From 73cf5a390ddecd818ba8d772d071ba590cd0f5cb Mon Sep 17 00:00:00 2001 From: Sergiy Kulanov Date: Wed, 13 Dec 2023 15:41:45 +0200 Subject: [PATCH] operator [N] [CI] nexus-operator (3.0.0) --- .../3.0.0/manifests/edp.epam.com_nexuses.yaml | 74 + .../edp.epam.com_nexusrepositories.yaml | 4391 +++++++++++++++++ .../manifests/edp.epam.com_nexusroles.yaml | 100 + .../manifests/edp.epam.com_nexususers.yaml | 123 + .../nexus-operator.clusterserviceversion.yaml | 443 ++ .../3.0.0/metadata/annotations.yaml | 14 + .../3.0.0/tests/scorecard/config.yaml | 70 + operators/nexus-operator/ci.yaml | 9 + 8 files changed, 5224 insertions(+) create mode 100644 operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexuses.yaml create mode 100644 operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusrepositories.yaml create mode 100644 operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusroles.yaml create mode 100644 operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexususers.yaml create mode 100644 operators/nexus-operator/3.0.0/manifests/nexus-operator.clusterserviceversion.yaml create mode 100644 operators/nexus-operator/3.0.0/metadata/annotations.yaml create mode 100644 operators/nexus-operator/3.0.0/tests/scorecard/config.yaml create mode 100644 operators/nexus-operator/ci.yaml diff --git a/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexuses.yaml b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexuses.yaml new file mode 100644 index 00000000000..35b54d80cfb --- /dev/null +++ b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexuses.yaml @@ -0,0 +1,74 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + name: nexuses.edp.epam.com +spec: + group: edp.epam.com + names: + kind: Nexus + listKind: NexusList + plural: nexuses + singular: nexus + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Is connected to nexus + jsonPath: .status.connected + name: Connected + type: boolean + name: v1alpha1 + schema: + openAPIV3Schema: + description: Nexus is the Schema for the nexus API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NexusSpec defines the desired state of Nexus. + properties: + secret: + description: Secret is the name of the k8s object Secret related to + nexus. Secret should contain a user field with a nexus username + and a password field with a nexus password. + type: string + url: + description: Url is the url of nexus instance. + type: string + required: + - secret + - url + type: object + status: + description: NexusStatus defines the observed state of Nexus. + properties: + connected: + description: Connected shows if operator is connected to nexus. + type: boolean + error: + description: Error represents error message if something went wrong. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusrepositories.yaml b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusrepositories.yaml new file mode 100644 index 00000000000..f171724487e --- /dev/null +++ b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusrepositories.yaml @@ -0,0 +1,4391 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + name: nexusrepositories.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusRepository + listKind: NexusRepositoryList + plural: nexusrepositories + singular: nexusrepository + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusRepository is the Schema for the nexusrepositories API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NexusRepositorySpec defines the desired state of NexusRepository. + properties: + apt: + properties: + hosted: + properties: + apt: + description: Apt contains data of hosted repositories of format + Apt. + properties: + distribution: + description: Distribution to fetch + type: string + required: + - distribution + type: object + aptSigning: + description: AptSigning contains signing data of hosted repositores + of format Apt. + properties: + keypair: + description: PGP signing key pair (armored private key + e.g. gpg --export-secret-key --armor) + type: string + passphrase: + description: Passphrase to access PGP signing key + type: string + required: + - keypair + type: object + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - apt + - aptSigning + - name + type: object + proxy: + properties: + apt: + description: Apt configuration. + properties: + distribution: + description: Distribution to fetch. + type: string + flat: + default: false + description: Whether this repository is flat. + type: boolean + required: + - distribution + type: object + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - apt + - name + - proxy + type: object + type: object + bower: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + bower: + properties: + rewritePackageUrls: + description: Whether to force Bower to retrieve packages + through this proxy repository + type: boolean + required: + - rewritePackageUrls + type: object + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - bower + - name + - proxy + type: object + type: object + cocoapods: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + conan: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + conda: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + docker: + properties: + group: + properties: + docker: + description: Docker contains data of a Docker Repositoriy. + properties: + forceBasicAuth: + description: Whether to force authentication (Docker Bearer + Token Realm required if false) + type: boolean + httpPort: + description: Create an HTTP connector at specified port + type: integer + httpsPort: + description: Create an HTTPS connector at specified port + type: integer + v1Enabled: + description: Whether to allow clients to use the V1 API + to interact with this repository + type: boolean + required: + - forceBasicAuth + - v1Enabled + type: object + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + writableMember: + description: 'Pro-only: This field is for the Group Deployment + feature available in NXRM Pro.' + type: string + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - docker + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + docker: + description: Docker contains data of a Docker Repositoriy. + properties: + forceBasicAuth: + description: Whether to force authentication (Docker Bearer + Token Realm required if false) + type: boolean + httpPort: + description: Create an HTTP connector at specified port + type: integer + httpsPort: + description: Create an HTTPS connector at specified port + type: integer + v1Enabled: + description: Whether to allow clients to use the V1 API + to interact with this repository + type: boolean + required: + - forceBasicAuth + - v1Enabled + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - docker + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + docker: + description: Docker contains data of a Docker Repositoriy. + properties: + forceBasicAuth: + description: Whether to force authentication (Docker Bearer + Token Realm required if false) + type: boolean + httpPort: + description: Create an HTTP connector at specified port + type: integer + httpsPort: + description: Create an HTTPS connector at specified port + type: integer + v1Enabled: + description: Whether to allow clients to use the V1 API + to interact with this repository + type: boolean + required: + - forceBasicAuth + - v1Enabled + type: object + dockerProxy: + description: DockerProxy contains data of a Docker Proxy Repository. + properties: + indexType: + default: REGISTRY + description: Type of Docker Index. + enum: + - HUB + - REGISTRY + - CUSTOM + type: string + indexUrl: + description: 'Url of Docker Index to use. TODO: add cel + validation. (Required if indexType is CUSTOM)' + type: string + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - docker + - dockerProxy + - name + - proxy + type: object + type: object + gitLfs: + properties: + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + type: object + go: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + helm: + properties: + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + maven: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + maven: + description: Maven contains additional data of maven repository. + properties: + contentDisposition: + default: INLINE + description: Add Content-Disposition header as 'Attachment' + to disable some content from being inline in a browser. + enum: + - INLINE + - ATTACHMENT + type: string + layoutPolicy: + default: STRICT + description: Validate that all paths are maven artifact + or metadata paths. + enum: + - STRICT + - PERMISSIVE + type: string + versionPolicy: + default: RELEASE + description: VersionPolicy is a type of artifact that + this repository stores. + enum: + - RELEASE + - SNAPSHOT + - MIXED + type: string + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - maven + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthenticationWithPreemptive contains + HTTP client authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + type: string + preemptive: + description: Whether to use pre-emptive authentication. + Use with caution. Defaults to false. + type: boolean + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Whether to block outbound connections on + the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + maven: + default: + contentDisposition: INLINE + layoutPolicy: STRICT + versionPolicy: RELEASE + description: Maven contains additional data of maven repository. + properties: + contentDisposition: + default: INLINE + description: Add Content-Disposition header as 'Attachment' + to disable some content from being inline in a browser. + enum: + - INLINE + - ATTACHMENT + type: string + layoutPolicy: + default: STRICT + description: Validate that all paths are maven artifact + or metadata paths. + enum: + - STRICT + - PERMISSIVE + type: string + versionPolicy: + default: RELEASE + description: VersionPolicy is a type of artifact that + this repository stores. + enum: + - RELEASE + - SNAPSHOT + - MIXED + type: string + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + npm: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + npm: + properties: + removeNonCataloged: + description: Remove Non-Cataloged Versions + type: boolean + removeQuarantined: + description: Remove Quarantined Versions + type: boolean + required: + - removeNonCataloged + - removeQuarantined + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + nuget: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + