Maven和依赖项不在存储库中 [英] Maven and dependencies NOT in repository
问题描述
我们有一个依赖第三方库,可以在线以jar形式使用,但是在Maven存储库中不是,或者在任何其他存储库中都不是.
We have a dependency third-party library that is available online in jar form, but it is not in Maven Repository, or known to be in any other repository.
我们如何使用pom.xml基于URL自动检索此依赖关系?
How can we use pom.xml to auto-retrieve this dependency, based on a URL?
我们不想将其存储在我们的Git仓库中,因为那是一件坏事.
We don't want to store it in our Git repo, because that's A Bad Thing.
这里的想法是,当人们签出项目时,他们可以使用其IDE Maven集成(或只是mvn命令行工具)来下载所有依赖项.因此,我们希望能够像下载Maven仓库中的所有第三方依赖关系一样下载此第三方依赖关系.
The idea here is that when people check out the project, they can use their IDE Maven integration (or just mvn command line tools) to download all the dependencies. So we would want to be able to also download this other third party dependency just like all the ones in Maven repo.
根据搜索结果,我还无法给出答案-所有解决方案似乎都是先下载并创建本地存储库".显然,Maven可以从Internet下载,因为这就是它与Maven Central和其他存储库的连接方式.因此,我不明白为什么它不能下载以可识别格式显示软件包的任意URL.
I have not been able to come up with an answer to this based on searches -- all solutions seem to be "download it first and create a local repo." Obviously Maven can download from the Internet, since that's how it connects to Maven Central and other repos. So I don't see why it cannot download arbitrary URLs that present packages in recognizable formats.
推荐答案
长期而言,最好的解决方案是使用您自己的工件存储库,例如Nexus,Artifactory或Archiva. 所有这些都具有手动上传功能,可用于设置groupId,artifactId和版本,因此您可以照常引用该工件. 如果您想降低技术含量,我认为您可以将某些计算机的本地存储库放在Apache后面,只要您授予读/写访问权限即可.
Long term, the best solution is to use your own artifact repository like Nexus, Artifactory or Archiva. All of these have a manual upload function that you can use to set the groupId, artifactId and version, so you can then refer to the artifact as usual. If you want to go really low tech, I think you can just put some machine's local repository behind an Apache, provided you grant read/write access.
然后,您需要如此处所述,将新的存储库添加到Maven settings.xml文件中. .
Maven使用坐标浏览存储库(具有特定布局),并使用回购协议中特定位置的元数据文件验证工件校验和是否损坏/篡改. AFAIK与使用回购清单且不允许任意URL下载的其他软件包管理系统(如APT和RubyGems)相似.
Maven uses the coordinates to navigate the repository (which has a specific layout) and verify artifact checksums for corruption/tampering using metadata files in specific locations of the repo. AFAIK this is similar to other package management systems like APT and RubyGems that use repo manifests and don't allow arbitrary URL downloads.
如果您确实不希望或不能使用存储库管理器,则始终可以下载工件并使用
If you really don't want or can't use a repository manager, you can always download the artifact and manually install it using the Maven Install Plugin:
mvn install:install-file -Dfile=your-artifact-1.0.jar -DgroupId=org.some.group -DartifactId=your-artifact -Dversion=1.0
但是,每当需要更改工件时,就必须在运行该构建的每台机器上执行此操作.
However, you'll have to do this on every machine that runs the build, every time that artifact needs to change.
这篇关于Maven和依赖项不在存储库中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
