├── .gitignore ├── Dockerfile ├── Jenkinsfile ├── Jenkinsfile-Release ├── LICENSE ├── README.md ├── SECURITY.md ├── build.sh ├── docs ├── nexus-repository-manager-42.0.0.tgz ├── nexus-repository-manager-42.0.1.tgz ├── nexus-repository-manager-43.0.0.tgz ├── nexus-repository-manager-44.0.0.tgz ├── nexus-repository-manager-45.0.0.tgz ├── nexus-repository-manager-45.1.0.tgz ├── nexus-repository-manager-46.0.0.tgz ├── nexus-repository-manager-47.1.0.tgz ├── nexus-repository-manager-48.0.0.tgz ├── nexus-repository-manager-49.0.0.tgz ├── nexus-repository-manager-50.0.0.tgz ├── nexus-repository-manager-51.0.0.tgz ├── nexus-repository-manager-52.0.0.tgz ├── nexus-repository-manager-53.0.0.tgz ├── nexus-repository-manager-53.1.0.tgz ├── nexus-repository-manager-54.0.0.tgz ├── nexus-repository-manager-54.1.0.tgz ├── nexus-repository-manager-55.0.0.tgz ├── nexus-repository-manager-56.0.0.tgz ├── nexus-repository-manager-57.0.0.tgz ├── nexus-repository-manager-57.1.0.tgz ├── nexus-repository-manager-58.0.0.tgz ├── nexus-repository-manager-58.1.0.tgz ├── nexus-repository-manager-59.0.0.tgz ├── nexus-repository-manager-60.0.0.tgz ├── nexus-repository-manager-61.0.0.tgz ├── nexus-repository-manager-61.0.2.tgz ├── nexus-repository-manager-62.0.0.tgz ├── nexus-repository-manager-63.0.0.tgz ├── nexus-repository-manager-64.0.0.tgz ├── nexus-repository-manager-64.1.0.tgz ├── nexus-repository-manager-64.2.0.tgz ├── nxrm-aws-resiliency-41.1.0.tgz ├── nxrm-aws-resiliency-41.1.1.tgz ├── nxrm-aws-resiliency-41.1.2.tgz ├── nxrm-aws-resiliency-41.1.3.tgz ├── nxrm-aws-resiliency-42.0.0.tgz ├── nxrm-aws-resiliency-42.0.1.tgz ├── nxrm-aws-resiliency-43.0.0.tgz ├── nxrm-aws-resiliency-44.0.0.tgz ├── nxrm-aws-resiliency-45.0.0.tgz ├── nxrm-aws-resiliency-45.1.0.tgz ├── nxrm-aws-resiliency-46.0.0.tgz ├── nxrm-aws-resiliency-47.1.0.tgz ├── nxrm-aws-resiliency-48.0.0.tgz ├── nxrm-aws-resiliency-49.0.0.tgz ├── nxrm-aws-resiliency-50.0.0.tgz ├── nxrm-aws-resiliency-51.0.0.tgz ├── nxrm-aws-resiliency-52.0.0.tgz ├── nxrm-aws-resiliency-53.0.0.tgz ├── nxrm-aws-resiliency-53.1.0.tgz ├── nxrm-aws-resiliency-54.0.0.tgz ├── nxrm-aws-resiliency-54.1.0.tgz ├── nxrm-aws-resiliency-55.0.0.tgz ├── nxrm-aws-resiliency-56.0.0.tgz ├── nxrm-aws-resiliency-57.0.0.tgz ├── nxrm-aws-resiliency-57.1.0.tgz ├── nxrm-aws-resiliency-58.0.0.tgz ├── nxrm-aws-resiliency-58.1.0.tgz ├── nxrm-aws-resiliency-59.0.0.tgz ├── nxrm-aws-resiliency-60.0.0.tgz ├── nxrm-aws-resiliency-61.0.0.tgz ├── nxrm-aws-resiliency-61.0.2.tgz ├── nxrm-aws-resiliency-62.0.0.tgz ├── nxrm-aws-resiliency-63.0.0.tgz ├── nxrm-aws-resiliency-64.0.0.tgz ├── nxrm-aws-resiliency-64.1.0.tgz └── nxrm-aws-resiliency-64.2.0.tgz ├── header.txt ├── nexus-repository-manager ├── .helmignore ├── Chart.yaml ├── LICENSE ├── README.md ├── templates │ ├── NOTES.txt │ ├── _helpers.tpl │ ├── configmap-properties.yaml │ ├── configmap.yaml │ ├── deployment.yaml │ ├── ingress.yaml │ ├── proxy-route.yaml │ ├── pv.yaml │ ├── pvc.yaml │ ├── route.yaml │ ├── secret.yaml │ ├── service.yaml │ ├── serviceaccount.yaml │ └── test │ │ ├── test-check-logs.yaml │ │ └── test-connection.yaml ├── tests │ ├── deployment_test.yaml │ └── ingress_test.yaml └── values.yaml ├── nxrm-aws-resiliency ├── Chart.yaml ├── LICENSE ├── README.md ├── templates │ ├── NOTES.txt │ ├── deployment.yaml │ ├── external-dns-rbac.yml │ ├── fluent-bit.yaml │ ├── ingress.yaml │ ├── namespaces.yaml │ ├── nxrm-logback-tasklogfile-override.yaml │ ├── pv.yaml │ ├── pvc.yaml │ ├── secret.yaml │ ├── serviceaccount.yaml │ ├── services.yaml │ ├── storageclass.yaml │ ├── workdir-configmap.yaml │ └── workdir-daemonset.yaml └── values.yaml └── upgrade.sh /.gitignore: -------------------------------------------------------------------------------- 1 | .vs/** 2 | .idea/** 3 | 4 | **/test-output.xml 5 | 6 | .DS_Store 7 | -------------------------------------------------------------------------------- /Dockerfile: -------------------------------------------------------------------------------- 1 | # 2 | # Sonatype Nexus (TM) Open Source Version 3 | # Copyright (c) 2008-present Sonatype, Inc. 4 | # All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions. 5 | # 6 | # This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0, 7 | # which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html. 8 | # 9 | # Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks 10 | # of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the 11 | # Eclipse Foundation. All other trademarks are the property of their respective owners. 12 | # 13 | 14 | FROM docker-all.repo.sonatype.com/alpine/helm:3.10.1 15 | 16 | RUN apk update && apk upgrade && \ 17 | apk add --no-cache bash git openssh 18 | 19 | RUN mkdir /.local /.cache && chmod 777 /.local /.cache 20 | 21 | -------------------------------------------------------------------------------- /Jenkinsfile: -------------------------------------------------------------------------------- 1 | /* 2 | * Sonatype Nexus (TM) Open Source Version 3 | * Copyright (c) 2008-present Sonatype, Inc. 4 | * All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions. 5 | * 6 | * This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0, 7 | * which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html. 8 | * 9 | * Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks 10 | * of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the 11 | * Eclipse Foundation. All other trademarks are the property of their respective owners. 12 | */ 13 | @Library(['private-pipeline-library', 'jenkins-shared', 'nxrm-jenkins-shared']) _ 14 | 15 | dockerizedBuildPipeline( 16 | prepare: { 17 | githubStatusUpdate('pending') 18 | }, 19 | buildAndTest: { 20 | sh './build.sh' 21 | }, 22 | skipVulnerabilityScan: true, 23 | archiveArtifacts: 'docs/*', 24 | testResults: ['**/test-output.xml'], 25 | onSuccess: { 26 | nxrmBuildNotifications(currentBuild, env) 27 | }, 28 | onFailure: { 29 | nxrmBuildNotifications(currentBuild, env) 30 | } 31 | ) 32 | -------------------------------------------------------------------------------- /Jenkinsfile-Release: -------------------------------------------------------------------------------- 1 | /* 2 | * Copyright (c) 2020-present Sonatype, Inc. All rights reserved. 3 | * 4 | * This program is licensed to you under the Apache License Version 2.0, 5 | * and you may not use this file except in compliance with the Apache License Version 2.0. 6 | * You may obtain a copy of the Apache License Version 2.0 at http://www.apache.org/licenses/LICENSE-2.0. 7 | * 8 | * Unless required by applicable law or agreed to in writing, 9 | * software distributed under the Apache License Version 2.0 is distributed on an 10 | * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 11 | * See the Apache License Version 2.0 for the specific language governing permissions and limitations there under. 12 | */ 13 | @Library(['private-pipeline-library', 'jenkins-shared', 'nxrm-jenkins-shared']) _ 14 | 15 | final jira = [ 16 | versionPrefix: '', project: 'NEXUS', projectId: '12410', 17 | credentialId : 'jenkins-jira', autoRelease: true, failOnError: true 18 | ] 19 | 20 | properties([ 21 | parameters([ 22 | string( 23 | name: 'appVersion', 24 | description: 'Version of the application image, like "3.41.0"', 25 | ), 26 | string( 27 | name: 'chartVersion', 28 | description: '(Optional) Version of the Chart, like "41.0.0". If omitted, it will be calculated from the appVersion.', 29 | ), 30 | ]) 31 | ]) 32 | 33 | final chartVersion = calculateChartVersion(params.chartVersion, params.appVersion) 34 | 35 | dockerizedBuildPipeline( 36 | prepare: { 37 | if (! params.appVersion) { 38 | error('The appVersion is required.') 39 | } 40 | githubStatusUpdate('pending') 41 | }, 42 | buildAndTest: { 43 | sonatypeZionGitConfig() 44 | runSafely "git checkout ${gitBranch(env)}" 45 | runSafely "./upgrade.sh ./nexus-repository-manager ${chartVersion} ${params.appVersion}" 46 | runSafely "./upgrade.sh ./nxrm-aws-resiliency ${chartVersion} ${params.appVersion}" 47 | runSafely './build.sh' 48 | runSafely 'git add nxrm-aws-resiliency' 49 | runSafely 'git add nexus-repository-manager' 50 | }, 51 | skipVulnerabilityScan: true, 52 | archiveArtifacts: 'docs/*', 53 | testResults: [], 54 | deployCondition: { true }, 55 | deploy: { 56 | runSafely 'git add docs' 57 | runSafely "git commit -m 'Release Update for ${chartVersion}'" 58 | 59 | sshagent(credentials: [sonatypeZionCredentialsId()]) { 60 | runSafely 'git push' 61 | } 62 | }, 63 | postDeploy: { 64 | // Create tags 65 | String tagName = "${chartVersion}" 66 | runSafely "git tag -a ${tagName} -m 'Release Update: ${chartVersion}'" 67 | sshagent(credentials: [sonatypeZionCredentialsId()]) { 68 | runSafely "git push origin ${tagName}" 69 | } 70 | }, 71 | onSuccess: { 72 | nxrmBuildNotifications(currentBuild, env) 73 | }, 74 | onFailure: { 75 | nxrmBuildNotifications(currentBuild, env) 76 | } 77 | ) 78 | 79 | String calculateChartVersion(final String chartVersion, final String appVersion) { 80 | if (chartVersion) { 81 | return chartVersion 82 | } 83 | 84 | if (! appVersion) { 85 | error 'Failed to calculate chartVersion with no appVersion.' 86 | } 87 | 88 | final versionParts = parseVersionString(appVersion) 89 | final chartMajor = versionParts[1] 90 | final chartMinor = versionParts[2] 91 | 92 | if (! chartMajor || ! chartMinor) { 93 | error "Failed to calculate chartVersion from appVersion: ${appVersion}" 94 | } 95 | 96 | return [chartMajor, chartMinor, '0'].join('.') 97 | } 98 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2020-present Sonatype, Inc. 2 | 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | 15 | # ⚠️ Archive Notice 16 | 17 | As of October 24, 2023, we will no longer update or support the [Single-Instance OSS/Pro Helm Chart](https://github.com/sonatype/nxrm3-helm-repository/tree/main/nexus-repository-manager). 18 | 19 | Deploying Nexus Repository in containers with an embedded database has been known to corrupt the database under some circumstances. We strongly recommend that you use an external PostgreSQL database for Kubernetes deployments. 20 | 21 | ## Helm Charts for Sonatype Nexus Repository Manager 3 22 | 23 | We now provide one [HA/Resiliency Helm Chart](https://github.com/sonatype/nxrm3-ha-repository/tree/main/nxrm-ha) that supports both high availability and resilient deployments in AWS, Azure, or on-premises in a Kubernetes cluster. This is our only supported Helm chart for deploying Sonatype Nexus Repository; it requires a PostgreSQL database. 