Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

NO-ISSUE: Check Maven Central before Apache-specific repositories #2822

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

raboof
Copy link
Member

@raboof raboof commented Dec 20, 2024

GitHub Actions builds are hitting the rule from
https://infra.apache.org/infra-ban.html that disallows excessive 404's on repository.apache.org, causing them to get banned.

This change should make various builds check Maven Central before checking repository.apache.org, which hopefully should help.

@raboof raboof requested a review from tiagobento as a code owner December 20, 2024 12:41
@raboof raboof force-pushed the maven-central-first branch 2 times, most recently from a8e0bee to 92c0a8b Compare December 20, 2024 16:20
GitHub Actions builds are hitting the rule from
https://infra.apache.org/infra-ban.html that disallows
excessive 404's on repository.apache.org, causing them to get banned.

This change should make various builds check Maven Central before
checking `repository.apache.org`, which hopefully should help.
@raboof raboof force-pushed the maven-central-first branch from 92c0a8b to 4788055 Compare December 20, 2024 16:37
@tiagobento
Copy link
Contributor

If I'm not mistaken, even though apache.snapshots is listed first, it has releases disabled, so I thought Maven only tries to download from it when it finds a dependency with a SNAPSHOT version. Following this logic, and because our 1st party dependencies (drools,jbpm,kogito) are the only ones with a SNAPSHOT version, we're not overloading the apache.snapshots repository with 404 requests for all other 3rd party dependencies... That's at least my theory 😅

Do you see it differently or do you have any logs/material that could help us get a more assertive assessment on this issue?

In any case, thanks for the PR and proactively helping us figure it out!

@tiagobento tiagobento changed the title Check Maven Central before Apache-specific repositories NO-ISSUE: Check Maven Central before Apache-specific repositories Dec 20, 2024
@raboof
Copy link
Member Author

raboof commented Dec 20, 2024

Yes, that's definitely true for packages/dev-deployment-kogito-quarkus-blank-app/pom.xml, packages/maven-base/settings.xml and packages/stunner-editors/pom.xml - I guess I may have gotten a bit carried away :)

The changes to the generated poms and to packages/sonataflow-image-common/resources/modules/kogito-maven/common/maven/settings.xml may still be (more) relevant, though?

@tiagobento
Copy link
Contributor

tiagobento commented Dec 20, 2024

Most likely yes! @ricardozanini or @wmedvede might know more assertively. Let's wait for their assessment on this matter... Thanks @raboof!

@tiagobento tiagobento added the pr: waiting-for-review Waiting for peer reviews label Dec 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
pr: waiting-for-review Waiting for peer reviews
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants