Configure Maven

Maven Settings

The Maven settings, used by the Camel K operator, can be provided in a ConfigMap or a Secret.

The kubectl CLI provides convenient commands, to create a ConfigMap or a Secret from a file, e.g.:

$ kubectl create configmap maven-settings --from-file=settings.xml

The created ConfigMap or Secret can then be referenced in the IntegrationPlatform resource, from the spec.build.maven.settings field, e.g.:

apiVersion: camel.apache.org/v1
kind: IntegrationPlatform
metadata:
  name: camel-k
spec:
  build:
    maven:
      settings:
        configMapKeyRef:
          key: settings.xml
          name: maven-settings

The IntegrationPlatform resource can be edited directly, to reference the ConfigMap or the Secret that contains the Maven settings, e.g.:

$ kubectl edit ip camel-k

Alternatively, the Kamel CLI provides the --maven-settings option, with the install command, that can be used to configure the Maven settings at installation time, e.g.:

$ kamel install --maven-settings=configmap|secret:name[/key]

In case you only want to configure remote repositories, you can use the --maven-repository option, that automatically generates a settings.xml file and relieves from creating a ConfigMap or Secret, e.g.:

$ kamel install --maven-repository <repository_url>

Check the CA Certificates section, if these remote repositories require custom CA certificates.

Extra attributes can be appended to the repository_url, using the @ separator. The following attributes are supported:

Table 1. Maven Repository Attributes
Name	Type	Description
`@id`	string	Sets the repository `id`
`@name`	string	Sets the repository `name`
`@snapshots`	flag	Turns `snapshots.enabled` to `true`
`@noreleases`	flag	Turns `snapshots.enabled` to `false`
`@checksumpolicy`	string	Sets the repository `checksumPolicy`
`@mirrorOf`	string	Declares the repository as a mirror of the repositories with matching ids

For example, running the following command:

$ kamel install --maven-repository https://repository.apache.org/content/groups/snapshots-group@id=apache@snapshots@noreleases

Results in generating the following settings.xml file:

<repositories>
  <repository>
    <id>apache</id>
    <url>http://repository.apache.org/content/groups/snapshots-group</url>
    <snapshots>
      <enabled>true</enabled>
    </snapshots>
    <releases>
      <enabled>false</enabled>
    </releases>
  </repository>
</repositories>

The --maven-settings and --maven-repository options are mutually exclusive.

You can find more information in the Introduction to Repositories from the Maven documentation.

CA Certificates

The CA certificates, used by the Maven commands to connect to the remote Maven repositories, can be provided in a Secret.

The kubectl CLI provides a convenient command, to create a Secret from a file, e.g.:

$ kubectl create secret generic maven-ca-certs --from-file=ca.crt

The Secret can contain X.509 certificates, and PKCS#7 formatted certificate chains. A JKS formatted keystore is automatically created to store the CA certificate(s), and configured to be used as a trusted certificate(s) by the Maven commands. The root CA certificates are also imported into the created keystore.

The created Secret can then be referenced in the IntegrationPlatform resource, from the spec.build.maven.caSecret field, e.g.:

apiVersion: camel.apache.org/v1
kind: IntegrationPlatform
metadata:
  name: camel-k
spec:
  build:
    maven:
      caSecret:
        key: tls.crt
        name: tls-secret

Alternatively, the Kamel CLI provides the --maven-ca-secret option, with the install command, that can be used to configure the Maven CA Secret at installation time, e.g.:

$ kamel install --maven-ca-secret <secret_name>/<secret_key>