nhyatt/nxrm3-helm-repository
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

NEXUS-34974 Publish nxrm helm charts to Sonatype helm repo and Artifact Hub

Browse Source
This commit is contained in:
spryhoda 2022-09-13 15:33:07 +03:00
parent 595206fdc9
commit 8123c3db21
No known key found for this signature in database
GPG Key ID: D285C398242A0D6B
24 changed files with 1444 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Jenkinsfile-Release
View File

@ -42,11 +42,11 @@ dockerizedBuildPipeline(
buildAndTest: {
sonatypeZionGitConfig()
runSafely "git checkout ${gitBranch(env)}"
//runSafely "./upgrade.sh ./nexus-repository-manager ${chartVersion} ${params.appVersion}"
runSafely "./upgrade.sh ./nexus-repository-manager ${chartVersion} ${params.appVersion}"
runSafely "./upgrade.sh ./nxrm-aws-resiliency ${chartVersion} ${params.appVersion}"
runSafely './build.sh'
runSafely 'git add nxrm-aws-resiliency'
//runSafely 'git add nexus-repository-manager'
runSafely 'git add nexus-repository-manager'
},
skipVulnerabilityScan: true,
archiveArtifacts: 'docs/*',

4
build.sh
View File

@ -18,7 +18,7 @@ set -e
# lint yaml of charts
helm lint ./nxrm-aws-resiliency
#helm lint ./nexus-repository-manager
helm lint ./nexus-repository-manager
# unit test
#(cd ./nxrm-aws-resiliency; helm unittest -3 -t junit -o test-output.xml .)
@ -26,4 +26,4 @@ helm lint ./nxrm-aws-resiliency
# package the charts into tgz archives
helm package ./nxrm-aws-resiliency --destination docs
#helm package ./nexus-repository-manager --destination docs
helm package ./nexus-repository-manager --destination docs

24
nexus-repository-manager/.helmignore Normal file
View File

@ -0,0 +1,24 @@
# Patterns to ignore when building packages.
# This supports shell glob matching, relative path matching, and
# negation (prefixed with !). Only one pattern per line.
.DS_Store
# Common VCS dirs
.git/
.gitignore
.bzr/
.bzrignore
.hg/
.hgignore
.svn/
# Common backup files
*.swp
*.bak
*.tmp
*~
# Various IDEs
.project
.idea/
*.tmproj
# OWNERS file for Kubernetes
OWNERS
*.tar

40
nexus-repository-manager/Chart.yaml Normal file
View File

@ -0,0 +1,40 @@
apiVersion: v2
name: nexus-repository-manager
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
version: 41.1.0
# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application.
appVersion: 3.41.1
description: Sonatype Nexus Repository Manager - Universal Binary repository
# A chart can be either an 'application' or a 'library' chart.
#
# Application charts are a collection of templates that can be packaged into versioned archives
# to be deployed.
#
# Library charts provide useful utilities or functions for the chart developer. They're included as
# a dependency of application charts to inject those utilities and functions into the rendering
# pipeline. Library charts do not define any templates and therefore cannot be deployed.
type: application
keywords:
- artifacts
- dependency
- management
- sonatype
- nexus
- repository
- quickstart
- ci
- repository-manager
- nexus3
home: https://www.sonatype.com/nexus-repository-oss
icon: https://sonatype.github.io/helm3-charts/NexusRepo_Vertical.svg
sources:
- https://github.com/sonatype/nexus-public
maintainers:
- email: support@sonatype.com
name: Sonatype

13
nexus-repository-manager/LICENSE Normal file
View File

@ -0,0 +1,13 @@
Copyright (c) 2020-present Sonatype, Inc.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

212
nexus-repository-manager/README.md Normal file
View File

@ -0,0 +1,212 @@
# Nexus Repository
[Nexus Repository OSS](https://www.sonatype.com/nexus-repository-oss) provides universal support for all major build tools.
- Store and distribute Maven/Java, npm, NuGet, Helm, Docker, p2, OBR, APT, Go, R, Conan components and more.
- Manage components from dev through delivery: binaries, containers, assemblies, and finished goods.
- Support for the Java Virtual Machine (JVM) ecosystem, including Gradle, Ant, Maven, and Ivy.
- Compatible with popular tools like Eclipse, IntelliJ, Hudson, Jenkins, Puppet, Chef, Docker, and more.
*Efficiency and Flexibility to Empower Development Teams*
- Streamline productivity by sharing components internally.
- Gain insight into component security, license, and quality issues.
- Build off-line with remote package availability.
- Integrate with industry-leading build tools.
---
## Introduction
This chart installs a single Nexus Repository instance within a Kubernetes cluster that has a single node (server) configured. It is not appropriate for a resilient Nexus Repository deployment. Refer to our [resiliency documentation](https://help.sonatype.com/repomanager3/planning-your-implementation/resiliency-and-high-availability) for information about resilient Nexus Repository deployment options.
Use the checklist below to determine if this Helm chart is suitable for your deployment needs.
### When to Use This Helm Chart
Use this Helm chart if you are doing any of the following:
- Deploying either Nexus Repository Pro or OSS to an on-premises environment with bare metal/VM server (Node)
- Deploying a single Nexus Repository instance within a Kubernetes cluster that has a single Node configured
> **Note**: If you are using Nexus Repository Pro, your license file and embedded database will reside on the node and be mounted on the container as a Persistent Volume (required).
### When Not to Use This Helm Chart
Do not use this Helm chart and, instead, refer to our [resiliency documentation](https://help.sonatype.com/repomanager3/planning-your-implementation/resiliency-and-high-availability) if you are doing any of the following:
- Deploying Nexus Repository Pro to a cloud environment with the desire for automatic failover across Availability Zones (AZs) within a single region
- Planning to configure a single Nexus Repository Pro instance within your Kubernetes/EKS cluster with two or more nodes spread across different AZs within an AWS region
- Using an external PostgreSQL database
> **Note**: A Nexus Repository Pro license is required for our resilient deployment options. Your Nexus Repository Pro license file must be stored externally as either mounted from AWS Secrets/Azure Key Vault in AWS/Azure deployments or mounted using Kustomize for on-premises deployments (required).
> **Note**: We do not currently provide Helm charts for our resilient deployment options.
