Questions tagged with AWS CodeArtifact

Hellooo!!!I have a little problem with CodeArtifact. I try to upload a test jar in to my repository using curl and the response is: {"message": "Missing Authentication Token"}. At first, I executed the command to obtain the authorization token: ``` export CODEARTIFACT_AUTH_TOKEN=`aws codeartifact get-authorization-token --domain XXXXXXX --domain-owner XXXXXXXX --query authorizationToken --output text --profile XXXXXXXX --region XXXXX` ``` The variable is filled correctly and after, I executed the curl command: ``` curl --request PUT https://XXXXXXXXXX.d.codeartifact.XXXXXXX.amazonaws.com/XXXXXXXX/test_app.jar --user "aws:$CODEARTIFACT_AUTH_TOKEN" --header "Content-Type: application/octet-stream" --data-binary @test_app.jar ``` The answer is always the same: {"message": "Missing Authentication Token"}. In Curl verbose mode I can see the Authorization basic correctly formed. And I tested the following things: - Execute with postman. - Put in the CURL directly the token ```--user "aws:TOKENEXAMPLE......"``` - Increase the token duration time - Put a full access policy in the repo configuration. Maybe I was ignore something? I'm following the next documents: https://docs.aws.amazon.com/codeartifact/latest/ug/tokens-authentication.html https://docs.aws.amazon.com/codeartifact/latest/ug/maven-curl.html Probably I was changed and trying a lot of things and maybe now I can't see the problem. Thanks for your help!

When running the statement against CodeArtifact: ``` dotnet restore --verbosity quiet --nologo "sample.sln" ``` the result is: ``` sample.csproj : error NU1103: Unable to find a stable package sample with version (>= 22.0.80) [sample.sln] sample.csproj : error NU1103: - Found 2 version(s) in invantive/22.1 [ Nearest version: 22.1.7-beta ] [sample.sln] sample.csproj : error NU1103: - Found 1 version(s) in invantive/22.0 [ Nearest version: 22.0.76 ] [sample.sln] sample.csproj : error NU1103: - Found 0 version(s) in Microsoft Visual Studio Offline Packages [sample.sln] ``` However, CodeArtifact really contains the 22.0.80 version which was uploaded maybe 5 minutes earlier. The CodeArtifact credentials provider has been loaded and configured. This problem occurs every now and then. How can I convince NuGet called through `dotnet` to check more thoroughly? Is CodeArtifact ready for production use?

## Description of setup The web app my team is working on uses `yarn` as the node package manager with the registry hosted at a CodeArtifact registry. Our team's private npm packages are available on this registry. Our CodeArtifact registry is also configured to have an upstream repository. This upstream repository is connected to `https://registry.npmjs.org/`. ## Issue Our web app use multiple packages that have a dependency on `"@types/node": "*"` (see [here](https://www.npmjs.com/package/@types/node)). At the time of writing, these are the 5 latest versions sorted in order of their release date. 12.20.47 16.11.26 17.0.21 17.0.20 17.0.19 Given that the dependencies in our app have `@types/node: *` as a dependency, I would expect that doing `yarn install` installs the latest version. In the list above, that would be version `17.0.21`. However, when we are doing `yarn install` with the registry settings to the AWS CodeArtifact registry, we get the version `12.20.47`, which is the latest in terms of release date but not the latest in terms of semantic versioning. ## Proposal Can you look at fixing the issue with upstream repositories connected to the public npm registry so that the latest version is always the latest semantic version rather than the latest release date? ## Minimum replication Here is a minimal replication for the issue package.json ``` { "name": "demoBug", "version": "1.0.0", "description": "", "main": "index.js", "dependencies": { "ioredis": "4.28.1" }, "devDependencies": { "@types/node": "16.11.9", "@types/ioredis": "4.28.1" }, "author": "", "license": "ISC" } ``` Notice how `@types/ioredis` is the package that has a dependency on `@types/node: "*"`. .npmrc ``` registry="https://registry.yarnpkg.com" ``` .yarnrc ``` registry "https://registry.yarnpkg.com" ``` The result in the `yarn.lock` file is what is expected. yarn.lock (with integrity hash removed) ``` ... "@types/node@*": version "17.0.21" resolved "https://registry.yarnpkg.com/@types/node/-/node-17.0.21.tgz#864b987c0c68d07b4345845c3e63b75edd143644" "@types/node@16.11.9": version "16.11.9" resolved "https://registry.yarnpkg.com/@types/node/-/node-16.11.9.tgz#879be3ad7af29f4c1a5c433421bf99fab7047185" ... ``` See how the version of `@types/node` is at the latest semantic version (at time of writing) Now if we alter `.npmrc` and `.yarnrc` so that the default registry is an AWS CodeArtifact registry. .npmrc ``` registry="<URL to repository for in AWS CodeArtifact>" ``` .yarnrc ``` registry "<URL to repository for in AWS CodeArtifact>" ``` then this changes a change in `yarn.lock` when reinstalling npm packages (after removing any existing `yarn.lock` and `node_modules/` yarn.lock ``` "@types/node@*": version "12.20.47" resolved "https://registry.yarnpkg.com/@types/node/-/node-17.0.21.tgz#864b987c0c68d07b4345845c3e63b75edd143644" "@types/node@16.11.9": version "16.11.9" resolved "https://registry.yarnpkg.com/@types/node/-/node-16.11.9.tgz#879be3ad7af29f4c1a5c433421bf99fab7047185" ``` Notice the difference in versions for `@types/node`, even though the upstream repository in AWS is a mirror for the npm public registry.

