Tamas Cservenak created MNG-7722:
------------------------------------
Summary: Investigate GH Package Registry peculiarities
Key: MNG-7722
URL: https://issues.apache.org/jira/browse/MNG-7722
Project: Maven
Issue Type: Task
Components: Artifacts and Repositories
Affects Versions: 3.9.0
Reporter: Tamas Cservenak
Fix For: 3.9.1
Something is fishy in GH package registry, as it returns unexpected 400 Bad
Request response with transport-http.
More information collected by [~sjaranowski]
Testing: {{MAVEN_OPTS=-Dorg.slf4j.simpleLogger.log.org.apache.http=DEBUG mvn
deploy -X}}
h2. With snapshot
first request:
{noformat}
[DEBUG] http-outgoing-0 >> GET
/slawekjaranowski/test/test/test/1.6-SNAPSHOT/maven-metadata.xml HTTP/1.1
[DEBUG] http-outgoing-0 >> Cache-Control: no-cache, no-store
[DEBUG] http-outgoing-0 >> Pragma: no-cache
[DEBUG] http-outgoing-0 >> Host: maven.pkg.github.com
[DEBUG] http-outgoing-0 >> Connection: Keep-Alive
[DEBUG] http-outgoing-0 >> User-Agent: Apache-Maven/3.9.0 (Java 17.0.6; Mac OS
X 12.6.3)
[DEBUG] http-outgoing-0 >> Accept-Encoding: gzip,deflate
[DEBUG] http-outgoing-0 << HTTP/1.1 401 Unauthorized
[DEBUG] http-outgoing-0 << access-control-allow-methods: GET, HEAD, OPTIONS
[DEBUG] http-outgoing-0 << Access-Control-Allow-Origin: *
[DEBUG] http-outgoing-0 << Content-Security-Policy: default-src 'none';
[DEBUG] http-outgoing-0 << Server: GitHub Registry
[DEBUG] http-outgoing-0 << Strict-Transport-Security: max-age=31536000;
[DEBUG] http-outgoing-0 << www-authenticate: Basic realm="GitHub Package
Registry"
[DEBUG] http-outgoing-0 << X-Content-Type-Options: nosniff
[DEBUG] http-outgoing-0 << X-Frame-Options: DENY
[DEBUG] http-outgoing-0 << X-XSS-Protection: 1; mode=block
[DEBUG] http-outgoing-0 << Date: Sun, 05 Mar 2023 09:17:07 GMT
[DEBUG] http-outgoing-0 << Content-Length: 0
[DEBUG] http-outgoing-0 << X-GitHub-Request-Id: 96F3:5E81:D2DC0C:DC2EEC:64045E13
[DEBUG] Connection can be kept alive indefinitely
[DEBUG] Authentication required
{noformat}
Next:
{noformat}
[DEBUG] http-outgoing-0 >> GET
/slawekjaranowski/test/test/test/1.6-SNAPSHOT/maven-metadata.xml HTTP/1.1
[DEBUG] http-outgoing-0 >> Cache-Control: no-cache, no-store
[DEBUG] http-outgoing-0 >> Pragma: no-cache
[DEBUG] http-outgoing-0 >> Host: maven.pkg.github.com
[DEBUG] http-outgoing-0 >> Connection: Keep-Alive
[DEBUG] http-outgoing-0 >> User-Agent: Apache-Maven/3.9.0 (Java 17.0.6; Mac OS
X 12.6.3)
[DEBUG] http-outgoing-0 >> Accept-Encoding: gzip,deflate
[DEBUG] http-outgoing-0 >> Authorization: Basic xxx
[DEBUG] http-outgoing-0 << HTTP/1.1 200 OK
[DEBUG] http-outgoing-0 << access-control-allow-methods: GET, HEAD, OPTIONS
[DEBUG] http-outgoing-0 << Access-Control-Allow-Origin: *
[DEBUG] http-outgoing-0 << Content-Security-Policy: default-src 'none';
[DEBUG] http-outgoing-0 << Content-Type: application/xml
[DEBUG] http-outgoing-0 << Server: GitHub Registry
[DEBUG] http-outgoing-0 << Strict-Transport-Security: max-age=31536000;
