├── clean ├── images ├── centos7 │ ├── files │ │ ├── start_wait.sh │ │ └── check_updates.sh │ └── Dockerfile ├── almalinux8 │ ├── files │ │ ├── start_wait.sh │ │ ├── pick-java-alternative.sh │ │ └── check_updates.sh │ └── Dockerfile ├── amazonlinux2 │ ├── files │ │ ├── start_wait.sh │ │ ├── pick-java-alternative.sh │ │ └── check_updates.sh │ └── Dockerfile ├── opensuse15.5 │ ├── files │ │ ├── start_wait.sh │ │ └── check_updates.sh │ └── Dockerfile ├── opensuse15.6 │ ├── files │ │ ├── start_wait.sh │ │ ├── pick-java-alternative.sh │ │ └── check_updates.sh │ └── Dockerfile ├── amazon2018.03 │ ├── files │ │ ├── start_wait.sh │ │ └── check_updates.sh │ └── Dockerfile ├── README.md ├── manage_images └── EUPL-LICENSE.md ├── .gitignore ├── SOURCES ├── nexus.service └── nexus3.service ├── SPECS ├── nexus-oss-rpmlintrc ├── nexus3-oss-rpmlintrc └── nexus-oss.spec ├── NEXUS2.md ├── NEXUS3.md ├── nexus-oss-rpm ├── README.md └── ci /clean: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | rm -rf BUILD BUILDROOT RPMS SRPMS SOURCES/*.tar.gz 3 | -------------------------------------------------------------------------------- /images/centos7/files/start_wait.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | while [ 0 = 0 ]; do 3 | sleep 60 4 | done 5 | -------------------------------------------------------------------------------- /images/almalinux8/files/start_wait.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | while [ 0 = 0 ]; do 3 | sleep 60 4 | done 5 | -------------------------------------------------------------------------------- /images/amazonlinux2/files/start_wait.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | while [ 0 = 0 ]; do 3 | sleep 60 4 | done 5 | -------------------------------------------------------------------------------- /images/opensuse15.5/files/start_wait.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | while [ 0 = 0 ]; do 3 | sleep 60 4 | done 5 | -------------------------------------------------------------------------------- /images/opensuse15.6/files/start_wait.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | while [ 0 = 0 ]; do 3 | sleep 60 4 | done 5 | -------------------------------------------------------------------------------- /images/amazon2018.03/files/start_wait.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | while [ 0 = 0 ]; do 3 | sleep 60 4 | done 5 | -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- 1 | BUILD 2 | BUILDROOT 3 | RPMS 4 | SRPMS 5 | *~ 6 | \#* 7 | .\#* 8 | SOURCES/*.tar.gz 9 | SOURCES/nexus*/ 10 | tmp 11 | -------------------------------------------------------------------------------- /images/almalinux8/files/pick-java-alternative.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | JAVA_VER="${1}" 3 | JAVA_ALTERNATIVE="$(update-alternatives --display java|grep '^/'|cut -d ' ' -f1|grep ${JAVA_VER})" 4 | update-alternatives --set java "${JAVA_ALTERNATIVE}" 5 | -------------------------------------------------------------------------------- /images/amazonlinux2/files/pick-java-alternative.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | JAVA_VER="${1}" 3 | JAVA_ALTERNATIVE="$(update-alternatives --display java|grep '^/'|cut -d ' ' -f1|grep ${JAVA_VER})" 4 | update-alternatives --set java "${JAVA_ALTERNATIVE}" 5 | -------------------------------------------------------------------------------- /images/opensuse15.6/files/pick-java-alternative.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | JAVA_VER="${1}" 3 | JAVA_ALTERNATIVE="$(update-alternatives --display java|grep '^/'|cut -d ' ' -f1|grep ${JAVA_VER})" 4 | update-alternatives --set java "${JAVA_ALTERNATIVE}" 5 | -------------------------------------------------------------------------------- /SOURCES/nexus.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Sonatype Nexus Repository Manager 3 | After=network.target 4 | 5 | [Service] 6 | Type=forking 7 | ExecStart=/usr/share/nexus/bin/nexus start 8 | ExecStop=/usr/share/nexus/bin/nexus stop 9 | User=nexus 10 | Restart=on-abort 11 | LimitNOFILE=65536 12 | 13 | [Install] 14 | WantedBy=multi-user.target 15 | -------------------------------------------------------------------------------- /SOURCES/nexus3.service: -------------------------------------------------------------------------------- 1 | [Unit] 2 | Description=Sonatype Nexus Repository Manager 3 | After=network.target 4 | 5 | [Service] 6 | Type=forking 7 | ExecStart=/usr/share/nexus3/bin/nexus start 8 | ExecStop=/usr/share/nexus3/bin/nexus stop 9 | User=nexus3 10 | Restart=on-abort 11 | LimitNOFILE=65536 12 | 13 | [Install] 14 | WantedBy=multi-user.target 15 | -------------------------------------------------------------------------------- /images/README.md: -------------------------------------------------------------------------------- 1 | # Nexus Docker images for Continous Integration 2 | 3 | Current distributions available: 4 | 5 | * CentoS 7 (EoL) 6 | * Amazon Linux 2018.03 (EoL) 7 | * AlmaLinux 8 8 | * Amazon Linux 2 9 | * openSUSE Leap 15.5 10 | * openSUSE Leap 15.6 11 | 12 | # Building images 13 | 14 | Run: 15 | 16 | ``` 17 | ./manage_images -h 18 | ``` 19 | 20 | # docker-systemctl-replacement 21 | 22 | The systemd replacement used for the docker images comes from https://github.com/gdraheim/docker-systemctl-replacement (commit [03e8582](https://github.com/gdraheim/docker-systemctl-replacement/tree/03e8582d8096c0c5261b2261b892348504ce9553))and it is licensed under the [EUROPEAN UNION PUBLIC LICENCE v. 1.2](EUPL-LICENSE.md) 23 | -------------------------------------------------------------------------------- /SPECS/nexus-oss-rpmlintrc: -------------------------------------------------------------------------------- 1 | # Nexus is supposed to be installed into a single directory, and I 2 | # prefer to avoid more complications changing anything than the 3 | # config files as I already do at the SPEC 4 | addFilter("arch-dependent-file-in-usr-share") 5 | addFilter("non-etc-or-var-file-marked-as-conffile") 6 | # And we better don't play with fdupes, which is not even available by 7 | # Default at CentOS6 or CentOS7 8 | addFilter("files-duplicate") 9 | # This package creates a user and a group that are not declared, 10 | # at openSUSE and I don't intend to submit the package to openSUSE 11 | # so we can disable it 12 | addFilter("non-standard-uid") 13 | addFilter("non-standard-gid") 14 | # Fixing the following stuff would be on Sonatype side 15 | addFilter("class-path-in-manifest") 16 | addFilter("missing-PT_GNU_STACK-section") 17 | addFilter("position-independent-executable-suggested") 18 | addFilter("shlib-with-non-pic-code") 19 | -------------------------------------------------------------------------------- /SPECS/nexus3-oss-rpmlintrc: -------------------------------------------------------------------------------- 1 | # Nexus is supposed to be installed into a single directory, and I 2 | # prefer to avoid more complications changing anything than the 3 | # config files as I already do at the SPEC 4 | addFilter("non-etc-or-var-file-marked-as-conffile") 5 | addFilter("non-executable-script") 6 | addFilter("zero-length") 7 | # And we better don't play with fdupes, which is not even available by 8 | # Default at CentOS6 or CentOS7 9 | addFilter("files-duplicate") 10 | # This package creates a user and a group that are not declared, 11 | # at openSUSE and I don't intend to submit the package to openSUSE 12 | # so we can disable it 13 | addFilter("non-standard-uid") 14 | addFilter("non-standard-gid") 15 | # Fixing the following stuff would be on Sonatype side 16 | addFilter("hidden-file-or-dir") 17 | addFilter("class-path-in-manifest") 18 | addFilter("position-independent-executable-suggested") 19 | addFilter("shlib-with-non-pic-code") 20 | -------------------------------------------------------------------------------- /images/centos7/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM docker.io/centos:centos7 2 | MAINTAINER Julio Gonzalez Gil 3 | 4 | USER root 5 | 6 | # Default UID/GID for mounting folders (used at jenkins slaves) 7 | ARG UID=500 8 | ARG GID=500 9 | 10 | # Add the wrapper to check for updates and the systemd replacement 11 | ADD files/* /opt/ 12 | 13 | # Pass the output of date command as DATE argument if you want 14 | # make sure that the image is generated using the lastest 15 | # packages (cache will be used for previous steps) 16 | ARG DATE=None 17 | 18 | # Generate a list of original packages, update, install needed 19 | # packages and replace systemd 20 | RUN rpm -qa --qf "%{NAME}\n" > /opt/packages-image.txt && \ 21 | yum -y -q update && \ 22 | yum -y -q install \ 23 | java-1.8.0 \ 24 | systemd-sysv \ 25 | rpm-build && \ 26 | cp /opt/systemctl.py /usr/bin/systemctl && \ 27 | yum -q clean all # ${DATE} 28 | 29 | # Create ci group and user according to arguments UID/GID 30 | RUN groupadd -g ${GID} ci && \ 31 | useradd -d /home/ci -m -u ${UID} -g ${GID} ci 32 | 33 | STOPSIGNAL SIGRTMIN+3 34 | 35 | CMD ["/bin/bash", "/opt/start_wait.sh"] 36 | -------------------------------------------------------------------------------- /images/amazon2018.03/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM docker.io/amazonlinux:2018.03 2 | MAINTAINER Julio Gonzalez Gil 3 | 4 | USER root 5 | 6 | # Default UID/GID for mounting folders (used at jenkins slaves) 7 | ARG UID=500 8 | ARG GID=500 9 | 10 | # Create the wrappers to check for updates and to keep the container running 11 | ADD files/*.sh /opt/ 12 | 13 | # Pass the output of date command as DATE argument if you want 14 | # make sure that the image is generated using the lastest 15 | # packages (cache will be used for previous steps) 16 | ARG DATE=None 17 | 18 | # Generate a list of original packages, install EPEL repository, update, 19 | # install needed packages and create symlink for qmake-qt5 20 | RUN rpm -qa --qf "%{NAME}\n" > /opt/packages-image.txt && \ 21 | yum -y -q update && \ 22 | yum -y -q install \ 23 | java-1.8.0 \ 24 | procps \ 25 | rpm-build \ 26 | shadow-utils \ 27 | systemd-sysv \ 28 | util-linux && \ 29 | yum -q clean all # ${DATE} 30 | 31 | # Create ci group and user