---
## Prerequisites for This Chart
- Kubernetes 1.19+
- PV provisioner support in the underlying infrastructure
- Helm 3
### With Open Docker Image
By default, this Chart uses Sonatype's Public Docker image. If you want to use a different image, run with the following: `--set nexus.imageName=<my>/<image>`.
## Adding the Sonatype Repository to your Helm
To add as a Helm Repo
```helm repo add sonatype https://sonatype.github.io/helm3-charts/```
---
## Testing the Chart
To test the chart, use the following:
```bash
$ helm install --dry-run --debug --generate-name ./
```
To test the chart with your own values, use the following:
```bash
$ helm install --dry-run --debug --generate-name -f myvalues.yaml ./
```
---
## Installing the Chart
To install the chart, use the following:
```bash
$ helm install nexus-rm sonatype/nexus-repository-manager [ --version v29.2.0 ]
```
The above command deploys Nexus Repository on the Kubernetes cluster in the default configuration.
You can pass custom configuration values as follows:
```bash
$ helm install -f myvalues.yaml sonatype-nexus ./
```
The default login is randomized and can be found in `/nexus-data/admin.password` or you can get the initial static passwords (admin/admin123)
by setting the environment variable `NEXUS_SECURITY_RANDOMPASSWORD` to `false` in your `values.yaml`.
---
## Uninstalling the Chart
To uninstall/delete the deployment, use the following:
```bash
$ helm list
NAME NAMESPACE REVISION UPDATED STATUS CHART APP VERSION
plinking-gopher default 1 2021-03-10 15:44:57.301847 -0800 PST deployed nexus-repository-manager-29.2.0 3.29.2
$ helm delete plinking-gopher
```
The command removes all the Kubernetes components associated with the chart and deletes the release.
---
## Configuration
The following table lists the configurable parameters of the Nexus chart and their default values.
| Parameter | Description | Default |
|--------------------------------------------|----------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------------------------------|
| `deploymentStrategy` | Deployment Strategy | `Recreate` |
| `nexus.imagePullPolicy` | Nexus Repository image pull policy | `IfNotPresent` |
| `imagePullSecrets` | The names of the kubernetes secrets with credentials to login to a registry | `[]` |
| `nexus.docker.enabled` | Enable/disable Docker support | `false` |
| `nexus.docker.registries` | Support multiple Docker registries | (see below) |
| `nexus.docker.registries[0].host` | Host for the Docker registry | `cluster.local` |
| `nexus.docker.registries[0].port` | Port for the Docker registry | `5000` |
| `nexus.docker.registries[0].secretName` | TLS Secret Name for the ingress | `registrySecret` |
| `nexus.env` | Nexus Repository environment variables | `[{INSTALL4J_ADD_VM_PARAMS: -Xms1200M -Xmx1200M -XX:MaxDirectMemorySize=2G -XX:+UnlockExperimentalVMOptions -XX:+UseCGroupMemoryLimitForHeap}]` |
| `nexus.resources` | Nexus Repository resource requests and limits | `{}` |
| `nexus.nexusPort` | Internal port for Nexus Repository service | `8081` |
| `nexus.securityContext` | Security Context (for enabling official image use `fsGroup: 2000`) | `{}` |
| `nexus.labels` | Service labels | `{}` |
| `nexus.podAnnotations` | Pod Annotations | `{}` |
| `nexus.livenessProbe.initialDelaySeconds` | LivenessProbe initial delay | 30 |
| `nexus.livenessProbe.periodSeconds` | Seconds between polls | 30 |
| `nexus.livenessProbe.failureThreshold` | Number of attempts before failure | 6 |
| `nexus.livenessProbe.timeoutSeconds` | Time in seconds after liveness probe times out | `nil` |
| `nexus.livenessProbe.path` | Path for LivenessProbe | / |
| `nexus.readinessProbe.initialDelaySeconds` | ReadinessProbe initial delay | 30 |
| `nexus.readinessProbe.periodSeconds` | Seconds between polls | 30 |
| `nexus.readinessProbe.failureThreshold` | Number of attempts before failure | 6 |
| `nexus.readinessProbe.timeoutSeconds` | Time in seconds after readiness probe times out | `nil` |
| `nexus.readinessProbe.path` | Path for ReadinessProbe | / |
| `nexus.hostAliases` | Aliases for IPs in /etc/hosts | [] |
| `nexus.properties.override` | Set to true to override default nexus.properties | `false` |
| `nexus.properties.data` | A map of custom nexus properties if `override` is set to true | `nexus.scripts.allowCreation: true` |
| `ingress.enabled` | Create an ingress for Nexus Repository | `false` |
| `ingress.annotations` | Annotations to enhance ingress configuration | `{kubernetes.io/ingress.class: nginx}` |
| `ingress.tls.secretName` | Name of the secret storing TLS cert, `false` to use the Ingress' default certificate | `nexus-tls` |
| `ingress.path` | Path for ingress rules. GCP users should set to `/*`. | `/` |
| `tolerations` | tolerations list | `[]` |
| `config.enabled` | Enable configmap | `false` |
| `config.mountPath` | Path to mount the config | `/sonatype-nexus-conf` |
| `config.data` | Configmap data | `nil` |
| `deployment.annotations` | Annotations to enhance deployment configuration | `{}` |
| `deployment.initContainers` | Init containers to run before main containers | `nil` |
| `deployment.postStart.command` | Command to run after starting the container | `nil` |
| `deployment.terminationGracePeriodSeconds` | Update termination grace period (in seconds) | 120s |
| `deployment.additionalContainers` | Add additional Container | `nil` |
| `deployment.additionalVolumes` | Add additional Volumes | `nil` |
| `deployment.additionalVolumeMounts` | Add additional Volume mounts | `nil` |
| `secret.enabled` | Enable secret | `false` |
| `secret.mountPath` | Path to mount the secret | `/etc/secret-volume` |
| `secret.readOnly` | Secret readonly state | `true` |
| `secret.data` | Secret data | `nil` |
| `service.enabled` | Enable additional service | `true` |
| `service.name` | Service name | `nexus3` |
| `service.labels` | Service labels | `nil` |
| `service.annotations` | Service annotations | `nil` |
| `service.type` | Service Type | `ClusterIP` |
| `route.enabled` | Set to true to create route for additional service | `false` |
| `route.name` | Name of route | `docker` |
| `route.portName` | Target port name of service | `docker` |
| `route.labels` | Labels to be added to route | `{}` |
| `route.annotations` | Annotations to be added to route | `{}` |
| `route.path` | Host name of Route e.g. jenkins.example.com | nil |
| `serviceAccount.create` | Set to true to create ServiceAccount | `true` |
| `serviceAccount.annotations` | Set annotations for ServiceAccount | `{}` |
| `serviceAccount.name` | The name of the service account to use. Auto-generate if not set and create is true. | `{}` |
| `persistence.enabled` | Set false to eliminate persistent storage | `true` |
| `persistence.existingClaim` | Specify the name of an existing persistent volume claim to use instead of creating a new one | nil |
| `persistence.storageSize` | Size of the storage the chart will request | `8Gi` |
### Persistence
By default, a `PersistentVolumeClaim` is created and mounted into the `/nexus-data` directory. In order to disable this functionality, you can change the `values.yaml` to disable persistence, which will use an `emptyDir` instead.