[DEBUG] http-outgoing-0 << X-Content-Type-Options: nosniff
[DEBUG] http-outgoing-0 << X-Frame-Options: DENY
[DEBUG] http-outgoing-0 << X-XSS-Protection: 1; mode=block
[DEBUG] http-outgoing-0 << Date: Sun, 05 Mar 2023 09:17:07 GMT
[DEBUG] http-outgoing-0 << Transfer-Encoding: chunked
[DEBUG] http-outgoing-0 << X-GitHub-Request-Id: 96F3:5E81:D2DC19:DC2EF9:64045E13
[DEBUG] Connection can be kept alive indefinitely
{noformat}
And for put we have {{OPTIONS}} first
{noformat}
[DEBUG] http-outgoing-0 >> OPTIONS
/slawekjaranowski/test/test/test/1.6-SNAPSHOT/test-1.6-20230305.091705-6.pom
HTTP/1.1
[DEBUG] http-outgoing-0 >> Cache-Control: no-cache, no-store
[DEBUG] http-outgoing-0 >> Pragma: no-cache
[DEBUG] http-outgoing-0 >> Host: maven.pkg.github.com
[DEBUG] http-outgoing-0 >> Connection: Keep-Alive
[DEBUG] http-outgoing-0 >> User-Agent: Apache-Maven/3.9.0 (Java 17.0.6; Mac OS
X 12.6.3)
[DEBUG] http-outgoing-0 >> Accept-Encoding: gzip,deflate
[DEBUG] http-outgoing-0 >> Authorization: Basic xxx
[DEBUG] http-outgoing-0 << HTTP/1.1 200 OK
[DEBUG] http-outgoing-0 << access-control-allow-methods: DELETE, GET, HEAD,
OPTIONS, PUT
[DEBUG] http-outgoing-0 << Access-Control-Allow-Origin: *
[DEBUG] http-outgoing-0 << Content-Security-Policy: default-src 'none';
[DEBUG] http-outgoing-0 << Server: GitHub Registry
[DEBUG] http-outgoing-0 << Strict-Transport-Security: max-age=31536000;
[DEBUG] http-outgoing-0 << X-Content-Type-Options: nosniff
[DEBUG] http-outgoing-0 << X-Frame-Options: DENY
[DEBUG] http-outgoing-0 << X-XSS-Protection: 1; mode=block
[DEBUG] http-outgoing-0 << Date: Sun, 05 Mar 2023 09:17:08 GMT
[DEBUG] http-outgoing-0 << Content-Length: 0
[DEBUG] http-outgoing-0 << X-GitHub-Request-Id: 96F3:5E81:D2DC57:DC2F3F:64045E14
{noformat}
And finally {{PUT}} with authorization
{noformat}
[DEBUG] http-outgoing-0 >> PUT
/slawekjaranowski/test/test/test/1.6-SNAPSHOT/test-1.6-20230305.091705-6.pom
HTTP/1.1
[DEBUG] http-outgoing-0 >> Cache-Control: no-cache, no-store
[DEBUG] http-outgoing-0 >> Pragma: no-cache
[DEBUG] http-outgoing-0 >> Expect: 100-continue
[DEBUG] http-outgoing-0 >> Content-Length: 2089
[DEBUG] http-outgoing-0 >> Host: maven.pkg.github.com
[DEBUG] http-outgoing-0 >> Connection: Keep-Alive
[DEBUG] http-outgoing-0 >> User-Agent: Apache-Maven/3.9.0 (Java 17.0.6; Mac OS
X 12.6.3)
[DEBUG] http-outgoing-0 >> Accept-Encoding: gzip,deflate
[DEBUG] http-outgoing-0 >> Authorization: Basic xxx
[DEBUG] http-outgoing-0 << HTTP/1.1 100 Continue
[DEBUG] http-outgoing-0 << HTTP/1.1 200 OKom (2.1 kB)
[DEBUG] http-outgoing-0 << access-control-allow-methods: OPTIONS, PUT
[DEBUG] http-outgoing-0 << Access-Control-Allow-Origin: *
[DEBUG] http-outgoing-0 << Content-Security-Policy: default-src 'none';
[DEBUG] http-outgoing-0 << Server: GitHub Registry
[DEBUG] http-outgoing-0 << Strict-Transport-Security: max-age=31536000;
[DEBUG] http-outgoing-0 << X-Content-Type-Options: nosniff