according to arguments UID/GID 32 | RUN groupadd -g ${GID} ci && \ 33 | useradd -d /home/ci -m -u ${UID} -g ${GID} ci 34 | 35 | CMD ["/bin/bash", "/opt/start_wait.sh"] 36 | -------------------------------------------------------------------------------- /images/almalinux8/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM docker.io/library/almalinux:8 2 | MAINTAINER Julio Gonzalez Gil 3 | 4 | USER root 5 | 6 | # Default UID/GID for mounting folders (used at jenkins slaves) 7 | ARG UID=500 8 | ARG GID=500 9 | 10 | # Add the wrapper to check for updates and the systemd replacement 11 | ADD files/* /opt/ 12 | 13 | # Pass the output of date command as DATE argument if you want 14 | # make sure that the image is generated using the lastest 15 | # packages (cache will be used for previous steps) 16 | ARG DATE=None 17 | 18 | # Generate a list of original packages, update, install needed 19 | # packages and replace systemd 20 | RUN rpm -qa --qf "%{NAME}\n" > /opt/packages-image.txt && \ 21 | dnf -y -q update && \ 22 | dnf -y -q install \ 23 | java-1.8.0-openjdk \ 24 | java-17-openjdk \ 25 | procps-ng \ 26 | python2 \ 27 | systemd-sysv \ 28 | rpm-build && \ 29 | cp /opt/systemctl.py /usr/bin/systemctl && \ 30 | yum -q clean all # ${DATE} 31 | 32 | # Create ci group and user according to arguments UID/GID 33 | RUN groupadd -g ${GID} ci && \ 34 | useradd -d /home/ci -m -u ${UID} -g ${GID} ci 35 | 36 | STOPSIGNAL SIGRTMIN+3 37 | 38 | CMD ["/bin/bash", "/opt/start_wait.sh"] 39 | -------------------------------------------------------------------------------- /images/amazonlinux2/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM docker.io/amazonlinux:2 2 | MAINTAINER Julio Gonzalez Gil 3 | 4 | USER root 5 | 6 | # Default UID/GID for mounting folders (used at jenkins slaves) 7 | ARG UID=500 8 | ARG GID=500 9 | 10 | # Add the wrapper to check for updates and the systemd replacement 11 | ADD files/* /opt/ 12 | 13 | # Pass the output of date command as DATE argument if you want 14 | # make sure that the image is generated using the lastest 15 | # packages (cache will be used for previous steps) 16 | ARG DATE=None 17 | 18 | # Generate a list of original packages, update, install needed 19 | # packages and replace systemd (requires procps-ng) 20 | RUN rpm -qa --qf "%{NAME}\n" > /opt/packages-image.txt && \ 21 | yum -y -q update && \ 22 | yum -y -q install \ 23 | java-1.8.0-openjdk \ 24 | java-17-amazon-corretto \ 25 | procps-ng \ 26 | systemd-sysv \ 27 | rpm-build && \ 28 | cp /opt/systemctl.py /usr/bin/systemctl && \ 29 | yum -q clean all # ${DATE} 30 | 31 | # Create ci group and user according to arguments UID/GID 32 | RUN groupadd -g ${GID} ci && \ 33 | useradd -d /home/ci -m -u ${UID} -g ${GID} ci 34 | 35 | STOPSIGNAL SIGRTMIN+3 36 | 37 | CMD ["/bin/bash", "/opt/start_wait.sh"] 38 | -------------------------------------------------------------------------------- /NEXUS2.md: -------------------------------------------------------------------------------- 1 | # Requirements 2 | 3 | To build the RPM: 4 | - rpm-build 5 | - curl 6 | - tar 7 | - gz 8 | 9 | To run Sonatype Nexus Repository: 10 | - [OpenJDK JRE 1.8 installed](https://help.sonatype.com/repomanager2/system-requirements) (no other Java versions are supported by Sonatype Nexus Repository right now) 11 | 12 | # How to build 13 | 14 | ``` 15 | ./nexus-oss-rpm -v 2 16 | ``` 17 | # Daemon 18 | 19 | Sonatype Nexus Reposutory configuration has been customized, so it behaves 20 | more like a "real" daemon, listening at port 8081 (you can change it at 21 | /etc/nexus/nexus.properties). 22 | 23 | The RPM will create a user called 'nexus' to run Nexus OSS. 24 | 25 | Sonatype Nexus Repository will not be configured to start automatically on 26 | boot and will not even start after installation. 27 | 28 | You can do both things by running: 29 | 30 | ``` 31 | chkconfig --add nexus 32 | service nexus start 33 | ``` 34 | Or if your system uses systemd (Fedora >= 18, RHEL/CentOS >=7, 35 | openSUSE >= 42.1, Amazon Linux >= 2...): 36 | ``` 37 | systemctl enable nexus 38 | systemctl start nexus 39 | ``` 40 | 41 | # Linux-like directories 42 | 43 | - Data: /var/lib/nexus 44 | - Logfiles: /var/log/nexus 45 | - Pidfile: /var/run/ 46 | - Conf: /etc/nexus 47 | - Init file: /etc/init.d/nexus 48 | -------------------------------------------------------------------------------- /images/opensuse15.5/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM docker.io/opensuse/leap:15.5 2 | MAINTAINER Julio Gonzalez Gil 3 | 4 | USER root 5 | 6 | # Default UID/GID for mounting folders (used at jenkins slaves) 7 | ARG UID=500 8 | ARG GID=500 9 | 10 | # Add the wrapper to check for updates and the systemd replacement 11 | ADD files/* /opt/ 12 | 13 | # Pass the output of date command as DATE argument if you want 14 | # make sure that the image is generated using the lastest 15 | # packages (cache will be used for previous steps) 16 | ARG DATE=None 17 | 18 | # Generate a list of original packages, update, install needed 19 | # packages and replace systemd 20 | RUN rpm -qa --qf "%{NAME}\n" > /opt/packages-image.txt && \ 21 | zypper -q refresh && \ 22 | zypper -q -n update && \ 23 | zypper -q -n install \ 24 | curl \ 25 | java-1_8_0-openjdk \ 26 | java-17-openjdk \ 27 | python3 \ 28 | rpm-build \ 29 | systemd-sysvinit && \ 30 | cp /opt/systemctl3.py /usr/bin/systemctl && \ 31 | zypper -q clean -a # ${DATE} 32 | 33 | # Create ci group and user according to arguments UID/GID 34 | RUN groupadd -g ${GID} ci && \ 35 | useradd -d /home/ci -m -u ${UID} -g ${GID} ci 36 | 37 | STOPSIGNAL SIGRTMIN+3 38 | 39 | CMD ["/bin/bash", "/opt/start_wait.sh"] 40 | -------------------------------------------------------------------------------- /images/opensuse15.6/Dockerfile: -------------------------------------------------------------------------------- 1 | FROM docker.io/opensuse/leap:15.6 2 | MAINTAINER Julio Gonzalez Gil 3 | 4 | USER root 5 | 6 | # Default UID/GID for mounting folders (used at jenkins slaves) 7 | ARG UID=500 8 | ARG GID=500 9 | 10 | # Add the wrapper to check for updates and the systemd replacement 11 | ADD files/* /opt/ 12 | 13 | # Pass the output of date command as DATE argument if you want 14 | # make sure that the image is generated using the lastest 15 | # packages (cache will be used for previous steps) 16 | ARG DATE=None 17 | 18 | # Generate a list of original packages, update, install needed 19 | # packages and replace systemd 20 | RUN rpm -qa --qf "%{NAME}\n" > /opt/packages-image.txt && \ 21 | zypper -q refresh && \ 22 | zypper -q -n update && \ 23 | zypper -q -n install \ 24 | curl \ 25 | java-1_8_0-openjdk \ 26 | java-17-openjdk \ 27 | python3 \ 28 | procps \ 29 | rpm-build \ 30 | systemd-sysvinit && \ 31 | cp /opt/systemctl3.py /usr/bin/systemctl && \ 32 | zypper -q clean -a # ${DATE} 33 | 34 | # Create ci group and user according to arguments UID/GID 35 | RUN groupadd -g ${GID} ci && \ 36 | useradd -d /home/ci -m -u ${UID} -g ${GID} ci 37 | 38 | STOPSIGNAL SIGRTMIN+3 39 | 40 | CMD ["/bin/bash", "/opt/start_wait.sh"] 41 | -------------------------------------------------------------------------------- /NEXUS3.md: -------------------------------------------------------------------------------- 1 | # Requirements 2 | 3 | To build the RPM: 4 | - rpm-build 5 | - curl 6 | - tar 7 | - gz 8 | 9 | To run Sonatype Nexus Repository: 10 | - [OpenJDK JRE 1.8 installed](https://help.sonatype.com/repomanager3/product-information/sonatype-nexus-repository-system-requirements#SonatypeNexusRepositorySystemRequirements-Java) (no other Java versions are supported by Sonatype Nexus Repository right now) 11 | 12 | 13 | # How to build 14 | 15 | ``` 16 | ./nexus-oss-rpm -v 3 17 | ``` 18 | 19 | # Upgrading from 2.x 20 | 21 | According to [Sonatype Nexus Repository documentation](https://help.sonatype.com/repomanager3/installation-and-upgrades/supported-nexus-repository-manager-upgrade-paths) it is possible to upgrade from 22 | the latest Sonatype Nexus Repository 2.x to the latest 3.x. 23 | 24 | You can generate all the required RPMs with this repository, but please 25 | carefully read the documentation 26 | 27 | # Daemon 28 | 29 | Sonatype Nexus Repository configuration has been customized, so it behaves 30 | more like a "real" daemon, listening at port 8081 (you can change it at 31 | /etc/nexus3/org.sonatype.nexus.cfg). 32 | 33 | The RPM will create a user called 'nexus3' to run Sonatype Nexus Repository. 34 | 35 | Sonatype Nexus Repository will not be configured to start automatically on 36 | boot and will not even start after installation. 37 | 38 | You can do both things by running: 39 | 40 | ``` 41 | chkconfig --add nexus3 42 | service nexus3 start 43 | ``` 44 | Or if your system uses systemd (Fedora >= 18, RHEL/CentOS >=7, 45 | openSUSE >= 42.1, Amazon Linux >= 2...): 46 | ``` 47 | systemctl enable nexus3 48 | systemctl start nexus3 49 | ``` 50 | 51 | # Linux-like directories 52 | 53 | - Data: /var/lib/nexus3 54 | - Logfiles: /var/log/nexus3 55 | - Conf: /etc/nexus3 56 | - Init file: /etc/init.d/nexus3 57 | -------------------------------------------------------------------------------- /images/centos7/files/check_updates.