24 | -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- 1 | 15 | # Reporting Security Vulnerabilities 16 | 17 | ## When to report 18 | 19 | First check 20 | [Important advisories of known security vulnerabilities in Sonatype products](https://support.sonatype.com/hc/en-us/sections/203012668-Security-Advisories) 21 | to see if this has been previously reported. 22 | 23 | ## How to report 24 | 25 | Please email reports regarding security related issues you find to [mailto:security@sonatype.com](security@sonatype.com). 26 | 27 | Use our public key below to keep your message safe. 28 | 29 | ## What to include 30 | 31 | Please use a descriptive subject line in your email report. 32 | 33 | Your name and/or affiliation. 34 | 35 | A detailed technical description of the vulnerability, attack scenario and where 36 | possible, how we can reproduce your findings. 37 | 38 | Provide us with a secure way to respond. 39 | 40 | ## What to expect 41 | 42 | Your email will be acknowledged within 1 - 2 business days, and you'll receive a 43 | more detailed response to your email within 7 business days. 44 | 45 | We ask that everyone please follow responsible disclosure practices and allow 46 | time for us to release a fix prior to public release. 47 | 48 | Once an issue is reported, Sonatype uses the following disclosure process: 49 | 50 | When a report is received, we confirm the issue and determine its severity. 51 | 52 | If third-party services or software require mitigation before publication, those 53 | projects will be notified. 54 | 55 | ## Our public key 56 | 57 | ```console 58 | -----BEGIN PUBLIC KEY BLOCK----- 59 | mQENBFF+a9ABCADQWSAAU7w9i71Zn3TQ6k7lT9x57cRdtX7V709oeN/c/1it+gCw 60 | onmmCyf4ypor6XcPSOasp/x0s3hVuf6YfMbI0tSwJUWWihrmoPGIXtmiSOotQE0Q 61 | Sav41xs3YyI9LzQB4ngZR/nhp4YhioD1dVorD6LGXk08rvl2ikoqHwTagbEXZJY7 62 | 3VYhW6JHbZTLwCsfyg6uaSYF1qXfUxHPOiHYKNbhK/tM3giX+9ld/7xi+9f4zEFQ 63 | eX9wcRTdgdDOAqDOK7MV30KXagSqvW0MgEYtKX6q4KjjRzBYjkiTdFW/yMXub/Bs 64 | 5UckxHTCuAmvpr5J0HIUeLtXi1QCkijyn8HJABEBAAG0KVNvbmF0eXBlIFNlY3Vy 65 | aXR5IDxzZWN1cml0eUBzb25hdHlwZS5jb20+iQE4BBMBAgAiBQJRfmvQAhsDBgsJ 66 | CAcDAgYVCAIJCgsEFgIDAQIeAQIXgAAKCRAgkmxsNtgwfUzbCACLtCgieq1kJOqo 67 | 2i136ND5ZOj31zIzNENLn8dhSg5zQwTHOcntWAtS8uCNq4fSlslwvlbPYWTLD7fE 68 | iJn1z7BCU8gBk+pkAJJFWEPweMVt+9bYQ4HfKceGbJeuwBBhS34SK9ZIp9gfxxfA 69 | oTm0aGYwKR5wH3sqL/mrhwKhPt9wXR4qwlE635STEX8wzJ5SBqf3ArJUtCp1rzgR 70 | Dx+DiZed5HE1pOI2Kyb6O80bm485WThPXxpvp3bfzTNYoGzeLi/F7WkmgggkXxsT 71 | Pyd0sSx0B/MO4lJtQvEBlIHDFno9mXa30fKl+rzp2geG5UxNHJUjaC5JhfWLEXEX 72 | wV0ErBsmuQENBFF+a9ABCADXj04+GLIz8VCaZH554nUHEhaKoiIXH3Tj7UiMZDqy 73 | o4WIw2RFaCQNA8T0R5Q0yxINU146JQMbA2SN59AGcGYZcajyEvTR7tLG0meMO6S0 74 | JWpkX7s3xaC0s+5SJ/ba00oHGzW0aotgzG9BWA5OniNHK7zZKMVu7M80M/wB1RvK 75 | x775hAeJ+8F9MDJ+ijydBtaOfDdkbg+0kU1xR6Io+vVLPk38ghlWU8QFP4/B0oWi 76 | jK4xiDqK6cG7kyH9kC9nau+ckH8MrJ/RzEpsc4GRwqS4IEnvHWe7XbgydWS1bCp6 77 | 8uP5ma3d02elQmSEa+PABIPKnZcAf1YKLr9O/+IzEdOhABEBAAGJAR8EGAECAAkF 78 | AlF+a9ACGwwACgkQIJJsbDbYMH3WzAf/XOm4YQZFOgG2h9d03m8me8d1vrYico+0 79 | pBYU9iCozLgamM4er9Efb+XzfLvNVKuqyR0cgvGszukIPQYeX58DMrZ07C+E0wDZ 80 | bG+ZAYXT5GqsHkSVnMCVIfyJNLjR4sbVzykyVtnccBL6bP3jxbCP1jJdT7bwiKre 81 | 1jQjvyoL0yIegdiN/oEdmx52Fqjt4NkQsp4sk625UBFTVISr22bnf60ZIGgrRbAP 82 | DU1XMdIrmqmhEEQcXMp4CeflDMksOmaIeAUkZY7eddnXMwQDJTnz5ziCal+1r0R3 83 | dh0XISRG0NkiLEXeGkrs7Sn7BAAsTsaH/1zU6YbvoWlMlHYT6EarFQ== =sFGt 84 | -----END PUBLIC KEY BLOCK----- 85 | ``` 86 | 87 | -------------------------------------------------------------------------------- /build.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | # 3 | # Sonatype Nexus (TM) Open Source Version 4 | # Copyright (c) 2008-present Sonatype, Inc. 5 | # All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions. 6 | # 7 | # This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0, 8 | # which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html. 9 | # 10 | # Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks 11 | # of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the 12 | # Eclipse Foundation. All other trademarks are the property of their respective owners. 13 | # 14 | 15 | helm plugin install --version "0.2.11" https://github.com/quintush/helm-unittest 16 | 17 | set -e 18 | 19 | # lint yaml of charts 20 | helm lint ./nxrm-aws-resiliency 21 | helm lint ./nexus-repository-manager 22 | 23 | # unit test 24 | (cd ./nxrm-aws-resiliency; helm unittest -3 -t junit -o test-output.xml .) 25 | (cd ./nexus-repository-manager; helm unittest -3 -t junit -o test-output.xml .) 26 | 27 | # package the charts into tgz archives 28 | helm package ./nxrm-aws-resiliency --destination docs 29 | helm package ./nexus-repository-manager --destination docs 30 | -------------------------------------------------------------------------------- /docs/nexus-repository-manager-42.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-42.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-42.0.1.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-42.0.1.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-43.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-43.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-44.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-44.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-45.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-45.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-45.1.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-45.1.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-46.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-46.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-47.1.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-47.1.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-48.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-48.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-49.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-49.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-50.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-50.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-51.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-51.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-52.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-52.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-53.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-53.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-53.1.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-53.1.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-54.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-54.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-54.1.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-54.1.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-55.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-55.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-56.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-56.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-57.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-57.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-57.1.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-57.1.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-58.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-58.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-58.1.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-58.1.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-59.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-59.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-60.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-60.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-61.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-61.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-61.0.2.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-61.0.2.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-62.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-62.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-63.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-63.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-64.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-64.0.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-64.1.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-64.1.0.tgz -------------------------------------------------------------------------------- /docs/nexus-repository-manager-64.2.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nexus-repository-manager-64.2.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-41.1.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-41.1.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-41.1.1.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-41.1.1.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-41.1.2.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-41.1.2.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-41.1.3.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-41.1.3.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-42.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-42.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-42.0.1.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-42.0.1.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-43.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-43.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-44.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-44.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-45.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-45.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-45.1.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-45.1.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-46.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-46.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-47.1.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-47.1.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-48.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-48.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-49.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-49.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-50.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-50.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-51.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-51.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-52.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-52.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-53.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-53.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-53.1.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-53.1.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-54.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-54.