I'm investigating the use of CodeArtifact for our Maven projects and it's working well, but I notice that whenever I upload artifacts I get a warning about failure to upload the maven-metadata.xml.md5 file: https://forums.aws.amazon.com/ Failed to upload checksum to com/****/****/1.0.0-SNAPSHOT/maven-metadata.xml.md5 org.apache.maven.wagon.TransferFailedException: transfer failed for https://******.d.codeartifact.us-west-2.amazonaws.com/maven/evconnect/com/****/****/1.0.0-SNAPSHOT/maven-metadata.xml.md5 at org.apache.maven.wagon.providers.http.wagon.shared.AbstractHttpClientWagon.put (AbstractHttpClientWagon.java:855) ---snip--- Caused by: org.apache.maven.wagon.providers.http.httpclient.client.ClientProtocolException at org.apache.maven.wagon.providers.http.httpclient.impl.client.InternalHttpClient.doExecute (InternalHttpClient.java:187) ---snip--- Caused by: org.apache.maven.wagon.providers.http.httpclient.client.NonRepeatableRequestException: Cannot retry request with a non-repeatable request entity at org.apache.maven.wagon.providers.http.httpclient.impl.execchain.RetryExec.execute (RetryExec.java:108) ---snip--- Caused by: java.net.SocketException: Connection or outbound has closed at sun.security.ssl.SSLSocketImpl$AppOutputStream.write (SSLSocketImpl.java:1217) is this normal, someone ran into such problem?

I frequently get errors such as the following: Caused by: java.io.IOException: Server returned HTTP response code: 409 for URL: https://***-***.d.codeartifact.us-east-1.amazonaws.com/maven/releases/<redacted> This seems to be happening when performing concurrent releases of the same artifacts (different branches, different versions).

Is there a best practice workaround for the Codebuild Action Configurator 1000 Character limit? Ref: https://docs.aws.amazon.com/codepipeline/latest/userguide/reference-variables.html. The customer has hit an obscure error with CodeBuild Action Configuration blocks for defining environment variables.

Hi, I would like to use the latest version of `vite` package (2.7.10) but Code Artifact doesn't list it. It's stuck to v2.6.14. Vite 2.7.10 was published 13 days ago on npmjs.com. So I think you have a bug somewhere in your metadata cache (we are located in eu-west-3). AWS documentation states this : ``` For npm and NuGet packages, there may be a delay of up to 10 minutes from when a new package version is published to npmjs.com or nuget.org and when it is available for installation from a CodeArtifact repository. CodeArtifact automatically synchronizes metadata from these two repositories to ensure the cache is up-to-date. ``` How to reproduce this problem : - `npm login` to your Code Artifact instance - run the following command : `npm view vite versions --json` If you run `npm view vite versions --json` with the official npmjs.com registry, it lists the right versions. Last point : I tried to download Webpack v5.66.0 from CodeArtifact and everything went well. v5.66.0 was published today. So I face this problem only with `vite`. Thank you for your help.