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # This script will check for package upgrades and will return: 3 | # - 0 if no upgrades were available 4 | # - 1 if upgrades were available for at least one package not present at parent 5 | # image 6 | # - 2 if upgrades were available for at least one packages at parent image 7 | # - 3 if upgrades were available fot at least one package not present at parent 8 | # image, and at least one present at the parent image 9 | 10 | PACKAGES_ORIG='/opt/packages-image.txt' 11 | PACKAGES_UPDATES='/opt/packages-updates.txt' 12 | 13 | yum list updates|awk 'f;/^Updated Packages/{f=1}'|cut -d'.' -f1 > ${PACKAGES_UPDATES} 14 | 15 | EXIT=0 16 | PFOUND=0 17 | CFOUND=0 18 | PPACKAGES_UPDATES='' 19 | CPACKAGES_UPDATES='' 20 | 21 | while read UPDATE; do 22 | FOUND=0 23 | while read ORIGINAL; do 24 | if [ "${UPDATE}" == "${ORIGINAL}" ]; then 25 | FOUND=1 26 | PPACKAGES_UPDATES="${PPACKAGES_UPDATES} ${UPDATE}" 27 | fi 28 | done < ${PACKAGES_ORIG} 29 | if [ $FOUND -eq 1 ]; then 30 | PFOUND=2 31 | else 32 | CFOUND=1 33 | CPACKAGES_UPDATES="${CPACKAGES_UPDATES} ${UPDATE}" 34 | fi 35 | done < ${PACKAGES_UPDATES} 36 | 37 | if [ "${PPACKAGES_UPDATES}" != "" ]; then 38 | echo "==================================================================" 39 | echo " PACKAGES FROM PARENT IMAGE REQUIRING UPDATE" 40 | echo "==================================================================" 41 | for PACKAGE in ${PPACKAGES_UPDATES}; do 42 | echo "${PACKAGE}" 43 | done; 44 | fi 45 | 46 | if [ "${CPACKAGES_UPDATES}" != "" ]; then 47 | echo "==================================================================" 48 | echo " PACKAGES FROM CURRENT IMAGE REQUIRING UPDATE" 49 | echo "==================================================================" 50 | for PACKAGE in ${CPACKAGES_UPDATES}; do 51 | echo "${PACKAGE}" 52 | done; 53 | fi 54 | 55 | exit $((${EXIT}+${PFOUND}+${CFOUND})) 56 | -------------------------------------------------------------------------------- /images/almalinux8/files/check_updates.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # This script will check for package upgrades and will return: 3 | # - 0 if no upgrades were available 4 | # - 1 if upgrades were available for at least one package not present at parent 5 | # image 6 | # - 2 if upgrades were available for at least one packages at parent image 7 | # - 3 if upgrades were available fot at least one package not present at parent 8 | # image, and at least one present at the parent image 9 | 10 | PACKAGES_ORIG='/opt/packages-image.txt' 11 | PACKAGES_UPDATES='/opt/packages-updates.txt' 12 | 13 | yum list updates|awk 'f;/^Updated Packages/{f=1}'|cut -d'.' -f1 > ${PACKAGES_UPDATES} 14 | 15 | EXIT=0 16 | PFOUND=0 17 | CFOUND=0 18 | PPACKAGES_UPDATES='' 19 | CPACKAGES_UPDATES='' 20 | 21 | while read UPDATE; do 22 | FOUND=0 23 | while read ORIGINAL; do 24 | if [ "${UPDATE}" == "${ORIGINAL}" ]; then 25 | FOUND=1 26 | PPACKAGES_UPDATES="${PPACKAGES_UPDATES} ${UPDATE}" 27 | fi 28 | done < ${PACKAGES_ORIG} 29 | if [ $FOUND -eq 1 ]; then 30 | PFOUND=2 31 | else 32 | CFOUND=1 33 | CPACKAGES_UPDATES="${CPACKAGES_UPDATES} ${UPDATE}" 34 | fi 35 | done < ${PACKAGES_UPDATES} 36 | 37 | if [ "${PPACKAGES_UPDATES}" != "" ]; then 38 | echo "==================================================================" 39 | echo " PACKAGES FROM PARENT IMAGE REQUIRING UPDATE" 40 | echo "==================================================================" 41 | for PACKAGE in ${PPACKAGES_UPDATES}; do 42 | echo "${PACKAGE}" 43 | done; 44 | fi 45 | 46 | if [ "${CPACKAGES_UPDATES}" != "" ]; then 47 | echo "==================================================================" 48 | echo " PACKAGES FROM CURRENT IMAGE REQUIRING UPDATE" 49 | echo "==================================================================" 50 | for PACKAGE in ${CPACKAGES_UPDATES}; do 51 | echo "${PACKAGE}" 52 | done; 53 | fi 54 | 55 | exit $((${EXIT}+${PFOUND}+${CFOUND})) 56 | -------------------------------------------------------------------------------- /images/amazon2018.03/files/check_updates.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # This script will check for package upgrades and will return: 3 | # - 0 if no upgrades were available 4 | # - 1 if upgrades were available for at least one package not present at parent 5 | # image 6 | # - 2 if upgrades were available for at least one packages at parent image 7 | # - 3 if upgrades were available fot at least one package not present at parent 8 | # image, and at least one present at the parent image 9 | 10 | PACKAGES_ORIG='/opt/packages-image.txt' 11 | PACKAGES_UPDATES='/opt/packages-updates.txt' 12 | 13 | yum list updates|awk 'f;/^Updated Packages/{f=1}'|cut -d'.' -f1 > ${PACKAGES_UPDATES} 14 | 15 | EXIT=0 16 | PFOUND=0 17 | CFOUND=0 18 | PPACKAGES_UPDATES='' 19 | CPACKAGES_UPDATES='' 20 | 21 | while read UPDATE; do 22 | FOUND=0 23 | while read ORIGINAL; do 24 | if [ "${UPDATE}" == "${ORIGINAL}" ]; then 25 | FOUND=1 26 | PPACKAGES_UPDATES="${PPACKAGES_UPDATES} ${UPDATE}" 27 | fi 28 | done < ${PACKAGES_ORIG} 29 | if [ $FOUND -eq 1 ]; then 30 | PFOUND=2 31 | else 32 | CFOUND=1 33 | CPACKAGES_UPDATES="${CPACKAGES_UPDATES} ${UPDATE}" 34 | fi 35 | done < ${PACKAGES_UPDATES} 36 | 37 | if [ "${PPACKAGES_UPDATES}" != "" ]; then 38 | echo "==================================================================" 39 | echo " PACKAGES FROM PARENT IMAGE REQUIRING UPDATE" 40 | echo "==================================================================" 41 | for PACKAGE in ${PPACKAGES_UPDATES}; do 42 | echo "${PACKAGE}" 43 | done; 44 | fi 45 | 46 | if [ "${CPACKAGES_UPDATES}" != "" ]; then 47 | echo "==================================================================" 48 | echo " PACKAGES FROM CURRENT IMAGE REQUIRING UPDATE" 49 | echo "==================================================================" 50 | for PACKAGE in ${CPACKAGES_UPDATES}; do 51 | echo "${PACKAGE}" 52 | done; 53 | fi 54 | 55 | exit $((${EXIT}+${PFOUND}+${CFOUND})) 56 | -------------------------------------------------------------------------------- /images/amazonlinux2/files/check_updates.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # This script will check for package upgrades and will return: 3 | # - 0 if no upgrades were available 4 | # - 1 if upgrades were available for at least one package not present at parent 5 | # image 6 | # - 2 if upgrades were available for at least one packages at parent image 7 | # - 3 if upgrades were available fot at least one package not present at parent 8 | # image, and at least one present at the parent image 9 | 10 | PACKAGES_ORIG='/opt/packages-image.txt' 11 | PACKAGES_UPDATES='/opt/packages-updates.txt' 12 | 13 | yum list updates|awk 'f;/^Updated Packages/{f=1}'|cut -d'.' -f1 > ${PACKAGES_UPDATES} 14 | 15 | EXIT=0 16 | PFOUND=0 17 | CFOUND=0 18 | PPACKAGES_UPDATES='' 19 | CPACKAGES_UPDATES='' 20 | 21 | while read UPDATE; do 22 | FOUND=0 23 | while read ORIGINAL; do 24 | if [ "${UPDATE}" == "${ORIGINAL}" ]; then 25 | FOUND=1 26 | PPACKAGES_UPDATES="${PPACKAGES_UPDATES} ${UPDATE}" 27 | fi 28 | done < ${PACKAGES_ORIG} 29 | if [ $FOUND -eq 1 ]; then 30 | PFOUND=2 31 | else 32 | CFOUND=1 33 | CPACKAGES_UPDATES="${CPACKAGES_UPDATES} ${UPDATE}" 34 | fi 35 | done < ${PACKAGES_UPDATES} 36 | 37 | if [ "${PPACKAGES_UPDATES}" != "" ]; then 38 | echo "==================================================================" 39 | echo " PACKAGES FROM PARENT IMAGE REQUIRING UPDATE" 40 | echo "==================================================================" 41 | for PACKAGE in ${PPACKAGES_UPDATES}; do 42 | echo "${PACKAGE}" 43 | done; 44 | fi 45 | 46 | if [ "${CPACKAGES_UPDATES}" != "" ]; then 47 | echo "==================================================================" 48 | echo " PACKAGES FROM CURRENT IMAGE REQUIRING UPDATE" 49 | echo "==================================================================" 50 | for PACKAGE in ${CPACKAGES_UPDATES}; do 51 | echo "${PACKAGE}" 52 | done; 53 | fi 54 | 55 | exit $((${EXIT}+${PFOUND}+${CFOUND})) 56 | -------------------------------------------------------------------------------- /images/opensuse15.5/files/check_updates.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # This script will check for package upgrades and will return: 3 | # - 0 if no upgrades were available 4 | # - 1 if upgrades were available for at least one package not present at parent 5 | # image 6 | # - 2 if upgrades were available for at least one packages at parent image 7 | # - 3 if upgrades were available fot at least one package not present at parent 8 | # image, and at least one present at the parent image 9 | 10 | PACKAGES_ORIG='/opt/packages-image.txt' 11 | PACKAGES_UPDATES='/opt/packages-updates.txt' 12 | 13 | zypper -x list-updates | sed -n 's/.* ${PACKAGES_UPDATES} 14 | 15 | EXIT=0 16 | PFOUND=0 17 | CFOUND=0 18 | PPACKAGES_UPDATES='' 19 | CPACKAGES_UPDATES='' 20 | 21 | while read UPDATE; do 22 | FOUND=0 23 | while read ORIGINAL; do 24 | if [ "${UPDATE}" == "${ORIGINAL}" ]; then 25 | FOUND=1 26 | PPACKAGES_UPDATES="${PPACKAGES_UPDATES} ${UPDATE}" 27 | fi 28 | done < ${PACKAGES_ORIG} 29 | if [ $FOUND -eq 1 ]; then 30 | PFOUND=2 31 | else 32 | CFOUND=1 33 | CPACKAGES_UPDATES="${CPACKAGES_UPDATES} ${UPDATE}" 34 | fi 35 | done < ${PACKAGES_UPDATES} 36 | 37 | if [ "${PPACKAGES_UPDATES}" != "" ]; then 38 | echo "==================================================================" 39 | echo " PACKAGES FROM PARENT IMAGE REQUIRING UPDATE" 40 | echo "==================================================================" 41 | for PACKAGE in ${PPACKAGES_UPDATES}; do 42 | echo "${PACKAGE}" 43 | done; 44 | fi 45 | 46 | if [ "${CPACKAGES_UPDATES}" != "" ]; then 47 | echo "==================================================================" 48 | echo " PACKAGES FROM CURRENT IMAGE REQUIRING UPDATE" 49 | echo "==================================================================" 50 | for PACKAGE in ${CPACKAGES_UPDATES}; do 51 | echo "${PACKAGE}" 52 | done; 53 | fi 54 | 55 | exit $((${EXIT}+${PFOUND}+${CFOUND})) 56 | -------------------------------------------------------------------------------- /images/opensuse15.6/files/check_updates.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # This script will check for package upgrades and will return: 3 | # - 0 if no upgrades were available 4 | # - 1 if upgrades were available for at least one package not present at parent 5 | # image 6 | # - 2 if upgrades were available for at least one packages at parent image 7 | # - 3 if upgrades were available fot at least one package not present at parent 8 | # image, and at least one present at the parent image 9 | 10 | PACKAGES_ORIG='/opt/packages-image.txt' 11 | PACKAGES_UPDATES='/opt/packages-updates.txt' 12 | 13 | zypper -x list-updates | sed -n 's/.