> *"An emptyDir volume is first created when a Pod is assigned to a Node, and exists as long as that Pod is running on that node. When a Pod is removed from a node for any reason, the data in the emptyDir is deleted forever."*
## Using the Image from the Red Hat Registry
To use the [Nexus Repository Manager image available from Red Hat's registry](https://catalog.redhat.com/software/containers/sonatype/nexus-repository-manager/594c281c1fbe9847af657690),
you'll need to:
* Load the credentials for the registry as a secret in your cluster
```shell
kubectl create secret docker-registry redhat-pull-secret \
--docker-server=registry.connect.redhat.com \
--docker-username=<user_name> \
--docker-password=<password> \
--docker-email=<email>
```
See Red Hat's [Registry Authentication documentation](https://access.redhat.com/RegistryAuthentication)
for further details.
* Provide the name of the secret in `imagePullSecrets` in this chart's `values.yaml`
```yaml
imagePullSecrets:
- name: redhat-pull-secret
```
* Set `image.name` and `image.tag` in `values.yaml`
```yaml
image:
repository: registry.connect.redhat.com/sonatype/nexus-repository-server
tag: 3.39.0-ubi-1
```
---

27
nexus-repository-manager/templates/NOTES.txt Normal file
View File

@ -0,0 +1,27 @@
{{- if .Values.ingress.enabled }}
1. Your ingresses are available here:
http{{ if $.Values.ingress.tls }}s{{ end }}://{{ $.Values.ingress.hostRepo }}{{ $.Values.ingress.hostPath }}
{{- if $.Values.nexus.docker.enabled }}
{{- range $registry := .Values.nexus.docker.registries }}
https://{{ $registry.host }}/
{{- end }}
{{- end }}
{{- else if contains "NodePort" .Values.service.type }}
1. Get the application URL by running these commands:
export NODE_PORT=$(kubectl get --namespace {{ .Release.Namespace }} -o jsonpath="{.spec.ports[0].nodePort}" services {{ include "nexus.fullname" . }})
export NODE_IP=$(kubectl get nodes --namespace {{ .Release.Namespace }} -o jsonpath="{.items[0].status.addresses[0].address}")
Your application is available at http://$NODE_IP:$NODE_PORT
{{- else if contains "LoadBalancer" .Values.service.type }}
1. Get the application URL by running these commands:
NOTE: It may take a few minutes for the LoadBalancer IP to be available.
You can watch the status of by running 'kubectl get --namespace {{ .Release.Namespace }} svc -w {{ include "nexus.fullname" . }}'
export SERVICE_IP=$(kubectl get svc --namespace {{ .Release.Namespace }} {{ include "nexus.fullname" . }} --template "{{"{{ range (index .status.loadBalancer.ingress 0) }}{{.}}{{ end }}"}}")
{{- range $index, $port := .Values.service.ports }}
Your application is available at http://$SERVICE_IP:{{ $port }}
{{- end }}
{{- else if contains "ClusterIP" .Values.service.type }}
1. Get the application URL by running these commands:
export POD_NAME=$(kubectl get pods --namespace {{ .Release.Namespace }} -l "app.kubernetes.io/name={{ include "nexus.name" . }},app.kubernetes.io/instance={{ .Release.Name }}" -o jsonpath="{.items[0].metadata.name}")
kubectl --namespace {{ .Release.Namespace }} port-forward $POD_NAME 8081:80
Your application is available at http://127.0.0.1
{{- end }}

63
nexus-repository-manager/templates/_helpers.tpl Normal file
View File

@ -0,0 +1,63 @@
{{/* vim: set filetype=mustache: */}}
{{/*
Expand the name of the chart.
*/}}
{{- define "nexus.name" -}}
{{- default .Chart.Name .Values.nameOverride | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Create a default fully qualified app name.
We truncate at 63 chars because some Kubernetes name fields are limited to this (by the DNS naming spec).
If release name contains chart name it will be used as a full name.
*/}}
{{- define "nexus.fullname" -}}
{{- if .Values.fullnameOverride -}}
{{- .Values.fullnameOverride | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- $name := default .Chart.Name .Values.nameOverride -}}
{{- if contains $name .Release.Name -}}
{{- .Release.Name | trunc 63 | trimSuffix "-" -}}
{{- else -}}
{{- printf "%s-%s" .Release.Name $name | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{- end -}}
{{- end -}}
{{/*
Create chart name and version as used by the chart label.
