Maven authentication failed for https://nexus

Hello everybody. I have a problem with running a Jenkins pipeline on my local machine.

This is the error I get:

+ mvn -Dspring.profiles.active=test -Djasypt.encryptor.password=**** compile jib:build
[INFO] Scanning for projects...
Downloading from florence-nexus-blockforgery: https://nexus.florence-consulting.it/nexus/repository/maven-blockforgery/com/florence/blockforgery.masterpom/1.0-SNAPSHOT/maven-metadata.xml
[WARNING] Could not transfer metadata com.florence:blockforgery.masterpom:1.0-SNAPSHOT/maven-metadata.xml from/to florence-nexus-blockforgery (https://nexus.florence-consulting.it/nexus/repository/maven-blockforgery/): authentication failed for https://nexus.florence-consulting.it/nexus/repository/maven-blockforgery/com/florence/blockforgery.masterpom/1.0-SNAPSHOT/maven-metadata.xml, status: 401 Unauthorized
Downloading from florence-nexus-blockforgery: https://nexus.florence-consulting.it/nexus/repository/maven-blockforgery/com/florence/blockforgery.masterpom/1.0-SNAPSHOT/blockforgery.masterpom-1.0-SNAPSHOT.pom
[ERROR] [ERROR] Some problems were encountered while processing the POMs:
[FATAL] Non-resolvable parent POM for com.florence:blockforgery.backend:1.0-SNAPSHOT: Could not transfer artifact com.florence:blockforgery.masterpom:pom:1.0-SNAPSHOT from/to florence-nexus-blockforgery (https://nexus.florence-consulting.it/nexus/repository/maven-blockforgery/): authentication failed for https://nexus.florence-consulting.it/nexus/repository/maven-blockforgery/com/florence/blockforgery.masterpom/1.0-SNAPSHOT/blockforgery.masterpom-1.0-SNAPSHOT.pom, status: 401 Unauthorized and 'parent.relativePath' points at wrong local POM @ line 11, column 13

This is my POM file:

<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>

    <groupId>com.florence</groupId>
    <artifactId>blockforgery.backend</artifactId>
    <version>1.0-SNAPSHOT</version>

    <parent>
        <groupId>com.florence</groupId>
        <artifactId>blockforgery.masterpom</artifactId>
        <version>1.0-SNAPSHOT</version>
    </parent>

    <properties>
        <start-class>com.florence.blockforgery.Application</start-class>
    </properties>

    <dependencies>
        <dependency>
            <groupId>com.florence</groupId>
            <artifactId>blockforgery.common</artifactId>
            <version>1.0-SNAPSHOT</version>
        </dependency>
    </dependencies>

    <repositories>
        <repository>
            <id>jitpack.io</id>
            <url>https://jitpack.io</url>
        </repository>
        <repository>
            <id>florence-nexus-blockforgery</id>
            <url>https://nexus.florence-consulting.it/nexus/repository/maven-blockforgery/</url>
        </repository>
    </repositories>

    <build>
        <plugins>
            <plugin>
                <groupId>org.springframework.boot</groupId>
                <artifactId>spring-boot-maven-plugin</artifactId>
                <configuration>
                    <fork>true</fork>
                    <mainClass>${start-class}</mainClass>
                </configuration>
                <executions>
                    <execution>
                        <goals>
                            <goal>repackage</goal>
                        </goals>
                    </execution>
                </executions>
            </plugin>
            <plugin>
                <groupId>com.google.cloud.tools</groupId>
                <artifactId>jib-maven-plugin</artifactId>
                <version>3.2.1</version>
                <configuration>
                    <from>
                        <image>openjdk:17-alpine</image>
                    </from>
                    <to>
                        <image>298982222951.dkr.ecr.eu-south-1.amazonaws.com/block-forgery</image>
                        <credHelper>ecr-login</credHelper>
                    </to>
                    <container>
                        <jvmFlags>
                            <jvmFlag>-Dspring.profiles.active=${env.ENV}</jvmFlag>
                            <jvmFlag>-Djasypt.encryptor.password=${env.MASTER_PASSWORD}}</jvmFlag>
                        </jvmFlags>
                        <mainClass>com.florence.blockforgery.Application</mainClass>
                        <volumes>
                            <volume>/tmp</volume>
                        </volumes>
                    </container>
                </configuration>
            </plugin>
        </plugins>
    </build>

</project>

I configured my settings.xml file like this:

This is the content set:

<?xml version="1.0" encoding="UTF-8"?>

<settings xmlns="http://maven.apache.org/SETTINGS/1.2.0"
          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
          xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.2.0 https://maven.apache.org/xsd/settings-1.2.0.xsd">


  <localRepository>${user.home}/.m2/repository</localRepository>
  <interactiveMode>true</interactiveMode>
  <offline>false</offline>

  <servers>
    <server>
      <id>florence-nexus-blockforgery</id>
    </server>
  </servers>
 
  <mirrors>
    <mirror>
      <id>maven-default-http-blocker</id>
      <mirrorOf>external:http:*</mirrorOf>
      <name>Pseudo repository to mirror external repositories initially using HTTP.</name>
      <url>http://0.0.0.0/</url>
      <blocked>false</blocked>
    </mirror>
  </mirrors>
  