* ${PACKAGES_UPDATES} 14 | 15 | EXIT=0 16 | PFOUND=0 17 | CFOUND=0 18 | PPACKAGES_UPDATES='' 19 | CPACKAGES_UPDATES='' 20 | 21 | while read UPDATE; do 22 | FOUND=0 23 | while read ORIGINAL; do 24 | if [ "${UPDATE}" == "${ORIGINAL}" ]; then 25 | FOUND=1 26 | PPACKAGES_UPDATES="${PPACKAGES_UPDATES} ${UPDATE}" 27 | fi 28 | done < ${PACKAGES_ORIG} 29 | if [ $FOUND -eq 1 ]; then 30 | PFOUND=2 31 | else 32 | CFOUND=1 33 | CPACKAGES_UPDATES="${CPACKAGES_UPDATES} ${UPDATE}" 34 | fi 35 | done < ${PACKAGES_UPDATES} 36 | 37 | if [ "${PPACKAGES_UPDATES}" != "" ]; then 38 | echo "==================================================================" 39 | echo " PACKAGES FROM PARENT IMAGE REQUIRING UPDATE" 40 | echo "==================================================================" 41 | for PACKAGE in ${PPACKAGES_UPDATES}; do 42 | echo "${PACKAGE}" 43 | done; 44 | fi 45 | 46 | if [ "${CPACKAGES_UPDATES}" != "" ]; then 47 | echo "==================================================================" 48 | echo " PACKAGES FROM CURRENT IMAGE REQUIRING UPDATE" 49 | echo "==================================================================" 50 | for PACKAGE in ${CPACKAGES_UPDATES}; do 51 | echo "${PACKAGE}" 52 | done; 53 | fi 54 | 55 | exit $((${EXIT}+${PFOUND}+${CFOUND})) 56 | -------------------------------------------------------------------------------- /nexus-oss-rpm: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | SCRIPT=$(basename ${0}) 4 | 5 | help() { 6 | echo "" 7 | echo "Script to build Sonatype Nexus OSS RPMs" 8 | echo "" 9 | echo "Syntax: " 10 | echo "" 11 | echo "${SCRIPT} [-v ]" 12 | echo "" 13 | echo "Where: " 14 | echo " -v Sonatype Nexus OSS major version (currently 2 or 3 supported)." 15 | echo " 2 is default if parameter is not present" 16 | echo "" 17 | } 18 | 19 | function check_create_dir() { 20 | if [ ! -d "./${1}" ]; then 21 | mkdir "./${1}" 22 | fi 23 | } 24 | 25 | function create_build_env() { 26 | check_create_dir BUILD 27 | check_create_dir BUILDROOT 28 | check_create_dir RPMS 29 | check_create_dir SOURCES 30 | check_create_dir SPECS 31 | check_create_dir SRPMS 32 | } 33 | 34 | function get_sources() { 35 | if [ ! -f "./SOURCES/${2}" ]; then 36 | echo "Downloading ${1} to "./SOURCES/${2}"..." 37 | curl -L "${1}" -o "./SOURCES/${2}" 38 | fi 39 | } 40 | 41 | function build_rpm() { 42 | rpmbuild --quiet --define "_topdir `pwd`" -ba "${1}" 43 | return ${?} 44 | } 45 | 46 | get_url_source_from_spec() { 47 | local NAME=$(sed -rn 's/^Name:\s*(.*)/\1/p' ${1}) 48 | echo $(sed -rn 's/^Source0:\s*(.*)/\1/p' ${1}|sed -e "s/%{name}/${NAME}/g") 49 | } 50 | 51 | while getopts ":v:h" opts; do 52 | case "${opts}" in 53 | v) VERSION=${OPTARG};; 54 | h) help 55 | exit 0;; 56 | *) echo "Invalid syntax. Use ${SCRIPT} -h" 57 | exit 1;; 58 | esac 59 | done 60 | shift $((OPTIND-1)) 61 | 62 | case ${VERSION} in 63 | 3) SPEC='SPECS/nexus3-oss.spec' 64 | URL="$(get_url_source_from_spec ${SPEC})" 65 | TGZ="$(basename ${URL})";; 66 | 2|'') SPEC='SPECS/nexus-oss.spec' 67 | URL="$(get_url_source_from_spec ${SPEC})" 68 | TGZ="$(basename ${URL})";; 69 | *) echo "Invalid version. Use ${SCRIPT} -h" 70 | exit 1;; 71 | esac 72 | 73 | echo "### Creating build environment..." 74 | create_build_env 75 | echo "### Downloading sources..." 76 | get_sources ${URL} ${TGZ} 77 | echo "### Building RPMs..." 78 | build_rpm ${SPEC} 79 | if [ $? -eq 0 ]; then 80 | echo "### Binary RPMs available at ${PWD}/RPMS" 81 | echo "### Source RPMs available at ${PWD}/SRPMS" 82 | exit 0 83 | else 84 | echo There are errors. Check your log. 85 | exit 1 86 | fi 87 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # CAUTION 2 | 3 | ## Nexus 3 4 | Nexus 3.71.0-06 and newer will not support neither Java 1.8 or OrientDB (which used to be the default database). 5 | 6 | The migration to Java 17 is performed automatically by the package, if the OS provides it (so for example CentOS7 and clones will not be supported anymore) 7 | 8 | However the migration to H2/PostgreSQL needs to be performed MANUALLY. If you are still using OrientDB (you did not perform a migration), Make sure you read the [Sonatype Nexus Database Migration documentation](https://help.sonatype.com/en/migrating-to-a-new-database.html) and run the procedure before updating to Nexus 3.71.0-06 or any newer version! 9 | 10 | ## Nexus 2 11 | 12 | Sonatype is going to officially sunset Nexus Repository 2 on June 30, 2025. 13 | 14 | You should [migrate to Sonatype Nexus Repository 3](https://help.sonatype.com/en/upgrading-from-nexus-repository-manager-2.html) as soon as possible. 15 | 16 | For more details as well as frequently asked questions, see the [Sonatype Nexus Repository 2 Sunsetting Information help page](https://help.sonatype.com/en/sonatype-nexus-repository-2-sunsetting-information.html). 17 | 18 | # Buy me a beer 19 | 20 | If you find this repository useful, you can [Buy me a beer](https://www.buymeacoffee.com/juliogonzalez) 🍺 21 | 22 | # Build status 23 | 24 | - Sonatype Nexus Repository 2: [![Build Status](https://jenkins.juliogonzalez.es/job/nexus2-oss-rpms-build/badge/icon)](https://jenkins.juliogonzalez.es/job/nexus2-oss-rpms-build/) 25 | - Sonatype Nexus Repository 3: [![Build Status](https://jenkins.juliogonzalez.es/job/nexus3-oss-rpms-build/badge/icon)](https://jenkins.juliogonzalez.es/job/nexus3-oss-rpms-build/) 26 | 27 | # Introduction 28 | 29 | This repository holds files and scripts to build Sonatype Nexus Repository 2.x and 3.x RPM packages. It also has required stuff to perform Continuous Integration. 30 | 31 | # Licenses 32 | 33 | - Sonatype Nexus Repository: EPL-2.0, Sonatype 34 | - docker-systemctl-replacement: EUPL 1.2, Guido U. Draheim 35 | - Scripts and Spec and everything else: AGPL, Jens Braeuer , Julio Gonzalez Gil 36 | 37 | # Requirements, building and configuring: 38 | 39 | - [Sonatype Nexus Repository 2.x](NEXUS2.md) 40 | - [Sonatype Nexus Repository 3.x](NEXUS3.md) 41 | 42 | # Current state 43 | 44 | The SPEC is [verified to build](https://build.opensuse.org/project/show/home:juliogonzalez:devops), and the produce RPMs able to install on: 45 | - SLE12 (supported SPs) x86_64 46 | - SLE15 (supported SPs) x86_64 47 | - openSUSE Leap 15.X (supported versions) x86_64 48 | - openSUSE Tumbleweed x86_64 49 | - AlmaLinux 8-9 x86_64 50 | - RHEL7-8 x86_64 51 | - Fedora (supported versions) x86_64 52 | - Fedora Rawhide x86_64 53 | 54 | 55 | The following distributions are not tested but building and installing should work: 56 | - Amazon Linux 2 57 | 58 | Besides, Sonatype Nexus Repository 2/3 installations done by the RPMs are [verified to work](#build-status) fine at: 59 | - AlmaLinux 8 x86_64 60 | - Amazon Linux 2 x86_64 61 | - openSUSE Leap 15.6 x86_64 62 | -------------------------------------------------------------------------------- /ci: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Language (force it so getopt messages are always in english, as the script) 3 | LANG=en_EN 4 | 5 | # Get script name 6 | SCRIPT=$(basename ${0}) 7 | 8 | # Supported distributions 9 | SUPPORTEDDISTROS='almalinux8 amazonlinux2 opensuse15.6' 10 | 11 | # Supported Sonatype Nexus Repository major versions 12 | NEXUSMAJORVERS='2 3' 13 | 14 | # Allocate tty by default 15 | TTY='-t' 16 | 17 | # Default values to for nexus healt tests 18 | MAXRETRIES=20 19 | TIME_WAIT=10 20 | 21 | # Use podman by default as container engine 22 | CENGINE='podman' 23 | 24 | # Default registry 25 | REGISTRY='docker.io' 26 | 27 | # Default registry userspace, not configurable for now 28 | NAMESPACE='juliogonzalez' 29 | 30 | print_info() { 31 | echo -e "\033[1;36m[INFO] ${1}\033[0m" 32 | } 33 | 34 | print_error() { 35 | echo -e "\033[1;31m[ERROR] ${1}\033[0m" 36 | } 37 | 38 | print_ok() { 39 | echo -e "\033[1;32m[INFO] ${1}\033[0m" 40 | } 41 | 42 | print_incorrect_syntax() { 43 | print_error "Incorrect syntax. Use ${SCRIPT} -h for help" 44 | } 45 | 46 | print_error_unsupported_distro() { 47 | print_error "Unsupported distro. Use ${SCRIPT} -h for help" 48 | } 49 | 50 | print_error_unsupported_nexus_major_ver() { 51 | print_error "Unsupported Sonatype Nexus Repository major version. Use ${SCRIPT} -h for help" 52 | } 53 | 54 | print_help() { 55 | echo "" 56 | echo "Script to perform nexus-oss-rpms CI" 57 | echo "" 58 | echo "Syntax: " 59 | echo "" 60 | echo "${SCRIPT} " 61 | echo "" 62 | echo "Mandatory arguments:" 63 | echo "" 64 | echo " --distro=<$(echo ${1}|tr ' ' '|')>" 65 | echo " --nexus-major-ver=<$(echo ${2}|tr ' ' '|')>" 66 | echo "" 67 | echo "Optional arguments:" 68 | echo "" 69 | echo " --docker If present, docker will be used instead of podman" 70 | echo " --registry= Specify an image registry. If absent, docker.io" 71 | echo " will be used by default" 72 | echo " --max-retries= Number of retries to check Sonatype Nexus" 73 | echo " Repository health. By default 20" 74 | echo " --time-wait= Time to wait between retries (by default 10)" 75 | echo " --name= Define the container name" 76 | echo " If undefined, container name will be" 77 | echo " s3fs-fuse-rpm--" 78 | echo " --remove-on-error If present, remove the container on errors" 79 | echo " --notty If present, does not allocate a tty for docker" 80 | echo "" 81 | } 82 | 83 | remove_container() { 84 | ${CENGINE} container rm -f ${1} 85 | } 86 | 87 | exit_error() { 88 | if [ ${1} -ne 0 ]; then 89 | print_error "An error happened! Check log!" 90 | if [ ! -z ${REMOVE_ON_ERROR} ]; then 91 | remove_container ${CONTAINER_NAME} 92 | fi 93 | exit 1 94 | fi 95 | } 96 | 97 | container_run() { 98 | if [ ! -z ${3} ]; then 99 | local COMMAND_USER="-u ${3}" 100 | fi 101 | local COMMAND="${CENGINE} container exec -i ${TTY} ${COMMAND_USER} ${1} ${2}" 102 | local RESULT=$(${COMMAND}) 103 | exit_error ${?