Compare commits
57 Commits
NEXUS-3484
...
lisadurant
Author | SHA1 | Date | |
---|---|---|---|
![]() |
96b919241d | ||
![]() |
5410733d72 | ||
![]() |
02c19b39ee | ||
![]() |
f351b8e244 | ||
![]() |
4902991b0c | ||
![]() |
0734d746eb | ||
![]() |
c7c527174f | ||
![]() |
595db96ef1 | ||
![]() |
97dfe39202 | ||
![]() |
10ee4a5efb | ||
![]() |
1e5ce73111 | ||
![]() |
862f179251 | ||
![]() |
769c3b7f7c | ||
![]() |
e3af231002 | ||
![]() |
a0318927b0 | ||
![]() |
702f846cb2 | ||
![]() |
53b1ba9fcb | ||
![]() |
1cddb6982b | ||
![]() |
cc34987953 | ||
![]() |
d6ac3edf71 | ||
![]() |
9c80534bd0 | ||
![]() |
d90c7f36e8 | ||
![]() |
6e1c74c877 | ||
![]() |
b3785cf228 | ||
![]() |
6dd1b3c662 | ||
![]() |
a40171ae42 | ||
![]() |
c55540bcc7 | ||
![]() |
5c359b9c2c | ||
![]() |
737c1fdc07 | ||
![]() |
662f32ab62 | ||
![]() |
694a919144 | ||
![]() |
4f6f86c972 | ||
![]() |
073dc3d51d | ||
![]() |
526fb55499 | ||
![]() |
a7feecb463 | ||
![]() |
e5abf26148 | ||
![]() |
6238cb0609 | ||
![]() |
80cbc2c1b2 | ||
![]() |
dce7ce20b4 | ||
![]() |
e1a1b9baed | ||
![]() |
af6729642c | ||
![]() |
e33e0077b2 | ||
![]() |
93553957c5 | ||
![]() |
5ee93839e4 | ||
![]() |
6ec044c09b | ||
![]() |
24ee4fc9ed | ||
![]() |
9979f3623f | ||
![]() |
b5ef7c6481 | ||
![]() |
191c271e35 | ||
![]() |
f60bc6237d | ||
![]() |
4c6584ed83 | ||
![]() |
5c5e88f8f1 | ||
![]() |
3ddd0ba925 | ||
![]() |
9e7106f9d1 | ||
![]() |
a6a8a3c60f | ||
![]() |
9fd454a8dd | ||
![]() |
f3c87e8d32 |
6
.gitignore
vendored
Normal file
6
.gitignore
vendored
Normal file
@@ -0,0 +1,6 @@
|
||||
.vs/**
|
||||
.idea/**
|
||||
|
||||
**/test-output.xml
|
||||
|
||||
.DS_Store
|
25
Dockerfile
25
Dockerfile
@@ -1,17 +1,20 @@
|
||||
#
|
||||
# Copyright (c) 2019-present Sonatype, Inc. All rights reserved.
|
||||
# Includes the third-party code listed at http://links.sonatype.com/products/clm/attributions.
|
||||
# "Sonatype" is a trademark of Sonatype, Inc.
|
||||
# Sonatype Nexus (TM) Open Source Version
|
||||
# Copyright (c) 2008-present Sonatype, Inc.
|
||||
# All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions.
|
||||
#
|
||||
# This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0,
|
||||
# which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html.
|
||||
#
|
||||
# Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks
|
||||
# of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the
|
||||
# Eclipse Foundation. All other trademarks are the property of their respective owners.
|
||||
#
|
||||
|
||||
# FROM docker-all.repo.sonatype.com/alpine:latest
|
||||
# LABEL maintainer="operations-group@sontype.com"
|
||||
FROM docker-all.repo.sonatype.com/alpine/helm:3.9.3
|
||||
|
||||
# RUN apk update
|
||||
RUN apk update && apk upgrade && \
|
||||
apk add --no-cache bash git openssh
|
||||
|
||||
# WORKDIR /app
|
||||
# COPY ./src ./
|
||||
RUN mkdir /.local /.cache && chmod 777 /.local /.cache
|
||||
|
||||
# EXPOSE 8080
|
||||
|
||||
# CMD ["./runit"]
|
||||
|
31
Jenkinsfile
vendored
Normal file
31
Jenkinsfile
vendored
Normal file
@@ -0,0 +1,31 @@
|
||||
/*
|
||||
* Sonatype Nexus (TM) Open Source Version
|
||||
* Copyright (c) 2008-present Sonatype, Inc.
