Deploying to Appengine using Travis CI and Maven, without Oauth2

Question

I have my script for Travis CI set up but I am encountering a problem when i perform an mvn appengine:update it is asking me for an oauth2 token, which i can only generate once.

When i set the plugin to ignore oauth2 = false. Maven still requests me to provide an oauth token. What can i do to solve this?

            <plugin>
                <groupId>com.google.appengine</groupId>
                <artifactId>appengine-maven-plugin</artifactId>
                <version>1.9.20</version>
                <configuration>
                    <oauth2>false</oauth2>
                    <email>${env.CI_DEPLOY_USERNAME}</email>
                    <noCookies>false</noCookies>
                    <passin>true</passin>
                    <buildSystem>maven</buildSystem>
                    <enableJarClasses>false</enableJarClasses>
                </configuration>
            </plugin>

Answer 1

Setting only

<oauth2>false</oauth2>

will not solve it, because what happens in the background is that Maven calls AppCfg, and oauth2 is the default, so it will fallback to it. Rather you should specify an alternative, which would be a service-account key file. nickmoorman has explained how to configure Maven for that. You should extend:

<oauth2>false</oauth2>
<additionalParams>
  <additionalParam>--service_account_json_key_file=/path/to/keyfile.json</additionalParam>
</additionalParams>

Answer 2

I have the same issue with maven. I switched to appcfg.sh script from GAE java sdk (you have to use encrypted vars for GAE_PASS if it is supported by your CI):

 echo "$GAE_PASS" | $GAE_DIR/appengine-java-sdk-$GAE_VERSION/bin/appcfg.sh -e "$EMAIL" --passin --no_oauth2 update $APPFOLDER

Unfortunately I'm also getting a warning while running this script:

*********************************************************
OAuth2 is now the default authentication method.
The --no_oauth2 flag will stop working in release 1.9.21.
*********************************************************

Which means this approach will stop working soon.

Update (Nov 2015) I've managed to use OAuth2 in a CI build (Shippable CI)

echo $GAE_TOKEN > ~/.appcfg_oauth2_tokens_java
chmod 600 ~/.appcfg_oauth2_tokens_java
mvn appengine:update

Where $GAE_TOKEN is content of the ~/.appcfg_oauth2_tokens_java you have locally (run mvn appengine:update in your local environment). Please, note you need to escape quotes in the .appcfg_oauth2_tokens_java

GAE_TOKEN='{\"credentials\":{\"userNameOnCIServer\":{\"access_token\":\"yourAccessToken\","expiration_time_millis\":1447752301417,\"refresh_token\":\"yourRefreshToken\"}}}'

Also you need to use encrypted variables to protect your tokens in git (if CI server supports it).

The maven plugin will automatically updated expired tokens so you don't need to update the GAE_TOKEN manually every time the token expires.

Answer 3

When you set the oauth to false, maven is asking for a token that you will need for the upload to work.

That is to be expected. When you run the maven deploy (or update), you will be required to allow access to your app, then copy that code into the cmd box.