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-54.1.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-54.1.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-55.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-55.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-56.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-56.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-57.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-57.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-57.1.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-57.1.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-58.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-58.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-58.1.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-58.1.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-59.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-59.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-60.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-60.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-61.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-61.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-61.0.2.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-61.0.2.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-62.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-62.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-63.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-63.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-64.0.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-64.0.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-64.1.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-64.1.0.tgz -------------------------------------------------------------------------------- /docs/nxrm-aws-resiliency-64.2.0.tgz: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/sonatype/nxrm3-helm-repository/252d73fa1ae00b5938ac104750adc9f074f214b3/docs/nxrm-aws-resiliency-64.2.0.tgz -------------------------------------------------------------------------------- /header.txt: -------------------------------------------------------------------------------- 1 | Sonatype Nexus (TM) Open Source Version 2 | Copyright (c) 2008-present Sonatype, Inc. 3 | All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions. 4 | 5 | This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0, 6 | which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html. 7 | 8 | Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks 9 | of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the 10 | Eclipse Foundation. All other trademarks are the property of their respective owners. 11 | -------------------------------------------------------------------------------- /nexus-repository-manager/.helmignore: -------------------------------------------------------------------------------- 1 | # Patterns to ignore when building packages. 2 | # This supports shell glob matching, relative path matching, and 3 | # negation (prefixed with !). Only one pattern per line. 4 | .DS_Store 5 | # Common VCS dirs 6 | .git/ 7 | .gitignore 8 | .bzr/ 9 | .bzrignore 10 | .hg/ 11 | .hgignore 12 | .svn/ 13 | # Common backup files 14 | *.swp 15 | *.bak 16 | *.tmp 17 | *~ 18 | # Various IDEs 19 | .project 20 | .idea/ 21 | *.tmproj 22 | # OWNERS file for Kubernetes 23 | OWNERS 24 | *.tar 25 | -------------------------------------------------------------------------------- /nexus-repository-manager/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: nexus-repository-manager 3 | # The nexus-repository-manager chart is deprecated and no longer maintained 4 | deprecated: true 5 | 6 | # This is the chart version. This version number should be incremented each time you make changes 7 | # to the chart and its templates, including the app version. 8 | version: 64.2.0 9 | # This is the version number of the application being deployed. This version number should be 10 | # incremented each time you make changes to the application. 11 | appVersion: 3.64.0 12 | 13 | description: DEPRECATED Sonatype Nexus Repository Manager - Universal Binary repository 14 | 15 | # A chart can be either an 'application' or a 'library' chart. 16 | # 17 | # Application charts are a collection of templates that can be packaged into versioned archives 18 | # to be deployed. 19 | # 20 | # Library charts provide useful utilities or functions for the chart developer. They're included as 21 | # a dependency of application charts to inject those utilities and functions into the rendering 22 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 23 | type: application 24 | 25 | keywords: 26 | - artifacts 27 | - dependency 28 | - management 29 | - sonatype 30 | - nexus 31 | - repository 32 | - quickstart 33 | - ci 34 | - repository-manager 35 | - nexus3 36 | home: https://www.sonatype.com/nexus-repository-oss 37 | icon: https://sonatype.github.io/helm3-charts/NexusRepo_Vertical.svg 38 | sources: 39 | - https://github.com/sonatype/nexus-public 40 | -------------------------------------------------------------------------------- /nexus-repository-manager/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2020-present Sonatype, Inc. 2 | 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | -------------------------------------------------------------------------------- /nexus-repository-manager/README.md: -------------------------------------------------------------------------------- 1 | 15 | # ⚠️ Archive Notice 16 | 17 | As of October 24, 2023, we will no longer update or support this Helm chart. 18 | 19 | We now provide one [HA/Resiliency Helm Chart](https://github.com/sonatype/nxrm3-ha-repository/tree/main/nxrm-ha) that supports both high availability and resilient deployments in AWS, Azure, or on-premises in a Kubernetes cluster. This is our only supported Helm chart for deploying Sonatype Nexus Repository; it requires a PostgreSQL database. -------------------------------------------------------------------------------- /nexus-repository-manager/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled }} 2 | 1. Your ingresses are available here: 3 | http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $.Values.ingress.hostRepo }}{{ $.Values.ingress.hostPath }} 4 | {{- if $.Values.nexus.docker.enabled }} 5 | {{- range $registry := .Values.nexus.docker.registries }} 6 | https://{{ $registry.host }}/ 7 | {{- end }} 8 | {{- end }} 9 | {{- else if contains "NodePort" .Values.service.type }} 10 | 1. Get the application URL by running these commands: 11 | export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "nexus.fullname" . }}) 12 | export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}") 13 | Your application is available at http://$NODE_IP:$NODE_PORT 14 | {{- else if contains "LoadBalancer" .Values.service.type }} 15 | 1. Get the application URL by running these commands: 16 | NOTE: It may take a few minutes for the LoadBalancer IP to be available. 17 | You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "nexus.fullname" . }}' 18 | export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "nexus.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}") 19 | {{- range $index, $port := .Values.service.ports }} 20 | Your application is available at http://$SERVICE_IP:{{ $port }} 21 | {{- end }} 22 | {{- else if contains "ClusterIP" .Values.service.type }} 23 | 1. Get the application URL by running these commands: 24 | export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "nexus.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}") 25 | kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8081:80 26 | Your application is available at http://127.0.0.1 27 | {{- end }} 28 | -------------------------------------------------------------------------------- /nexus-repository-manager/templates/_helpers.tpl: -------------------------------------------------------------------------------- 1 | {{/* vim: set filetype=mustache: */}} 2 | {{/* 3 | Expand the name of the chart. 4 | */}} 5 | {{- define "nexus.name" -}} 6 | {{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}} 7 | {{- end -}} 8 | 9 | {{/* 10 | Create a default fully qualified app name. 11 | We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec). 12 | If release name contains chart name it will be used as a full name. 13 | */}} 14 | {{- define "nexus.fullname" -}} 15 | {{- if .Values.fullnameOverride -}} 16 | {{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}} 17 | {{- else -}} 18 | {{- $name := default .Chart.Name .Values.nameOverride -}} 19 | {{- if contains $name .Release.Name -}} 20 | {{- .Release.Name | trunc 63 | trimSuffix "-" -}} 21 | {{- else -}} 22 | {{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}} 23 | {{- end -}} 24 | {{- end -}} 25 | {{- end -}} 26 | 27 | {{/* 28 | Create chart name and version as used by the chart label. 29 | */}} 30 | {{- define "nexus.chart" -}} 31 | {{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}} 32 | {{- end -}} 33 | 34 | {{/* 35 | Common labels 36 | */}} 37 | {{- define "nexus.labels" -}} 38 | helm.sh/chart: {{ include "nexus.chart" . }} 39 | {{ include "nexus.selectorLabels" . }} 40 | {{- if .Chart.AppVersion }} 41 | app.kubernetes.io/version: {{ .Chart.AppVersion | quote }} 42 | {{- end }} 43 | app.kubernetes.io/managed-by: {{ .Release.Service }} 44 | {{- end -}} 45 | 46 | {{/* 47 | Selector labels 48 | */}} 49 | {{- define "nexus.selectorLabels" -}} 50 | app.kubernetes.io/name: {{ include "nexus.name" . }} 51 | app.kubernetes.io/instance: {{ .Release.Name }} 52 | {{- end -}} 53 | 54 | {{/* 55 | Create the name of the service account to use 56 | */}} 57 | {{- define "nexus.serviceAccountName" -}} 58 | {{- if .Values.serviceAccount.create -}} 59 | {{ default (include "nexus.fullname" .) .Values.serviceAccount.name }} 60 | {{- else -}} 61 | {{ default "default" .Values.serviceAccount.name }} 62 | {{- end -}} 63 | {{- end -}} 64 | -------------------------------------------------------------------------------- /nexus-repository-manager/templates/configmap-properties.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.nexus.properties.override -}} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ template "nexus.name" . }}-properties 6 | labels: {{- include "nexus.labels" . | nindent 4 }} 7 | {{- if .Values.nexus.extraLabels }} 8 | {{- with .Values.nexus.extraLabels }} 9 | {{ toYaml . | indent 4 }} 10 | {{- end }} 11 | {{- end }} 12 | data: 13 | nexus.properties: | 14 | {{- range $k, $v := .Values.nexus.properties.data }} 15 | {{ $k }}={{ $v }} 16 | {{- end }} 17 | {{- end }} -------------------------------------------------------------------------------- /nexus-repository-manager/templates/configmap.