A Maven Wagon extension that uses the second version of the AWS SDK to pull from S3. That means it supports OIDC which is useful when you set up a trust for your build system push/pull artifacts from S3.
It supports OIDC authentication, which the other ones don't.
Either add it in the (root) POM
<build>
<extensions>
<extension>
<groupId>io.github.embriq-nordic</groupId>
<artifactId>aws-oidc-s3-maven-wagon</artifactId>
<version>1.2.0</version>
</extension>
</extensions>
</build>OR in the .mvn/extensions.xml file
<?xml version="1.0"?>
<extensions>
<extension>
<groupId>io.github.embriq-nordic</groupId>
<artifactId>aws-oidc-s3-maven-wagon</artifactId>
<version>1.2.0</version>
</extension>
</extensions>Next, set up your repositories to use the s3 protocol, as shown below:
<repositories>
<repository>
<id>my-s3-repo</id>
<url>s3://my-s3-bucket/path</url>
</repository>
</repositories>From Java 8 and up from version 1.2.0. In version 1.1.0 and earlier Java 11, or newer, is required.
For pushing and pulling artifacts from S3 it's pretty standard. It uses the AWS S3 SDK to do so. The magic sauce is the authentication.
If it finds the environment variables AWS_WEB_IDENTITY_TOKEN_FILE and ROLE_ARN it will try to use OIDC auth (via STS)
Otherwise it will fall back on other methods. This makes it likely to work in a wide range of environments without
any special configuration.
Here is how it works
The OIDC part - the reason this plugin exists - isn't really tested.
- Moto (or Localstack for that matter) does not really support assuming roles as a pre-requisite to use AWS services (like S3 in this case).