A plugin that enables Leiningen projects to access and deploy to GitLab package registries.
Access to a GitLab package registry is controlled using HTTP authentication by placing a GitLab Token in an HTTP header, instead of a username and password.
This header can be one of the following:
Token Type | HTTP Header name | Expected value |
---|---|---|
CI/CD Job Token | Job-Token | CI/CD Job Token provided in ${CI_JOB_TOKEN} |
Access token | Private-Token | Personal/Group/Project access token |
Leiningen authentication only allows providing credentials using a username and password (or passphrase), and doesn't populate HTTP authentication headers.
This plugin provides a Maven HTTP Wagon that populates the required HTTP authentication headers by taking the required values from the configured username and password.
Value in :username | Value in :password |
---|---|
Job-Token | CI/CD Job Token provided in ${CI_JOB_TOKEN} |
Private-Token | Personal/Group/Project access token |
Add the following to your project.clj
:
:plugins [[net.clojars.hissyfit/lein-gitlab-cart "1.0.0"]]
Use
gitlab:
instead ofhttps:
in repository URLs to trigger the plugin's special handling ofusername
andpassword
. The plugin will usehttps:
when passing it on.
:repositories {"group-releases" {:url "gitlab://gitlab.com/api/v4/groups/GROUP_ID/-/packages/maven"
:username "Job-Token"
:password :env/ci_job_token}
"group-snapshots" {:url "gitlab://gitlab.com/api/v4/groups/GROUP_ID/-/packages/maven"
:username "Job-Token"
:password :env/ci_job_token}}
:deploy-repositories {"project-releases" {:url "gitlab://gitlab.com/api/v4/projects/PROJECT_ID/packages/maven"
:username "Job-Token"
:password :env/ci_job_token
:sign-releases false}
"project-snapshots" {:url "gitlab://gitlab.com/api/v4/projects/PROJECT_ID/packages/maven"
:username "Private-Token"
:password :env/gitlab_private_token}}
A more typical example would be to use GPG credentials during development, and environment variables for CI/CD.
Given credentials in ~/.lein/credentials.clj.gpg
, such as:
{#"gitlab:.*\/groups" {:username "Private-Token"
:password "deadbeafdeadbeafdeadbeef" ;; A group token
}
#"gitlab:.*\/projects" {:username "Private-Token"
:password "deadbeafdeadbeafdeadbeef" ;; A personal or project token
}}
We add a ci_job_token_name
environment variable to the CI config in .gitlab-ci.yml
:
variables:
CI_JOB_TOKEN_NAME: "Job-Token"
Since Leiningen will "prefer" the GPG credentials, we can now have the following in project.clj
:
:repositories {"releases" {:url "gitlab://gitlab.com/api/v4/groups/GROUP_ID/-/packages/maven"
:username [:gpg :env/ci_job_token_name]
:password [:gpg :env/ci_job_token]}
"snapshots" {:url "gitlab://gitlab.com/api/v4/groups/GROUP_ID/-/packages/maven"
:username [:gpg :env/ci_job_token_name]
:password [:gpg :env/ci_job_token]}}
:deploy-repositories {"releases" {:url "gitlab://gitlab.com/api/v4/projects/PROJECT_ID/packages/maven"
:username [:gpg :env/ci_job_token_name]
:password [:gpg :env/ci_job_token]
:sign-releases false}
"snapshots" {:url "gitlab://gitlab.com/api/v4/projects/PROJECT_ID/packages/maven"
:username [:gpg :env/ci_job_token_name]
:password [:gpg :env/ci_job_token]}}
Copyright © 2023 Kevin Poalses
Distributed under the Apache-2.0 License.
Can you improve this documentation?Edit on GitLab
cljdoc is a website building & hosting documentation for Clojure/Script libraries
× close