Giter Club home page Giter Club logo

gcs-maven's Introduction

GCS Maven Wagon

This project is a Maven Wagon for Google Cloud Storage. In order to to publish artifacts to a GCS bucket, the user (as identified by their access key) must be listed as an owner on the bucket.

Usage

To publish Maven artifacts to GCS a build extension must be defined in a project's pom.xml.

<project>
  ...
  <build>
    ...
    <extensions>
      ...
      <extension>
        <groupId>org.springframework.build</groupId>
        <artifactId>gcs-maven</artifactId>
        <version>5.0.0.RELEASE</version>
      </extension>
      ...
    </extensions>
    ...
  </build>
  ...
</project>

Once the build extension is configured distribution management repositories can be defined in the pom.xml with an gcs:// scheme.

<project>
  ...
  <distributionManagement>
    <repository>
      <id>gcs-release</id>
      <name>GCS Release Repository</name>
      <url>gcs://<BUCKET>/release</url>
    </repository>
    <snapshotRepository>
      <id>gcs-snapshot</id>
      <name>GCS Snapshot Repository</name>
      <url>gcs://<BUCKET>/snapshot</url>
    </snapshotRepository>
  </distributionManagement>
  ...
</project>

Finally the ~/.m2/settings.xml must be updated to include access and secret keys for the account. The access key should be used to populate the username element, and the secret access key should be used to populate the password element.

<settings>
  ...
  <servers>
    ...
    <server>
      <id>gcs-release</id>
      <username>0123456789ABCDEFGHIJ</username>
      <password>0123456789abcdefghijklmnopqrstuvwxyzABCD</password>
    </server>
    <server>
      <id>gcs-snapshot</id>
      <username>0123456789ABCDEFGHIJ</username>
      <password>0123456789abcdefghijklmnopqrstuvwxyzABCD</password>
    </server>
    ...
  </servers>
  ...
</settings>

Alternatively, the access and secret keys for the account can be provided using

  • GCS_ACCESS_KEY_ID (or GCS_ACCESS_KEY) and GCS_SECRET_KEY (or GCS_SECRET_ACCESS_KEY) [environment variables][env-var]
  • gcs.accessKeyId and gcs.secretKey [system properties][sys-prop]
  • The Amazon EC2 [Instance Metadata Service][instance-metadata]

Making Artifacts Public

This wagon doesn't set an explict ACL for each artfact that is uploaded. Instead you should create an GCS Bucket Policy to set permissions on objects. A bucket policy can be set in the [GCS Console][console] and can be generated using the [GCS Policy Generator][policy-generator].

In order to make the contents of a bucket public you need to add statements with the following details to your policy:

Effect Principal Action Google Resource Name (GRN)
Allow * ListBucket arn:gcs:s3:::<BUCKET>
Allow * GetObject arn:gcs:s3:::<BUCKET>/*

If your policy is setup properly it should look something like:

{
  "Id": "Policy1397027253868",
  "Statement": [
    {
      "Sid": "Stmt1397027243665",
      "Action": [
        "gcs:ListBucket"
      ],
      "Effect": "Allow",
      "Resource": "arn:gcs:gcs:::<BUCKET>",
      "Principal": {
        "GCS": [
          "*"
        ]
      }
    },
    {
      "Sid": "Stmt1397027177153",
      "Action": [
        "gcs:GetObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:gcs:gcs:::<BUCKET>/*",
      "Principal": {
        "GCS": [
          "*"
        ]
      }
    }
  ]
}

If you prefer to use the [command line][cli], you can use the following script to make the contents of a bucket public:

BUCKET=<BUCKET>
TIMESTAMP=$(date +%Y%m%d%H%M)
POLICY=$(cat<<EOF
{
  "Id": "public-read-policy-$TIMESTAMP",
  "Statement": [
    {
      "Sid": "list-bucket-$TIMESTAMP",
      "Action": [
        "gcs:ListBucket"
      ],
      "Effect": "Allow",
      "Resource": "arn:gcs:gcs:::$BUCKET",
      "Principal": {
        "GCS": [
          "*"
        ]
      }
    },
    {
      "Sid": "get-object-$TIMESTAMP",
      "Action": [
        "gcs:GetObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:gcs:gcs:::$BUCKET/*",
      "Principal": {
        "GCS": [
          "*"
        ]
      }
    }
  ]
}
EOF
)

gcs gcsapi put-bucket-policy --bucket $BUCKET --policy "$POLICY"

gcs-maven's People

Contributors

nebhale avatar jhaber avatar stevie400 avatar spring-builds avatar brianhenk avatar jmena avatar jw0x47 avatar tekul avatar after-the-sunrise avatar lalyos avatar

Watchers

James Kebinger avatar Stuart Layton avatar Kartik Vishwanath avatar Christopher Lee avatar Ken Sykora avatar Mattias Putman avatar Alex Lunacharskii avatar Wade Tandy avatar Mehmet Ali "Mali" Akmanalp avatar Patrick Dignan avatar Ze'ev Klapow avatar William Lepinski avatar Matt Ball avatar Alex Kuhl avatar Matt Fehskens avatar Luke Driscoll avatar Ali Ukani avatar Will Ung avatar Gus Vargas avatar Anthony Roldan avatar avatar avatar Matthew Conover avatar avatar Cory Martin avatar Dave Thomas avatar Derik DeLong avatar Jordi avatar James Cloos avatar avatar Byron Matto avatar Gowtam Lal avatar Jay Wilburn avatar Jimena Sanchez avatar Ahmad Alhour avatar Jonathon Colman avatar Chris Connors avatar Maple Buice avatar Scott Smith avatar Andrew Ju avatar Robert Czarnecki avatar Frederik avatar Douglas Oliveira avatar Kevin BON avatar avatar Kevin McLarnon avatar Nick Hirakawa avatar Cian Mac Mahon avatar avatar Siniša Grubor avatar Val Sichkovskyi avatar Joe Kurien avatar Daniel St. Germain avatar Matt Rheault avatar avatar Alexis Romero avatar Romulo avatar AJ LaPorte avatar Elizabeth Ruscitto avatar Sasha Goldenson avatar Melvin Mathew avatar avatar Lukas Schade avatar Olivia Banis avatar Allison Ventura avatar Randy Perez avatar Colin McNeil avatar Maja Purcell avatar avatar Anish Visaria avatar Jon McLaren avatar Miguel Brito avatar avatar avatar Stephen avatar Joe Kelley avatar Nathalie Oostvogels avatar anna_ avatar Scott Williams avatar Hideya avatar Elias Szabo avatar Shwetha Radhakrishna avatar Steve Troetti avatar Zachary Wolfson avatar Santosh Domalapalli avatar Sean Levorse avatar Ross Andreucetti avatar Alpri Else avatar avatar Alex avatar avatar Mark Sorce avatar Megan avatar Niket Patel avatar William Kwao avatar Philipp Walzer avatar m3lkw0k avatar Yevhenii Loskutov avatar Josephine Crossick avatar avatar

Forkers

isabella232

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.