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.config.enabled -}} 2 | apiVersion: v1 3 | kind: ConfigMap 4 | metadata: 5 | name: {{ template "nexus.name" . }}-conf 6 | labels: 7 | {{ include "nexus.labels" . | indent 4 }} 8 | {{- if .Values.nexus.extraLabels }} 9 | {{- with .Values.nexus.extraLabels }} 10 | {{ toYaml . | indent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | data: 14 | {{ toYaml .Values.config.data | indent 2 }} 15 | {{- end }} -------------------------------------------------------------------------------- /nexus-repository-manager/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ template "nexus.fullname" . }} 5 | labels: 6 | {{ include "nexus.labels" . | indent 4 }} 7 | {{- if .Values.nexus.extraLabels }} 8 | {{- with .Values.nexus.extraLabels }} 9 | {{ toYaml . | indent 4 }} 10 | {{- end }} 11 | {{- end }} 12 | {{- if .Values.deployment.annotations }} 13 | annotations: 14 | {{ toYaml .Values.deployment.annotations | nindent 4 }} 15 | {{- end }} 16 | spec: 17 | replicas: 1 18 | strategy: 19 | type: {{ .Values.deploymentStrategy }} 20 | selector: 21 | matchLabels: 22 | {{- include "nexus.selectorLabels" . | nindent 6 }} 23 | {{- if .Values.nexus.extraSelectorLabels }} 24 | {{- with .Values.nexus.extraSelectorLabels }} 25 | {{ toYaml . | indent 6 }} 26 | {{- end }} 27 | {{- end }} 28 | template: 29 | metadata: 30 | annotations: 31 | checksum/configmap-properties: {{ include (print .Template.BasePath "/configmap-properties.yaml") $ | sha256sum }} 32 | {{- if .Values.nexus.podAnnotations }} 33 | {{ toYaml .Values.nexus.podAnnotations | nindent 8}} 34 | {{- end }} 35 | labels: 36 | {{- include "nexus.selectorLabels" . | nindent 8 }} 37 | spec: 38 | serviceAccountName: {{ include "nexus.serviceAccountName" . }} 39 | {{- if .Values.deployment.initContainers }} 40 | initContainers: 41 | {{ toYaml .Values.deployment.initContainers | nindent 6 }} 42 | {{- end }} 43 | {{- if .Values.nexus.nodeSelector }} 44 | nodeSelector: 45 | {{ toYaml .Values.nexus.nodeSelector | nindent 8 }} 46 | {{- end }} 47 | {{- if .Values.nexus.hostAliases }} 48 | hostAliases: 49 | {{ toYaml .Values.nexus.hostAliases | nindent 8 }} 50 | {{- end }} 51 | {{- with .Values.imagePullSecrets }} 52 | imagePullSecrets: 53 | {{- toYaml . | nindent 8 }} 54 | {{- end }} 55 | {{- if .Values.deployment.terminationGracePeriodSeconds }} 56 | terminationGracePeriodSeconds: {{ .Values.deployment.terminationGracePeriodSeconds }} 57 | {{- end }} 58 | containers: 59 | - name: {{ .Chart.Name }} 60 | image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}" 61 | imagePullPolicy: {{ .Values.image.pullPolicy }} 62 | securityContext: 63 | allowPrivilegeEscalation: false 64 | runAsNonRoot: true 65 | seccompProfile: 66 | type: RuntimeDefault 67 | capabilities: 68 | drop: 69 | - ALL 70 | lifecycle: 71 | {{- if .Values.deployment.postStart.command }} 72 | postStart: 73 | exec: 74 | command: {{ .Values.deployment.postStart.command }} 75 | {{- end }} 76 | env: 77 | {{ toYaml .Values.nexus.env | nindent 12 }} 78 | envFrom: 79 | {{ toYaml .Values.nexus.envFrom | nindent 12 }} 80 | resources: 81 | {{ toYaml .Values.nexus.resources | nindent 12 }} 82 | ports: 83 | - name: nexus-ui 84 | containerPort: {{ .Values.nexus.nexusPort }} 85 | {{- if .Values.nexus.docker.enabled }} 86 | {{- range .Values.nexus.docker.registries }} 87 | - name: docker-{{ .port }} 88 | containerPort: {{ .port }} 89 | {{- end }} 90 | {{- end }} 91 | livenessProbe: 92 | httpGet: 93 | path: {{ .Values.nexus.livenessProbe.path }} 94 | port: {{ .Values.nexus.nexusPort }} 95 | initialDelaySeconds: {{ .Values.nexus.livenessProbe.initialDelaySeconds }} 96 | periodSeconds: {{ .Values.nexus.livenessProbe.periodSeconds }} 97 | failureThreshold: {{ .Values.nexus.livenessProbe.failureThreshold }} 98 | {{- if .Values.nexus.livenessProbe.timeoutSeconds }} 99 | timeoutSeconds: {{ .Values.nexus.livenessProbe.timeoutSeconds }} 100 | {{- end }} 101 | readinessProbe: 102 | httpGet: 103 | path: {{ .Values.nexus.readinessProbe.path }} 104 | port: {{ .Values.nexus.nexusPort }} 105 | initialDelaySeconds: {{ .Values.nexus.readinessProbe.initialDelaySeconds }} 106 | periodSeconds: {{ .Values.nexus.readinessProbe.periodSeconds }} 107 | failureThreshold: {{ .Values.nexus.readinessProbe.failureThreshold }} 108 | {{- if .Values.nexus.readinessProbe.timeoutSeconds }} 109 | timeoutSeconds: {{ .Values.nexus.readinessProbe.timeoutSeconds }} 110 | {{- end }} 111 | volumeMounts: 112 | - mountPath: /nexus-data 113 | name: {{ template "nexus.name" . }}-data 114 | {{- if .Values.config.enabled }} 115 | - mountPath: {{ .Values.config.mountPath }} 116 | name: {{ template "nexus.name" . }}-conf 117 | {{- end }} 118 | {{- if .Values.nexus.properties.override }} 119 | - mountPath: /nexus-data/etc/nexus.properties 120 | name: {{ template "nexus.name" . }}-properties 121 | subPath: nexus.properties 122 | {{- end }} 123 | {{- if .Values.secret.enabled }} 124 | - mountPath: {{ .Values.secret.mountPath }} 125 | name: {{ template "nexus.name" . }}-secret 126 | readOnly: {{ .Values.secret.readOnly }} 127 | {{- end }} 128 | {{- if .Values.deployment.additionalVolumeMounts}} 129 | {{ toYaml .Values.deployment.additionalVolumeMounts | nindent 12 }} 130 | {{- end }} 131 | {{- if .Values.deployment.additionalContainers }} 132 | {{ toYaml .Values.deployment.additionalContainers | nindent 8 }} 133 | {{- end }} 134 | {{- if .Values.nexus.securityContext }} 135 | securityContext: 136 | {{ toYaml .Values.nexus.securityContext | nindent 8 }} 137 | {{- end }} 138 | volumes: 139 | - name: {{ template "nexus.name" . }}-data 140 | {{- if .Values.persistence.enabled }} 141 | persistentVolumeClaim: 142 | claimName: {{ .Values.persistence.existingClaim | default (printf "%s-%s" (include "nexus.fullname" .) "data") }} 143 | {{- else }} 144 | emptyDir: {} 145 | {{- end }} 146 | {{- if .Values.config.enabled }} 147 | - name: {{ template "nexus.name" . }}-conf 148 | configMap: 149 | name: {{ template "nexus.name" . }}-conf 150 | {{- end }} 151 | {{- if .Values.nexus.properties.override }} 152 | - name: {{ template "nexus.name" . }}-properties 153 | configMap: 154 | name: {{ template "nexus.name" . }}-properties 155 | items: 156 | - key: nexus.properties 157 | path: nexus.properties 158 | {{- end }} 159 | {{- if .Values.secret.enabled }} 160 | - name: {{ template "nexus.name" . }}-secret 161 | secret: 162 | secretName: {{ template "nexus.name" . }}-secret 163 | {{- end }} 164 | {{- if .Values.deployment.additionalVolumes }} 165 | {{ toYaml .Values.deployment.additionalVolumes | nindent 8 }} 166 | {{- end }} 167 | {{- with .Values.tolerations }} 168 | tolerations: 169 | {{ toYaml . | nindent 8 }} 170 | {{- end }} 171 | -------------------------------------------------------------------------------- /nexus-repository-manager/templates/ingress.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.ingress.enabled -}} 2 | {{- $fullName := include "nexus.fullname" . -}} 3 | {{- $svcPort := .Values.nexus.nexusPort -}} 4 | {{- $ingressPath := .Values.ingress.path -}} 5 | apiVersion: networking.k8s.io/v1 6 | kind: Ingress 7 | metadata: 8 | name: {{ $fullName }} 9 | labels: 10 | {{- include "nexus.labels" . | nindent 4 }} 11 | {{- if .Values.nexus.extraLabels }} 12 | {{- with .Values.nexus.extraLabels }} 13 | {{ toYaml . | indent 4 }} 14 | {{- end }} 15 | {{- end }} 16 | {{- with .Values.ingress.annotations }} 17 | annotations: 18 | {{- toYaml . | nindent 4 }} 19 | {{- end }} 20 | spec: 21 | {{- if .Values.ingress.ingressClassName }} 22 | ingressClassName: {{ .Values.ingress.ingressClassName }} 23 | {{- end }} 24 | {{- if .Values.ingress.tls }} 25 | tls: 26 | {{- range .Values.ingress.tls }} 27 | - hosts: 28 | {{- range .hosts }} 29 | - {{ . | quote }} 30 | {{- end }} 31 | secretName: {{ .secretName }} 32 | {{- end }} 33 | {{- end }} 34 | rules: 35 | - host: {{ .Values.ingress.hostRepo }} 36 | http: 37 | paths: 38 | - path: {{ .Values.ingress.hostPath }} 39 | pathType: Prefix 40 | backend: 41 | service: 42 | name: {{ $fullName }} 43 | port: 44 | number: 8081 45 | 46 | {{ if .Values.nexus.docker.enabled }} 47 | {{ range $registry := .Values.nexus.docker.registries }} 48 | --- 49 | apiVersion: networking.k8s.io/v1 50 | kind: Ingress 51 | metadata: 52 | name: {{ $fullName | trunc 49 }}-docker-{{ $registry.port }} 53 | labels: 54 | {{- include "nexus.labels" $ | nindent 4 }} 55 | {{- if $.Values.nexus.extraLabels }} 56 | {{- with $.Values.nexus.extraLabels }} 57 | {{ toYaml . | indent 4 }} 58 | {{- end }} 59 | {{- end }} 60 | {{- with $.Values.ingress.annotations }} 61 | annotations: 62 | {{- toYaml . | nindent 4 }} 63 | {{- end }} 64 | spec: 65 | {{- if $.Values.ingress.ingressClassName }} 66 | ingressClassName: {{ $.Values.ingress.ingressClassName }} 67 | {{- end }} 68 | tls: 69 | - hosts: 70 | - {{ $registry.host | quote }} 71 | secretName: {{ $registry.secretName }} 72 | rules: 73 | - host: {{ $registry.host }} 74 | http: 75 | paths: 76 | - path: / 77 | pathType: Prefix 78 | backend: 79 | service: 80 | name: {{ $fullName | trunc 49 }}-docker-{{ $registry.port }} 81 | port: 82 | number: {{ $registry.port }} 83 | {{- end }} {{- /* range of nexus.docker.registries */ -}} 84 | {{- end }} {{- /* nexus.docker.enabled */ -}} 85 | {{- end }} {{- /* ingress.enabled */ -}} 86 | -------------------------------------------------------------------------------- /nexus-repository-manager/templates/proxy-route.