|
rome-user
cd051e41e3
All checks were successful
ci/woodpecker/push/woodpecker Pipeline was successful
Reviewed-on: #2 |
||
|---|---|---|
| resources | initial commit | |
| src/org/forgejo/maven | initial commit | |
| test/org/forgejo/maven | woodpecker test | |
| test-projects/sample | add integration test | |
| .gitignore | initial commit | |
| .woodpecker.yaml | fix woodpecker YAML file for new version of woodpecker | |
| CHANGELOG.org | initial commit | |
| LICENSE | initial commit | |
| project.clj | add deployment repositories to project.clj | |
| README.org | README: add instructions to fetch JAR from Codeberg | |
lein-forgejo-wagon
Rationale
Leiningen, through Maven's HTTP wagon, supports HTTP basic authentication and GPG credentials as authentication methods. However, it does not expose a way to set HTTP headers when sending requests. Thus Leiningen cannot authenticate with Maven repositories hosted on Forgejo packages. This plugin adds the necessary functionality to Leiningen so that Forgejo users can authenticate with personal access tokens.
Installation
You may install this plugin locally or fetch it from Codeberg packages.
Codeberg packages
In your project.clj file, add the following entry to your :repositories.
["codeberg" {:url "https://codeberg.org/api/packages/rome-user/maven"}]
Then add [lein-forgejo-wagon "0.1.0"] to your :plugins.
Local
- Clone this repository
- Run
lein install - Add
[lein-forgejo-wagon "0.1.0"]to your:pluginswherever you would like to use this plugin.
Usage
There are several ways to supply your personal access token to Leiningen.
Supply token directly
This is the simplest and most insecure method. You supply your personal access
token directly into your project.clj or user ~/.lein/profiles.clj as
follows.
:repositories
[["forgejo" {:url "forgejo://example.com/api/packages/:owner/maven"
:username "Personal-Access-Token"
:password "3a2a5e8383098c5239f7cb8a81080d118b6a04cb"}]
...]
Supply token in an environment variable
Leiningen can read credentials from environment variables. In this case, you will configure your project definition like so.
:repositories
[["forgejo" {:url "forgejo://example.com/api/packages/:owner/maven"
:username "Personal-Access-Token"
:password :env/token}]
...]
Then when you want to e.g. download dependencies, you invoke Leiningen with the environment variable set. Here is an example.
export TOKEN=3a2a5e8383098c5239f7cb8a81080d118b6a04cb
lein deps
Supply token in a file
If you have GPG set up on your computer, then Leiningen can take credentials
from a GPG-encrypted file at ~/.lein/credentials.clj.gpg. The decrypted file
should look like this.
{"forgejo://example.com/api/packages/:owner/maven"
{:username "Personal-Access-Token"
:password "3a2a5e8383098c5239f7cb8a81080d118b6a04cb"
Then in your project.clj you may include the repository as follows.
:repositories
[["forgejo" {:url "forgejo://example.com/api/packages/:owner/maven"
:creds :gpg}]
...]
Note on TLS
This plugin uses HTTPS by default and does not expose any configuration to
modify the TrustStore used by the HTTP client. Consequently, self-signed
certificates will not work with this plugin.
For simplicity of setting up CI tests, this plugin accepts a forgejo.insecure
property, which you may use in case your repository allows HTTP access. For
example, you can deploy to a plain HTTP repository as follows.
LEIN_JVM_OPTS=-Dforgejo.insecure=true lein deploy
This is not recommended to use for any reason. This setting exists solely to ease setting up CI tests for the plugin, and it is considered internal to the plugin. It may be removed in the future without warning.
License
Copyright (c) 2023 lein-forgejo-wagon contributors
Licensed under the MIT License. See the LICENSE file in this repository for more details.