nugetProxy: + description: NugetProxy contains data specific to proxy repositories + of format Nuget. + properties: + nugetVersion: + default: V3 + description: NugetVersion is the used Nuget protocol version. + enum: + - V2 + - V3 + type: string + queryCacheItemMaxAge: + default: 3600 + description: How long to cache query results from the + proxied repository (in seconds) + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - nugetProxy + - proxy + type: object + type: object + p2: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + pypi: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + r: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + raw: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + raw: + properties: + contentDisposition: + description: 'TODO: check default value' + enum: + - INLINE + - ATTACHMENT + type: string + type: object + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + raw: + properties: + contentDisposition: + description: 'TODO: check default value' + enum: + - INLINE + - ATTACHMENT + type: string + type: object + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + raw: + properties: + contentDisposition: + description: 'TODO: check default value' + enum: + - INLINE + - ATTACHMENT + type: string + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + rubyGems: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + yum: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + yumSigning: + properties: + keypair: + description: PGP signing key pair (armored private key + e.g. gpg --export-secret-key --armor) + type: string + passphrase: + description: Passphrase to access PGP signing key + type: string + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + yum: + description: Yum contains data of hosted repositories of format + Yum. + properties: + deployPolicy: + description: 'TODO: check default value' + enum: + - PERMISSIVE + - STRICT + type: string + repodataDepth: + type: integer + required: + - repodataDepth + type: object + required: + - name + - yum + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: Components that match any of the applied + policies will be deleted. + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: A unique identifier for this repository. Only + letters, digits, underscores(_), hyphens(-), and dots(.) + are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + yumSigning: + properties: + keypair: + description: PGP signing key pair (armored private key + e.g. gpg --export-secret-key --armor) + type: string + passphrase: + description: Passphrase to access PGP signing key + type: string + type: object + required: + - name + - proxy + type: object + type: object + required: + - nexusRef + type: object + status: + description: NexusRepositoryStatus defines the observed state of NexusRepository. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the repository. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusroles.yaml b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusroles.yaml new file mode 100644 index 00000000000..41c0831aecc --- /dev/null +++ b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexusroles.yaml @@ -0,0 +1,100 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + name: nexusroles.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusRole + listKind: NexusRoleList + plural: nexusroles + singular: nexusrole + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusRole is the Schema for the nexusroles API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NexusRoleSpec defines the desired state of NexusRole. + properties: + description: + description: Description of nexus role. + example: Administrator role + type: string + id: + description: ID is the id of the role. ID should be unique across + all roles. + example: nx-admin + maxLength: 512 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + name: + description: Name is the name of the role. + example: nx-admin + type: string + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + privileges: + description: Privileges is a list of privileges assigned to role. + example: + - nx-all + items: + type: string + nullable: true + type: array + required: + - id + - name + - nexusRef + type: object + status: + description: NexusRoleStatus defines the observed state of NexusRole. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the role. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexususers.yaml b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexususers.yaml new file mode 100644 index 00000000000..6767d452cd7 --- /dev/null +++ b/operators/nexus-operator/3.0.0/manifests/edp.epam.com_nexususers.yaml @@ -0,0 +1,123 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.13.0 + creationTimestamp: null + name: nexususers.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusUser + listKind: NexusUserList + plural: nexususers + singular: nexususer + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusUser is the Schema for the nexususers API. + properties: + apiVersion: + description: 'APIVersion defines the versioned schema of this representation + of an object. Servers should convert recognized schemas to the latest + internal value, and may reject unrecognized values. