Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-17222

rebuild maven metadata task may fail against permissive layout coordinates missing a base version

    Details

    • Story Points:
      2
    • Notability:
      n/a

      Description

      The following repository was defined in Nexus 3.6.0:

      {
            "@type": "d",
            "@rid": "#42:10",
            "@version": 4,
            "@class": "repository",
            "recipe_name": "maven2-hosted",
            "repository_name": "maven-unknown-snapshot",
            "online": true,
            "attributes": {
              "maven": {
                "versionPolicy": "SNAPSHOT",
                "layoutPolicy": "PERMISSIVE"
              },
              "storage": {
                "strictContentTypeValidation": false,
                "writePolicy": "ALLOW",
                "blobStoreName": "default"
              }
            }
          },
      

      When the rebuild Maven metadata task processes this repository, the following exception can be triggered and the task will fail:

      2018-05-25 08:40:44,447-0400 ERROR [quartz-3-thread-18] *SYSTEM org.sonatype.nexus.repository.maven.tasks.RebuildMaven2MetadataTask - Failed to run task 'Rebuilding Maven Metadata of maven-unknown-snapshot' on repository 'maven-unknown-snapshot' java.lang.IllegalStateException: null
       at com.google.common.base.Preconditions.checkState(Preconditions.java:429)
       at org.sonatype.nexus.repository.maven.internal.hosted.metadata.MetadataBuilder.addArtifactVersion(MetadataBuilder.java:261)
       at org.sonatype.nexus.repository.maven.internal.hosted.metadata.MetadataRebuilder$Worker.lambda$2(MetadataRebuilder.java:333)
       at org.sonatype.nexus.transaction.OperationPoint.proceed(OperationPoint.java:64)
       at org.sonatype.nexus.transaction.TransactionalWrapper.proceedWithTransaction(TransactionalWrapper.java:56)
       at org.sonatype.nexus.transaction.Operations.transactional(Operations.java:200)
       at org.sonatype.nexus.transaction.Operations.call(Operations.java:146)
       at org.sonatype.nexus.repository.maven.internal.hosted.metadata.MetadataRebuilder$Worker.rebuildMetadataInner(MetadataRebuilder.java:314)
       at org.sonatype.nexus.repository.maven.internal.hosted.metadata.MetadataRebuilder$Worker.rebuildMetadata(MetadataRebuilder.java:282)
       at org.sonatype.nexus.repository.maven.internal.hosted.metadata.MetadataRebuilder.rebuild(MetadataRebuilder.java:101)
       at org.sonatype.nexus.repository.maven.internal.hosted.MavenHostedFacetImpl.rebuildMetadata(MavenHostedFacetImpl.java:109)
       at org.sonatype.nexus.repository.maven.tasks.RebuildMaven2MetadataTask.execute(RebuildMaven2MetadataTask.java:58)
       at org.sonatype.nexus.repository.RepositoryTaskSupport.execute(RepositoryTaskSupport.java:55)
       at org.sonatype.nexus.scheduling.TaskSupport.call(TaskSupport.java:94)
       at org.sonatype.nexus.quartz.internal.task.QuartzTaskJob.doExecute(QuartzTaskJob.java:145)
       at org.sonatype.nexus.quartz.internal.task.QuartzTaskJob.execute(QuartzTaskJob.java:108)
       at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
       at org.sonatype.nexus.thread.internal.MDCAwareRunnable.run(MDCAwareRunnable.java:40)
       at org.apache.shiro.subject.support.SubjectRunnable.doRun(SubjectRunnable.java:120)
       at org.apache.shiro.subject.support.SubjectRunnable.run(SubjectRunnable.java:108)
       at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
       at java.util.concurrent.FutureTask.run(FutureTask.java:266)
       at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
       at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
       at java.lang.Thread.run(Thread.java:745)
      
      

      There are no seemingly no obvious log messages that can be enabled to identify the problem coordinates.

      Expected.

      First priority is that the task should not fail. The repo policy was permissive and possibly could have been mixed or releases at some point. We allowed files to be stored in the repository that cause the task to fail. The task should proceed to fix the metadata as best as it can.

      Second priority is to improve logging. The next log line below where the exception is thrown is exactly what we could use to find the offending path and possibly delete the data from the repository to work around the problem.

      checkNotNull(mavenPath);
          if (mavenPath.isSubordinate() || mavenPath.getCoordinates() == null) {
            return;
          }
          checkState(Objects.equals(groupId, mavenPath.getCoordinates().getGroupId()));
          checkState(Objects.equals(artifactId, mavenPath.getCoordinates().getArtifactId()));
          checkState(Objects.equals(baseVersion, mavenPath.getCoordinates().getBaseVersion())); // EXCEPTION HERE
      
          log.debug("Discovered {}:{}:{}:{}:{}",
              mavenPath.getCoordinates().getGroupId(),
              mavenPath.getCoordinates().getArtifactId(),
              mavenPath.getCoordinates().getVersion(),
              mavenPath.getCoordinates().getClassifier(),
              mavenPath.getCoordinates().getExtension());
      

      Putting logging statements printing method arguments after method arguments are validated is an anti-pattern that should be avoided.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            plynch Peter Lynch
            Last Updated By:
            Rich Seddon Rich Seddon
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved:

                tigCommentSecurity.panel-title