|
||||
* All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions.
|
||||
*
|
||||
* This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0,
|
||||
* which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html.
|
||||
*
|
||||
* Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks
|
||||
* of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the
|
||||
* Eclipse Foundation. All other trademarks are the property of their respective owners.
|
||||
*/
|
||||
@Library(['private-pipeline-library', 'jenkins-shared', 'nxrm-jenkins-shared']) _
|
||||
|
||||
dockerizedBuildPipeline(
|
||||
prepare: {
|
||||
githubStatusUpdate('pending')
|
||||
},
|
||||
buildAndTest: {
|
||||
sh './build.sh'
|
||||
},
|
||||
skipVulnerabilityScan: true,
|
||||
archiveArtifacts: 'docs/*',
|
||||
testResults: ['**/test-output.xml'],
|
||||
onSuccess: {
|
||||
nxrmBuildNotifications(currentBuild, env)
|
||||
},
|
||||
onFailure: {
|
||||
nxrmBuildNotifications(currentBuild, env)
|
||||
}
|
||||
)
|
106
Jenkinsfile-Release
Normal file
106
Jenkinsfile-Release
Normal file
@@ -0,0 +1,106 @@
|
||||
/*
|
||||
* Copyright (c) 2020-present Sonatype, Inc. All rights reserved.
|
||||
*
|
||||
* This program is licensed to you under the Apache License Version 2.0,
|
||||
* and you may not use this file except in compliance with the Apache License Version 2.0.
|
||||
* You may obtain a copy of the Apache License Version 2.0 at http://www.apache.org/licenses/LICENSE-2.0.
|
||||
*
|
||||
* Unless required by applicable law or agreed to in writing,
|
||||
* software distributed under the Apache License Version 2.0 is distributed on an
|
||||
* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
* See the Apache License Version 2.0 for the specific language governing permissions and limitations there under.
|
||||
*/
|
||||
@Library(['private-pipeline-library', 'jenkins-shared', 'nxrm-jenkins-shared']) _
|
||||
|
||||
final jira = [
|
||||
versionPrefix: '', project: 'NEXUS', projectId: '12410',
|
||||
credentialId : 'jenkins-jira', autoRelease: true, failOnError: true
|
||||
]
|
||||
|
||||
final jiraVersionMappings = [
|
||||
'nexus-repository-manager': 'helm-nxrm',
|
||||
'nxrm-aws-resiliency': 'helm-nxrm-aws-resiliency'
|
||||
]
|
||||
|
||||
final chartLocation = [
|
||||
'nexus-repository-manager': 'nexus-repository-manager',
|
||||
'nxrm-aws-resiliency': 'nxrm-aws-resiliency'
|
||||
]
|
||||
|
||||
properties([
|
||||
parameters([
|
||||
string(
|
||||
name: 'appVersion',
|
||||
description: 'Version of the application image, like "3.41.0"',
|
||||
),
|
||||
string(
|
||||
name: 'chartVersion',
|
||||
description: '(Optional) Version of the Chart, like "41.0.0". If omitted, it will be calculated from the appVersion.',
|
||||
),
|
||||
])
|
||||
])
|
||||
|
||||
final chartVersion = calculateChartVersion(params.chartVersion, params.appVersion)
|
||||
|
||||
dockerizedBuildPipeline(
|
||||
prepare: {
|
||||
if (! params.appVersion) {
|
||||
error('The appVersion is required.')