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources' + type: string + kind: + description: 'Kind is a string value representing the REST resource this + object represents. Servers may infer this from the endpoint the client + submits requests to. Cannot be updated. In CamelCase. More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds' + type: string + metadata: + type: object + spec: + description: NexusUserSpec defines the desired state of NexusUser. + properties: + email: + description: Email is the email address of the user. + example: john.doe@example + maxLength: 254 + type: string + firstName: + description: FirstName of the user. + example: John + type: string + id: + description: ID is the username of the user. ID should be unique across + all users. + example: new-user + maxLength: 512 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + lastName: + description: LastName of the user. + example: Doe + type: string + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + roles: + description: Roles is a list of roles assigned to user. + example: + - nx-admin + items: + type: string + minItems: 1 + type: array + secret: + description: 'Secret is the reference of the k8s object Secret for + the user password. Format: $secret-name:secret-key. Updating user + password is not supported.' + example: $nexus-user-secret:password-filed + type: string + status: + default: active + description: Status is a status of the user. + enum: + - active + - disabled + example: active + type: string + required: + - email + - firstName + - id + - lastName + - nexusRef + - roles + - secret + type: object + status: + description: NexusUserStatus defines the observed state of NexusUser. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the user. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.0.0/manifests/nexus-operator.clusterserviceversion.yaml b/operators/nexus-operator/3.0.0/manifests/nexus-operator.clusterserviceversion.yaml new file mode 100644 index 00000000000..92b10568b83 --- /dev/null +++ b/operators/nexus-operator/3.0.0/manifests/nexus-operator.clusterserviceversion.yaml @@ -0,0 +1,443 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "Nexus", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexus-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexus", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexus-sample" + }, + "spec": { + "secret": "nexus-secret", + "url": "https://nexus-example.com" + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusRepository", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexusrepository-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexusrepository", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexusrepository-sample" + }, + "spec": { + "go": { + "proxy": { + "cleanup": { + "policyNames": [ + "cleanup-policy" + ] + }, + "httpClient": { + "autoBlock": true, + "blocked": true, + "connection": { + "retries": 1440, + "timeout": 1440, + "userAgentSuffix": "user-agent-suffix" + } + }, + "name": "go-proxy", + "negativeCache": { + "enabled": true, + "timeToLive": 1440 + }, + "online": true, + "proxy": { + "contentMaxAge": 1440, + "metadataMaxAge": 1440, + "remoteUrl": "https://test.com" + }, + "routingRule": "routing-rule", + "storage": { + "blobStoreName": "blob-store-name", + "strictContentTypeValidation": true + } + } + }, + "nexusRef": { + "name": "nexus-sample" + } + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusRole", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexusrole-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexusrole", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexusrole-sample" + }, + "spec": { + "description": "test-role", + "id": "test-role", + "name": "test-role", + "nexusRef": { + "kind": "Nexus", + "name": "nexus-sample" + }, + "privileges": [ + "nx-blobstores-all" + ] + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusUser", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexususer-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexususer", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexususer-sample" + }, + "spec": { + "email": "test@gmail.com", + "firstName": "John1", + "id": "test-user", + "lastName": "Doe", + "nexusRef": { + "kind": "Nexus", + "name": "nexus-sample" + }, + "roles": [ + "nx-admin" + ], + "secret": "$user-secret:password" + } + } + ] + capabilities: Deep Insights + categories: Developer Tools + containerImage: docker.io/epamedp/nexus-operator:3.0.0 + createdAt: "2023-12-11T12:54:50Z" + description: An Operator for managing Nexus entities. + operators.operatorframework.io/builder: operator-sdk-v1.32.0 + operators.operatorframework.io/project_layout: go.kubebuilder.io/v3 + repository: https://github.com/epam/edp-nexus-operator + name: nexus-operator.v3.0.0 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: Nexus is the Schema for the nexus API. + displayName: Nexus + kind: Nexus + name: nexuses.edp.epam.com + version: v1alpha1 + - description: NexusRepository is the Schema for the nexusrepositories API. + displayName: Nexus Repository + kind: NexusRepository + name: nexusrepositories.edp.epam.com + version: v1alpha1 + - description: NexusRole is the Schema for the nexusroles API. + displayName: Nexus Role + kind: NexusRole + name: nexusroles.edp.epam.com + version: v1alpha1 + - description: NexusUser is the Schema for the nexususers API. + displayName: Nexus User + kind: NexusUser + name: nexususers.edp.epam.com + version: v1alpha1 + description: | + Nexus Operator is an operator that is responsible for establishing + a connection to provided NexusRepository Server, reconciling Nexus entities (groups, + users, repositories, etc) according to the created CRs. + + ## Quick Start + + 1. Create a User in the Nexus Repository. + + 2. Insert newly created user credentials into Kubernetes secret: + + ```yaml + apiVersion: v1 + kind: Secret + metadata: + name: nexus-secret + type: Opaque + data: + username: dXNlcg== # base64-encoded value of "user" + password: cGFzcw== # base64-encoded value of "pass" + ``` + + 3. Create Custom Resource `kind: Nexus` with Nexus instance URL and secret created on the previous step: + + ```yaml + apiVersion: v1.edp.epam.com/v1alpha1 + kind: Nexus + metadata: + name: nexus-sample + spec: + secret: nexus-secret # Secret name + url: https://nexus.example.com # Nexus URL + ``` + + Wait for the `.status` field with `status.connected: true` + displayName: EDP Nexus Operator + icon: + - base64data:  + mediatype: image/png + install: + spec: + deployments: + - label: + app.kubernetes.io/component: manager + app.kubernetes.io/created-by: nexus-operator + app.kubernetes.io/instance: controller-manager + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: deployment + app.kubernetes.io/part-of: nexus-operator + control-plane: controller-manager + name: nexus-operator-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + strategy: {} + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --leader-elect + command: + - /manager + env: + - name: WATCH_NAMESPACE + valueFrom: + fieldRef: + fieldPath: metadata.annotations['olm.targetNamespaces'] + image: docker.io/epamedp/nexus-operator:3.0.0 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + securityContext: + runAsNonRoot: true + serviceAccountName: nexus-operator-controller-manager + terminationGracePeriodSeconds: 10 + permissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - edp.epam.com + resources: + - nexuses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexuses/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexuses/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexusrepositories + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexusrepositories/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexusrepositories/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexusroles + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexusroles/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexusroles/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexususers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexususers/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexususers/status + verbs: + - get + - patch + - update + serviceAccountName: nexus-operator-controller-manager + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: true + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: false + type: AllNamespaces + keywords: + - edp + - nexus + - operator + - artifact + - storage + links: + - name: Nexus Operator + url: https://github.com/epam/edp-nexus-operator + maintainers: + - email: SupportEPMD-EDP@epam.com + name: epmd-edp + maturity: alpha + provider: + name: EPAM Delivery Platform + url: https://epam.github.io/edp-install/ + version: 3.0.0 diff --git a/operators/nexus-operator/3.0.0/metadata/annotations.yaml b/operators/nexus-operator/3.0.0/metadata/annotations.yaml new file mode 100644 index 00000000000..4032a9befb7 --- /dev/null +++ b/operators/nexus-operator/3.0.0/metadata/annotations.yaml @@ -0,0 +1,14 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: nexus-operator + operators.operatorframework.io.bundle.channels.v1: alpha + operators.operatorframework.io.metrics.builder: operator-sdk-v1.32.0 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v3 + + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ diff --git a/operators/nexus-operator/3.0.0/tests/scorecard/config.yaml b/operators/nexus-operator/3.0.0/tests/scorecard/config.yaml new file mode 100644 index 00000000000..b3f2fc8ea6a --- /dev/null +++ b/operators/nexus-operator/3.0.0/tests/scorecard/config.yaml @@ -0,0 +1,70 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-resources + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-crds-have-resources-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-status-descriptors + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-status-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {} diff --git a/operators/nexus-operator/ci.yaml b/operators/nexus-operator/ci.yaml new file mode 100644 index 00000000000..92e877838e8 --- /dev/null +++ b/operators/nexus-operator/ci.yaml @@ -0,0 +1,9 @@ +--- +# Use `replaces-mode` or `semver-mode`. Once you switch to `semver-mode`, there is no easy way back. +updateGraph: semver-mode +addReviewers: true +reviewers: + - sergk + - zmotso + - NikolayMarusenko + - blobor