CloudBees Private Maven Repository

Overview

Private release and snapshot repositories are available to all DEV@cloud users.  These repositories allow you to automatically share artifacts between dependent builds on your CloudBees Jenkins instance, as well as with your development team.  They are already integrated with your Jenkins instance and build machines.

Your private Maven repositories are available over WebDAV (i.e. https). They are available at the following urls:

• https://repository-[domainId].forge.cloudbees.com/snapshot/
• https://repository-[domainId].forge.cloudbees.com/release/

Where the "[domainId]" should be replaced with the domain identifier that you setup at registration.  This will mirror the URL for your Jenkins instance which has the form:

• [domainId].ci.cloudbees.com/

Every user you have configured on your account can access the above URLs using their username (not your email login) and password.  Your Jenkins instance also has a system username and password which is transferred to all build machines when they connect to your master.  This allows your jobs to securely read from and publish artifacts to your private Maven repositories.

There's also a "private" repository that you can use to store credentials files or custom tools you can't / don't want to store in SCM 

Automatic Deployment

All jobs configured as a Maven2 project (by choosing "Build a Maven2 project" when creating the job) can automatically deploy their artifacts to your CloudBees Private Maven Repositories.  

At the bottom of the job configuration page Post Build Actions, simply check the box for "Deploy artifacts to my Private CloudBees Repository":

WARNING: Make sure to deploy only snapshots to the snapshot repository, and only release artifacts to the release repository.  Deploying a release artifact to your snapshot repository (or perhaps vice-versa) may result in your builds ignoring that repository! 

Local Usage

Once your snapshots are being automatically deployed, it is a good practice to setup your Maven /.m2/settings.xml to include your CloudBees private repositories.  This will allow you to reference artifacts without having to build them locally or manually install them in your local maven repository.  To set this up, take the following steps:

Make sure you are using Maven 2.0.11 or later so that you don't need to install the Wagon WebDAV libraries or see how to include WebDAV support for your projects.

Download this settings.xml file and put it in your /.m2 directory.

Open it with your favorite editor and customize the username/password for both repositories

Every developer in your team should do the same.

Manual Deployment

Sometimes it will be necessary to deploy an artifact to your release or snapshot repository manually so that your builds can access it.  You may need to do this if you depend on artifacts that are not available on public repositories, or ones you build outside of your Jenkins instance.  
There are several ways to deploy Maven artifacts to your private repository, depending on the context.

NOTE:  All of these options require following the directions for "Local Usage" above, including customizing your /.m2/settings.xml

• Use the release plugin when performing a release of a Maven project.
• Use the deploy:deploy goal when you need to upload a snapshot, or released maven project. 
• Use the deploy:deploy-file goal when you need to upload non-Maven artifacts. You can do this simply by calling this command:
  
  mvn deploy:deploy-file \
   -DgroupId=[groupId] -DartifactId=[artifactId] \
   -Dversion=1.0 -Dpackaging=jar -Dfile=/path/to/file \
   -Durl=dav:https://repository-[domainId].forge.cloudbees.com/release/ \
   -DrepositoryId=cloudbees-private-release-repository

NOTE: Be sure to put "dav:" at the beginning of your URL to make sure the webdav wagon plugin is used.

Maven 3.x don't have a webdav connector by default, resulting in deployment error :

Failed to deploy artifacts/metadata: No connector available to access repository 

As a workaround, you can create a pom.xml file in the directory used to run this command, with content :

Accessing DAV as a filesystem

Please see Mounting DAV Repositories

Using a private external Maven repository

If you already have your own Maven repository outside of CloudBees, but it is not publicly accessible, you will need to given Maven authentication credentials. To avoid keeping these secrets in your project’s source code, see Sharing Files with Build Executors for how to associate a custom private settings.xml with your build.

Using your CloudBees private repositories in Maven projects

If you reference artifacts of your CloudBees private repositories in your maven projects, you must declare these Maven repositories in your Maven configuration.

Maven repositories can be declared both in the global settings.xml and in projects' pom.xml files. The pros and cons of the two approaches are largely debated (e.g. Why Putting Repositories in your POMs is a Bad Idea). Here is the way to declare your CloudBees private repositories in your global settings.xml configuration.

1. Declare the release and snapshot repositories in a Maven <profile>:
   1. Activate by default the profile with <activeByDefault>,
   2. Don't forget to enable and disable <releases> and <snapshots> on each repository for performances improvement.
2. Define the credentials of your repositories in the <servers>># section:
   1. The <username> is your CloudBees account's username (defined here),
   2. The <password> is your CloudBees password. Note that it is recommended to use Maven Server password encryption (see here).

Maven Repositories Security and Visibility

CloudBees Maven repositories visibility is defined on the forge repositories details page. They are by default private (aka "account access") and can be made public:

•  account access - accessible only to people you have added to your account
•  public repository - accessible to anonymous users