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.nexusProxyRoute.enabled }} 2 | apiVersion: route.openshift.io/v1 3 | kind: Route 4 | metadata: 5 | name: {{ template "nexus.fullname" . }} 6 | labels: {{ .Values.nexusProxyRoute.labels }} 7 | annotations: 8 | {{- range $key, $value := .Values.nexusProxyRoute.annotations }} 9 | {{ $key }}: {{ $value | quote }} 10 | {{- end }} 11 | spec: 12 | host: {{ .Values.nexusProxyRoute.path }} 13 | port: 14 | targetPort: {{ template "nexus.fullname" . }} 15 | tls: 16 | insecureEdgeTerminationPolicy: Redirect 17 | termination: edge 18 | to: 19 | kind: Service 20 | name: {{ template "nexus.fullname" . }} 21 | weight: 100 22 | wildcardPolicy: None 23 | {{- end }} 24 | -------------------------------------------------------------------------------- /nexus-repository-manager/templates/pv.yaml: -------------------------------------------------------------------------------- 1 | {{- if not .Values.statefulset.enabled }} 2 | {{- if .Values.persistence.pdName -}} 3 | apiVersion: v1 4 | kind: PersistentVolume 5 | metadata: 6 | name: {{ .Values.persistence.pdName }} 7 | labels: 8 | {{ include "nexus.labels" . | indent 4 }} 9 | {{- if .Values.nexus.extraLabels }} 10 | {{- with .Values.nexus.extraLabels }} 11 | {{ toYaml . | indent 4 }} 12 | {{- end }} 13 | {{- end }} 14 | spec: 15 | capacity: 16 | storage: {{ .Values.persistence.storageSize }} 17 | accessModes: 18 | - ReadWriteOnce 19 | claimRef: 20 | namespace: {{ .Release.Namespace }} 21 | name: {{ template "nexus.fullname" . }}-data 22 | gcePersistentDisk: 23 | pdName: {{ .Values.persistence.pdName }} 24 | fsType: {{ .Values.persistence.fsType }} 25 | {{- end }} 26 | {{- end }} 27 | -------------------------------------------------------------------------------- /nexus-repository-manager/templates/pvc.yaml: -------------------------------------------------------------------------------- 1 | {{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }} 2 | kind: PersistentVolumeClaim 3 | apiVersion: v1 4 | metadata: 5 | name: {{ template "nexus.fullname" . }}-data 6 | labels: 7 | {{ include "nexus.labels" . | indent 4 }} 8 | {{- if .Values.nexus.extraLabels }} 9 | {{- with .Values.nexus.extraLabels }} 10 | {{ toYaml . | indent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | {{- if .Values.persistence.annotations }} 14 | annotations: 15 | {{ toYaml .Values.persistence.annotations | indent 4 }} 16 | {{- end }} 17 | spec: 18 | accessModes: 19 | - {{ .Values.persistence.accessMode | quote }} 20 | resources: 21 | requests: 22 | storage: {{ .Values.persistence.storageSize | quote }} 23 | {{- if .Values.persistence.storageClass }} 24 | {{- if (eq "-" .Values.persistence.storageClass) }} 25 | storageClassName: "" 26 | {{- else }} 27 | storageClassName: "{{ .Values.persistence.storageClass }}" 28 | {{- end }} 29 | {{- end }} 30 | {{- end }} 31 | -------------------------------------------------------------------------------- /nexus-repository-manager/templates/route.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.route.enabled }} 2 | apiVersion: route.openshift.io/v1 3 | kind: Route 4 | metadata: 5 | name: {{ .Values.route.name }} 6 | labels: {{ .Values.route.labels }} 7 | annotations: 8 | {{- range $key, $value := .Values.route.annotations }} 9 | {{ $key }}: {{ $value | quote }} 10 | {{- end }} 11 | spec: 12 | host: {{ .Values.route.path }} 13 | port: 14 | targetPort: {{ .Values.service.portName }} 15 | tls: 16 | insecureEdgeTerminationPolicy: Redirect 17 | termination: edge 18 | to: 19 | kind: Service 20 | {{- if .Values.service.name }} 21 | name: {{ .Values.service.name }} 22 | {{- else }} 23 | name: {{ template "nexus.name" . }}-service 24 | {{- end }} 25 | weight: 100 26 | wildcardPolicy: None 27 | {{- end }} 28 | -------------------------------------------------------------------------------- /nexus-repository-manager/templates/secret.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.secret.enabled -}} 2 | apiVersion: v1 3 | kind: Secret 4 | metadata: 5 | name: {{ template "nexus.name" . }}-secret 6 | labels: 7 | {{ include "nexus.labels" . | indent 4 }} 8 | {{- if .Values.nexus.extraLabels }} 9 | {{- with .Values.nexus.extraLabels }} 10 | {{ toYaml . | indent 4 }} 11 | {{- end }} 12 | {{- end }} 13 | data: 14 | {{ toYaml .Values.secret.data | indent 2 }} 15 | {{- end}} 16 | -------------------------------------------------------------------------------- /nexus-repository-manager/templates/service.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.service.enabled -}} 2 | --- 3 | apiVersion: v1 4 | kind: Service 5 | metadata: 6 | name: {{ include "nexus.fullname" . }} 7 | {{- if .Values.service.annotations }} 8 | annotations: 9 | {{ toYaml .Values.service.annotations | indent 4 }} 10 | {{- end }} 11 | labels: 12 | {{- include "nexus.labels" . | nindent 4 }} 13 | {{- if .Values.nexus.extraLabels }} 14 | {{- with .Values.nexus.extraLabels }} 15 | {{ toYaml . | indent 4 }} 16 | {{- end }} 17 | {{- end }} 18 | spec: 19 | type: {{ .Values.service.type }} 20 | ports: 21 | - port: {{ .Values.nexus.nexusPort }} 22 | protocol: TCP 23 | name: nexus-ui 24 | selector: 25 | {{- include "nexus.selectorLabels" . | nindent 4 }} 26 | {{- if .Values.nexus.extraSelectorLabels }} 27 | {{- with .Values.nexus.extraSelectorLabels }} 28 | {{ toYaml . | indent 4 }} 29 | {{- end }} 30 | {{- end }} 31 | 32 | {{- if .Values.nexus.docker.enabled }} 33 | {{- range $registry := .Values.nexus.docker.registries }} 34 | --- 35 | apiVersion: v1 36 | kind: Service 37 | metadata: 38 | name: {{ include "nexus.fullname" $ | trunc 49 }}-docker-{{ $registry.port }} 39 | {{- if $.Values.service.annotations }} 40 | annotations: 41 | {{ toYaml $.Values.service.annotations | indent 4 }} 42 | {{- end }} 43 | labels: 44 | {{- include "nexus.labels" $ | nindent 4 }} 45 | {{- if $.Values.nexus.extraLabels }} 46 | {{- with $.Values.nexus.extraLabels }} 47 | {{ toYaml . | indent 4 }} 48 | {{- end }} 49 | {{- end }} 50 | spec: 51 | type: {{ $.Values.service.type }} 52 | ports: 53 | - port: {{ $registry.port }} 54 | protocol: TCP 55 | name: docker-{{ $registry.port }} 56 | selector: 57 | {{- include "nexus.selectorLabels" $ | nindent 4 }} 58 | {{- if $.Values.nexus.extraSelectorLabels }} 59 | {{- with $.Values.nexus.extraSelectorLabels }} 60 | {{ toYaml . | indent 4 }} 61 | {{- end }} 62 | {{- end }} 63 | {{- end }} 64 | 65 | {{- end }} 66 | {{- end }} 67 | -------------------------------------------------------------------------------- /nexus-repository-manager/templates/serviceaccount.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.serviceAccount.create -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ include "nexus.serviceAccountName" . }} 6 | labels: {{- include "nexus.labels" . | nindent 4 }} 7 | {{- if .Values.nexus.extraLabels }} 8 | {{- with .Values.nexus.extraLabels }} 9 | {{ toYaml . | indent 4 }} 10 | {{- end }} 11 | {{- end }} 12 | {{- with .Values.serviceAccount.annotations }} 13 | annotations: {{- toYaml . | nindent 4 }} 14 | {{- end }} 15 | {{- end }} 16 | -------------------------------------------------------------------------------- /nexus-repository-manager/templates/test/test-check-logs.yaml: -------------------------------------------------------------------------------- 1 | # This test checks the logs to confirm the running app version is the same as the chart app version 2 | # This test will run only if the flag persistence.enabled is true on the values.yaml file 3 | {{- if .Values.persistence.enabled }} 4 | apiVersion: v1 5 | kind: Pod 6 | metadata: 7 | name: "{{ .Release.Name }}-test-check-logs" 8 | annotations: 9 | "helm.sh/hook": test 10 | "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed 11 | spec: 12 | containers: 13 | - name: {{ .Release.Name }}-test-check-logs 14 | image: busybox 15 | command: ["/bin/sh"] 16 | args: ["-c", "cat /nexus-data/log/nexus.log | grep {{ .Chart.AppVersion }} || exit 1"] 17 | volumeMounts: 18 | - mountPath: /nexus-data 19 | name: {{ template "nexus.name" . }}-data 20 | volumes: 21 | - name: {{ template "nexus.name" . }}-data 22 | persistentVolumeClaim: 23 | claimName: {{ .Values.persistence.existingClaim | default (printf "%s-%s" (include "nexus.fullname" .) "data") }} 24 | restartPolicy: Never 25 | {{- end }} 26 | -------------------------------------------------------------------------------- /nexus-repository-manager/templates/test/test-connection.yaml: -------------------------------------------------------------------------------- 1 | # This test checks that the server is up and running by making a wget 2 | apiVersion: v1 3 | kind: Pod 4 | metadata: 5 | name: "{{ .Release.Name }}-test-connection" 6 | annotations: 7 | "helm.sh/hook": test 8 | "helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed 9 | spec: 10 | containers: 11 | - name: {{ .Release.Name }}-test-connection 12 | image: busybox 13 | command: ['wget'] 14 | args: ['{{ include "nexus.fullname" . }}:{{ .Values.nexus.nexusPort }}'] 15 | restartPolicy: Never 16 | -------------------------------------------------------------------------------- /nexus-repository-manager/tests/deployment_test.yaml: -------------------------------------------------------------------------------- 1 | suite: deployment 2 | templates: 3 | - deployment.yaml 4 | - configmap-properties.yaml 5 | tests: 6 | - it: renders with defaults 7 | template: deployment.yaml 8 | asserts: 9 | - hasDocuments: 10 | count: 1 11 | - isKind: 12 | of: Deployment 13 | - equal: 14 | path: apiVersion 15 | value: apps/v1 16 | - equal: 17 | path: metadata.name 18 | value: RELEASE-NAME-nexus-repository-manager 19 | - matchRegex: 20 | path: metadata.labels.[app.kubernetes.io/name] 21 | pattern: nexus-repository-manager 22 | - matchRegex: 23 | path: metadata.labels.[app.kubernetes.io/version] 24 | pattern: 3\.\d+\.\d+ 25 | - matchRegex: 26 | path: spec.template.metadata.annotations.[checksum/configmap-properties] 27 | pattern: .+ 28 | - equal: 29 | path: spec.replicas 30 | value: 1 31 | - equal: 32 | path: spec.strategy.type 33 | value: Recreate 34 | - matchRegex: 35 | path: spec.template.spec.containers[0].image 36 | pattern: sonatype/nexus3:3\.\d+\.\d+ 37 | - equal: 38 | path: spec.template.spec.containers[0].securityContext 39 | value: 40 | allowPrivilegeEscalation: false 41 | capabilities: 42 | drop: 43 | - ALL 44 | runAsNonRoot: true 45 | seccompProfile: 46 | type: RuntimeDefault 47 | - equal: 48 | path: spec.template.spec.containers[0].imagePullPolicy 49 | value: IfNotPresent 50 | - equal: 51 | path: spec.template.spec.containers[0].env 52 | value: 53 | - name: INSTALL4J_ADD_VM_PARAMS 54 | value: |- 55 | -Xms2703M -Xmx2703M 56 | -XX:MaxDirectMemorySize=2703M 57 | -XX:+UnlockExperimentalVMOptions 58 | -XX:+UseCGroupMemoryLimitForHeap 59 | -Djava.util.prefs.userRoot=/nexus-data/javaprefs 60 | - name: NEXUS_SECURITY_RANDOMPASSWORD 61 | value: "true" 62 | - equal: 63 | path: spec.template.spec.containers[0].ports 64 | value: 65 | - containerPort: 8081 66 | name: nexus-ui 67 | - equal: 68 | path: spec.template.spec.containers[0].livenessProbe 69 | value: 70 | failureThreshold: 6 71 | httpGet: 72 | path: / 73 | port: 8081 74 | initialDelaySeconds: 30 75 | periodSeconds: 30 76 | timeoutSeconds: 10 77 | - equal: 78 | path: spec.template.spec.containers[0].readinessProbe 79 | value: 80 | failureThreshold: 6 81 | httpGet: 82 | path: / 83 | port: 8081 84 | initialDelaySeconds: 30 85 | periodSeconds: 30 86 | timeoutSeconds: 10 87 | - equal: 88 | path: spec.template.spec.containers[0].volumeMounts 89 | value: 90 | - mountPath: /nexus-data 91 | name: nexus-repository-manager-data 92 | - equal: 93 | path: spec.template.spec.volumes 94 | value: 95 | - name: nexus-repository-manager-data 96 | persistentVolumeClaim: 97 | claimName: RELEASE-NAME-nexus-repository-manager-data 98 | - equal: 99 | path: spec.template.spec.securityContext 100 | value: 101 | fsGroup: 200 102 | runAsGroup: 200 103 | runAsUser: 200 104 | 105 | - it: should use our simple values 106 | template: deployment.yaml 107 | set: 108 | deploymentStrategy: my-strategy 109 | imagePullSecrets: 110 | - name: top-secret 111 | asserts: 112 | - hasDocuments: 113 | count: 1 114 | - equal: 115 | path: spec.strategy.type 116 | value: my-strategy 117 | - equal: 118 | path: spec.template.spec.imagePullSecrets 119 | value: 120 | - name: top-secret 121 | -------------------------------------------------------------------------------- /nexus-repository-manager/tests/ingress_test.