|
||||
}
|
||||
githubStatusUpdate('pending')
|
||||
},
|
||||
buildAndTest: {
|
||||
sonatypeZionGitConfig()
|
||||
runSafely "git checkout ${gitBranch(env)}"
|
||||
runSafely "./upgrade.sh ./nexus-repository-manager ${chartVersion} ${params.appVersion}"
|
||||
runSafely "./upgrade.sh ./nxrm-aws-resiliency ${chartVersion} ${params.appVersion}"
|
||||
runSafely './build.sh'
|
||||
runSafely 'git add nxrm-aws-resiliency nexus-repository-manager'
|
||||
},
|
||||
skipVulnerabilityScan: true,
|
||||
archiveArtifacts: 'docs/*',
|
||||
testResults: [],
|
||||
deployCondition: { true },
|
||||
deploy: {
|
||||
runSafely 'git add docs'
|
||||
runSafely "git commit -m 'Release Update for ${chartVersion}'"
|
||||
|
||||
sshagent(credentials: [sonatypeZionCredentialsId()]) {
|
||||
runSafely 'git push'
|
||||
}
|
||||
},
|
||||
postDeploy: {
|
||||
// Create tags
|
||||
String tagName = "${chartVersion}"
|
||||
runSafely "git tag -a ${tagName} -m 'Release Update: ${chartVersion}'"
|
||||
sshagent(credentials: [sonatypeZionCredentialsId()]) {
|
||||
runSafely "git push origin ${tagName}"
|
||||
}
|
||||
},
|
||||
onSuccess: {
|
||||
nxrmBuildNotifications(currentBuild, env)
|
||||
},
|
||||
onFailure: {
|
||||
nxrmBuildNotifications(currentBuild, env)
|
||||
}
|
||||
)
|
||||
|
||||
String calculateChartVersion(final String chartVersion, final String appVersion) {
|
||||
if (chartVersion) {
|
||||
return chartVersion
|
||||
}
|
||||
|
||||
if (! appVersion) {
|
||||
error 'Failed to calculate chartVersion with no appVersion.'
|
||||
}
|
||||
|
||||
final versionParts = parseVersionString(appVersion)
|
||||
final chartMajor = versionParts[1]
|
||||
final chartMinor = versionParts[2]
|
||||
|
||||
if (! chartMajor || ! chartMinor) {
|
||||
error "Failed to calculate chartVersion from appVersion: ${appVersion}"
|
||||
}
|
||||
|
||||
return [chartMajor, chartMinor, '0'].join('.')
|
||||
}
|
28
LICENSE
28
LICENSE
@@ -1,21 +1,13 @@
|
||||
MIT License
|
||||
Copyright (c) 2020-present Sonatype, Inc.
|
||||
|
||||
Copyright (c) 2020 Sonatype
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
||||
|
65
OPSDOC.md
65
OPSDOC.md
@@ -1,65 +0,0 @@
|
||||
<!--
|
||||
Copyright (c) 2019-present Sonatype, Inc. All rights reserved.
|
||||
Includes the third-party code listed at http://links.sonatype.com/products/clm/attributions.
|
||||
"Sonatype" is a trademark of Sonatype, Inc.
|
||||
-->
|
||||
|
||||
## Overview
|
||||
Overview of the service: what is it, why do we have it, who are the primary
|
||||
contacts, how to report bugs, links to design docs and other relevant
|
||||
information.
|
||||
|
||||
### Public Facing Endpoints
|
||||
The URLs (or IPs) and ports used by the service and what they are used for
|
||||
(ALB? SSH? FTP?) and notes about any certificates and their location.
|
||||
|
||||
## Monitoring
|
||||
|
||||
Monitoring dashboards / logging / introspection & obseverbility info.
|
||||
|
||||
### Runbooks
|
||||
|
||||
A list of every alert your monitoring system may generate for this service and
|
||||
a step-by-step "what do to when..." for each of them.
