I have setup an instance of Artifactory (4.1.2) which I am using to store java artefacts. I push artifacts to the instance using the gradle plugin configured as below
artifactory {
contextUrl = 'http://example.com/artifactory'
publish {
repository {
// The Artifactory repository key to publish to
repoKey = 'libs-release-local'
username = artifactory_username
password = artifactory_password
}
defaults {
publications('releaseJar')
}
}
}
I want to be able to prevent overwriting already deployed artefacts by version. This seems to be a common request and the docs say
You can prevent a user or group from overwriting a deployed release or unique snapshot by not granting the Delete permission. Non-unique snapshots can always be overwritten (provided the Deploy permission is granted).
However, I have set up a deploy user which is in groups 1 | deployers
with related permissions 1 | CanDeploy.
The CanDeploy permission has Deploy/Cache permissions for the deployers group only.
However! I can overwrite the deployed artifact to my hearts content using gradle artifactoryPublish.
Any advice would be gratefully received :)
EDIT: Since asking this question the functionality has started working as desired. This is very weird as I had not changed the Artifactory settings at all but is now returning a 403 when I try to upload an artifact with the same version num as is already deployed. I can only presume there is something weird regarding caching of access permissions or something which resulting in my changes via the web UI not becoming effective for a day or two - unnerving but its currently working. Will leave question up for the moment while I ensure its working!
