By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

CodeArtifact Push Timing Out

0

Starting today all code deploys to codeartifact in us-east-1 started failing. SBT AetherDeploy gives an error saying there was no response from the server after a couple seconds. Pulls from codeartifact seem to work. I tried to create a new domain and repo with the same outcome. Is anyone else having issues pushing to code artifact

Topics
Developer Tools
Tags
AWS CodeArtifact
Language
English
garrett
asked a year ago574 views
1 Answer
0

We have been investigating an issue that causes maven publishes to codeartifact to return the error:

Failed to deploy artifacts: Could not transfer artifact ... from/to ... (https://....d.codeartifact.....amazonaws.com/maven/... ): ....d.codeartifact.....amazonaws.com:443  failed to respond

We believe this is a bug in Maven and will be submitting an issue to the Maven project shortly. The bug is triggered by a long list of unusual circumstances. Removing any one of these masks the bug and allows publishing to work.

First off, this bug only occurs when there is reasonably high network latency. If the Maven client and CodeArtifact instance are reasonably close to each other, say on the same continent, the bug does not occur.

Second, it seems to be more common when sending a checksum. The mvn command line argument -Daether.checksums.algorithms= makes the bug very rare.

Third, this bug occurs when using the newer native transport in maven. The new protocol is the default in 3.9.x releases. It can be opted out of with the command line argument -Dmaven.resolver.transport=wagon. The native transport is also known as aether, as in the name SBT AetherDeploy.

Fourth, it only happens when a connection is reused from a pool. Connection pooling is the default behavior in the new native transport. It can be opted out of by upgrading to Maven 3.9.2 and passing the command line argument -Daether.connector.http.reuseConnections=false.

Lastly, it only happens when using TLSv1.3. This can be opted out of by using the command line argument -Dhttps.protocols=TLSv1.2. CodeArtifact will be releasing a change to disable TLS1.3 to mitigate the issue for all customers. Expect that to be rolled out next week.

In the meantime any of the command line flags described above are expected to mitigate the issue. If they are all effective for you we would recommend using -Dmaven.resolver.transport=wagon until the CodeArtifact rollout is completed next week.

I am not familiar enough with the SBT tool to know how these options are passed to it. JAVA_OPTS environment variable may be relevant. I am sorry. If you could test the various mitigations and let us know which were effective for you it would make our investigation significantly better. If you would like help with a deep dive on your particular account and situation please open a support ticket.

JFinkelm
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content