Strange behavior when publishing SNAPSHOT artifacts in JFrog's Artifactory

[KlaudWerk]

How can we help?

I have multi-module Kotlin project with Gradle build (8.4)
Only one module publishes its artifacts.
Here is the module's build.gradle.kts

plugins {
    kotlin("jvm")
    ...
    `maven-publish`
    id("com.jfrog.artifactory") version "5+"
}
publishing {

    publications {
        create<MavenPublication>("maven") {
            from(components["kotlin"])
            artifact(tasks.getByName("sourcesJar")) {
                classifier = "sources"
            }
            artifact(tasks.getByName("javadocJar")) {
                classifier = "javadoc"
            }
        }
    }
}

artifactory {
    setContextUrl("https://..../artifactory")

    publish {
        val repoKey = when ((project.findProperty("release") as? String)?.toBoolean()) {
            true -> "libs-release-local"
            else -> "libs-snapshot-local"
        }
        repository {
            setRepoKey(repoKey)
            setUsername(System.getenv("ARTIFACTORY_USER"))
            setPassword(System.getenv("ARTIFACTORY_PASS"))
        }
        defaults {
            publications("maven")
        }
    }
}

When I execute artifactoryPublish task for the first time, I can see following artifacts in the repository:
-[Folder] 0.0.1-SNAPSHOT
- maven-metadata.xml
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-1-javadoc.jar
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-1-plain.jar
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-1-sources.jar
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-1.module
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-1.pom

Everything looks all right, the library is available and can be pulled without issues.
Now, when I run the task for the second time, I see this:
-[Folder] 0.0.1-SNAPSHOT
- maven-metadata.xml
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-1-javadoc.jar
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-1-plain.jar
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-1-sources.jar
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-1.module
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-1.pom
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-2.module
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-2.pom
And of course, the library cannot be pulled
For the third run, I have this:
-[Folder] 0.0.1-SNAPSHOT
- maven-metadata.xml
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-1-javadoc.jar
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-1-plain.jar
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-1-sources.jar
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-1.module
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-1.pom
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-2.module
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-2.pom
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-2-javadoc.jar
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-2-plain.jar
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-2-sources.jar
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-3.module
- lib-0.0.1-SNAPSHOT-xxxxx-xxx-3.pom
And it continues. For each run, only module and pom are added.
I spent lots of time digging but didn't find the source of this behavior

[yahavi]

@KlaudWerk
Thank you for using the Gradle Artifactory plugin.
The root cause of this behavior is the Maven Snapshot Version Behavior feature in the local snapshots Artifactory repository. By default, Artifactory generates a unique timestamp for each published snapshot version. You can adjust this setting to "Non-unique" or "Deployer":

Please let me know if that helped.

[KlaudWerk]

Hi Yahav, thanks a lot for the answer. The default behavior having unique snapshots is what I need, I don't think it needs to be changed.
I did not do a good job to describe the behavior. That's what I see:

Assuming I don't have any artifacts published
I execute artifactoryPublish for the first time. The result that I see is:

• lib-0.0.1-SNAPSHOT-xxxxx-xxx-1-javadoc.jar
• lib-0.0.1-SNAPSHOT-xxxxx-xxx-1-plain.jar
• lib-0.0.1-SNAPSHOT-xxxxx-xxx-1-sources.jar
• lib-0.0.1-SNAPSHOT-xxxxx-xxx-1.module
• lib-0.0.1-SNAPSHOT-xxxxx-xxx-1.pom

And that's great, that's what we want to see.
Then I execute artifactoryPublish for the second time. In addition to items above I see only 2 new items:

• lib-0.0.1-SNAPSHOT-xxxxx-xxx-2.module
• lib-0.0.1-SNAPSHOT-xxxxx-xxx-2.pom

But not any JAR artifacts.
On a subsequent task execution, JAR artifacts are added , but so are module and pom
Assuming I execute the task again, In addition to the items above, I see

• lib-0.0.1-SNAPSHOT-xxxxx-xxx-2-javadoc.jar
• lib-0.0.1-SNAPSHOT-xxxxx-xxx-2-plain.jar
• lib-0.0.1-SNAPSHOT-xxxxx-xxx-2-sources.jar

But also

• lib-0.0.1-SNAPSHOT-xxxxx-xxx-3.module
• lib-0.0.1-SNAPSHOT-xxxxx-xxx-3.pom

Note the version of module and pom artifacts are running ahead oj jar artifacts
So in short, module and pom versions are running ahead of jar artifacts version

[yahavi]

@KlaudWerk
Could you please try adding clean before artifactoryPublish (clean artifactoryPublish)? It’s possible that Gradle is skipping the deployment task because it detects no changes.

[KlaudWerk]

Yes, I run it with clean target every single time. ./gradlew clean lib:artifactoryPublish

[KlaudWerk]

@yahavi
Hi Yahav, any ideas or suggestions?

[yahavi]

@KlaudWerk
Could you try running the command with the --console=plain flag? You should see the "jar" task listed. If it appears as UP-TO-DATE, it means the jar wasn't created, which could explain why the Gradle Artifactory plugin couldn't collect it. This might indicate a misconfiguration issue.

One possible workaround could be to add a build task before artifactoryPublish:

./gradlew clean build artifactoryPublish

[KlaudWerk]

Hi @yahavi , I have run the build with clean build artifactoryPublis targets and with --console=plain --no-parallel flags.
The result is the same.
Here is the part of the log:

Task :lib:generateMetadataFileForMavenPublication
Task :lib:artifactoryPublish

Task :extractModuleInfo
No publisher config found for project: spring-boot-starter

Task :lib:extractModuleInfo
[pool-6-thread-1] Deploying artifact: https://xxxxx.jfrog.io/artifactory/libs-snapshot/com/xxxxx/lib/1.0.0-SNAPSHOT/lib-1.0.0-SNAPSHOT.jar
Task :lib:compileTestKotlin
[pool-6-thread-1] Deploying artifact: https://xxxxx.jfrog.io/artifactory/libs-snapshot/com/xxxxx/lib/1.0.0-SNAPSHOT/lib-1.0.0-SNAPSHOT-sources.jar
[pool-6-thread-1] Deploying artifact: https://xxxxx.jfrog.io/artifactory/libs-snapshot/com/xxxxx/lib/1.0.0-SNAPSHOT/lib-1.0.0-SNAPSHOT.module
[pool-6-thread-1] Deploying artifact: https://xxxxx.jfrog.io/artifactory/libs-snapshot/com/xxxxx/lib/1.0.0-SNAPSHOT/lib-1.0.0-SNAPSHOT.pom
Task :artifactoryDeploy

The behavior is exactly as I have described above

[RegFacu]

I'm having the same issue, the second deploy overrides artifacts from the first one, and then it becomes in a wrong status that doesn't allow me to download the artifact from my Android gradle project.
In my case the .pom is well generated, but the .module is trying to get artifacts from the latest deploy that doesn't exists given the issue described by KlaudWerk

For now I'm adding a timestamp before the -SNAPSHOT suffix as a workaround, but it shouldn't be needed...