|
||||
|
||||
### SLO
|
||||
Service Level Objectives in a succinct format: a target value or range of
|
||||
values for a service level that is measured by an SLI. A natural structure for
|
||||
SLOs is thus SLI ≤ target, or lower bound ≤ SLI ≤ upper bound. For example, we
|
||||
might decide that we will return Shakespeare search results "quickly," adopting
|
||||
an SLO that our average search request latency should be less than 100
|
||||
milliseconds.
|
||||
|
||||
For more detailed information, please check out the Service Level Objectives
|
||||
doc. If you're still unsure of what your SLOs should be, please reach out to
|
||||
the SREs at #ops-sre-chat.
|
||||
|
||||
Optionally but recommended, have a section of monitoring and dashboards for SLO
|
||||
tracking (see the auth-service OpsDoc for examples of dashboards).
|
||||
|
||||
## Build
|
||||
|
||||
How to build the software that makes the service. Where to download it from,
|
||||
where the source code repository is, steps for building and making a package or
|
||||
other distribution mechanisms. If it is software that you modify in any way
|
||||
(open source project you contribute to or a local project) include instructions
|
||||
for how a new developer gets started. Ideally the end result is a package that
|
||||
can be copied to other machines for installation.
|
||||
|
||||
## Deploy
|
||||
|
||||
How to deploy the service. How to build something from scratch: RAM/disk
|
||||
requirements, OS version and configuration, what packages to install, and so
|
||||
on. If this is automated with a configuration management tool like ansible/etc,
|
||||
then say so.
|
||||
|
||||
## Common Tasks
|
||||
|
||||
Step-by-step instructions for common things like provisioning
|
||||
(add/change/delete), common problems and their solutions, and so on.
|
||||
|
||||
## DR
|
||||
Where are backups of data stored? What are disaster / data recovery
|
||||
procedures?
|
||||
|
||||
|
19
README.md
19
README.md
@@ -1,13 +1,28 @@
|
||||
<!--
|
||||
|
||||
Sonatype Nexus (TM) Open Source Version
|
||||
Copyright (c) 2008-present Sonatype, Inc.
|
||||
All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions.
|
||||
|
||||
This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0,
|
||||
which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html.
|
||||
|
||||
Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks
|
||||
of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the
|
||||
Eclipse Foundation. All other trademarks are the property of their respective owners.
|
||||
|
||||
-->
|
||||
|
||||
## Helm Charts for Sonatype Nexus Repository Manager 3
|
||||
|
||||
We provide Helm charts for two different deployment scenarios:
|
||||
|
||||
See the [AWS Single-Instance Resiliency Chart](./https://github.com/sonatype/nxrm3-helm-repository/tree/main/aws-single-instance-resiliency) if you are doing the following:
|
||||
See the [AWS Single-Instance Resiliency Chart](https://github.com/sonatype/nxrm3-helm-repository/tree/main/nxrm-aws-resiliency) if you are doing the following:
|
||||
* Deploying Nexus Repository Pro to an AWS cloud environment with the desire for automatic failover across Availability Zones (AZs) within a single region
|
||||
* Planning to configure a single Nexus Repository Pro instance within your Kubernetes/EKS cluster with two or more nodes spread across different AZs within an AWS region
|
||||
* Using an external PostgreSQL database (required)
|
||||
|
||||
See the [Single-Instance OSS/Pro Kubernetes Chart](./https://github.com/sonatype/nxrm3-helm-repository/tree/main/single-inst-oss-pro-kubernetes) if you are doing the following:
|
||||
See the [Single-Instance OSS/Pro Kubernetes Chart](https://github.com/sonatype/nxrm3-helm-repository/tree/main/nexus-repository-manager) if you are doing the following:
|
||||
* Using embedded OrientDB (required)
|
||||
* Deploying either Nexus Repository Pro or OSS to an on-premises environment with bare metal/VM server (Node)
|
||||
* Deploying a single Nexus Repository instance within a Kubernetes cluster that has a single Node configured
|
||||
|
14
SECURITY.md
14
SECURITY.md
@@ -1,11 +1,17 @@
|
||||
<!--
|
||||
|
||||
Copyright (c) 2019-present Sonatype, Inc. All rights reserved.
