriting already deployed artefacts by version. This seems to be a common request and the docs say

You can prevent a user or group from overwriting a deployed release or unique snapshot by not granting the Delete permission. Non-unique snapshots can always be overwritten (provided the Deploy permission is granted).

However, I have set up a deploy user which is in groups 1 | deployers with related permissions 1 | CanDeploy.

The CanDeploy permission has Deploy/Cache permissions for the deployers group only.

However! I can overwrite the deployed artifact to my hearts content using gradle artifactoryPublish.

Any advice would be gratefully received :)

EDIT: Since asking this question the functionality has started working as desired. This is very weird as I had not changed the Artifactory settings at all but is now returning a 403 when I try to upload an artifact with the same version num as is already deployed. I can only presume there is something weird regarding caching of access permissions or something which resulting in my changes via the web UI not becoming effective for a day or two - unnerving but its currently working. Will leave question up for the moment while I ensure its working!

like image 763
Dori Avatar asked Sep 28 '15 11:09

Dori

1 Answers

The easiest way to check the permissions are set is in the "Effective Permissions" tab in the browser UI. When selecting the "releaseJar" repo, if you see the "delete" permission checked on the "deploy" user than you may have another permission target giving the delete permission to this user. You can see the list of permission target used by a single user in the "Users" page. Hope this helps.

like image 165
Fred Simon Avatar answered Sep 29 '22 15:09

Fred Simon
Sign in to Comment

Related questions

How to setup new local artifactory for maven?
Debian repository plugin for Artifactory?
Change storage directory in Artifactory
How to find the latest artifact version with Artifactory Query Language?
maven command line to download latest snapshot with timestamp
Artifactory delete all artifacts older than 6 months
How to mirror dockerhub with artifactory
How to build Groovy JAR w/ Gradle and publish it to in-house repo
Jenkins Artifactory plugin not generating POM file
Artifactory: upload with api key (not password)
Maven Internal Repository, Is it Really This Hard?
Can Nexus/Artifactory cache RPM and NPM?
Maven Could not resolve dependencies (Return code is: 409 , ReasonPhrase:Conflict)
How can I download last artifact in Artifactory?
Use JFrog Artifactory as Terraform Data Source
Is there any way to configure multiple registries in a single package.json
Deploy Java App on Heroku which depends on my own Maven artifacts
mvn release:perform doesn't deploy release version

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!