3.31.1 Issue with custom groovy script task that uses AWS libraries

[Mariska]

Dear all,

Since I upgrade from 3.30.1 to 3.31.1, I've an issue with a custom groovy script that uses the following classes:

• com.amazonaws.auth.AWSCredentials
• com.amazonaws.auth.AWSStaticCredentialsProvider
• com.amazonaws.auth.AWSCredentialsProvider
• com.amazonaws.auth.BasicAWSCredentials
• com.amazonaws.services.ecr.AmazonECR
• com.amazonaws.services.ecr.AmazonECRClientBuilder

to generate AWS credentials for a docker proxy to an ECR registry.

I added the required libraries for the script:

• aws-java-sdk-core-1.11.1034.jar
• aws-java-sdk-ecr-1.11.1034.jar
• ini4j-0.5.4.jar

to the /opt/sonatype/nexus/deploy folder and the script run and set the username/password for the applicable docker proxy repository.

This is part of the code:

     AWSCredentials awsCredentials = new BasicAWSCredentials(
                   prefs.get('access_key_id', ''), prefs.get('secret_access_key', ''))
     AmazonECR amazonECR = AmazonECRClientBuilder
                   .standard()
                   .withRegion(prefs.get('region', 'eu-west-1'))
                   .withCredentials(new AWSStaticCredentialsProvider(awsCredentials))
                   .build()

This is according to example found: https://blog.padmarag.com/2019/02/04/create-docker-secret-for-amazon-ecr-in-kubernetes-using-java-client/

However, with version 3.31.1, running the script fails with the following log messages:

021-07-05 08:33:17,910+0200 ERROR [quartz-11-thread-20]  *SYSTEM java.lang.Throwable - groovy.lang.MissingMethodException: No signature of method: com.amazonaws.services.ecr.AmazonECRClientBuilder.withCredentials() is applicable for argument types: (com.amazonaws.auth.AWSStaticCredentialsProvider) values: [com.amazonaws.auth.AWSStaticCredentialsProvider@45eb0adf]

Possible solutions: withCredentials(com.amazonaws.auth.AWSCredentialsProvider), getCredentials(), setCredentials(com.amazonaws.auth.AWSCredentialsProvider)

I've been trying to cast the static credentials provider to the class named, but nothing works. Then I removed the deployed jars from nexus and restarted, and I found out that there are already some aws libraries installed as it didn't complain during the import about the mentioned classes, but it did complain about other classes not found.

Apparently they are not the same version. 

What is the best way to overwrite the libraries for this script only, or can you suggest another solution?

Kind regards,

Mariska

 

[Mariska]

I hope a sonatype developer can help me with this issue. I've found the jar (/opt/sonatype/nexus/system/org/sonatype/nexus/plugins/nexus-blobstore-s3/3.31.1-01/nexus-blobstore-s3-3.31.1-01.jar) which contains the AWS libraries and found out that the version inside that library is:

• aws-java-sdk-core-1.11.822.jar.

After changing the ecr to the same version: aws-java-sdk-ecr-1.11.822.jar, removing the aws-java-sdk-core jar from the /deploy folder, so just the following jars are set in deploy:

• aws-java-sdk-ecr-1.11.822.jar
• ini4j-0.5.4.jar

and restarted nexus, I still get the same error message:

2021-07-06 10:38:55,001+0200 ERROR [quartz-11-thread-19]  *SYSTEM java.lang.Throwable - groovy.lang.MissingMethodException: No signature of method: com.amazonaws.services.ecr.AmazonECRClientBuilder.withCredentials() is ap
plicable for argument types: (com.amazonaws.auth.AWSStaticCredentialsProvider) values: [com.amazonaws.auth.AWSStaticCredentialsProvider@1e9c71e4]

Possible solutions: withCredentials(com.amazonaws.auth.AWSCredentialsProvider), getCredentials(), setCredentials(com.amazonaws.auth.AWSCredentialsProvider)

Now I hacked my way around with the nexus-blobstore-s3-3.31.1-01.jar and added the aws-java-sdk-ecr-1.11.822.jar, updated the META-INF/MANIFEST.MF and restarted nexus, the custom groovy script works again. But obviously, this is not something I want to do for my production instance. 

So, I'm hoping someone has a better solution, which is more robust than my hack.

Note that this is currently stopping us from upgrading to 3.31.1 which also includes the fix for the nuget last download issue. I really want to deploy this new version.

Thanks in advance,

Mariska

[Mariska]

Hello, I still hope someone can help me. Could this be solved by putting everything in a new bundle? 

Thanks,

Mariska

[Matthew Piggott]

If you're bringing in dependencies probably you should consider building a plugin for your code and packaging it as a KAR. there are some examples in the community plugins, e.g. nexus-repository-composer (the readme also describes installing it)