|
||||
Includes the third-party code listed at http://links.sonatype.com/products/clm/attributions.
|
||||
"Sonatype" is a trademark of Sonatype, Inc.
|
||||
Sonatype Nexus (TM) Open Source Version
|
||||
Copyright (c) 2008-present Sonatype, Inc.
|
||||
All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions.
|
||||
|
||||
This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0,
|
||||
which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html.
|
||||
|
||||
Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks
|
||||
of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the
|
||||
Eclipse Foundation. All other trademarks are the property of their respective owners.
|
||||
|
||||
-->
|
||||
|
||||
# Reporting Security Vulnerabilities
|
||||
|
||||
## When to report
|
||||
|
@@ -1,21 +0,0 @@
|
||||
MIT License
|
||||
|
||||
Copyright (c) 2020 Sonatype
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
@@ -1,7 +0,0 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ .Values.serviceAccount.name }}
|
||||
namespace: {{ .Values.namespaces.nexusNs }}
|
||||
annotations:
|
||||
eks.amazonaws.com/role-arn: {{ .Values.serviceAccount.role }}
|
@@ -1,79 +0,0 @@
|
||||
# Declare variables to be passed into your templates.
|
||||
namespaces:
|
||||
nexusNs: nexusrepo
|
||||
cloudwatchNs: amazon-cloudwatch
|
||||
deployment:
|
||||
name: nxrm.deployment
|
||||
clusterName: nxrm-nexus
|
||||
logsRegion: us-east-1
|
||||
initContainer:
|
||||
image:
|
||||
repository: busybox
|
||||
tag: 1.33.1
|
||||
container:
|
||||
image:
|
||||
repository: sonatype/nexus3
|
||||
tag: 3.41.1
|
||||
containerPort: 8081
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
nexusDBName: nexus
|
||||
nexusDBPort: 3306
|
||||
requestLogContainer:
|
||||
image:
|
||||
repository: busybox
|
||||
tag: 1.33.1
|
||||
auditLogContainer:
|
||||
image:
|
||||
repository: busybox
|
||||
tag: 1.33.1
|
||||
taskLogContainer:
|
||||
image:
|
||||
repository: busybox
|
||||
tag: 1.33.1
|
||||
serviceAccount:
|
||||
name: nexus-repository-deployment-sa #This SA is created as part of steps under "AWS Secrets Manager"
|
||||
role: arn:aws:iam::000000000000:role/nxrm-nexus-role #Role with secretsmanager permissions
|
||||
ingress:
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: alb
|
||||
alb.ingress.kubernetes.io/scheme: internal # scheme
|
||||
alb.ingress.kubernetes.io/subnets: subnet-1,subnet-2 #comma separated list of subnet ids
|
||||
dockerIngress: #Ingress for Docker Connector
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: alb
|
||||
alb.ingress.kubernetes.io/scheme: internal # scheme
|
||||
alb.ingress.kubernetes.io/subnets: subnet-1,subnet-2 #comma separated list of subnet ids
|
||||
port: 9090
|
||||
pv:
|
||||
storage: 120Gi
|
||||
volumeMode: Filesystem
|
||||
accessModes: ReadWriteOnce
|
||||
reclaimPolicy: Retain
|
||||
path: /mnt
|
||||
zones:
|
||||
zone1: us-east-1a
|
||||
zone2: us-east-1b
|
||||
pvc:
|
||||
accessModes: ReadWriteOnce
|
||||
storage: 100Gi
|
||||
|
||||
service: #Nexus Repo NodePort Service
|
||||
nexus:
|
||||
type: NodePort
|
||||
protocol: TCP
|
||||
port: 80
|
||||
targetPort: 8081
|
||||
docker: #Nodeport Service for Docker connector
|
||||
type: NodePort
|
||||
protocol: TCP
|
||||
port: 9090
|
||||
targetPort: 9090
|
||||
secret:
|
||||
license:
|
||||
arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:nxrm-nexus-license
|
||||
alias: nxrm-license.lic
|
||||
rds:
|
||||
arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:nxrmrds-cred-nexus
|
||||
adminpassword:
|
||||
arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:admin-nxrm-password
|
29
build.sh
Executable file
29
build.sh
Executable file
@@ -0,0 +1,29 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Sonatype Nexus (TM) Open Source Version