*/}}
{{- define "nexus.chart" -}}
{{- printf "%s-%s" .Chart.Name .Chart.Version | replace "+" "_" | trunc 63 | trimSuffix "-" -}}
{{- end -}}
{{/*
Common labels
*/}}
{{- define "nexus.labels" -}}
helm.sh/chart: {{ include "nexus.chart" . }}
{{ include "nexus.selectorLabels" . }}
{{- if .Chart.AppVersion }}
app.kubernetes.io/version: {{ .Chart.AppVersion | quote }}
{{- end }}
app.kubernetes.io/managed-by: {{ .Release.Service }}
{{- end -}}
{{/*
Selector labels
*/}}
{{- define "nexus.selectorLabels" -}}
app.kubernetes.io/name: {{ include "nexus.name" . }}
app.kubernetes.io/instance: {{ .Release.Name }}
{{- end -}}
{{/*
Create the name of the service account to use
*/}}
{{- define "nexus.serviceAccountName" -}}
{{- if .Values.serviceAccount.create -}}
{{ default (include "nexus.fullname" .) .Values.serviceAccount.name }}
{{- else -}}
{{ default "default" .Values.serviceAccount.name }}
{{- end -}}
{{- end -}}

17
nexus-repository-manager/templates/configmap-properties.yaml Normal file
View File

@ -0,0 +1,17 @@
{{- if .Values.nexus.properties.override -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "nexus.name" . }}-properties
labels: {{- include "nexus.labels" . | nindent 4 }}
{{- if .Values.nexus.extraLabels }}
{{- with .Values.nexus.extraLabels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}
data:
nexus.properties: |
{{- range $k, $v := .Values.nexus.properties.data }}
{{ $k }}={{ $v }}
{{- end }}
{{- end }}

15
nexus-repository-manager/templates/configmap.yaml Normal file
View File

@ -0,0 +1,15 @@
{{- if .Values.config.enabled -}}
apiVersion: v1
kind: ConfigMap
metadata:
name: {{ template "nexus.name" . }}-conf
labels:
{{ include "nexus.labels" . | indent 4 }}
{{- if .Values.nexus.extraLabels }}
{{- with .Values.nexus.extraLabels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}
data:
{{ toYaml .Values.config.data | indent 2 }}
{{- end }}

163
nexus-repository-manager/templates/deployment.yaml Normal file
View File

@ -0,0 +1,163 @@
apiVersion: apps/v1
kind: Deployment
metadata:
name: {{ template "nexus.fullname" . }}
labels:
{{ include "nexus.labels" . | indent 4 }}
{{- if .Values.nexus.extraLabels }}
{{- with .Values.nexus.extraLabels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}
{{- if .Values.deployment.annotations }}
annotations:
{{ toYaml .Values.deployment.annotations | nindent 4 }}
{{- end }}
spec:
replicas: 1
strategy:
type: {{ .Values.deploymentStrategy }}
selector:
matchLabels:
{{- include "nexus.selectorLabels" . | nindent 6 }}
{{- if .Values.nexus.extraSelectorLabels }}
{{- with .Values.nexus.extraSelectorLabels }}
{{ toYaml . | indent 6 }}
{{- end }}
{{- end }}
template:
metadata:
annotations:
checksum/configmap-properties: {{ include (print .Template.BasePath "/configmap-properties.yaml") $ | sha256sum }}
{{- if .Values.nexus.podAnnotations }}
{{ toYaml .Values.nexus.podAnnotations | nindent 8}}
{{- end }}
labels:
{{- include "nexus.selectorLabels" . | nindent 8 }}
spec:
serviceAccountName: {{ include "nexus.serviceAccountName" . }}
{{- if .Values.deployment.initContainers }}
initContainers:
{{ toYaml .Values.deployment.initContainers | nindent 6 }}
{{- end }}
{{- if .Values.nexus.nodeSelector }}
nodeSelector:
{{ toYaml .Values.nexus.nodeSelector | nindent 8 }}
{{- end }}
{{- if .Values.nexus.hostAliases }}
hostAliases:
{{ toYaml .Values.nexus.hostAliases | nindent 8 }}
{{- end }}
{{- with .Values.imagePullSecrets }}
imagePullSecrets:
{{- toYaml . | nindent 8 }}
{{- end }}
{{- if .Values.deployment.terminationGracePeriodSeconds }}
terminationGracePeriodSeconds: {{ .Values.deployment.terminationGracePeriodSeconds }}
{{- end }}
containers:
- name: {{ .Chart.Name }}
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
imagePullPolicy: {{ .Values.image.pullPolicy }}
lifecycle:
{{- if .Values.deployment.postStart.command }}
postStart:
exec:
command: {{ .Values.deployment.postStart.command }}
{{- end }}
env:
{{ toYaml .Values.nexus.env | nindent 12 }}
envFrom:
{{ toYaml .Values.nexus.envFrom | nindent 12 }}
resources:
{{ toYaml .Values.nexus.resources | nindent 12 }}
ports:
- name: nexus-ui
containerPort: {{ .Values.nexus.nexusPort }}
{{- if .Values.nexus.docker.enabled }}
{{- range .Values.nexus.docker.registries }}
- name: docker-{{ .port }}
containerPort: {{ .port }}
{{- end }}
{{- end }}
livenessProbe:
httpGet:
path: {{ .Values.nexus.livenessProbe.path }}
port: {{ .Values.nexus.nexusPort }}
initialDelaySeconds: {{ .Values.nexus.livenessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.nexus.livenessProbe.periodSeconds }}
failureThreshold: {{ .Values.nexus.livenessProbe.failureThreshold }}
{{- if .Values.nexus.livenessProbe.timeoutSeconds }}
timeoutSeconds: {{ .Values.nexus.livenessProbe.timeoutSeconds }}
{{- end }}
readinessProbe:
httpGet:
path: {{ .Values.nexus.readinessProbe.path }}
port: {{ .Values.nexus.nexusPort }}
initialDelaySeconds: {{ .Values.nexus.readinessProbe.initialDelaySeconds }}
periodSeconds: {{ .Values.nexus.readinessProbe.periodSeconds }}
failureThreshold: {{ .Values.nexus.readinessProbe.failureThreshold }}
{{- if .Values.nexus.readinessProbe.timeoutSeconds }}
timeoutSeconds: {{ .Values.nexus.readinessProbe.timeoutSeconds }}
{{- end }}
volumeMounts:
- mountPath: /nexus-data
name: {{ template "nexus.name" . }}-data
{{- if .Values.config.enabled }}
- mountPath: {{ .Values.config.mountPath }}
name: {{ template "nexus.name" . }}-conf
{{- end }}
{{- if .Values.nexus.properties.override }}
- mountPath: /nexus-data/etc/nexus.properties