[DEBUG] http-outgoing-0 << X-Frame-Options: DENY
[DEBUG] http-outgoing-0 << X-XSS-Protection: 1; mode=block
[DEBUG] http-outgoing-0 << Date: Sun, 05 Mar 2023 09:17:09 GMT
[DEBUG] http-outgoing-0 << Content-Length: 84
[DEBUG] http-outgoing-0 << Content-Type: text/plain; charset=utf-8
[DEBUG] http-outgoing-0 << X-GitHub-Request-Id: 96F3:5E81:D2DC64:DC2F4E:64045E14
{noformat}
h2. With release version
First request {{OPTION}} without auth return *200*
{noformat}
[DEBUG] http-outgoing-0 >> OPTIONS
/slawekjaranowski/test/test/test/1.6/test-1.6.pom HTTP/1.1
[DEBUG] http-outgoing-0 >> Cache-Control: no-cache, no-store
[DEBUG] http-outgoing-0 >> Pragma: no-cache
[DEBUG] http-outgoing-0 >> Host: maven.pkg.github.com
[DEBUG] http-outgoing-0 >> Connection: Keep-Alive
[DEBUG] http-outgoing-0 >> User-Agent: Apache-Maven/3.9.0 (Java 17.0.6; Mac OS
X 12.6.3)
[DEBUG] http-outgoing-0 >> Accept-Encoding: gzip,deflate
[DEBUG] http-outgoing-0 << HTTP/1.1 200 OK
[DEBUG] http-outgoing-0 << access-control-allow-methods: DELETE, GET, HEAD,
OPTIONS, PUT
[DEBUG] http-outgoing-0 << Access-Control-Allow-Origin: *
[DEBUG] http-outgoing-0 << Content-Security-Policy: default-src 'none';
[DEBUG] http-outgoing-0 << Server: GitHub Registry
[DEBUG] http-outgoing-0 << Strict-Transport-Security: max-age=31536000;
[DEBUG] http-outgoing-0 << X-Content-Type-Options: nosniff
[DEBUG] http-outgoing-0 << X-Frame-Options: DENY
[DEBUG] http-outgoing-0 << X-XSS-Protection: 1; mode=block
[DEBUG] http-outgoing-0 << Date: Sun, 05 Mar 2023 09:32:51 GMT
[DEBUG] http-outgoing-0 << Content-Length: 0
[DEBUG] http-outgoing-0 << X-GitHub-Request-Id: 9759:0643:E94489:F2C289:640461C3
{noformat}
First {{PUT}} returns *401*
{noformat}
[DEBUG] http-outgoing-0 >> PUT
/slawekjaranowski/test/test/test/1.6/test-1.6.pom HTTP/1.1
[DEBUG] http-outgoing-0 >> Cache-Control: no-cache, no-store
[DEBUG] http-outgoing-0 >> Pragma: no-cache
[DEBUG] http-outgoing-0 >> Expect: 100-continue
[DEBUG] http-outgoing-0 >> Content-Length: 2089
[DEBUG] http-outgoing-0 >> Host: maven.pkg.github.com
[DEBUG] http-outgoing-0 >> Connection: Keep-Alive
[DEBUG] http-outgoing-0 >> User-Agent: Apache-Maven/3.9.0 (Java 17.0.6; Mac OS
X 12.6.3)
[DEBUG] http-outgoing-0 >> Accept-Encoding: gzip,deflate
[DEBUG] http-outgoing-0 << HTTP/1.1 401 Unauthorized
[DEBUG] http-outgoing-0 << access-control-allow-methods: OPTIONS, PUT
[DEBUG] http-outgoing-0 << Access-Control-Allow-Origin: *
[DEBUG] http-outgoing-0 << Content-Security-Policy: default-src 'none';
[DEBUG] http-outgoing-0 << Server: GitHub Registry
[DEBUG] http-outgoing-0 << Strict-Transport-Security: max-age=31536000;
[DEBUG] http-outgoing-0 << www-authenticate: Basic realm="GitHub Package
Registry"
[DEBUG] http-outgoing-0 << X-Content-Type-Options: nosniff
[DEBUG] http-outgoing-0 << X-Frame-Options: DENY
[DEBUG] http-outgoing-0 << X-XSS-Protection: 1; mode=block
[DEBUG] http-outgoing-0 << Date: Sun, 05 Mar 2023 09:32:51 GMT