|
||||
# Copyright (c) 2008-present Sonatype, Inc.
|
||||
# All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions.
|
||||
#
|
||||
# This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0,
|
||||
# which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html.
|
||||
#
|
||||
# Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks
|
||||
# of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the
|
||||
# Eclipse Foundation. All other trademarks are the property of their respective owners.
|
||||
#
|
||||
|
||||
helm plugin install https://github.com/quintush/helm-unittest
|
||||
|
||||
set -e
|
||||
|
||||
# lint yaml of charts
|
||||
helm lint ./nxrm-aws-resiliency
|
||||
helm lint ./nexus-repository-manager
|
||||
|
||||
# unit test
|
||||
(cd ./nxrm-aws-resiliency; helm unittest -3 -t junit -o test-output.xml .)
|
||||
(cd ./nexus-repository-manager; helm unittest -3 -t junit -o test-output.xml .)
|
||||
|
||||
# package the charts into tgz archives
|
||||
helm package ./nxrm-aws-resiliency --destination docs
|
||||
helm package ./nexus-repository-manager --destination docs
|
BIN
docs/nexus-repository-manager-41.1.0.tgz
Normal file
BIN
docs/nexus-repository-manager-41.1.0.tgz
Normal file
Binary file not shown.
BIN
docs/nexus-repository-manager-41.1.1.tgz
Normal file
BIN
docs/nexus-repository-manager-41.1.1.tgz
Normal file
Binary file not shown.
BIN
docs/nexus-repository-manager-41.1.2.tgz
Normal file
BIN
docs/nexus-repository-manager-41.1.2.tgz
Normal file
Binary file not shown.
BIN
docs/nexus-repository-manager-41.1.3.tgz
Normal file
BIN
docs/nexus-repository-manager-41.1.3.tgz
Normal file
Binary file not shown.
BIN
docs/nxrm-aws-resiliency-41.1.0.tgz
Normal file
BIN
docs/nxrm-aws-resiliency-41.1.0.tgz
Normal file
Binary file not shown.
BIN
docs/nxrm-aws-resiliency-41.1.1.tgz
Normal file
BIN
docs/nxrm-aws-resiliency-41.1.1.tgz
Normal file
Binary file not shown.
BIN
docs/nxrm-aws-resiliency-41.1.2.tgz
Normal file
BIN
docs/nxrm-aws-resiliency-41.1.2.tgz
Normal file
Binary file not shown.
BIN
docs/nxrm-aws-resiliency-41.1.3.tgz
Normal file
BIN
docs/nxrm-aws-resiliency-41.1.3.tgz
Normal file
Binary file not shown.
13
header.txt
13
header.txt
@@ -1,3 +1,10 @@
|
||||
Copyright (c) 2019-present Sonatype, Inc. All rights reserved.
|
||||
Includes the third-party code listed at http://links.sonatype.com/products/clm/attributions.
|
||||
"Sonatype" is a trademark of Sonatype, Inc.
|
||||
Sonatype Nexus (TM) Open Source Version
|
||||
Copyright (c) 2008-present Sonatype, Inc.
|
||||
All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions.
|
||||
|
||||
This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0,
|
||||
which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html.
|
||||
|
||||
Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks
|
||||
of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the
|
||||
Eclipse Foundation. All other trademarks are the property of their respective owners.