name: {{ template "nexus.name" . }}-properties
subPath: nexus.properties
{{- end }}
{{- if .Values.secret.enabled }}
- mountPath: {{ .Values.secret.mountPath }}
name: {{ template "nexus.name" . }}-secret
readOnly: {{ .Values.secret.readOnly }}
{{- end }}
{{- if .Values.deployment.additionalVolumeMounts}}
{{ toYaml .Values.deployment.additionalVolumeMounts | nindent 12 }}
{{- end }}
{{- if .Values.deployment.additionalContainers }}
{{ toYaml .Values.deployment.additionalContainers | nindent 8 }}
{{- end }}
{{- if .Values.nexus.securityContext }}
securityContext:
{{ toYaml .Values.nexus.securityContext | nindent 8 }}
{{- end }}
volumes:
- name: {{ template "nexus.name" . }}-data
{{- if .Values.persistence.enabled }}
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim | default (printf "%s-%s" (include "nexus.fullname" .) "data") }}
{{- else }}
emptyDir: {}
{{- end }}
{{- if .Values.config.enabled }}
- name: {{ template "nexus.name" . }}-conf
configMap:
name: {{ template "nexus.name" . }}-conf
{{- end }}
{{- if .Values.nexus.properties.override }}
- name: {{ template "nexus.name" . }}-properties
configMap:
name: {{ template "nexus.name" . }}-properties
items:
- key: nexus.properties
path: nexus.properties
{{- end }}
{{- if .Values.secret.enabled }}
- name: {{ template "nexus.name" . }}-secret
secret:
secretName: {{ template "nexus.name" . }}-secret
{{- end }}
{{- if .Values.deployment.additionalVolumes }}
{{ toYaml .Values.deployment.additionalVolumes | nindent 8 }}
{{- end }}
{{- with .Values.tolerations }}
tolerations:
{{ toYaml . | nindent 8 }}
{{- end }}

85
nexus-repository-manager/templates/ingress.yaml Normal file
View File

@ -0,0 +1,85 @@
{{- if .Values.ingress.enabled -}}
{{- $fullName := include "nexus.fullname" . -}}
{{- $svcPort := .Values.nexus.nexusPort -}}
{{- $ingressPath := .Values.ingress.path -}}
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ $fullName }}
labels:
{{- include "nexus.labels" . | nindent 4 }}
{{- if .Values.nexus.extraLabels }}
{{- with .Values.nexus.extraLabels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}
{{- with .Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if .Values.ingress.ingressClassName }}
ingressClassName: {{ .Values.ingress.ingressClassName }}
{{- end }}
{{- if .Values.ingress.tls }}
tls:
{{- range .Values.ingress.tls }}
- hosts:
{{- range .hosts }}
- {{ . | quote }}
{{- end }}
secretName: {{ .secretName }}
{{- end }}
{{- end }}
rules:
- host: {{ .Values.ingress.hostRepo }}
http:
paths:
- path: {{ .Values.ingress.hostPath }}
pathType: Prefix
backend:
service:
name: {{ $fullName }}
port:
number: 8081
{{ if .Values.nexus.docker.enabled }}
{{ range $registry := .Values.nexus.docker.registries }}
---
apiVersion: networking.k8s.io/v1
kind: Ingress
metadata:
name: {{ $fullName | trunc 49 }}-docker-{{ $registry.port }}
labels:
{{- include "nexus.labels" $ | nindent 4 }}
{{- if $.Values.nexus.extraLabels }}
{{- with $.Values.nexus.extraLabels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}
{{- with $.Values.ingress.annotations }}
annotations:
{{- toYaml . | nindent 4 }}
{{- end }}
spec:
{{- if $.Values.ingress.ingressClassName }}
ingressClassName: {{ $.Values.ingress.ingressClassName }}
{{- end }}
tls:
- hosts:
- {{ $registry.host | quote }}
secretName: {{ $registry.secretName }}
rules:
- host: {{ $registry.host }}
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: {{ $fullName | trunc 49 }}-docker-{{ $registry.port }}
port:
number: {{ $registry.port }}
{{- end }} {{- /* range of nexus.docker.registries */ -}}
{{- end }} {{- /* nexus.docker.enabled */ -}}
{{- end }} {{- /* ingress.enabled */ -}}

23
nexus-repository-manager/templates/proxy-route.yaml Normal file
View File

@ -0,0 +1,23 @@
{{- if .Values.nexusProxyRoute.enabled }}
apiVersion: route.openshift.io/v1
kind: Route
metadata:
name: {{ template "nexus.fullname" . }}
labels: {{ .Values.nexusProxyRoute.labels }}
annotations:
{{- range $key, $value := .Values.nexusProxyRoute.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
host: {{ .Values.nexusProxyRoute.path }}
port:
targetPort: {{ template "nexus.fullname" . }}
tls:
insecureEdgeTerminationPolicy: Redirect
termination: edge
to:
kind: Service
name: {{ template "nexus.fullname" . }}
weight: 100
wildcardPolicy: None
{{- end }}

26
nexus-repository-manager/templates/pv.yaml Normal file
View File

@ -0,0 +1,26 @@
{{- if not .Values.statefulset.enabled }}
{{- if .Values.persistence.pdName -}}
apiVersion: v1
kind: PersistentVolume
metadata:
name: {{ .Values.persistence.pdName }}
labels:
{{ include "nexus.labels" . | indent 4 }}
{{- if .Values.nexus.extraLabels }}
{{- with .Values.nexus.extraLabels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}
spec:
capacity:
storage: {{ .Values.persistence.storageSize }}
accessModes:
- ReadWriteOnce
claimRef:
namespace: {{ .Release.Namespace }}
name: {{ template "nexus.fullname" . }}-data
gcePersistentDisk:
pdName: {{ .Values.persistence.pdName }}
fsType: {{ .Values.persistence.fsType }}
{{- end }}
{{- end }}

30
nexus-repository-manager/templates/pvc.yaml Normal file
View File

@ -0,0 +1,30 @@
{{- if and .Values.persistence.enabled (not .Values.persistence.existingClaim) }}
kind: PersistentVolumeClaim
apiVersion: v1
metadata:
name: {{ template "nexus.fullname" . }}-data
labels:
{{ include "nexus.labels" . | indent 4 }}
{{- if .Values.nexus.extraLabels }}
{{- with .Values.nexus.extraLabels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}
{{- if .Values.persistence.annotations }}
annotations:
