'AWS CodeArtifact token update

I created AWS CodeArtifact repository, obtained token with aws codeartifact get-authorization-token command, and set it correctly to .m2/settings.xml (my project is using maven as build tool & package manager).

The problem is that the token expires after 12 hours. This means that I and all the developers working on the project have to fetch a new token and set the new token in settings.xml file. And same has to be done for ci/cd server that also needs to have a connection to CodeArtifact in order to push the artifacts after building.

There has to be a way to solve this problem but unfortunately, I wasn't able to find the solution.



Solution 1:[1]

I went ahead and made a proof-of-concept Maven extension that automatically fetches and then uses the authorization token to setup a repository for your Maven project: https://github.com/brcolow/codeartifact-maven-extension

It is not super flexible at the moment. I took care to document exactly what the setup should be for the extension to work (Codeartifact repository with Maven central upstream configured, IAM profile credentials, etc.). It works for the single user/tester so far - me :).

Solution 2:[2]

You can't extend the lifetime of the token above 12 hours for security reasons but there are ways to make it easier.

You can change the settings.xml to utilize environment variables

    <server>
        <id>codeartifact</id>
        <username>aws</username>
        <password>${env.CODEARTIFACT_AUTH_TOKEN}</password>
    </server>

and set the environment variable with following command (Linux)

export CODEARTIFACT_AUTH_TOKEN=`aws codeartifact get-authorization-token ...`

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 brcolow
Solution 2 Tom