} 104 | if [ "${RESULT}" != "" ]; then 105 | echo "${RESULT}" 106 | fi 107 | } 108 | 109 | # read the options 110 | ARGS=$(getopt -o h --long help,remove-on-error,notty,distro:,nexus-major-ver:,docker,registry:,max-retries:,time-wait:,name: -n "${SCRIPT}" -- "$@") 111 | if [ $? -ne 0 ]; 112 | then 113 | print_incorrect_syntax 114 | exit 1 115 | fi 116 | eval set -- "${ARGS}" 117 | 118 | # extract options and their arguments into variables 119 | while true ; do 120 | case "${1}" in 121 | -h|--help) print_help "${SUPPORTEDDISTROS}" "${NEXUSMAJORVERS}"; exit 1;; 122 | --remove-on-error) REMOVE_ON_ERROR="--rm"; shift 1 ;; 123 | --notty) TTY=""; shift 1 ;; 124 | --distro) DISTRO="${2}"; shift 2;; 125 | --nexus-major-ver) NEXUSMAJORVER="${2}"; shift 2;; 126 | --docker) CENGINE='docker'; shift 1;; 127 | --registry) REGISTRY="${2}"; shift 2;; 128 | --max-retries) MAXRETRIES="${2}"; shift 2;; 129 | --time-wait) TIME_WAIT="${2}"; shift 2;; 130 | --name) CONTAINER_NAME="${2}"; shift 2;; 131 | --) shift ; break ;; 132 | *) print_incorrect_syntax; exit 1;; 133 | esac 134 | done 135 | 136 | # Check nexus major version 137 | case "${NEXUSMAJORVER}" in 138 | 2) PACKAGE_NAME='nexus' 139 | NEXUS_URL='http://localhost:8081/nexus/' 140 | JAVA="1.8";; 141 | 3) PACKAGE_NAME='nexus3' 142 | NEXUS_URL='http://localhost:8081/' 143 | JAVA="17";; 144 | *) print_error_unsupported_nexus_major_ver 145 | exit 1;; 146 | esac 147 | 148 | # Check distribution 149 | case "${DISTRO}" in 150 | almalinux8) IMAGE="${REGISTRY}/${NAMESPACE}/almalinux8-nexus:latest";; 151 | amazonlinux2) IMAGE="${REGISTRY}/${NAMESPACE}/amazonlinux2-nexus:latest";; 152 | opensuse15.6) IMAGE="${REGISTRY}/${NAMESPACE}/opensuse15.6-nexus:latest";; 153 | *) print_error_unsupported_distro 154 | exit 1;; 155 | esac 156 | 157 | if [ "${CENGINE}" == "podman" ]; then 158 | # --security-opt label=disable due to https://github.com/containers/podman/issues/3683 159 | PRIVILEGED="${PRIVILEGED} --userns=keep-id --security-opt label=disable" 160 | else 161 | PRIVILEGED='--privileged -v /sys/fs/cgroup:/sys/fs/cgroup:ro' 162 | fi 163 | 164 | # Check name 165 | if [ -z ${CONTAINER_NAME} ]; then 166 | CONTAINER_NAME="nexus-oss-rpm-${DISTRO}-$(date +'%s')" 167 | fi 168 | 169 | print_info "Pulling latest image..." 170 | ${CENGINE} pull ${IMAGE} 171 | print_info "Starting container ${CONTAINER_NAME}..." 172 | ${CENGINE} container run -i ${TTY} ${REMOVE_ON_ERROR} --name "${CONTAINER_NAME}" ${PRIVILEGED} -v ${PWD}:/tmp/nexus-oss-rpms -w /tmp/nexus-oss-rpms -d ${IMAGE} 173 | print_info "Cleaning up" 174 | container_run "${CONTAINER_NAME}" "./clean" 175 | print_info "Use the right Java version (${JAVA} for Nexus ${NEXUSMAJORVER})..." 176 | container_run "${CONTAINER_NAME}" "/opt/pick-java-alternative.sh ${JAVA}" 177 | print_info "Building nexus-oss package..." 178 | container_run "${CONTAINER_NAME}" "./nexus-oss-rpm -v ${NEXUSMAJORVER}" "ci" 179 | print_info "Installing nexus-oss package..." 180 | container_run "${CONTAINER_NAME}" "/bin/rpm -i RPMS/$HOSTTYPE/${PACKAGE_NAME}-*.*.$HOSTTYPE.rpm" 181 | print_info "Starting nexus..." 182 | container_run "${CONTAINER_NAME}" "/usr/bin/systemctl start ${PACKAGE_NAME}" 183 | print_info "Checking application (${MAXRETRIES} retries, ${TIME_WAIT} seconds between retries)..." 184 | RETRIES=0 185 | while [ ${RETRIES} -lt ${MAXRETRIES} ]; do 186 | HTTP_CODE=$(container_run "${CONTAINER_NAME}" "curl -s -o /dev/null -w %{http_code} ${NEXUS_URL}") 187 | print_info "Status: ${HTTP_CODE}" 188 | if [ "${HTTP_CODE}" == "200" ]; then 189 | break 190 | fi 191 | ((RETRIES+=1)) 192 | sleep ${TIME_WAIT} 193 | done 194 | if [ "${HTTP_CODE}" == "200" ]; then 195 | print_info "Sonatype Nexus Repository is healty" 196 | else 197 | print_error "Could not verify application after ${MAXRETRIES} retries. Last HTTP error was ${HTTP_CODE}!" 198 | exit_error 1 199 | fi 200 | print_info "Testing RPM removal..." 201 | container_run "${CONTAINER_NAME}" "/bin/rpm -e ${PACKAGE_NAME}" 202 | print_info "Removing container..." 203 | remove_container ${CONTAINER_NAME} 204 | print_ok "Everything is OK" 205 | -------------------------------------------------------------------------------- /images/manage_images: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | BASE_DIR=$(dirname "${0}") 3 | 4 | LANG=en_EN 5 | 6 | # Get script name 7 | SCRIPT=$(basename ${0}) 8 | 9 | # Supported distributions versions 10 | SUPPORTEDDISTROS="centos7 almalinux8 amazon2018.03 amazonlinux2 opensuse15.5 opensuse15.6" 11 | 12 | # Parameters for the image 13 | GID=$(id -G|cut -d' ' -f1) 14 | DATE=$(date +%Y%m%dT%H%M%s%N) 15 | 16 | # Use podman by default as container engine 17 | CENGINE='podman' 18 | 19 | # Default registry 20 | REGISTRY='docker.io' 21 | 22 | # Default registry userspace, not configurable for now 23 | NAMESPACE='juliogonzalez' 24 | 25 | help() { 26 | echo "" 27 | echo "Script to create Continuous Integration Nexus Docker images" 28 | echo "" 29 | echo "Syntax: " 30 | echo "" 31 | echo "${SCRIPT} " 32 | echo "" 33 | echo "Mandatory arguments:" 34 | echo "" 35 | echo " --action=" 36 | echo " * create: will create images from scratch. Output tag will be 'experimental'." 37 | echo " * updates_report: will create a report of the images requiring upgrades." 38 | echo " * update: will try to update the base image, and software images. Output tag" 39 | echo " will be 'experimental'." 40 | echo " * promote: will promote image(s) by removing tagging then as 'latest'." 41 | echo " * publish: will push current stable version to the registry." 42 | echo " --distributions=" 43 | echo " Optional: A comma separated list of distributions (supported: $(echo ${SUPPORTEDDISTROS}|sed -e 's/ /, /g'))" 44 | echo "" 45 | echo "Mandatory arguments when --action=publish" 46 | echo "" 47 | echo " --username: Username to be used for the registry" 48 | echo " --password: Password to be used for the registry" 49 | echo "" 50 | echo "Optional arguments:" 51 | echo "" 52 | echo " --docker If present, docker will be used instead of podman" 53 | echo " --registry= Specify an image registry. If absent, docker.io will be used by default" 54 | echo " --errorcodes If present, it will return the following exit codes:" 55 | echo " -1001 if there are updates for current image" 56 | echo " -1002 if there are updates for the parent image" 57 | echo " -1003 if there are updates for both current and parent images" 58 | echo "" 59 | exit 1 60 | } 61 | 62 | print_incorrect_syntax() { 63 | echo "Incorrect syntax (use -h for help)" 64 | } 65 | 66 | print_unknown_distro() { 67 | echo "Unknown distribution ${1} (use -h for help)" 68 | } 69 | 70 | check_updates() { 71 | local IMAGE_NAME="${1}" 72 | local DISTRO="${2}" 73 | local VERSION="${3}" 74 | local CONTNAME="nexus-${DISTRO}" 75 | ${CENGINE} run -i -u root --name ${CONTNAME} ${IMAGE_NAME} /opt/check_updates.sh 76 | local UPDATES=${?} 77 | ${CENGINE} rm ${CONTNAME} > /dev/null 78 | return "${UPDATES}" 79 | } 80 | 81 | update_image() { 82 | local IMAGE_NAME="${1}" 83 | local DISTRO="${2}" 84 | local VERSION="${3}" 85 | local FULL="${4}" 86 | if [ "${FULL}" != "TRUE" ]; then 87 | NOCACHE='--no-cache' 88 | fi 89 | local BASE_IMAGE=$(gawk 'match($0, /^FROM (.*)$/, a) {print a[1]}' ${BASE_DIR}/${DISTRO}/Dockerfile) 90 | ${CENGINE} pull ${BASE_IMAGE} 91 | ${CENGINE} build --pull --build-arg UID=${UID} --build-arg GID=${GID} --build-arg DATE=${DATE} ${NOCACHE} -t ${IMAGE_NAME} ${BASE_DIR}/${DISTRO}/ 92 | } 93 | 94 | ARGS=$(getopt -o h --long help,action:,distributions:,docker,registry:,username:,password:,errorcodes -n "${SCRIPT}" -- "$@") 95 | if [ $? -ne 0 ]; 96 | then 97 | print_incorrect_syntax 98 | exit 1 99 | fi 100 | eval set -- "${ARGS}" 101 | 102 | # extract options and their arguments into variables 103 | while true ; do 104 | case "${1}" in 105 | -h|--help) help; exit 1 ;; 106 | --action) ACTION="${2}"; shift 2 ;; 107 | --distributions) DISTROS="${2}"; shift 2;; 108 | --docker) CENGINE='docker'; shift 1;; 109 | --registry) REGISTRY="${2}"; shift 2;; 110 | --username) USERNAME="${2}"; shift 2;; 111 | --password) PASSWORD="${2}"; shift 2;; 112 | --errorcodes) ERRORCODES='TRUE'; shift 1;; 113 | --) shift ; break ;; 114 | *) print_incorrect_syntax; exit 1 ;; 115 | esac 116 | done 117 | 118 | # Check actions 119 | case "${ACTION}" in 120 | create) ;; 121 | updates_report) ;; 122 | update) ;; 123 | promote) ;; 124 | publish) ;; 125 | *) print_incorrect_syntax; exit 1;: 126 | esac 127 | 128 | # Check Distributions 129 | if [ -z "${DISTROS}" ]; then 130 | ADISTROS="${SUPPORTEDDISTROS}" 131 | else 132 | ADISTROS="" 133 | for DISTRO in $(echo ${DISTROS}|tr ',' ' '); do 134 | DFOUND=0 135 | for SDISTRO in ${SUPPORTEDDISTROS}; do 136 | if [ "${DISTRO}" == "${SDISTRO}" ]; then 137 | ADISTROS="${ADISTROS} ${DISTRO}" 138 | DFOUND=1 139 | fi 140 | done 141 | if [ ${DFOUND} -eq 0 ]; then 142 | print_unknown_distro "${DISTRO}" 143 | exit 1 144 | fi 145 | done 146 | fi 147 | 148 | for DISTRO in ${ADISTROS}; do 149 | IMAGE_NAME="${REGISTRY}/${NAMESPACE}/${DISTRO}-nexus:latest" 150 | IMAGE_NAME_EXP="${IMAGE_NAME/:latest/:experimental}" 151 | if [ "${ACTION}" == "create" ]; then 152 | echo "=================================================================================" 153 | echo " Creating ${IMAGE_NAME_EXP}..." 154 | echo "=================================================================================" 155 | update_image ${IMAGE_NAME_EXP} ${DISTRO} ${VERSION} TRUE 156 | elif [ "${ACTION}" == "updates_report" ]; then 157 | echo "${DISTRO}|${VERSION}|$(check_updates ${IMAGE_NAME_EXP} ${DISTRO} ${VERSION})" 158 | elif [ "${ACTION}" == "update" ]; then 159 | echo "=================================================================================" 160 | echo " Trying to update image ${IMAGE_NAME_EXP}..." 161 | echo "=================================================================================" 162 | check_updates ${IMAGE_NAME_EXP} ${DISTRO} ${VERSION} 163 | UPDATES=${?} 164 | if [ "${UPDATES}" == "0" ]; then 165 | echo "INFO: No updates available" 166 | exit 0 167 | else 168 | if [ "${UPDATES}" == "2" -o "${UPDATES}" == "3" ]; then 169 | echo "INFO: Will try to get an updated base image" 170 | elif [ "${UPDATES}" == "1" -o "${UPDATES}" == "3" ]; then 171 | echo "INFO: Update will include packages from the parent image" 172 | fi 173 | update_image ${IMAGE_NAME_EXP} ${DISTRO} ${VERSION} ${UPDATE_BASE} 174 | if [ "${ERRORCODES}" == "TRUE" ]; then 175 | exit -100${UPDATES} 176 | fi 177 | fi 178 | elif [ "${ACTION}" == "promote" ]; then 179 | echo "=================================================================================" 180 | echo " Promoting ${IMAGE_NAME_EXP} as:" 181 | echo " ${IMAGE_NAME}" 182 | echo "=================================================================================" 183 | ${CENGINE} tag ${IMAGE_NAME_EXP} ${IMAGE_NAME} 184 | elif [ "${ACTION}" == "publish" ]; then 185 | echo "=================================================================================" 186 | echo " Publishing ${IMAGE_NAME}..." 