An alternate way to download binary packages from Gitlab's Maven repository that works with Scala / SBT
Problem to solve
There's no easy way for scala projects to download dependencies from gitlab's maven repository. This is due to a confluence of factors. Gitlab requires custom headers added to the artifact request and recommends using the maven settings configuration file to add headers to the request. Unfortunately, the SBT publishing system does not support the maven settings file, and has no facility for appending headers to the artifact request.
Intended users
Further details
The lack of support prevents the adoption of the Gitlab repository functionality for Scala shops.
Proposal
I think there are 2 approraches to solve the issue:
-
Gitlab introduces a different mechanism for securing requests for artifacts e.g. adding token support to the repository url e.g. https://[token-name]:[gitlab auth token]@gitlab.com/....
a.
token-namewould be eitherprivate-tokenorjob-tokendepending on the user downloading the dependencyb.
gitlab auth tokenwould either be a user's personal access token, or a ci job token -
Create a custom resolver with configurable request headers that can be included in a scala project as an sbt-plugin
The first is easier to implement from both the tooling and a users perspective.
Permissions and Security
Developers / CI jobs would need a gitlab auth token to be able to retrieve
Documentation
Availability & Testing
What risks does this change pose to our availability?
None
How might it affect the quality of the product?
It makes it more accessible to a wider audience
What additional test coverage or changes to tests will be needed?
Tests to ensure the new request URL format works as expected
Will it require cross-browser testing?
No
Please list the test areas (unit, integration and end-to-end) that needs to be added or updated to ensure that this feature will work as intended. Please use the list below as guidance.
- Unit test changes