|
||||
|
@@ -3,10 +3,10 @@ name: nexus-repository-manager
|
||||
|
||||
# This is the chart version. This version number should be incremented each time you make changes
|
||||
# to the chart and its templates, including the app version.
|
||||
version: 38.1.0
|
||||
version: 41.1.3
|
||||
# This is the version number of the application being deployed. This version number should be
|
||||
# incremented each time you make changes to the application.
|
||||
appVersion: 3.38.1
|
||||
appVersion: 3.41.1
|
||||
|
||||
description: Sonatype Nexus Repository Manager - Universal Binary repository
|
||||
|
@@ -1,3 +1,18 @@
|
||||
<!--
|
||||
|
||||
Sonatype Nexus (TM) Open Source Version
|
||||
Copyright (c) 2008-present Sonatype, Inc.
|
||||
All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions.
|
||||
|
||||
This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0,
|
||||
which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html.
|
||||
|
||||
Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks
|
||||
of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the
|
||||
Eclipse Foundation. All other trademarks are the property of their respective owners.
|
||||
|
||||
-->
|
||||
|
||||
# Nexus Repository
|
||||
|
||||
[Nexus Repository OSS](https://www.sonatype.com/nexus-repository-oss) provides universal support for all major build tools.
|
@@ -7,7 +7,7 @@ deploymentStrategy: Recreate
|
||||
image:
|
||||
# Sonatype Official Public Image
|
||||
repository: sonatype/nexus3
|
||||
tag: 3.38.1
|
||||
tag: 3.41.1
|
||||
pullPolicy: IfNotPresent
|
||||
|
||||
nexus:
|
@@ -1,6 +1,6 @@
|
||||
apiVersion: v2
|
||||
name: nxrm-aws-resiliency
|
||||
description: Helm chart for a Resilient Nexus Repository deployment in AWS
|
||||
description: Resilient AWS Deployment of Sonatype Nexus Repository Manager - Universal Binary repository
|
||||
|
||||
# A chart can be either an 'application' or a 'library' chart.
|
||||
#
|
||||
@@ -15,10 +15,27 @@ type: application
|
||||
# This is the chart version. This version number should be incremented each time you make changes
|
||||
# to the chart and its templates, including the app version.
|
||||
# Versions are expected to follow Semantic Versioning (https://semver.org/)
|
||||
version: 41.1.0
|
||||
version: 41.1.3
|
||||
|
||||
# This is the version number of the application being deployed. This version number should be
|
||||
# incremented each time you make changes to the application. Versions are not expected to
|
||||
# follow Semantic Versioning. They should reflect the version the application is using.
|
||||
# It is recommended to use it with quotes.
|
||||
appVersion: "3.41.1"
|
||||
appVersion: 3.41.1
|
||||
|
||||
keywords:
|
||||
- artifacts
|
||||
- dependency
|
||||
- management
|
||||
- sonatype
|
||||
- nexus
|
||||
- repository
|
||||
- quickstart
|
||||
- ci
|
||||
- repository-manager
|
||||
- nexus3
|
||||
home: https://www.sonatype.com/nexus-repository-oss
|
||||
icon: https://sonatype.github.io/helm3-charts/NexusRepo_Vertical.svg
|
||||
maintainers:
|
||||
- name: Sonatype
|
||||
|
13
nxrm-aws-resiliency/LICENSE
Normal file
13
nxrm-aws-resiliency/LICENSE
Normal file
@@ -0,0 +1,13 @@
|
||||
Copyright (c) 2020-present Sonatype, Inc.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
@@ -1,3 +1,18 @@
|
||||
<!--
|
||||
|
||||
Sonatype Nexus (TM) Open Source Version
|
||||
Copyright (c) 2008-present Sonatype, Inc.
|
||||
All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions.
|
||||
|
||||
This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0,
|
||||
which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html.
|
||||
|
||||
Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks
|
||||
of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the
|
||||
Eclipse Foundation. All other trademarks are the property of their respective owners.
|
||||
|
||||
-->
|
||||
|
||||
# Helm Chart for a Resilient Nexus Repository Deployment in AWS
|
||||
|
||||
This Helm chart configures the Kubernetes resources that are needed for a resilient Nexus Repository deployment on AWS as described in our documented [single-node cloud resilient deployment example using AWS](https://help.sonatype.com/repomanager3/planning-your-implementation/resiliency-and-high-availability/single-node-cloud-resilient-deployment-example-using-aws).