{{ toYaml .Values.persistence.annotations | indent 4 }}
{{- end }}
spec:
accessModes:
- {{ .Values.persistence.accessMode | quote }}
resources:
requests:
storage: {{ .Values.persistence.storageSize | quote }}
{{- if .Values.persistence.storageClass }}
{{- if (eq "-" .Values.persistence.storageClass) }}
storageClassName: ""
{{- else }}
storageClassName: "{{ .Values.persistence.storageClass }}"
{{- end }}
{{- end }}
{{- end }}

27
nexus-repository-manager/templates/route.yaml Normal file
View File

@ -0,0 +1,27 @@
{{- if .Values.route.enabled }}
apiVersion: route.openshift.io/v1
kind: Route
metadata:
name: {{ .Values.route.name }}
labels: {{ .Values.route.labels }}
annotations:
{{- range $key, $value := .Values.route.annotations }}
{{ $key }}: {{ $value | quote }}
{{- end }}
spec:
host: {{ .Values.route.path }}
port:
targetPort: {{ .Values.service.portName }}
tls:
insecureEdgeTerminationPolicy: Redirect
termination: edge
to:
kind: Service
{{- if .Values.service.name }}
name: {{ .Values.service.name }}
{{- else }}
name: {{ template "nexus.name" . }}-service
{{- end }}
weight: 100
wildcardPolicy: None
{{- end }}

15
nexus-repository-manager/templates/secret.yaml Normal file
View File

@ -0,0 +1,15 @@
{{- if .Values.secret.enabled -}}
apiVersion: v1
kind: Secret
metadata:
name: {{ template "nexus.name" . }}-secret
labels:
{{ include "nexus.labels" . | indent 4 }}
{{- if .Values.nexus.extraLabels }}
{{- with .Values.nexus.extraLabels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}
data:
{{ toYaml .Values.secret.data | indent 2 }}
{{- end}}

66
nexus-repository-manager/templates/service.yaml Normal file
View File

@ -0,0 +1,66 @@
{{- if .Values.service.enabled -}}
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "nexus.fullname" . }}
{{- if .Values.service.annotations }}
annotations:
{{ toYaml .Values.service.annotations | indent 4 }}
{{- end }}
labels:
{{- include "nexus.labels" . | nindent 4 }}
{{- if .Values.nexus.extraLabels }}
{{- with .Values.nexus.extraLabels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}
spec:
type: {{ .Values.service.type }}
ports:
- port: {{ .Values.nexus.nexusPort }}
protocol: TCP
name: nexus-ui
selector:
{{- include "nexus.selectorLabels" . | nindent 4 }}
{{- if .Values.nexus.extraSelectorLabels }}
{{- with .Values.nexus.extraSelectorLabels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}
{{- if .Values.nexus.docker.enabled }}
{{- range $registry := .Values.nexus.docker.registries }}
---
apiVersion: v1
kind: Service
metadata:
name: {{ include "nexus.fullname" $ | trunc 49 }}-docker-{{ $registry.port }}
{{- if $.Values.service.annotations }}
annotations:
{{ toYaml $.Values.service.annotations | indent 4 }}
{{- end }}
labels:
{{- include "nexus.labels" $ | nindent 4 }}
{{- if $.Values.nexus.extraLabels }}
{{- with $.Values.nexus.extraLabels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}
spec:
type: {{ $.Values.service.type }}
ports:
- port: {{ $registry.port }}
protocol: TCP
name: docker-{{ $registry.port }}
selector:
{{- include "nexus.selectorLabels" $ | nindent 4 }}
{{- if $.Values.nexus.extraSelectorLabels }}
{{- with $.Values.nexus.extraSelectorLabels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}
{{- end }}

15
nexus-repository-manager/templates/serviceaccount.yaml Normal file
View File

@ -0,0 +1,15 @@
{{- if .Values.serviceAccount.create -}}
apiVersion: v1
kind: ServiceAccount
metadata:
name: {{ include "nexus.serviceAccountName" . }}
labels: {{- include "nexus.labels" . | nindent 4 }}
{{- if .Values.nexus.extraLabels }}
{{- with .Values.nexus.extraLabels }}
{{ toYaml . | indent 4 }}
{{- end }}
{{- end }}
{{- with .Values.serviceAccount.annotations }}
annotations: {{- toYaml . | nindent 4 }}
{{- end }}
{{- end }}

25
nexus-repository-manager/templates/test/test-check-logs.yaml Normal file
View File

@ -0,0 +1,25 @@
# This test checks the logs to confirm the running app version is the same as the chart app version
# This test will run only if the flag persistence.enabled is true on the values.yaml file
{{- if .Values.persistence.enabled }}
apiVersion: v1
kind: Pod
metadata:
name: "{{ .Release.Name }}-test-check-logs"
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed
spec:
containers:
- name: {{ .Release.Name }}-test-check-logs
image: busybox
command: ["/bin/sh"]
args: ["-c", "cat /nexus-data/log/nexus.log | grep {{ .Chart.AppVersion }} || exit 1"]
volumeMounts:
- mountPath: /nexus-data
name: {{ template "nexus.name" . }}-data
volumes:
- name: {{ template "nexus.name" . }}-data
persistentVolumeClaim:
claimName: {{ .Values.persistence.existingClaim | default (printf "%s-%s" (include "nexus.fullname" .) "data") }}
restartPolicy: Never
{{- end }}

15
nexus-repository-manager/templates/test/test-connection.yaml Normal file
View File

@ -0,0 +1,15 @@
# This test checks that the server is up and running by making a wget
apiVersion: v1
kind: Pod
metadata:
name: "{{ .Release.Name }}-test-connection"
annotations:
"helm.sh/hook": test
"helm.sh/hook-delete-policy": before-hook-creation,hook-succeeded,hook-failed
spec:
containers:
- name: {{ .Release.Name }}-test-connection
image: busybox
command: ['wget']
args: ['{{ include "nexus.fullname" . }}:{{ .Values.nexus.nexusPort }}']
restartPolicy: Never

113
nexus-repository-manager/tests/deployment_test.yaml Normal file
View File

@ -0,0 +1,113 @@
suite: deployment
templates:
- deployment.yaml
- configmap-properties.yaml
tests:
- it: renders with defaults
template: deployment.yaml
asserts:
- hasDocuments:
count: 1