  <profiles>
	  <profile>
	      <id>blockforgery</id>
	      <repositories>
		  <repository>
		    <id>codehausSnapshots</id>
		    <name>Codehaus Snapshots</name>
		    <releases>
		      <enabled>false</enabled>
		      <updatePolicy>always</updatePolicy>
		      <checksumPolicy>warn</checksumPolicy>
		    </releases>
		    <snapshots>
		      <enabled>true</enabled>
		      <updatePolicy>never</updatePolicy>
		      <checksumPolicy>fail</checksumPolicy>
		    </snapshots>
		    <url>http://snapshots.maven.codehaus.org/maven2</url>
		    <layout>default</layout>
		  </repository>
		  <repository>
		      <id>florence-nexus-blockforgery</id>
		      <url>>https://nexus.florence-consulting.it/nexus/repository/maven-blockforgery/</url>
		  </repository>
		</repositories>
		<pluginRepositories>
		</pluginRepositories>
    	</profile>
 	 </profiles>
  <activeProfiles>
    <activeProfile>blockforgery</activeProfile>
  </activeProfiles>
</settings>


Finally this is my Jenkinsfile:

@Library('github.com/releaseworks/jenkinslib') _
pipeline {
  environment {
    REPOSITORY_URI = 'XXXXXXXXXXXXXX.dkr.ecr.eu-south-1.amazonaws.com/block-forgery'
    SERVICE_NAME = 'XXXXXXXXXXXX'
    TASK_FAMILY="ecs-fargate-cluster-blockforgery" // at least one container needs to have the same name as the task definition
    DESIRED_COUNT="1"
    CLUSTER_NAME = "XXXXXXX"
    SHORT_COMMIT = "${GIT_COMMIT[0..7]}"
    AWS_ID = credentials('jenkins-aws-account-id')
    AWS_ACCESS_KEY_ID     = credentials('jenkins-aws-secret-key-id')
    AWS_SECRET_ACCESS_KEY = credentials('jenkins-aws-secret-access-key')
    PROPERTIES_ENC_KEY = credentials('jenkins-properties-enc-key')
    AWS_DEFAULT_REGION = "eu-south-1"
    EXECUTION_ROLE_ARN = "arn:aws:iam::XXXXXXXXX:role/ecsTaskExecutionRole"
      ENV_MASTER = "prod"
      ENV_TEST = "test"
      ENV_DEV = "dev"
  }

    agent any

    tools {
        maven 'Maven 3.8.5'
        jdk 'JDK 1.8.0_73'
    }

    stages {
        stage ('Initialize') {
            steps {
                sh '''
                    echo "PATH = ${PATH}"
                    echo "M2_HOME = ${M2_HOME}"
                '''
            }
        }
        stage ('Set DEVELOP environment variables') {
            when {
                branch 'develop'
            }
            steps {
                script {
                    echo "Set MASTER variables"
                    env.SPRING_PROFILE = "${ENV_TEST}"
                }
            }
        }
        stage ('Set TEST environment variables') {
            when {
                branch 'test'
            }
            steps {
                script {
                    echo "Set MASTER variables"
                    env.SPRING_PROFILE = "${ENV_TEST}"
                }
            }
        }
        stage ('Set MASTER environment variables') {
           when {
                branch 'master'
              }
              steps {
                script {
                  echo "Set MASTER variables"
                  env.SPRING_PROFILE = "${ENV_TEST}"
                }
              }
        }
        stage('Build fat jar') {
            steps {
                sh "mvn -Dspring.profiles.active=${SPRING_PROFILE} -Djasypt.encryptor.password=${PROPERTIES_ENC_KEY} compile jib:build"
            }
        }
        stage('Deploy Image to ECS') {
            steps{
                // prepare task definition file
                sh """sed -e "s;%REPOSITORY_URI%;${REPOSITORY_URI};g" -e "s;%SHORT_COMMIT%;${SHORT_COMMIT};g" -e "s;%TASK_FAMILY%;${TASK_FAMILY};g" -e "s;%SERVICE_NAME%;${SERVICE_NAME};g" -e "s;%EXECUTION_ROLE_ARN%;${EXECUTION_ROLE_ARN};g" taskdef_backend.json > taskdef_${SHORT_COMMIT}.json"""
                script {
                    // Register task definition
                    AWS("ecs register-task-definition --output json --cli-input-json file://${WORKSPACE}/taskdef_backed_${SHORT_COMMIT}.json > ${env.WORKSPACE}/temp.json")
                    def projects = readJSON file: "${env.WORKSPACE}/temp.json"
                    def TASK_REVISION = projects.taskDefinition.revision

                    // update service
                    AWS("ecs update-service --cluster ${CLUSTER_NAME} --service ${SERVICE_NAME} --task-definition ${TASK_FAMILY}:${TASK_REVISION} --desired-count ${DESIRED_COUNT}")
                }
            }
        }
        stage('Remove docker image') {
            steps{
                // Remove images
                sh "docker rmi $REPOSITORY_URI"
            }
        }
    }
}

My Jenkis version: 2.356

How come I get a 401 error? The credentials set are correct.

Thanks everyone for the help

Hello Ivan,

Can you test the very same mvn command on the machine that hosts your agent, and see if you get the same 401 status?

Hi Bruno, thanks for the reply. The mvn command launched on the same hosting Jenkins works perfectly

1 Like