# Context I am attempting to publish a *private* package to AWS CodeArtifact and having difficulties. The `package.json` file has its `private` field set to `false` to prevent accidental publishing to npmjs.com registry in case a developer in our team makes a mistake. Package publish to AWS CA fails with the expected error (see Response 1 below). Same thing happens when I specify the following `publishConfig` (see Response 2 below). ```json { "publishConfig": { "registry": "https://xxxxx-demo-domain-xxxxxxxxxxxx.d.codeartifact.us-east-1.amazonaws.com/npm/xxxxx-demo-repo/", "access": "restricted" } } ``` # Question How do I configure the `publishConfig` to allow the package to be published to a specific AWS CA domain/registry under our team control? I couldn't find information about it in the AWS Documentation nor on StackOverflow nor anywhere else online. ## Response 1 ```sh $ npm publish npm notice npm notice 📦 @ec/trivial-package@1.2.0 npm notice === Tarball Contents === npm notice 77B index.js npm notice 797B package.json npm notice === Tarball Details === npm notice name: @ec/trivial-package npm notice version: 1.2.0 npm notice filename: @ec/trivial-package-1.2.0.tgz npm notice package size: 541 B npm notice unpacked size: 874 B npm notice shasum: a356f71ca997c48c54cd91172884ae8da9911725 npm notice integrity: sha512-WSa7fmhfuSXFY[...]Nn9JqgAUaHSeA== npm notice total files: 2 npm notice npm ERR! code EPRIVATE npm ERR! This package has been marked as private npm ERR! Remove the 'private' field from the package.json to publish it. npm ERR! A complete log of this run can be found in: npm ERR! C:\Users\igors\AppData\Local\npm-cache\_logs\2022-01-06T01_47_28_986Z-debug.log ``` ## Response 2 ```sh $ npm publish npm notice npm notice 📦 @ec/trivial-package-2@1.0.0 npm notice === Tarball Contents === npm notice 77B index.js npm notice 609B package.json npm notice === Tarball Details === npm notice name: @ec/trivial-package-2 npm notice version: 1.0.0 npm notice filename: @ec/trivial-package-2-1.0.0.tgz npm notice package size: 507 B npm notice unpacked size: 686 B npm notice shasum: 57511cd858f92a1818621045f34bfd5723649271 npm notice integrity: sha512-uV5seBJT40fFy[...]BVD355OzLkcBQ== npm notice total files: 2 npm notice npm ERR! code EPRIVATE npm ERR! This package has been marked as private npm ERR! Remove the 'private' field from the package.json to publish it. npm ERR! A complete log of this run can be found in: npm ERR! C:\Users\igors\AppData\Local\npm-cache\_logs\2022-01-06T20_27_04_435Z-debug.log ```

Hello, I am interested in using CodeArtifact in some projects. We currently use several Maven repositories which, *while public*, are not on CodeArtifact's list of supported upstreams. Unless I am mis-reading the documentation, it's not possible to use an arbitrary upstream repository outside the approved list (which, for Maven, looks limited to Maven Central). Is this a feature that's on the roadmap for CodeArtifact?

I am working on a npm module and I setup codeartifact. I logged in using the standard aws cli login command and then published using "yarn publish". So far so good. When I use yarn install in my test app I get the following error: error An unexpected error occurred: "https://artifact-6c-XXXXXXXXXX.d.codeartifact.us-east-1.amazonaws.com/npm/npm-repo/aws-sdk: Unauthenticated: request did not include an Authorization header. Please provide your credentials.". If I do "npm install" it all works and grabs the module as well as the dependencies. I see the CodeArtifact populated with all the dependencies. I tried deleting all lock files, node_module, yarn cache etc but npm succeeds and yarn fails. It seems it is not picking up the token. npm version 7.15.1 yarn version 1.22.10 OS: Ubuntu 20.04.2 LTS What am I doing wrong? I would prefer to use yarn if possible. Edited by: AndrewPanagos on Jun 27, 2021 2:52 PM

Hi, I have created a Domain and a Repo with PyPi as the upstream repo. When I now try to get pip from the PyPi I am getting the following error. An error occurred (AccessDeniedException) when calling the GetAuthorizationToken operation: User: arn:aws:iam::847674911784:root is not authorized to perform: sts:GetServiceBearerToken on resource: arn:aws:iam::847674911784:root It would be helpful if someone can through some light on how to progress on this one. The aws cli command is aws codeartifact login --tool pip --repository my-repo --domain my-domain --domain-owner 847674911784 Regards, Ramster

Python package version information is defined in (PEP 440)<https://www.python.org/dev/peps/pep-0440/>. However version sorting in code artifact is not conformant to PEP440. In particular I noticed that for code artifact `1.0.0.dev1 > 1.0.0` while for PEP440 it should be `1.0.0.dev1 < 1.0.0`. In other words if both versions `1.0.0` and `1.0.0.dev1` are present, code artifact will report `1.0.0.dev1` as the "Latest version", while, in reality `1.0.0` is the latest one. (Did not check how code artifact treats `1.0.0rc1` and friends) This bug will not prevent `pip` from working correctly, but it is quite annoying in the WEB GUI to code artifact. Please read and implement PEP440 version sorting in code commit. THX. Edited by: stefano-m on Aug 5, 2020 6:39 AM Edited by: stefano-m on Aug 5, 2020 6:40 AM Edited by: stefano-m on Aug 5, 2020 6:42 AM