187 | echo "=================================================================================" 188 | ${CENGINE} login --username "${USERNAME}" --password "${PASSWORD}" ${REGISTRY} 189 | ${CENGINE} push ${IMAGE_NAME} 190 | fi 191 | done 192 | -------------------------------------------------------------------------------- /SPECS/nexus-oss.spec: -------------------------------------------------------------------------------- 1 | %define __os_install_post %{nil} 2 | 3 | %if 0%{?suse_version} 4 | %define chkconfig_cmd /usr/bin/chkconfig 5 | %define java_package java-1_8_0-openjdk 6 | %else 7 | %define chkconfig_cmd /sbin/chkconfig 8 | %define java_package java-1.8.0-openjdk 9 | %endif 10 | 11 | # Use systemd for SUSE >= 12 SP1 openSUSE >= 42.1, openSUSE Tumbleweed/Factory, fedora >= 18, rhel >=7 and Amazon Linux >= 2 12 | %if (!0%{?is_opensuse} && 0%{?suse_version} >=1210) || (0%{?is_opensuse} && 0%{?sle_version} >= 120100) || 0%{?suse_version} > 1500 13 | %define suse_systemd 1 14 | %endif 15 | %if (0%{?fedora} && 0%{?fedora} >= 18) || (0%{?rhel} && 0%{?rhel} >= 7) || 0%{?amzn} >= 2 16 | %define redhat_systemd 1 17 | %endif 18 | %if 0%{?suse_systemd} || 0%{?redhat_systemd} 19 | %define use_systemd 1 20 | %endif 21 | 22 | Summary: Nexus manages software "artifacts" and repositories for them 23 | Name: nexus 24 | # Remember to adjust the version at Source0 as well. This is required for Open Build Service download_files service 25 | Version: 2.15.2.03 26 | Release: 1%{?dist} 27 | # This is a hack, since Nexus versions are N.N.N-NN, we cannot use hyphen inside Version tag 28 | # and we need to adapt to Fedora/SUSE guidelines 29 | %define nversion %(echo %{version}|sed -r 's/(.*)\\./\\1-/') 30 | License: EPL-2.0 31 | Group: Development/Tools/Other 32 | URL: http://nexus.sonatype.org/ 33 | Source0: https://download.sonatype.com/%{name}/oss/%{name}-2.15.2-03-bundle.tar.gz 34 | Source1: %{name}.service 35 | BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root 36 | Requires(pre): /usr/sbin/useradd, /usr/bin/getent 37 | Requires: %{java_package} 38 | %if 0%{?use_systemd} 39 | Requires: systemd 40 | %endif 41 | AutoReqProv: no 42 | 43 | %description 44 | Nexus manages software "artifacts" and repositories required for development, 45 | deployment, and provisioning. 46 | 47 | Among others, it can manage JAR or RPM artifactories inside mvn/ivy2 or yum 48 | repositories respectively 49 | 50 | Full sources are available at https://github.com/sonatype/nexus-public/archive/release-%{nversion}.tar.gz 51 | 52 | %prep 53 | %setup -q -n %{name}-%{nversion} 54 | 55 | %build 56 | %define debug_package %{nil} 57 | 58 | %install 59 | rm -rf $RPM_BUILD_ROOT 60 | mkdir -p $RPM_BUILD_ROOT/usr/share/%{name} 61 | # Remove all non GNU/Linux stuff 62 | rm -rf bin/jsw/windows* bin/jsw/solaris-* bin/jsw/lib/libwrapper-solaris-* bin/nexus.bat 63 | mv * $RPM_BUILD_ROOT/usr/share/%{name} 64 | 65 | %if 0%{?use_systemd} 66 | %{__mkdir} -p %{buildroot}%{_unitdir} 67 | %{__install} -m644 %{SOURCE1} \ 68 | %{buildroot}%{_unitdir}/%{name}.service 69 | %else 70 | mkdir -p $RPM_BUILD_ROOT/etc/init.d/ 71 | ln -sf /usr/share/%{name}/bin/nexus $RPM_BUILD_ROOT/etc/init.d/%{name} 72 | %endif 73 | 74 | mkdir -p $RPM_BUILD_ROOT/etc/ 75 | ln -sf /usr/share/%{name}/conf $RPM_BUILD_ROOT/etc/%{name} 76 | 77 | # patch work dir 78 | sed -i -e 's/%{name}-work=.*/%{name}-work=\/var\/lib\/%{name}/' $RPM_BUILD_ROOT/usr/share/%{name}/conf/nexus.properties 79 | mkdir -p $RPM_BUILD_ROOT/var/lib/%{name} 80 | 81 | # patch pid dir 82 | sed -i -e 's/PIDDIR=.*/PIDDIR=\/var\/lib\/%{name}\/run/' $RPM_BUILD_ROOT/usr/share/%{name}/bin/nexus 83 | mkdir -p $RPM_BUILD_ROOT/var/lib/%{name}/run 84 | 85 | # Patch user 86 | sed -i -e 's/#RUN_AS_USER=.*/RUN_AS_USER=%{name}/' $RPM_BUILD_ROOT/usr/share/%{name}/bin/nexus 87 | 88 | # patch tmpdir 89 | sed -i -e 's/wrapper.java.additional.1=-Djava.io.tmpdir=.\/.*/wrapper.java.additional.1=-Djava.io.tmpdir=\/tmp/' $RPM_BUILD_ROOT/usr/share/%{name}/bin/jsw/conf/wrapper.conf 90 | rm -rf $RPM_BUILD_ROOT/usr/share/%{name}/tmp 91 | 92 | # Patch logfile 93 | sed -i -e 's/wrapper.logfile=.*/wrapper.logfile=\/var\/log\/%{name}\/%{name}.log/' $RPM_BUILD_ROOT/usr/share/%{name}/bin/jsw/conf/wrapper.conf 94 | mkdir -p $RPM_BUILD_ROOT/var/log/%{name} 95 | rm -rf $RPM_BUILD_ROOT/usr/share/%{name}/logs 96 | 97 | # Check if 1.8.0 is the default version, as it is what Nexus expects 98 | JAVA_MAJOR_VERSION=$(java -version 2>&1 | head -n 1 | cut -d'"' -f2 | cut -d'.' -f2) 99 | if [ "${JAVA_MAJOR_VERSION}" != "8" ]; then 100 | echo "WARNING! Default java version does not seem to be 1.8!" 101 | echo "Keep in mind that Nexus2 is only compatible with Java 1.8.0 at the moment!" 102 | echo "Tip: Check if 1.8 is installed and use (as root):" 103 | echo "update-alternatives --config java" 104 | echo "to adjust the default version to be used" 105 | fi 106 | 107 | %pre 108 | /usr/bin/getent passwd %{name} > /dev/null || /usr/sbin/useradd -r -d /var/lib/%{name} -U -s /bin/bash %{name} 109 | %if 0%{?suse_systemd} 110 | %service_add_pre %{nexus}.service 111 | %endif 112 | 113 | %post 114 | %if 0%{?suse_systemd} 115 | %service_add_post %{name}.service 116 | %endif 117 | %if 0%{?redhat_systemd} 118 | %systemd_post %{name}.service 119 | %endif 120 | 121 | %preun 122 | %if 0%{?use_systemd} 123 | %if 0%{?suse_systemd} 124 | %service_del_preun %{name}.service 125 | %endif 126 | %if 0%{?redhat_systemd} 127 | %systemd_preun %{name}.service 128 | %endif 129 | %else 130 | # Package removal, not upgrade 131 | if [ $1 = 0 ]; then 132 | /sbin/service %{name} stop > /dev/null 2>&1 133 | %{chkconfig_cmd} --del %{name} 134 | fi 135 | %endif 136 | 137 | %postun 138 | %if 0%{?redhat_systemd} 139 | %systemd_postun %{name}.service 140 | %endif 141 | %if 0%{?suse_systemd} 142 | %if 0%{?suse_version} > 1500 143 | %service_del_postun_without_restart %{name}.service 144 | %else 145 | %service_del_postun -n %{name}.service 146 | %endif 147 | %endif 148 | 149 | %clean 150 | rm -rf $RPM_BUILD_ROOT 151 | 152 | %files 153 | %defattr(-,root,root,-) 154 | %attr(-,%{name},%{name}) /etc/%{name} 155 | %dir /usr/share/%{name} 156 | %dir /usr/share/%{name}/conf 157 | %config(noreplace) /usr/share/%{name}/conf/* 158 | %doc /usr/share/%{name}/*.txt 159 | /usr/share/%{name}/bin 160 | /usr/share/%{name}/lib 161 | /usr/share/%{name}/nexus 162 | %dir %attr(-,%{name},%{name}) /var/lib/%{name} 163 | %dir %attr(-,%{name},%{name}) /var/lib/%{name}/run 164 | %dir %attr(-,%{name},%{name}) /var/log/%{name} 165 | %if 0%{?use_systemd} 166 | %{_unitdir}/%{name}.service 167 | %else 168 | /etc/init.d/%{name} 169 | %endif 170 | 171 | %changelog 172 | * Fri Nov 15 2024 Julio González Gil - 2.15.2-03-1 173 | - Update to 2.15.2-03 174 | - WARNING: Sonatype will officially sunset its Nexus Repository 2 product on 175 | June 30, 2025. Consider migrating to Nexus Repository 3 as soon as 176 | possible: 177 | https://help.sonatype.com/en/upgrading-from-nexus-repository-manager-2.html 178 | Find more information at the Sonatype Nexus Repository 2 Sunsetting 179 | Information help page: 180 | https://download.sonatype.com/nexus/2/Sonatype%20Nexus%20Repository%202%20Help.pdf 181 | - Bugfixes: 182 | * CVE-2024-5082: Fixed a Remote Code Execution vulnerability through which 183 | an attacker with privileges to publish content could upload 184 | a specially crafted file that would result in Nexus 185 | Repository attempting to execute embedded commands 186 | upon retrieval 187 | * CVE-2024-5083: Fixed a Stored XSS vulnerability through which an attacker 188 | with privileges to publish content could upload a specially 189 | crafted file that includes embedded JavaScript. If that 190 | file is viewed by an authenticated user, the JavaScript 191 | could execute product features available to the 192 | authenticated user 193 | 194 | * Thu Oct 12 2023 Julio González Gil - 2.15.1-02-3 195 | - Fix the macro for the service removal so the package builds again for 196 | openSUSE Tumbleweed and Factory 197 | 198 | * Fri Aug 26 2022 Julio González Gil - 2.15.1-02-2 199 | - Update the URL for the sources, as the previous one returns a HTTP 503 200 | 201 | * Thu Mar 24 2022 Julio Gonzalez Gil - 2.15.1-02-1 202 | - Update to 2.15.1-02 203 | - Bugfixes: 204 | * Correct a regression introduce in 2.15.0 that prevented writing the request 205 | log 206 | 207 | * Fri Mar 18 2022 Julio Gonzalez Gil - 2.15.0-04-1 208 | - Update to 2.15.0-04 209 | - Bugfixes: 210 | * Resolved npm Memory Issue: You must set the property for 211 | nexus.npm.abbreviateMetadata to "True" in 212 | $NEXUS_HOME/conf/nexus.properties to enable the fix. 213 | Enabling this property may affect what the CLI shows, but it will improve 214 | performance when dealing with large metadata. 215 | * Fixed Performance Issue 216 | - Features: 217 | * Upgraded to Jetty 9.4 from Jetty 8: Adminstrators who have customized 218 | their Jetty configuration will need to make changes before they can 219 | upgrade to this release. See the knowledge base for mroe information: 220 | https://support.sonatype.com/hc/en-us/articles/4417117321619-Eclipse-Jetty-Changes-in-Repository-2-15-0 221 | * Add Ext JS Licensing Declaration to Nexus Repository 2 222 | * Upgraded Goodies Library (prevents potential security 223 | vulnerability CVE-2020-15870) 224 | 225 | * Sat Dec 18 2021 Julio Gonzalez Gil - 2.14.21-02-1 226 | - Update to 2.14.21-02 227 | - Bugfixes: 228 | * logback library update to fix a low/moderate vulnerability, as a precautionary 229 | measure. No known exploit of Nexus Repository via logback at this time. 230 | 231 | * Tue Jan 5 2021 Julio Gonzalez Gil - 2.14.20-02-1 232 | - Update to 2.14.20-02 233 | - Bugfixes: 234 | * NEXUS-26224: CVE-2020-13920: Apache ActiveMQ JMX is vulnerable to a MITM attack 235 | * NEXUS-25956: Signatures with ECC algorithm not being recognized 236 | 237 | * Fri Oct 2 2020 Julio Gonzalez Gil - 2.14.19.01-1 238 | - Update to 2.14.19-01 239 | - Bugfixes: 240 | * Minor security fixes. 