[DEBUG] http-outgoing-0 << Content-Length: 0
[DEBUG] http-outgoing-0 << X-GitHub-Request-Id: 9759:0643:E94494:F2C298:640461C3
{noformat}
Next {{PUT}} returns *400*
{noformat}
[DEBUG] http-outgoing-0 >> PUT
/slawekjaranowski/test/test/test/1.6/test-1.6.pom HTTP/1.1
[DEBUG] http-outgoing-0 >> Cache-Control: no-cache, no-store
[DEBUG] http-outgoing-0 >> Pragma: no-cache
[DEBUG] http-outgoing-0 >> Expect: 100-continue
[DEBUG] http-outgoing-0 >> Content-Length: 2089
[DEBUG] http-outgoing-0 >> Host: maven.pkg.github.com
[DEBUG] http-outgoing-0 >> Connection: Keep-Alive
[DEBUG] http-outgoing-0 >> User-Agent: Apache-Maven/3.9.0 (Java 17.0.6; Mac OS
X 12.6.3)
[DEBUG] http-outgoing-0 >> Accept-Encoding: gzip,deflate
[DEBUG] http-outgoing-0 >> Authorization: Basic xxx
[DEBUG] http-outgoing-0 << HTTP/1.1 400 Bad Request
[DEBUG] http-outgoing-0 << Cache-Control: no-cache
[DEBUG] http-outgoing-0 << Content-Type: text/html; charset=utf-8
[DEBUG] http-outgoing-0 << Strict-Transport-Security: max-age=31536000
[DEBUG] http-outgoing-0 << X-Content-Type-Options: nosniff
[DEBUG] http-outgoing-0 << X-Frame-Options: deny
[DEBUG] http-outgoing-0 << X-XSS-Protection: 0
[DEBUG] http-outgoing-0 << Content-Security-Policy: default-src 'none';
style-src 'unsafe-inline'
[DEBUG] http-outgoing-0 << connection: close
{noformat}
And other {{PUT}} returns *409* - it is ok I had such artifact from previous
tests
{noformat}
[DEBUG] http-outgoing-1 >> PUT
/slawekjaranowski/test/test/test/1.6/test-1.6.jar HTTP/1.1
[DEBUG] http-outgoing-1 >> Cache-Control: no-cache, no-store
[DEBUG] http-outgoing-1 >> Pragma: no-cache
[DEBUG] http-outgoing-1 >> Expect: 100-continue
[DEBUG] http-outgoing-1 >> Content-Length: 1874
[DEBUG] http-outgoing-1 >> Host: maven.pkg.github.com
[DEBUG] http-outgoing-1 >> Connection: Keep-Alive
[DEBUG] http-outgoing-1 >> User-Agent: Apache-Maven/3.9.0 (Java 17.0.6; Mac OS
X 12.6.3)
[DEBUG] http-outgoing-1 >> Accept-Encoding: gzip,deflate
[DEBUG] http-outgoing-1 >> Authorization: Basic xxx
[DEBUG] http-outgoing-1 << HTTP/1.1 100 Continue
[DEBUG] http-outgoing-1 << HTTP/1.1 409 Conflict
[DEBUG] http-outgoing-1 << access-control-allow-methods: OPTIONS, PUT
[DEBUG] http-outgoing-1 << Access-Control-Allow-Origin: *
[DEBUG] http-outgoing-1 << Content-Security-Policy: default-src 'none';
[DEBUG] http-outgoing-1 << Content-Type: text/plain; charset=utf-8
[DEBUG] http-outgoing-1 << Server: GitHub Registry
[DEBUG] http-outgoing-1 << Strict-Transport-Security: max-age=31536000;
[DEBUG] http-outgoing-1 << X-Content-Type-Options: nosniff
[DEBUG] http-outgoing-1 << X-Frame-Options: DENY
[DEBUG] http-outgoing-1 << X-XSS-Protection: 1; mode=block
[DEBUG] http-outgoing-1 << Date: Sun, 05 Mar 2023 09:32:55 GMT
[DEBUG] http-outgoing-1 << Content-Length: 80
[DEBUG] http-outgoing-1 << X-GitHub-Request-Id: 975A:3206:E6B3EE:F02417:640461C6
{noformat}
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