- isKind:
of: Deployment
- equal:
path: apiVersion
value: apps/v1
- equal:
path: metadata.name
value: RELEASE-NAME-nexus-repository-manager
- matchRegex:
path: metadata.labels.[app.kubernetes.io/name]
pattern: nexus-repository-manager
- matchRegex:
path: metadata.labels.[app.kubernetes.io/version]
pattern: 3\.\d+\.\d+
- matchRegex:
path: spec.template.metadata.annotations.[checksum/configmap-properties]
pattern: .+
- equal:
path: spec.replicas
value: 1
- equal:
path: spec.strategy.type
value: Recreate
- matchRegex:
path: spec.template.spec.containers[0].image
pattern: sonatype/nexus3:3\.\d+\.\d+
- equal:
path: spec.template.spec.containers[0].securityContext
value: null
- equal:
path: spec.template.spec.containers[0].imagePullPolicy
value: IfNotPresent
- equal:
path: spec.template.spec.containers[0].env
value:
- name: INSTALL4J_ADD_VM_PARAMS
value: |-
-Xms2703M -Xmx2703M
-XX:MaxDirectMemorySize=2703M
-XX:+UnlockExperimentalVMOptions
-XX:+UseCGroupMemoryLimitForHeap
-Djava.util.prefs.userRoot=/nexus-data/javaprefs
- name: NEXUS_SECURITY_RANDOMPASSWORD
value: "true"
- equal:
path: spec.template.spec.containers[0].ports
value:
- containerPort: 8081
name: nexus-ui
- equal:
path: spec.template.spec.containers[0].livenessProbe
value:
failureThreshold: 6
httpGet:
path: /
port: 8081
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 10
- equal:
path: spec.template.spec.containers[0].readinessProbe
value:
failureThreshold: 6
httpGet:
path: /
port: 8081
initialDelaySeconds: 30
periodSeconds: 30
timeoutSeconds: 10
- equal:
path: spec.template.spec.containers[0].volumeMounts
value:
- mountPath: /nexus-data
name: nexus-repository-manager-data
- equal:
path: spec.template.spec.volumes
value:
- name: nexus-repository-manager-data
persistentVolumeClaim:
claimName: RELEASE-NAME-nexus-repository-manager-data
- equal:
path: spec.template.spec.securityContext
value:
fsGroup: 200
runAsGroup: 200
runAsUser: 200
- it: should use our simple values
template: deployment.yaml
set:
deploymentStrategy: my-strategy
imagePullSecrets:
- name: top-secret
asserts:
- hasDocuments:
count: 1
- equal:
path: spec.strategy.type
value: my-strategy
- equal:
path: spec.template.spec.imagePullSecrets
value:
- name: top-secret

242
nexus-repository-manager/tests/ingress_test.yaml Normal file
View File

@ -0,0 +1,242 @@
---
suite: ingress
templates:
- ingress.yaml
tests:
- it: renders with defaults
set:
ingress:
enabled: true
asserts:
- hasDocuments:
count: 1
- isKind:
of: Ingress
- equal:
path: apiVersion
value: networking.k8s.io/v1
- equal:
path: metadata.labels.[app.kubernetes.io/instance]
value: RELEASE-NAME
- equal:
path: metadata.labels.[app.kubernetes.io/managed-by]
value: Helm
- matchRegex:
path: metadata.labels.[app.kubernetes.io/version]
pattern: \d+\.\d+\.\d+
- matchRegex:
path: metadata.labels.[helm.sh/chart]
pattern: nexus-repository-manager-\d+\.\d+\.\d+
- equal:
path: metadata.labels.[app.kubernetes.io/name]
value: nexus-repository-manager
- equal:
path: metadata.annotations
value:
nginx.ingress.kubernetes.io/proxy-body-size: "0"
- documentIndex: 0
equal:
path: metadata.name
value: RELEASE-NAME-nexus-repository-manager
- documentIndex: 0
equal:
path: spec
value:
ingressClassName: nginx
rules:
- host: repo.demo
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: RELEASE-NAME-nexus-repository-manager
port:
number: 8081
- it: renders a second docker ingress
set:
ingress:
enabled: true
nexus:
docker:
enabled: true
registries:
- host: docker.repo.demo
port: 5000
secretName: registry-secret
asserts:
- hasDocuments:
count: 2
- isKind:
of: Ingress
- equal:
path: apiVersion
value: networking.k8s.io/v1
- equal:
path: metadata.labels.[app.kubernetes.io/instance]
value: RELEASE-NAME
- equal:
path: metadata.labels.[app.kubernetes.io/managed-by]
value: Helm
- matchRegex:
path: metadata.labels.[app.kubernetes.io/version]
pattern: \d+\.\d+\.\d+
- matchRegex:
path: metadata.labels.[helm.sh/chart]
pattern: nexus-repository-manager-\d+\.\d+\.\d+
- equal:
path: metadata.labels.[app.kubernetes.io/name]
value: nexus-repository-manager
- equal:
path: metadata.annotations
value:
nginx.ingress.kubernetes.io/proxy-body-size: "0"
- documentIndex: 0
equal:
path: metadata.name
value: RELEASE-NAME-nexus-repository-manager
- documentIndex: 0
equal:
path: spec
value:
ingressClassName: nginx
rules:
- host: repo.demo
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: RELEASE-NAME-nexus-repository-manager
port:
number: 8081
- documentIndex: 1
equal:
path: metadata.name
value: RELEASE-NAME-nexus-repository-manager-docker-5000
- documentIndex: 1
equal:
path: spec
value:
ingressClassName: nginx
rules:
- host: docker.repo.demo
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: RELEASE-NAME-nexus-repository-manager-docker-5000
port:
number: 5000
tls:
- hosts:
- docker.repo.demo
secretName: registry-secret
- it: we can exclude ingressClassName for repo ingress and docker ingress
set:
ingress:
enabled: true
ingressClassName: {}
nexus:
docker:
enabled: true
registries:
- host: docker.repo.demo
port: 5000
secretName: registry-secret
asserts:
- hasDocuments:
count: 2
- isKind:
of: Ingress
- equal:
path: apiVersion
value: networking.k8s.io/v1
- equal:
path: metadata.labels.[app.kubernetes.io/instance]
value: RELEASE-NAME
- equal:
path: metadata.labels.[app.kubernetes.io/managed-by]
value: Helm
- matchRegex:
path: metadata.labels.[app.kubernetes.io/version]
pattern: \d+\.\d+\.\d+
- matchRegex:
path: metadata.labels.[helm.sh/chart]
pattern: nexus-repository-manager-\d+\.\d+\.\d+