241 | 242 | * Fri Oct 2 2020 Julio Gonzalez Gil - 2.14.18.01-1 243 | - Update to 2.14.18-01 244 | - Bugfixes: 245 | * NEXUS-21802: Maven metadata sha256/sha512 checksum in staging repositories 246 | 247 | * Fri Apr 17 2020 Julio Gonzalez Gil - 2.14.17.01-1 248 | - Update to 2.14.17-01 249 | - Bugfixes: 250 | * NEXUS-23556: CVE-2020-11415: LDAP system credentials can be exposed by admin user 251 | 252 | * Fri Feb 28 2020 Julio Gonzalez Gil - 2.14.16.01-2 253 | - Clean up spec and fix to build all distributions at OpenBuildService 254 | - Enable building and installation for Amazon Linux >= 2 255 | - Enable building and installation for for openSUSE Tumbleweed/Factory 256 | 257 | * Mon Jan 27 2020 Julio Gonzalez Gil - 2.14.16.01-1 258 | - License for Nexus OSS is EPL-2.0 as stated at https://blog.sonatype.com/2012/06/nexus-oss-switched-to-the-eclipse-public-license-a-clarification-and-an-observation/ 259 | and it is since 2012. Mistake inherited from the original packages from Jens Braeuer. 260 | - Update to 2.14.16-01 261 | - Bugfixes: 262 | * NEXUS-22014: CVE-2019-15893: Remote Code Execution vulnerability 263 | * NEXUS-22453: Update Apache Shiro library to resolve security vulnerability 264 | * NEXUS-22313: Invalid content-range header returned 265 | * NEXUS-13306: usernames containing non URL safe characters cannot authenticate using the Crowd realm 266 | 267 | * Thu Oct 17 2019 Julio Gonzalez Gil - 2.14.15.01-1 268 | - Update to 2.14.15-01 269 | - Bugfixes: 270 | * NEXUS-21044: CVE-2019-15893: Remote Code Execution vulnerability 271 | * NEXUS-21193: CVE-2019-16530: Remote Code Execution vulnerability 272 | * NEXUS-20626: CVE-2019-5475: OS Command Injection vulnerability (second part to the fix in 2.14.14) 273 | * NEXUS-21512: Update Apache Tika and Commons Compress libraries to resolve security vulnerabilities 274 | 275 | * Fri Aug 16 2019 Julio Gonzalez Gil - 2.14.14.01-1 276 | - Update to 2.14.14-01 277 | 278 | * Fri Apr 26 2019 Julio Gonzalez Gil - 2.14.13.01-1 279 | - Update to 2.14.13-01 280 | 281 | * Tue Mar 12 2019 Julio Gonzalez Gil - 2.14.12.02-1 282 | - Update to 2.14.12-02 283 | 284 | * Sat Jan 26 2019 Julio Gonzalez - 2.14.11.01-2 285 | - Do not replace modified config files 286 | 287 | * Fri Nov 23 2018 Julio Gonzalez - 2.14.11.01-1 288 | - Update to 2.14.11-01 289 | - Require Java 1.8.0 290 | 291 | * Fri Nov 23 2018 Julio Gonzalez - 2.14.10.01-1 292 | - Update to 2.14.10-01 293 | 294 | * Fri Nov 23 2018 Julio Gonzalez - 2.14.9.01-1 295 | - Update to 2.14.9-01 296 | 297 | * Sat Mar 10 2018 Julio Gonzalez - 2.14.8.01-1 298 | - Update to 2.14.8-01 299 | 300 | * Sat Mar 10 2018 Julio Gonzalez - 2.14.7.01-1 301 | - Update to 2.14.7-01 302 | - Compatibility with Java 1.7.0 is restored 303 | 304 | * Sat Mar 10 2018 Julio Gonzalez - 2.14.6.02-1 305 | - Update to 2.14.6-02 306 | 307 | * Sat Dec 30 2017 Anton Patsev - 2.14.5.02-2 308 | - Stop requiring sysvinit compatibility for systemd 309 | - Add systemd service 310 | 311 | * Thu Dec 28 2017 Julio Gonzalez - 2.14.5.02-1 312 | - Start using Fedora/RHEL release conventions 313 | - Fix problems on RPM removals 314 | - Require Java 1.8.0 315 | - Fix source 316 | - Make the package compatible with SUSE and openSUSE 317 | 318 | * Thu Aug 3 2017 Julio Gonzalez - 2.14.5-02 319 | - Update to 2.14.5-02 320 | 321 | * Sat May 20 2017 Julio Gonzalez - 2.14.4-03 322 | - Update to 2.14.4-03 323 | 324 | * Sat May 20 2017 Julio Gonzalez - 2.14.3-02 325 | - Update to 2.14.3-02 326 | 327 | * Sat May 20 2017 Julio Gonzalez - 2.14.2-01 328 | - Update to 2.14.2-01 329 | 330 | * Sat Nov 12 2016 Julio Gonzalez - 2.14.1-01 331 | - Update to 2.14.1-01 332 | 333 | * Sun May 29 2016 Julio Gonzalez - 2.13.0-01 334 | - Update to 2.13.0-01 335 | 336 | * Sat Feb 13 2016 Julio Gonzalez - 2.12.0-01 337 | - Update to 2.12.0-01 338 | 339 | * Tue Jul 21 2015 Julio Gonzalez - 2.11.4-01 340 | - Update to 2.11.4-01 341 | 342 | * Fri Jun 26 2015 Julio Gonzalez - 2.11.3-01 343 | - Update to last version available 344 | - Nexus will now listen at 8081 (this can be modified at 345 | /etc/nexus/nexus.properties) 346 | - Nexus runs now without as system user, not as root 347 | - Remove jdk dependency (no virtual package at CentOS 7) 348 | 349 | * Thu Dec 22 2011 Jens Braeuer - 1.9.2.3-1 350 | - Initial packaging. 351 | - For now nexus will run as root and listen to port 80 352 | 353 | -------------------------------------------------------------------------------- /images/EUPL-LICENSE.md: -------------------------------------------------------------------------------- 1 | ## EUROPEAN UNION PUBLIC LICENCE v. 1.2 2 | 3 | EUPL (C) the European Union 2007, 2016 4 | 5 | This European Union Public Licence (the EUPL) applies to the Work (as 6 | defined below) which is provided under the terms of this Licence. Any 7 | use of the Work, other than as authorised under this Licence is 8 | prohibited (to the extent such use is covered by a right of the 9 | copyright holder of the Work). 10 | 11 | The Original Work is provided under the terms of this Licence when 12 | the Licensor (as defined below) has placed the following notice 13 | immediately following the copyright notice for the Original Work: 14 | 15 | Licensed under the EUPL 16 | 17 | or has expressed by any other means his willingness to license under 18 | the EUPL. 19 | 20 | ### 1.Definitions 21 | 22 | In this Licence, the following terms have the following meaning: 23 | 24 | - 'The Licence': this Licence. 25 | - 'The Original Work': the work or software distributed or 26 | communicated by the Licensor under this Licence, available as Source 27 | Code and also as Executable Code as the case may be. 28 | - 'Derivative Works': the works or software that could be created by 29 | the Licensee, based upon the Original Work or modifications thereof. 30 | This Licence does not define the extent of modification or 31 | dependence on the Original Work required in order to classify a work 32 | as a Derivative Work; this extent is determined by copyright law 33 | applicable in the country mentioned in Article 15. 34 | - 'The Work': the Original Work or its Derivative Works. 35 | - 'The Source Code': the human-readable form of the Work which is the 36 | most convenient for people to study and modify. 37 | - 'The Executable Code': any code which has generally been compiled 38 | and which is meant to be interpreted by a computer as a program. 39 | - 'The Licensor': the natural or legal person that distributes or 40 | communicates the Work under the Licence. 41 | - 'Contributor(s)': any natural or legal person who modifies the Work 42 | under the Licence, or otherwise contributes to the creation of a 43 | Derivative Work. 44 | - 'The Licensee or You': any natural or legal person who makes any 45 | usage of the Work under the terms of the Licence. 46 | - 'Distribution or Communication': any act of selling, giving, 47 | lending, renting, distributing, communicating, transmitting, or 48 | otherwise making available, online or offline, copies of the Work 49 | or providing access to its essential functionalities at the disposal 50 | of any other natural or legal person. 51 | 52 | ### 2. Scope of the rights granted by the Licence 53 | 54 | The Licensor hereby grants You a worldwide, royalty-free, 55 | non-exclusive, sublicensable licence to do the following, for the 56 | duration of copyright vested in the Original Work: 57 | 58 | - use the Work in any circumstance and for all usage, 59 | - reproduce the Work, 60 | - modify the Work, and make Derivative Works based upon the Work, 61 | - communicate to the public, including the right to make available 62 | or display the Work or copies thereof to the public and perform 63 | publicly, as the case may be, the Work, 64 | - distribute the Work or copies thereof, 65 | - lend and rent the Work or copies thereof, 66 | - sublicense rights in the Work or copies thereof. 67 | 68 | Those rights can be exercised on any media, supports and formats, 69 | whether now known or later invented, as far as the applicable law 70 | permits so. 71 | 72 | In the countries where moral rights apply, the Licensor waives his 73 | right to exercise his moral right to the extent allowed by law in 74 | order to make effective the licence of the economic rights here above 75 | listed. 76 | 77 | The Licensor grants to the Licensee royalty-free, non-exclusive usage 78 | rights to any patents held by the Licensor, to the extent necessary 79 | to make use of the rights granted on the Work under this Licence. 80 | 81 | ### 3. Communication of the Source Code 82 | 83 | The Licensor may provide the Work either in its Source Code form, or 84 | as Executable Code. If the Work is provided as Executable Code, the 85 | Licensor provides in addition a machine-readable copy of the Source 86 | Code of the Work along with each copy of the Work that the Licensor 87 | distributes or indicates, in a notice following the copyright notice 88 | attached to the Work, a repository where the Source Code is easily 89 | and freely accessible for as long as the Licensor continues to 90 | distribute or communicate the Work. 91 | 92 | ### 4. Limitations on copyright 93 | 94 | Nothing in this Licence is intended to deprive the Licensee of the 95 | benefits from any exception or limitation to the exclusive rights of 96 | the rights owners in the Work, of the exhaustion of those rights or 97 | of other applicable limitations thereto. 98 | 99 | ### 5. Obligations of the Licensee 100 | 101 | The grant of the rights mentioned above is subject to some 102 | restrictions and obligations imposed on the Licensee. Those 103 | obligations are the following: 104 | 105 | **Attribution right**: The Licensee shall keep intact all copyright, 106 | patent or trademarks notices and all notices that refer to the 107 | Licence and to the disclaimer of warranties. The Licensee must 108 | include a copy of such notices and a copy of the Licence with every 109 | copy of the Work he/she distributes or communicates. The Licensee 110 | must cause any Derivative Work to carry prominent notices stating 111 | that the Work has been modified and the date of modification. 