SONAR-21476 Enable JFrog authentication explicitly

(cherry picked from commit 931fa6aceb18d2ee06f8389325ab8c37e61e2d40)

2 files changed, 32 insertions, 11 deletions

diff --git a/.cirrus.yml b/.cirrus.yml
index ff697d440a5..0c02ff81bc6 100644
--- a/.cirrus.yml
+++ b/.cirrus.yml
@@ -1,6 +1,7 @@
 env:
   GRADLE_OPTS: -Dorg.gradle.jvmargs="-XX:+PrintFlagsFinal -XshowSettings:vm -XX:+HeapDumpOnOutOfMemoryError -XX:+UnlockExperimentalVMOptions -Djava.security.egd=file:/dev/./urandom -Dfile.encoding=UTF8 -Duser.language=en -Duser.country=US"
   # to be replaced by other credentials
+  ARTIFACTORY_URL: VAULT[development/kv/data/repox data.url]
   ARTIFACTORY_PRIVATE_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader
   ARTIFACTORY_PRIVATE_PASSWORD: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-private-reader access_token]
   ARTIFACTORY_DEPLOY_USERNAME: vault-${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer
diff --git a/build.gradle b/build.gradle
index 7ecd7e2ba1d..431cb948799 100644
--- a/build.gradle
+++ b/build.gradle
@@ -63,22 +63,42 @@ allprojects {
 
   repositories {
     def repository = project.hasProperty('qa') ? 'sonarsource-qa' : 'sonarsource'
+    // The environment variables ARTIFACTORY_PRIVATE_USERNAME and ARTIFACTORY_PRIVATE_PASSWORD are used on QA env (Jenkins)
+    // On local box, please add artifactoryUsername and artifactoryPassword to ~/.gradle/gradle.properties
+    def artifactoryUsername = System.env.'ARTIFACTORY_PRIVATE_USERNAME' ?: (project.hasProperty('artifactoryUsername') ? project.getProperty('artifactoryUsername') : '')
+    def artifactoryPassword = System.env.'ARTIFACTORY_PRIVATE_PASSWORD' ?: (project.hasProperty('artifactoryPassword') ? project.getProperty('artifactoryPassword') : '')
+    def artifactoryUrl = System.getenv('ARTIFACTORY_URL') ?: (project.hasProperty('artifactoryUrl') ? project.getProperty('artifactoryUrl') : '')
+
+    if (artifactoryUrl == '') {
+      throw new GradleException('Invalid artifactoryUrl')
+    }
+
     maven {
-      // The environment variables ARTIFACTORY_PRIVATE_USERNAME and ARTIFACTORY_PRIVATE_PASSWORD are used on QA env (Jenkins)
-      // On local box, please add artifactoryUsername and artifactoryPassword to ~/.gradle/gradle.properties
-      def artifactoryUsername = System.env.'ARTIFACTORY_PRIVATE_USERNAME' ?: (project.hasProperty('artifactoryUsername') ? project.getProperty('artifactoryUsername') : '')
-      def artifactoryPassword = System.env.'ARTIFACTORY_PRIVATE_PASSWORD' ?: (project.hasProperty('artifactoryPassword') ? project.getProperty('artifactoryPassword') : '')
-      if (!artifactoryUsername || ! artifactoryPassword) {
-
-        // Workaround for artifactory
-        // https://www.jfrog.com/jira/browse/RTFACT-13797
-        repository = 'public'
-      }
-      url "https://repox.jfrog.io/repox/${repository}"
+        if (artifactoryPassword) {
+          authentication {
+            header(HttpHeaderAuthentication)
+          }
+          credentials(HttpHeaderCredentials) {
+            name = "Authorization"
+            value = "Bearer $artifactoryPassword"
+          }
+        } else {
+            // Workaround for artifactory
+            // https://www.jfrog.com/jira/browse/RTFACT-13797
+            repository = 'public'
+        }
+        url "${artifactoryUrl}/${repository}"
     }
     ivy {
           if (artifactoryUsername && artifactoryPassword) {
               url "${artifactoryUrl}/sonarsource-bucket"
+              authentication {
+                header(HttpHeaderAuthentication)
+              }
+              credentials(HttpHeaderCredentials) {
+                name = "Authorization"
+                value = "Bearer $artifactoryPassword"
+              }
 
               patternLayout {
                 artifact '/[organisation]/[module]/[module]-[revision].[ext]'