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | suite: ingress 3 | templates: 4 | - ingress.yaml 5 | tests: 6 | - it: renders with defaults 7 | set: 8 | ingress: 9 | enabled: true 10 | asserts: 11 | - hasDocuments: 12 | count: 1 13 | - isKind: 14 | of: Ingress 15 | - equal: 16 | path: apiVersion 17 | value: networking.k8s.io/v1 18 | - equal: 19 | path: metadata.labels.[app.kubernetes.io/instance] 20 | value: RELEASE-NAME 21 | - equal: 22 | path: metadata.labels.[app.kubernetes.io/managed-by] 23 | value: Helm 24 | - matchRegex: 25 | path: metadata.labels.[app.kubernetes.io/version] 26 | pattern: \d+\.\d+\.\d+ 27 | - matchRegex: 28 | path: metadata.labels.[helm.sh/chart] 29 | pattern: nexus-repository-manager-\d+\.\d+\.\d+ 30 | - equal: 31 | path: metadata.labels.[app.kubernetes.io/name] 32 | value: nexus-repository-manager 33 | - equal: 34 | path: metadata.annotations 35 | value: 36 | nginx.ingress.kubernetes.io/proxy-body-size: "0" 37 | 38 | - documentIndex: 0 39 | equal: 40 | path: metadata.name 41 | value: RELEASE-NAME-nexus-repository-manager 42 | - documentIndex: 0 43 | equal: 44 | path: spec 45 | value: 46 | ingressClassName: nginx 47 | rules: 48 | - host: repo.demo 49 | http: 50 | paths: 51 | - path: / 52 | pathType: Prefix 53 | backend: 54 | service: 55 | name: RELEASE-NAME-nexus-repository-manager 56 | port: 57 | number: 8081 58 | - it: renders a second docker ingress 59 | set: 60 | ingress: 61 | enabled: true 62 | nexus: 63 | docker: 64 | enabled: true 65 | registries: 66 | - host: docker.repo.demo 67 | port: 5000 68 | secretName: registry-secret 69 | asserts: 70 | - hasDocuments: 71 | count: 2 72 | - isKind: 73 | of: Ingress 74 | - equal: 75 | path: apiVersion 76 | value: networking.k8s.io/v1 77 | - equal: 78 | path: metadata.labels.[app.kubernetes.io/instance] 79 | value: RELEASE-NAME 80 | - equal: 81 | path: metadata.labels.[app.kubernetes.io/managed-by] 82 | value: Helm 83 | - matchRegex: 84 | path: metadata.labels.[app.kubernetes.io/version] 85 | pattern: \d+\.\d+\.\d+ 86 | - matchRegex: 87 | path: metadata.labels.[helm.sh/chart] 88 | pattern: nexus-repository-manager-\d+\.\d+\.\d+ 89 | - equal: 90 | path: metadata.labels.[app.kubernetes.io/name] 91 | value: nexus-repository-manager 92 | - equal: 93 | path: metadata.annotations 94 | value: 95 | nginx.ingress.kubernetes.io/proxy-body-size: "0" 96 | 97 | - documentIndex: 0 98 | equal: 99 | path: metadata.name 100 | value: RELEASE-NAME-nexus-repository-manager 101 | - documentIndex: 0 102 | equal: 103 | path: spec 104 | value: 105 | ingressClassName: nginx 106 | rules: 107 | - host: repo.demo 108 | http: 109 | paths: 110 | - path: / 111 | pathType: Prefix 112 | backend: 113 | service: 114 | name: RELEASE-NAME-nexus-repository-manager 115 | port: 116 | number: 8081 117 | - documentIndex: 1 118 | equal: 119 | path: metadata.name 120 | value: RELEASE-NAME-nexus-repository-manager-docker-5000 121 | - documentIndex: 1 122 | equal: 123 | path: spec 124 | value: 125 | ingressClassName: nginx 126 | rules: 127 | - host: docker.repo.demo 128 | http: 129 | paths: 130 | - path: / 131 | pathType: Prefix 132 | backend: 133 | service: 134 | name: RELEASE-NAME-nexus-repository-manager-docker-5000 135 | port: 136 | number: 5000 137 | tls: 138 | - hosts: 139 | - docker.repo.demo 140 | secretName: registry-secret 141 | - it: we can exclude ingressClassName for repo ingress and docker ingress 142 | set: 143 | ingress: 144 | enabled: true 145 | ingressClassName: {} 146 | nexus: 147 | docker: 148 | enabled: true 149 | registries: 150 | - host: docker.repo.demo 151 | port: 5000 152 | secretName: registry-secret 153 | asserts: 154 | - hasDocuments: 155 | count: 2 156 | - isKind: 157 | of: Ingress 158 | - equal: 159 | path: apiVersion 160 | value: networking.k8s.io/v1 161 | - equal: 162 | path: metadata.labels.[app.kubernetes.io/instance] 163 | value: RELEASE-NAME 164 | - equal: 165 | path: metadata.labels.[app.kubernetes.io/managed-by] 166 | value: Helm 167 | - matchRegex: 168 | path: metadata.labels.[app.kubernetes.io/version] 169 | pattern: \d+\.\d+\.\d+ 170 | - matchRegex: 171 | path: metadata.labels.[helm.sh/chart] 172 | pattern: nexus-repository-manager-\d+\.\d+\.\d+ 173 | - equal: 174 | path: metadata.labels.[app.kubernetes.io/name] 175 | value: nexus-repository-manager 176 | - equal: 177 | path: metadata.annotations 178 | value: 179 | nginx.ingress.kubernetes.io/proxy-body-size: "0" 180 | 181 | - documentIndex: 0 182 | equal: 183 | path: metadata.name 184 | value: RELEASE-NAME-nexus-repository-manager 185 | - documentIndex: 0 186 | equal: 187 | path: spec 188 | value: 189 | rules: 190 | - host: repo.demo 191 | http: 192 | paths: 193 | - path: / 194 | pathType: Prefix 195 | backend: 196 | service: 197 | name: RELEASE-NAME-nexus-repository-manager 198 | port: 199 | number: 8081 200 | - documentIndex: 1 201 | equal: 202 | path: metadata.name 203 | value: RELEASE-NAME-nexus-repository-manager-docker-5000 204 | - documentIndex: 1 205 | equal: 206 | path: spec 207 | value: 208 | rules: 209 | - host: docker.repo.demo 210 | http: 211 | paths: 212 | - path: / 213 | pathType: Prefix 214 | backend: 215 | service: 216 | name: RELEASE-NAME-nexus-repository-manager-docker-5000 217 | port: 218 | number: 5000 219 | tls: 220 | - hosts: 221 | - docker.repo.demo 222 | secretName: registry-secret 223 | - it: is disabled by default 224 | asserts: 225 | - hasDocuments: 226 | count: 0 227 | 228 | - it: renders with tls config when provided 229 | set: 230 | ingress: 231 | enabled: true 232 | tls: 233 | - secretName: nexus-tls-local 234 | hosts: 235 | - repo.host 236 | asserts: 237 | - equal: 238 | path: spec.tls 239 | value: 240 | - secretName: nexus-tls-local 241 | hosts: 242 | - repo.host 243 | -------------------------------------------------------------------------------- /nexus-repository-manager/values.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | statefulset: 3 | # This is not supported 4 | enabled: false 5 | deploymentStrategy: Recreate 6 | image: 7 | # Sonatype Official Public Image 8 | repository: sonatype/nexus3 9 | tag: 3.64.0 10 | pullPolicy: IfNotPresent 11 | imagePullSecrets: 12 | # for image registries that require login, specify the name of the existing 13 | # kubernetes secret 14 | # - name: 15 | 16 | nexus: 17 | docker: 18 | enabled: false 19 | # registries: 20 | # - host: chart.local 21 | # port: 5000 22 | # secretName: registry-secret 23 | env: 24 | # minimum recommended memory settings for a small, person instance from 25 | # https://help.sonatype.com/repomanager3/product-information/system-requirements 26 | - name: INSTALL4J_ADD_VM_PARAMS 27 | value: |- 28 | -Xms2703M -Xmx2703M 29 | -XX:MaxDirectMemorySize=2703M 30 | -XX:+UnlockExperimentalVMOptions 31 | -XX:+UseCGroupMemoryLimitForHeap 32 | -Djava.util.prefs.userRoot=/nexus-data/javaprefs 33 | - name: NEXUS_SECURITY_RANDOMPASSWORD 34 | value: "true" 35 | properties: 36 | override: false 37 | data: 38 | nexus.scripts.allowCreation: true 39 | # See this article for ldap configuratioon options https://support.sonatype.com/hc/en-us/articles/216597138-Setting-Advanced-LDAP-Connection-Properties-in-Nexus-Repository-Manager 40 | # nexus.ldap.env.java.naming.security.authentication: simple 41 | # nodeSelector: 42 | # cloud.google.com/gke-nodepool: default-pool 43 | resources: 44 | # minimum recommended memory settings for a small, person instance from 45 | # https://help.sonatype.com/repomanager3/product-information/system-requirements 46 | # requests: 47 | # cpu: 4 48 | # memory: 8Gi 49 | # limits: 50 | # cpu: 4 51 | # memory: 8Gi 52 | 53 | # The ports should only be changed if the nexus image uses a different port 54 | nexusPort: 8081 55 | 56 | # Default the pods UID and GID to match the nexus3 container. 57 | # Customize or remove these values from the securityContext as appropriate for 58 | # your deployment environment. 59 | securityContext: 60 | runAsUser: 200 61 | runAsGroup: 200 62 | fsGroup: 200 63 | podAnnotations: {} 64 | livenessProbe: 65 | initialDelaySeconds: 30 66 | periodSeconds: 30 67 | failureThreshold: 6 68 | timeoutSeconds: 10 69 | path: / 70 | readinessProbe: 71 | initialDelaySeconds: 30 72 | periodSeconds: 30 73 | failureThreshold: 6 74 | timeoutSeconds: 10 75 | path: / 76 | # hostAliases allows the modification of the hosts file inside a container 77 | hostAliases: [] 78 | # - ip: "192.168.1.10" 79 | # hostnames: 80 | # - "example.com" 81 | # - "www.example.com" 82 | 83 | nameOverride: "" 84 | fullnameOverride: "" 85 | 86 | deployment: 87 | # # Add annotations in deployment to enhance deployment configurations 88 | annotations: {} 89 | # # Add init containers. e.g. to be used to give specific permissions for nexus-data. 90 | # # Add your own init container or uncomment and modify the given example. 91 | initContainers: 92 | # - name: fmp-volume-permission 93 | # image: busybox 94 | # imagePullPolicy: IfNotPresent 95 | # command: ['chown','-R', '200', '/nexus-data'] 96 | # volumeMounts: 97 | # - name: nexus-data 98 | # mountPath: /nexus-data 99 | # Uncomment and modify this to run a command after starting the nexus container. 100 | postStart: 101 | command: # '["/bin/sh", "-c", "ls"]' 102 | preStart: 103 | command: # '["/bin/rm", "-f", "/path/to/lockfile"]' 104 | terminationGracePeriodSeconds: 120 105 | additionalContainers: 106 | additionalVolumes: 107 | additionalVolumeMounts: 108 | 109 | ingress: 110 | enabled: false 111 | ingressClassName: nginx 112 | annotations: 113 | nginx.ingress.kubernetes.io/proxy-body-size: "0" 114 | hostPath: / 115 | hostRepo: repo.demo 116 | # tls: 117 | # - secretName: nexus-local-tls 118 | # hosts: 119 | # - repo.demo 120 | 121 | 122 | service: 123 | name: nexus3 124 | enabled: true 125 | labels: {} 126 | annotations: {} 127 | type: ClusterIP 128 | 129 | 130 | route: 131 | enabled: false 132 | name: docker 133 | portName: docker 134 | labels: 135 | annotations: 136 | # path: /docker 137 | 138 | nexusProxyRoute: 139 | enabled: false 140 | labels: 141 | annotations: 142 | # path: /nexus 143 | 144 | persistence: 145 | enabled: true 146 | accessMode: ReadWriteOnce 147 | ## If defined, storageClass: 148 | ## If set to "-", storageClass: "", which disables dynamic provisioning 149 | ## If undefined (the default) or set to null, no storageClass spec is 150 | ## set, choosing the default provisioner. (gp2 on AWS, standard on 151 | ## GKE, AWS & OpenStack) 152 | ## 153 | # existingClaim: 154 | # annotations: 155 | # "helm.sh/resource-policy": keep 156 | # storageClass: "-" 157 | storageSize: 8Gi 158 | # If PersistentDisk already exists you can create a PV for it by including the 2 following keypairs. 