Summary: this section explains how to add Maven repositories that are required by the parent Application.

Introduction

When analyzing an Application that includes Maven based source code, you must tell Console where to find the Maven local or remote HTTP/S repository. The location of the repository is crucial to ensure that any associated JAR files can be automatically discovered and that POM dependencies can also be located. See Configuring source code delivery for Maven for more information.

To tell Console where the required repositories are located use this panel. Out of the box no repositories will be predefined:

  • Any repository added in this panel is valid only for the specific parent Application and will therefore not be scanned during source code delivery for other Applications managed in Console. If you need to define repositories at a global level for all Applications/Nodes see Administration Center - Settings - Maven Repositories.
  • Repositories discovered in the uploaded source code and any repositories defined in this panel always take priority over any repositories defined at a global level for all Applications/Nodes (see Administration Center - Settings - Maven Repositories).

Adding a new repository

When adding a new repository, the following dialog is displayed:

Repository URL/Path

Enter the URL or path to the Maven repository you want to add. For example:

  • Remote repository: enter the URL to the repository (e.g.: Google's repository https://maven.google.com)
  • Local repository: enter the path to the  ".m2" file, e.g.: C:/my_repo/.m2

Note that the Maven repository URL will be validated when the ADD button is clicked, and if it is found not to be accessible, an error will be displayed and the repository will not be saved.

UsernameEnter the credentials for the repository - leave blank if the repository is public or does not require credentials.
Password

Changing the order of repositories

You can change the order of the repositories by dragging and dropping them in to the correct position (this is the order in which the repositories are scanned for artifacts). The repository at the top of the list is marked as the "default", i.e. this repository is always scanned first:

Troubleshooting issues accessing remote HTTPS repositories

In certain situations, an error may be registered in the Delivery log when the Node attempts to access an HTTPS repository. For example, in the log located at delivery\{app-guid}\data\{guid}\{guid}\{guid}\DMTDeliveryReport.CastLog2:

ERROR cast.dmt.engine.extractor.jee.maven.http.connectionFailed Unkown format id: cast.dmt.engine.extractor.jee.maven.http.connectionFailed =>  %URL%="https://my.maven.repo/artifactory/maven-release/"
%MESSAGE%="sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target"           
javax.net.ssl.SSLHandshakeException:sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at sun.security.ssl.Alerts.getSSLException(:0).

The error reported in the log is generated by the DeliveryManagerTool-CLI.exe tool located on the AIP Node. This tool uses the Java JRE delivered with AIP Core in the following location:

%PROGRAMFILES%\CAST\<release>\jre\

This error usually occurs if the remote HTTPS repository you have defined is using an SSL certificate:

  • where the signing authority is not listed in the Java JRE cacerts file located at %PROGRAMFILES%\CAST\<release>\jre\security\cacerts

  • that is self-signed

Resolving the issue involves importing the required SSL certificates into the Java JRE delivered with AIP Core - this is out of the scope of this document.