- equal:
path: metadata.labels.[app.kubernetes.io/name]
value: nexus-repository-manager
- equal:
path: metadata.annotations
value:
nginx.ingress.kubernetes.io/proxy-body-size: "0"
- documentIndex: 0
equal:
path: metadata.name
value: RELEASE-NAME-nexus-repository-manager
- documentIndex: 0
equal:
path: spec
value:
rules:
- host: repo.demo
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: RELEASE-NAME-nexus-repository-manager
port:
number: 8081
- documentIndex: 1
equal:
path: metadata.name
value: RELEASE-NAME-nexus-repository-manager-docker-5000
- documentIndex: 1
equal:
path: spec
value:
rules:
- host: docker.repo.demo
http:
paths:
- path: /
pathType: Prefix
backend:
service:
name: RELEASE-NAME-nexus-repository-manager-docker-5000
port:
number: 5000
tls:
- hosts:
- docker.repo.demo
secretName: registry-secret
- it: is disabled by default
asserts:
- hasDocuments:
count: 0
- it: renders with tls config when provided
set:
ingress:
enabled: true
tls:
- secretName: nexus-tls-local
hosts:
- repo.host
asserts:
- equal:
path: spec.tls
value:
- secretName: nexus-tls-local
hosts:
- repo.host

184
nexus-repository-manager/values.yaml Normal file
View File

@ -0,0 +1,184 @@
---
statefulset:
# This is not supported
enabled: false
deploymentStrategy: Recreate
image:
# Sonatype Official Public Image
repository: sonatype/nexus3
tag: 3.41.1
pullPolicy: IfNotPresent
imagePullSecrets:
# for image registries that require login, specify the name of the existing
# kubernetes secret
# - name: <pull-secret-name>
nexus:
docker:
enabled: false
# registries:
# - host: chart.local
# port: 5000
# secretName: registry-secret
env:
# minimum recommended memory settings for a small, person instance from
# https://help.sonatype.com/repomanager3/product-information/system-requirements
- name: INSTALL4J_ADD_VM_PARAMS
value: |-
-Xms2703M -Xmx2703M
-XX:MaxDirectMemorySize=2703M
-XX:+UnlockExperimentalVMOptions
-XX:+UseCGroupMemoryLimitForHeap
-Djava.util.prefs.userRoot=/nexus-data/javaprefs
- name: NEXUS_SECURITY_RANDOMPASSWORD
value: "true"
properties:
override: false
data:
nexus.scripts.allowCreation: true
# See this article for ldap configuratioon options https://support.sonatype.com/hc/en-us/articles/216597138-Setting-Advanced-LDAP-Connection-Properties-in-Nexus-Repository-Manager
# nexus.ldap.env.java.naming.security.authentication: simple
# nodeSelector:
# cloud.google.com/gke-nodepool: default-pool
resources:
# minimum recommended memory settings for a small, person instance from
# https://help.sonatype.com/repomanager3/product-information/system-requirements
# requests:
# cpu: 4
# memory: 8Gi
# limits:
# cpu: 4
# memory: 8Gi
# The ports should only be changed if the nexus image uses a different port
nexusPort: 8081
# Default the pods UID and GID to match the nexus3 container.
# Customize or remove these values from the securityContext as appropriate for
# your deployment environment.
securityContext:
runAsUser: 200
runAsGroup: 200
fsGroup: 200
podAnnotations: {}
livenessProbe:
initialDelaySeconds: 30
periodSeconds: 30
failureThreshold: 6
timeoutSeconds: 10
path: /
readinessProbe:
initialDelaySeconds: 30
periodSeconds: 30
failureThreshold: 6
timeoutSeconds: 10
path: /
# hostAliases allows the modification of the hosts file inside a container
hostAliases: []
# - ip: "192.168.1.10"
# hostnames:
# - "example.com"
# - "www.example.com"
nameOverride: ""
fullnameOverride: ""
deployment:
# # Add annotations in deployment to enhance deployment configurations
annotations: {}
# # Add init containers. e.g. to be used to give specific permissions for nexus-data.
# # Add your own init container or uncomment and modify the given example.
initContainers:
# - name: fmp-volume-permission
# image: busybox
# imagePullPolicy: IfNotPresent
# command: ['chown','-R', '200', '/nexus-data']
# volumeMounts:
# - name: nexus-data
# mountPath: /nexus-data
# Uncomment and modify this to run a command after starting the nexus container.
postStart:
command: # '["/bin/sh", "-c", "ls"]'
preStart:
command: # '["/bin/rm", "-f", "/path/to/lockfile"]'
terminationGracePeriodSeconds: 120
additionalContainers:
additionalVolumes:
additionalVolumeMounts:
ingress:
enabled: false
ingressClassName: nginx
annotations:
nginx.ingress.kubernetes.io/proxy-body-size: "0"
hostPath: /
hostRepo: repo.demo
# tls:
# - secretName: nexus-local-tls
# hosts:
# - repo.demo
service:
name: nexus3
enabled: true
labels: {}
annotations: {}
type: ClusterIP
route:
enabled: false
name: docker
portName: docker
labels:
annotations:
# path: /docker
nexusProxyRoute:
enabled: false
labels:
annotations:
# path: /nexus
persistence:
enabled: true
accessMode: ReadWriteOnce
## If defined, storageClass: <storageClass>
## If set to "-", storageClass: "", which disables dynamic provisioning
## If undefined (the default) or set to null, no storageClass spec is
## set, choosing the default provisioner. (gp2 on AWS, standard on
## GKE, AWS & OpenStack)
##
# existingClaim:
# annotations:
# "helm.sh/resource-policy": keep
# storageClass: "-"
storageSize: 8Gi
# If PersistentDisk already exists you can create a PV for it by including the 2 following keypairs.
# pdName: nexus-data-disk
# fsType: ext4
tolerations: []
# Enable configmap and add data in configmap
config:
enabled: false
mountPath: /sonatype-nexus-conf
data: []
# # To use an additional secret, set enable to true and add data
secret:
enabled: false
mountPath: /etc/secret-volume
readOnly: true
data: []
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""