159 | # pdName: nexus-data-disk 160 | # fsType: ext4 161 | 162 | tolerations: [] 163 | 164 | # Enable configmap and add data in configmap 165 | config: 166 | enabled: false 167 | mountPath: /sonatype-nexus-conf 168 | data: [] 169 | 170 | # # To use an additional secret, set enable to true and add data 171 | secret: 172 | enabled: false 173 | mountPath: /etc/secret-volume 174 | readOnly: true 175 | data: [] 176 | 177 | serviceAccount: 178 | # Specifies whether a service account should be created 179 | create: true 180 | # Annotations to add to the service account 181 | annotations: {} 182 | # The name of the service account to use. 183 | # If not set and create is true, a name is generated using the fullname template 184 | name: "" 185 | -------------------------------------------------------------------------------- /nxrm-aws-resiliency/Chart.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v2 2 | name: nxrm-aws-resiliency 3 | # The nxrm-aws-resiliency chart is deprecated and no longer maintained 4 | deprecated: true 5 | description: DEPRECATED Resilient AWS Deployment of Sonatype Nexus Repository Manager - Universal Binary repository 6 | 7 | # A chart can be either an 'application' or a 'library' chart. 8 | # 9 | # Application charts are a collection of templates that can be packaged into versioned archives 10 | # to be deployed. 11 | # 12 | # Library charts provide useful utilities or functions for the chart developer. They're included as 13 | # a dependency of application charts to inject those utilities and functions into the rendering 14 | # pipeline. Library charts do not define any templates and therefore cannot be deployed. 15 | type: application 16 | 17 | # This is the chart version. This version number should be incremented each time you make changes 18 | # to the chart and its templates, including the app version. 19 | # Versions are expected to follow Semantic Versioning (https://semver.org/) 20 | version: 64.2.0 21 | 22 | # This is the version number of the application being deployed. This version number should be 23 | # incremented each time you make changes to the application. Versions are not expected to 24 | # follow Semantic Versioning. They should reflect the version the application is using. 25 | # It is recommended to use it with quotes. 26 | appVersion: 3.64.0 27 | 28 | keywords: 29 | - artifacts 30 | - dependency 31 | - management 32 | - sonatype 33 | - nexus 34 | - repository 35 | - quickstart 36 | - ci 37 | - repository-manager 38 | - nexus3 39 | home: https://www.sonatype.com/nexus-repository-oss 40 | icon: https://sonatype.github.io/helm3-charts/NexusRepo_Vertical.svg 41 | 42 | -------------------------------------------------------------------------------- /nxrm-aws-resiliency/LICENSE: -------------------------------------------------------------------------------- 1 | Copyright (c) 2020-present Sonatype, Inc. 2 | 3 | Licensed under the Apache License, Version 2.0 (the "License"); 4 | you may not use this file except in compliance with the License. 5 | You may obtain a copy of the License at 6 | 7 | http://www.apache.org/licenses/LICENSE-2.0 8 | 9 | Unless required by applicable law or agreed to in writing, software 10 | distributed under the License is distributed on an "AS IS" BASIS, 11 | WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | See the License for the specific language governing permissions and 13 | limitations under the License. 14 | -------------------------------------------------------------------------------- /nxrm-aws-resiliency/README.md: -------------------------------------------------------------------------------- 1 | 15 | # ⚠️ Archive Notice 16 | 17 | As of February 9, 2024, we now provide one [HA/Resiliency Helm Chart](https://github.com/sonatype/nxrm3-ha-repository/tree/main/nxrm-ha) that supports both high availability and resilient deployments in AWS, Azure, or on-premises in a Kubernetes cluster. This is our only supported Helm chart for deploying Sonatype Nexus Repository; it requires a PostgreSQL database and a Pro license. 18 | 19 | # Helm Chart Instructions 20 | 21 | See the [HA/Resiliency Helm Chart in GitHub](https://github.com/sonatype/nxrm3-ha-repository/tree/main/nxrm-ha) for details on the new combined Helm chart. 22 | Detailed Help instructions are also available at the following locations: 23 | * [Single-Node Cloud Resilient Example Using AWS] (https://help.sonatype.com/en/single-node-cloud-resilient-deployment-example-using-aws.html) 24 | * [Single-Node Cloud Resilient Example Using Azure] (https://help.sonatype.com/en/single-node-cloud-resilient-deployment-example-using-azure.html) 25 | * [Single Data Center On-Premises Resilient Example Using Kubernetes] (https://help.sonatype.com/en/single-data-center-on-premises-deployment-example-using-kubernetes.html) 26 | * [High Availability Deployment in AWS] (https://help.sonatype.com/en/option-3---high-availability-deployment-in-amazon-web-services--aws-.html) 27 | * [High Availability Deployment in Azure] (https://help.sonatype.com/en/option-4---high-availability-deployment-in-azure.html) 28 | * [On-Premises High Availability Deployment Using Kubernetes] (https://help.sonatype.com/en/option-2---on-premises-high-availability-deployment-using-kubernetes.html) 29 | Detailed Help instructions are also available at the following locations: 30 | * [Single-Node Cloud Resilient Example Using AWS] (https://help.sonatype.com/en/single-node-cloud-resilient-deployment-example-using-aws.html) 31 | * [Single-Node Cloud Resilient Example Using Azure] (https://help.sonatype.com/en/single-node-cloud-resilient-deployment-example-using-azure.html) 32 | * [Single Data Center On-Premises Resilient Example Using Kubernetes] (https://help.sonatype.com/en/single-data-center-on-premises-deployment-example-using-kubernetes.html) 33 | * [High Availability Deployment in AWS] (https://help.sonatype.com/en/option-3---high-availability-deployment-in-amazon-web-services--aws-.html) 34 | * [High Availability Deployment in Azure] (https://help.sonatype.com/en/option-4---high-availability-deployment-in-azure.html) 35 | * [On-Premises High Availability Deployment Using Kubernetes] (https://help.sonatype.com/en/option-2---on-premises-high-availability-deployment-using-kubernetes.html) 36 | -------------------------------------------------------------------------------- /nxrm-aws-resiliency/templates/NOTES.txt: -------------------------------------------------------------------------------- 1 | Thank you for installing {{ .Chart.Name }}. 2 | -------------------------------------------------------------------------------- /nxrm-aws-resiliency/templates/deployment.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: apps/v1 2 | kind: Deployment 3 | metadata: 4 | name: {{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-{{ .Values.deployment.name }} 5 | namespace: {{ .Values.namespaces.nexusNs }} 6 | labels: 7 | app: nxrm 8 | spec: 9 | replicas: 1 10 | selector: 11 | matchLabels: 12 | app: nxrm 13 | template: 14 | metadata: 15 | labels: 16 | app: nxrm 17 | spec: 18 | serviceAccountName: {{ .Values.serviceAccount.name }} 19 | initContainers: 20 | # chown nexus-data to 'nexus' user and init log directories/files for a new pod 21 | # otherwise the side car containers will crash a couple of times and backoff whilst waiting 22 | # for nxrm-app to start and this increases the total start up time. 23 | - name: chown-nexusdata-owner-to-nexus-and-init-log-dir 24 | image: {{ .Values.deployment.initContainer.image.repository }}:{{ .Values.deployment.initContainer.image.tag }} 25 | command: [/bin/sh] 26 | args: 27 | - -c 28 | - >- 29 | mkdir -p /nexus-data/etc/logback && 30 | mkdir -p /nexus-data/log/tasks && 31 | mkdir -p /nexus-data/log/audit && 32 | touch -a /nexus-data/log/tasks/allTasks.log && 33 | touch -a /nexus-data/log/audit/audit.log && 34 | touch -a /nexus-data/log/request.log && 35 | chown -R '200:200' /nexus-data 36 | volumeMounts: 37 | - name: nexusdata 38 | mountPath: /nexus-data 39 | containers: 40 | - name: nxrm-app 41 | image: {{ .Values.deployment.container.image.repository }}:{{ .Values.deployment.container.image.tag }} 42 | securityContext: 43 | runAsUser: 200 44 | imagePullPolicy: {{ .Values.deployment.container.pullPolicy }} 45 | ports: 46 | - containerPort: {{ .Values.deployment.container.containerPort }} 47 | env: 48 | - name: DB_NAME 49 | value: "{{ .Values.deployment.container.env.nexusDBName }}" 50 | - name: DB_PASSWORD 51 | valueFrom: 52 | secretKeyRef: 53 | name: nxrm-db-secret 54 | key: db-password 55 | - name: DB_USER 56 | valueFrom: 57 | secretKeyRef: 58 | name: nxrm-db-secret 59 | key: db-user 60 | - name: DB_HOST 61 | valueFrom: 62 | secretKeyRef: 63 | name: nxrm-db-secret 64 | key: db-host 65 | - name: NEXUS_SECURITY_INITIAL_PASSWORD 66 | valueFrom: 67 | secretKeyRef: 68 | name: nxrm-admin-secret 69 | key: nexus-admin-password 70 | - name: NEXUS_SECURITY_RANDOMPASSWORD 71 | value: "false" 72 | - name: INSTALL4J_ADD_VM_PARAMS 73 | value: "{{ .Values.deployment.container.env.install4jAddVmParams }} -Dnexus.licenseFile=/nxrm-secrets/{{ .Values.secret.license.alias }} \ 74 | -Dnexus.datastore.enabled=true -Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs \ 75 | -Dnexus.datastore.nexus.jdbcUrl=jdbc:postgresql://${DB_HOST}:{{ .Values.deployment.container.env.nexusDBPort }}/${DB_NAME} \ 76 | -Dnexus.datastore.nexus.username=${DB_USER} \ 77 | -Dnexus.datastore.nexus.password=${DB_PASSWORD}" 78 | volumeMounts: 79 | - mountPath: /nxrm-secrets 80 | name: nxrm-secrets 81 | - name: nexusdata 82 | mountPath: /nexus-data 83 | - name: logback-tasklogfile-override 84 | mountPath: /nexus-data/etc/logback/logback-tasklogfile-appender-override.xml 85 | subPath: logback-tasklogfile-appender-override.xml 86 | - name: request-log 87 | image: {{ .Values.deployment.requestLogContainer.image.repository }}:{{ .Values.deployment.requestLogContainer.image.tag }} 88 | args: [/bin/sh, -c, 'tail -n+1 -F /nexus-data/log/request.log'] 89 | volumeMounts: 90 | - name: nexusdata 91 | mountPath: /nexus-data 92 | - name: audit-log 