112 | 113 | **Copyleft clause**: If the Licensee distributes or communicates 114 | copies of the Original Works or Derivative Works, this Distribution 115 | or Communication will be done under the terms of this Licence or of a 116 | later version of this Licence unless the Original Work is expressly 117 | distributed only under this version of the Licence for example by 118 | communicating EUPL v. 1.2 only. The Licensee (becoming Licensor) 119 | cannot offer or impose any additional terms or conditions on the 120 | Work or Derivative Work that alter or restrict the terms of the 121 | Licence. 122 | 123 | **Compatibility clause**: If the Licensee Distributes or Communicates 124 | Derivative Works or copies thereof based upon both the Work and 125 | another work licensed under a Compatible Licence, this Distribution 126 | or Communication can be done under the terms of this Compatible 127 | Licence. For the sake of this clause, Compatible Licence refers to 128 | the licences listed in the appendix attached to this Licence. 129 | Should the Licensee's obligations under the Compatible Licence 130 | conflict with his/her obligations under this Licence, the 131 | obligations of the Compatible Licence shall prevail. 132 | 133 | **Provision of Source Code**: When distributing or communicating 134 | copies of the Work, the Licensee will provide a machine-readable 135 | copy of the Source Code or indicate a repository where this Source 136 | will be easily and freely available for as long as the Licensee 137 | continues to distribute or communicate the Work. 138 | 139 | **Legal Protection**: This Licence does not grant permission to use 140 | the trade names, trademarks, service marks, or names of the Licensor, 141 | except as required for reasonable and customary use in describing 142 | the origin of the Work and reproducing the content of the copyright 143 | notice. 144 | 145 | ### 6. Chain of Authorship 146 | 147 | The original Licensor warrants that the copyright in the Original 148 | Work granted hereunder is owned by him/her or licensed to him/her 149 | and that he/she has the power and authority to grant the Licence. 150 | 151 | Each Contributor warrants that the copyright in the modifications 152 | he/she brings to the Work are owned by him/her or licensed to him/her 153 | and that he/she has the power and authority to grant the Licence. 154 | 155 | Each time You accept the Licence, the original Licensor and 156 | subsequent Contributors grant You a licence to their contributions 157 | to the Work, under the terms of this Licence. 158 | 159 | ### 7.Disclaimer of Warranty 160 | 161 | The Work is a work in progress, which is continuously improved by 162 | numerous Contributors. It is not a finished work and may therefore 163 | contain defects or bugs inherent to this type of development. 164 | 165 | For the above reason, the Work is provided under the Licence on an 166 | as is basis and without warranties of any kind concerning the Work, 167 | including without limitation merchantability, fitness for a 168 | particular purpose, absence of defects or errors, accuracy, 169 | non-infringement of intellectual property rights other than 170 | copyright as stated in Article 6 of this Licence. 171 | 172 | This disclaimer of warranty is an essential part of the Licence and 173 | a condition for the grant of any rights to the Work. 174 | 175 | ### 8. Disclaimer of Liability 176 | 177 | Except in the cases of wilful misconduct or damages directly caused 178 | to natural persons, the Licensor will in no event be liable for any 179 | direct or indirect, material or moral, damages of any kind, arising 180 | out of the Licence or of the use of the Work, including without 181 | limitation, damages for loss of goodwill, work stoppage, computer 182 | failure or malfunction, loss of data or any commercial damage, even 183 | if the Licensor has been advised of the possibility of such damage. 184 | However, the Licensor will be liable under statutory product 185 | liability laws as far such laws apply to the Work. 186 | 187 | ### 9. Additional agreements 188 | 189 | While distributing the Work, You may choose to conclude an additional 190 | agreement, defining obligations or services consistent with this 191 | Licence. However, if accepting obligations, You may act only on your 192 | own behalf and on your sole responsibility, not on behalf of the 193 | original Licensor or any other Contributor, and only if You agree 194 | to indemnify, defend, and hold each Contributor harmless for any 195 | liability incurred by, or claims asserted against such Contributor by 196 | the fact You have accepted any warranty or additional liability. 197 | 198 | ### 10. Acceptance of the Licence 199 | 200 | The provisions of this Licence can be accepted by clicking on an icon 201 | I agree placed under the bottom of a window displaying the text of 202 | this Licence or by affirming consent in any other similar way, in 203 | accordance with the rules of applicable law. Clicking on that icon 204 | indicates your clear and irrevocable acceptance of this Licence and 205 | all of its terms and conditions. 206 | 207 | Similarly, you irrevocably accept this Licence and all of its terms 208 | and conditions by exercising any rights granted to You by Article 2 209 | of this Licence, such as the use of the Work, the creation by You of 210 | a Derivative Work or the Distribution or Communication by You of 211 | the Work or copies thereof. 212 | 213 | ### 11. Information to the public 214 | 215 | In case of any Distribution or Communication of the Work by means 216 | of electronic communication by You (for example, by offering to 217 | download the Work from a remote location) the distribution channel 218 | or media (for example, a website) must at least provide to the public 219 | the information requested by the applicable law regarding the 220 | Licensor, the Licence and the way it may be accessible, concluded, 221 | stored and reproduced by the Licensee. 222 | 223 | ### 12. Termination of the Licence 224 | 225 | The Licence and the rights granted hereunder will terminate 226 | automatically upon any breach by the Licensee of the terms of the 227 | Licence. 228 | 229 | Such a termination will not terminate the licences of any person 230 | who has received the Work from the Licensee under the Licence, 231 | provided such persons remain in full compliance with the Licence. 232 | 233 | ### 13. Miscellaneous 234 | 235 | Without prejudice of Article 9 above, the Licence represents the 236 | complete agreement between the Parties as to the Work. 237 | 238 | If any provision of the Licence is invalid or unenforceable under 239 | applicable law, this will not affect the validity or enforceability 240 | of the Licence as a whole. Such provision will be construed or 241 | reformed so as necessary to make it valid and enforceable. 242 | 243 | The European Commission may publish other linguistic versions or 244 | new versions of this Licence or updated versions of the Appendix, 245 | so far this is required and reasonable, without reducing the scope 246 | of the rights granted by the Licence. New versions of the Licence 247 | will be published with a unique version number. 248 | 249 | All linguistic versions of this Licence, approved by the European 250 | Commission, have identical value. Parties can take advantage of 251 | the linguistic version of their choice. 252 | 253 | ### 14. Jurisdiction 254 | 255 | Without prejudice to specific agreement between parties, 256 | 257 | - any litigation resulting from the interpretation of this License, 258 | arising between the European Union institutions, bodies, offices 259 | or agencies, as a Licensor, and any Licensee, will be subject to 260 | the jurisdiction of the Court of Justice of the European Union, as 261 | laid down in article 272 of the Treaty on the Functioning of the 262 | European Union, 263 | - any litigation arising between other parties and resulting from 264 | the interpretation of this License, will be subject to the 265 | exclusive jurisdiction of the competent court where the Licensor 266 | resides or conducts its primary business. 267 | 268 | ### 15. Applicable Law 269 | 270 | Without prejudice to specific agreement between parties, 271 | 272 | - this Licence shall be governed by the law of the European Union 273 | Member State where the Licensor has his seat, resides or has his 274 | registered office, 275 | - this licence shall be governed by Belgian law if the Licensor 276 | has no seat, residence or registered office inside a European 277 | Union Member State. 278 | 279 | 280 | ## Appendix 281 | 282 | Compatible Licences according to Article 5 EUPL are: 283 | 284 | - GNU General Public License (GPL) v. 2, v. 3 285 | - GNU Affero General Public License (AGPL) v. 3 286 | - Open Software License (OSL) v. 2.1, v. 3.0 287 | - Eclipse Public License (EPL) v. 1.0 288 | - CeCILL v. 2.0, v. 2.1 289 | - Mozilla Public Licence (MPL) v. 2 290 | - GNU Lesser General Public Licence (LGPL) v. 2.1, v. 3 291 | - Creative Commons Attribution-ShareAlike v. 3.0 Unported 292 | (CC BY-SA 3.0) for works other than software 293 | - European Union Public Licence (EUPL) v. 1.1, v. 1.2 294 | - Qubec Free and Open-Source Licence Reciprocity (LiLiQ-R) 295 | or Strong Reciprocity (LiLiQ-R+). 296 | 297 | The European Commission may update this Appendix to later versions 298 | of the above licences without producing a new version of the EUPL, 299 | as long as they provide the rights granted in Article 2 of this 300 | Licence and protect the covered Source Code from exclusive 301 | appropriation. 302 | 303 | All other changes or additions to this Appendix require the 304 | production of a new EUPL version. 305 | --------------------------------------------------------------------------------