93 | image: {{ .Values.deployment.auditLogContainer.image.repository }}:{{ .Values.deployment.auditLogContainer.image.tag }} 94 | args: [/bin/sh, -c, 'tail -n+1 -F /nexus-data/log/audit/audit.log'] 95 | volumeMounts: 96 | - name: nexusdata 97 | mountPath: /nexus-data 98 | - name: tasks-log 99 | image: {{ .Values.deployment.taskLogContainer.image.repository }}:{{ .Values.deployment.taskLogContainer.image.tag }} 100 | args: [/bin/sh, -c, 'tail -n+1 -F /nexus-data/log/tasks/allTasks.log'] 101 | volumeMounts: 102 | - name: nexusdata 103 | mountPath: /nexus-data 104 | volumes: 105 | - name: nexusdata 106 | persistentVolumeClaim: 107 | claimName: {{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-ebs-claim 108 | - name: nxrm-secrets 109 | csi: 110 | driver: secrets-store.csi.k8s.io 111 | readOnly: true 112 | volumeAttributes: 113 | secretProviderClass: {{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-secret 114 | fsType: ext4 115 | - name: logback-tasklogfile-override 116 | configMap: 117 | name: {{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-logback-tasklogfile-override 118 | items: 119 | - key: logback-tasklogfile-appender-override.xml 120 | path: logback-tasklogfile-appender-override.xml 121 | -------------------------------------------------------------------------------- /nxrm-aws-resiliency/templates/external-dns-rbac.yml: -------------------------------------------------------------------------------- 1 | {{- if .Values.externaldns.enabled }} 2 | apiVersion: rbac.authorization.k8s.io/v1 3 | kind: ClusterRole 4 | metadata: 5 | name: external-dns 6 | namespace: {{ .Values.namespaces.externaldnsNs }} 7 | labels: 8 | app.kubernetes.io/name: external-dns 9 | rules: 10 | - apiGroups: [""] 11 | resources: ["services","endpoints","pods","nodes"] 12 | verbs: ["get","watch","list"] 13 | - apiGroups: ["extensions","networking.k8s.io"] 14 | resources: ["ingresses"] 15 | verbs: ["get","watch","list"] 16 | --- 17 | apiVersion: rbac.authorization.k8s.io/v1 18 | kind: ClusterRoleBinding 19 | metadata: 20 | name: external-dns-viewer 21 | namespace: {{ .Values.namespaces.externaldnsNs }} 22 | labels: 23 | app.kubernetes.io/name: external-dns 24 | roleRef: 25 | apiGroup: rbac.authorization.k8s.io 26 | kind: ClusterRole 27 | name: external-dns 28 | subjects: 29 | - kind: ServiceAccount 30 | name: {{ .Values.serviceAccount.externaldns.name }} 31 | namespace: {{ .Values.namespaces.externaldnsNs }} 32 | --- 33 | apiVersion: apps/v1 34 | kind: Deployment 35 | metadata: 36 | name: external-dns 37 | namespace: {{ .Values.namespaces.externaldnsNs }} 38 | labels: 39 | app.kubernetes.io/name: external-dns 40 | spec: 41 | strategy: 42 | type: Recreate 43 | selector: 44 | matchLabels: 45 | app.kubernetes.io/name: external-dns 46 | template: 47 | metadata: 48 | labels: 49 | app.kubernetes.io/name: external-dns 50 | spec: 51 | serviceAccountName: external-dns 52 | containers: 53 | - name: external-dns 54 | image: k8s.gcr.io/external-dns/external-dns:v0.11.0 55 | args: 56 | - --source=service 57 | - --source=ingress 58 | - --domain-filter={{ .Values.externaldns.domainFilter }} # will make ExternalDNS see only the hosted zones matching provided domain, omit to process all available hosted zones 59 | - --provider=aws 60 | - --policy=upsert-only # would prevent ExternalDNS from deleting any records, omit to enable full synchronization 61 | - --aws-zone-type={{ .Values.externaldns.awsZoneType }} # only look at public hosted zones (valid values are public, private or no value for both) 62 | - --registry=txt 63 | - --txt-owner-id=external-dns 64 | env: 65 | - name: AWS_DEFAULT_REGION 66 | value: {{ .Values.deployment.clusterRegion }} 67 | {{- end }} 68 | -------------------------------------------------------------------------------- /nxrm-aws-resiliency/templates/fluent-bit.yaml: -------------------------------------------------------------------------------- 1 | {{- if .Values.fluentbit.enabled -}} 2 | apiVersion: v1 3 | kind: ServiceAccount 4 | metadata: 5 | name: {{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-fluent-bit 6 | namespace: {{ .Values.namespaces.cloudwatchNs }} 7 | --- 8 | apiVersion: rbac.authorization.k8s.io/v1 9 | kind: ClusterRole 10 | metadata: 11 | name: {{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-fluent-bit-role 12 | rules: 13 | - nonResourceURLs: 14 | - /metrics 15 | verbs: 16 | - get 17 | - apiGroups: [""] 18 | resources: 19 | - namespaces 20 | - pods 21 | - pods/logs 22 | verbs: ["get", "list", "watch"] 23 | --- 24 | apiVersion: rbac.authorization.k8s.io/v1 25 | kind: ClusterRoleBinding 26 | metadata: 27 | name: {{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-fluent-bit-role-binding 28 | roleRef: 29 | apiGroup: rbac.authorization.k8s.io 30 | kind: ClusterRole 31 | name: {{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-fluent-bit-role 32 | subjects: 33 | - kind: ServiceAccount 34 | name: {{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-fluent-bit 35 | namespace: {{ .Values.namespaces.cloudwatchNs }} 36 | --- 37 | apiVersion: v1 38 | kind: ConfigMap 39 | metadata: 40 | name: fluent-bit-cluster-info 41 | namespace: {{ .Values.namespaces.cloudwatchNs }} 42 | data: 43 | cluster.name: {{ .Values.deployment.clusterName }} 44 | http.server: "On" 45 | http.port: "2020" 46 | read.head: "Off" 47 | read.tail: "On" 48 | logs.region: {{ .Values.deployment.logsRegion }} 49 | --- 50 | apiVersion: v1 51 | kind: ConfigMap 52 | metadata: 53 | name: {{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-fluent-bit-config 54 | namespace: {{ .Values.namespaces.cloudwatchNs }} 55 | labels: 56 | k8s-app: fluent-bit 57 | data: 58 | fluent-bit.conf: | 59 | [SERVICE] 60 | Flush 5 61 | Log_Level info 62 | Daemon off 63 | Parsers_File parsers.conf 64 | HTTP_Server ${HTTP_SERVER} 65 | HTTP_Listen 0.0.0.0 66 | HTTP_Port ${HTTP_PORT} 67 | storage.path /var/fluent-bit/state/flb-storage/ 68 | storage.sync normal 69 | storage.checksum off 70 | storage.backlog.mem_limit 5M 71 | 72 | @INCLUDE nexus-log.conf 73 | @INCLUDE nexus-request-log.conf 74 | @INCLUDE nexus-audit-log.conf 75 | @INCLUDE nexus-tasks-log.conf 76 | 77 | nexus-log.conf: | 78 | [INPUT] 79 | Name tail 80 | Tag nexus.nexus-log 81 | Path /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-{{ .Values.deployment.name }}*{{ .Values.namespaces.nexusNs }}_nxrm-app-*.log 82 | Parser docker 83 | DB /var/fluent-bit/state/flb_container.db 84 | Mem_Buf_Limit 5MB 85 | Skip_Long_Lines Off 86 | Refresh_Interval 10 87 | Rotate_Wait 30 88 | storage.type filesystem 89 | Read_from_Head ${READ_FROM_HEAD} 90 | 91 | [FILTER] 92 | Name kubernetes 93 | Match nexus.nexus-log 94 | Kube_URL https://kubernetes.default.svc:443 95 | Kube_Tag_Prefix application.var.log.containers. 96 | Merge_Log On 97 | Merge_Log_Key log_processed 98 | K8S-Logging.Parser On 99 | K8S-Logging.Exclude Off 100 | Labels Off 101 | Annotations Off 102 | 103 | [OUTPUT] 104 | Name cloudwatch_logs 105 | Match nexus.nexus-log 106 | region ${AWS_REGION} 107 | log_group_name /aws/containerinsights/${CLUSTER_NAME}/nexus-logs 108 | log_stream_prefix ${HOST_NAME}-nexus.log- 109 | auto_create_group true 110 | extra_user_agent container-insights 111 | 112 | nexus-request-log.conf: | 113 | [INPUT] 114 | Name tail 115 | Tag nexus.request-log 116 | Path /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-{{ .Values.deployment.name }}*{{ .Values.namespaces.nexusNs }}_request-log-*.log 117 | Parser docker 118 | DB /var/fluent-bit/state/flb_container.db 119 | Mem_Buf_Limit 5MB 120 | Skip_Long_Lines Off 121 | Refresh_Interval 10 122 | Rotate_Wait 30 123 | storage.type filesystem 124 | Read_from_Head ${READ_FROM_HEAD} 125 | 126 | [FILTER] 127 | Name kubernetes 128 | Match nexus.request-log 129 | Kube_URL https://kubernetes.default.svc:443 130 | Kube_Tag_Prefix application.var.log.containers. 131 | Merge_Log On 132 | Merge_Log_Key log_processed 133 | K8S-Logging.Parser On 134 | K8S-Logging.Exclude Off 135 | Labels Off 136 | Annotations Off 137 | 138 | [OUTPUT] 139 | Name cloudwatch_logs 140 | Match nexus.request-log 141 | region ${AWS_REGION} 142 | log_group_name /aws/containerinsights/${CLUSTER_NAME}/nexus-logs 143 | log_stream_prefix ${HOST_NAME}-request.log- 144 | auto_create_group true 145 | extra_user_agent container-insights 146 | 147 | nexus-audit-log.conf: | 148 | [INPUT] 149 | Name tail 150 | Tag nexus.audit-log 151 | Path /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-{{ .Values.deployment.name }}*{{ .Values.namespaces.nexusNs }}_audit-log-*.log 152 | Parser docker 153 | DB /var/fluent-bit/state/flb_container.db 154 | Mem_Buf_Limit 5MB 155 | Skip_Long_Lines Off 156 | Refresh_Interval 10 157 | Rotate_Wait 30 158 | storage.type filesystem 159 | Read_from_Head ${READ_FROM_HEAD} 160 | 161 | [FILTER] 162 | Name kubernetes 163 | Match nexus.audit-log 164 | Kube_URL https://kubernetes.default.svc:443 165 | Kube_Tag_Prefix application.var.log.containers. 166 | Merge_Log On 167 | Merge_Log_Key log_processed 168 | K8S-Logging.Parser On 169 | K8S-Logging.Exclude Off 170 | Labels Off 171 | Annotations Off 172 | 173 | [OUTPUT] 174 | Name cloudwatch_logs 175 | Match nexus.audit-log 176 | region ${AWS_REGION} 177 | log_group_name /aws/containerinsights/${CLUSTER_NAME}/nexus-logs 178 | log_stream_prefix ${HOST_NAME}-audit.log- 179 | auto_create_group true 180 | extra_user_agent container-insights 181 | 182 | nexus-tasks-log.conf: | 183 | [INPUT] 184 | Name tail 185 | Tag nexus.tasks-log 186 | Path /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-{{ .Values.deployment.name }}*{{ .Values.namespaces.nexusNs }}_tasks-log-*.log 187 | Parser docker 188 | DB /var/fluent-bit/state/flb_container.db 189 | Mem_Buf_Limit 5MB 190 | Skip_Long_Lines Off 191 | Refresh_Interval 10 192 | Rotate_Wait 30 193 | storage.type filesystem 194 | Read_from_Head ${READ_FROM_HEAD} 195 | 196 | [FILTER] 197 | Name kubernetes 198 | Match nexus.tasks-log 199 | Kube_URL https://kubernetes.default.svc:443 200 | Kube_Tag_Prefix application.var.log.containers. 201 | Merge_Log On 202 | Merge_Log_Key log_processed 203 | K8S-Logging.Parser On 204 | K8S-Logging.Exclude Off 205 | Labels Off 206 | Annotations Off 207 | 208 | [OUTPUT] 209 | Name cloudwatch_logs 210 | Match nexus.tasks-log 211 | region ${AWS_REGION} 212 | log_group_name /aws/containerinsights/${CLUSTER_NAME}/nexus-logs 213 | log_stream_prefix ${HOST_NAME}-tasks.log- 214 | auto_create_group true 215 | extra_user_agent container-insights 216 | 217 | parsers.conf: | 218 | [PARSER] 219 | Name docker 220 | Format json 221 | Time_Key time 222 | Time_Format %Y-%m-%dT%H:%M:%S.%LZ 223 | 224 | [PARSER] 225 | Name syslog 226 | Format regex 227 | Regex ^(?