|
||||
@@ -48,13 +63,17 @@ You will also need to complete the steps below. See the referenced AWS documenta
|
||||
---
|
||||
|
||||
## Deployment
|
||||
1. Pull the [nxrm-resiliency-aws-helmchart](https://github.com/sonatype/nxrm3-helm-repository/blob/main/aws-single-instance-resiliency/Chart.yaml).
|
||||
1. Add the sonatype repo to your helm:
|
||||
```helm repo add sonatype https://sonatype.github.io/helm3-charts/ ```
|
||||
2. Ensure you have updated your values.yaml with appropriate values for your environment.
|
||||
- Note that you can specify Ingress annotations via the values.yaml.
|
||||
- If you wish to add [Labels](https://kubernetes.io/docs/concepts/overview/working-with-objects/labels/), you can do so via kubectl. See the [kubectl Cheat Sheet](https://kubernetes.io/docs/reference/kubectl/cheatsheet/) for specific commands.
|
||||
|
||||
3. Install the chart using the following:
|
||||
|
||||
```helm install nxrm nexus/nxrm-aws-resiliency --values values.yaml```
|
||||
```helm install nxrm sonatype/nxrm-aws-resiliency -f values.yaml```
|
||||
|
||||
3. Get the Nexus Repository link using the following:
|
||||
4. Get the Nexus Repository link using the following:
|
||||
|
||||
```kubectl get ingresses -n nexusrepo```
|
||||
|
66
nxrm-aws-resiliency/templates/external-dns-rbac.yml
Normal file
66
nxrm-aws-resiliency/templates/external-dns-rbac.yml
Normal file
@@ -0,0 +1,66 @@
|
||||
# comment out sa if it was previously created
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRole
|
||||
metadata:
|
||||
name: external-dns
|
||||
namespace: {{ .Values.namespaces.externaldnsNs }}
|
||||
labels:
|
||||
app.kubernetes.io/name: external-dns
|
||||
rules:
|
||||
- apiGroups: [""]
|
||||
resources: ["services","endpoints","pods","nodes"]
|
||||
verbs: ["get","watch","list"]
|
||||
- apiGroups: ["extensions","networking.k8s.io"]
|
||||
resources: ["ingresses"]
|
||||
verbs: ["get","watch","list"]
|
||||
---
|
||||
apiVersion: rbac.authorization.k8s.io/v1
|
||||
kind: ClusterRoleBinding
|
||||
metadata:
|
||||
name: external-dns-viewer
|
||||
namespace: {{ .Values.namespaces.externaldnsNs }}
|
||||
labels:
|
||||
app.kubernetes.io/name: external-dns
|
||||
roleRef:
|
||||
apiGroup: rbac.authorization.k8s.io
|
||||
kind: ClusterRole
|
||||
name: external-dns
|
||||
subjects:
|
||||
- kind: ServiceAccount
|
||||
name: {{ .Values.serviceAccount.externaldns.name }}
|
||||
namespace: {{ .Values.namespaces.externaldnsNs }}
|
||||
---
|
||||
apiVersion: apps/v1
|
||||
kind: Deployment
|
||||
metadata:
|
||||
name: external-dns
|
||||
namespace: {{ .Values.namespaces.externaldnsNs }}
|
||||
labels:
|
||||
app.kubernetes.io/name: external-dns
|
||||
spec:
|
||||
strategy:
|
||||
type: Recreate
|
||||
selector:
|
||||
matchLabels:
|
||||
app.kubernetes.io/name: external-dns
|
||||
template:
|
||||
metadata:
|
||||
labels:
|
||||
app.kubernetes.io/name: external-dns
|
||||
spec:
|
||||
serviceAccountName: external-dns
|
||||
containers:
|
||||
- name: external-dns
|
||||
image: k8s.gcr.io/external-dns/external-dns:v0.11.0
|
||||
args:
|
||||
- --source=service
|
||||
- --source=ingress
|
||||
- --domain-filter={{ .Values.externaldns.domainFilter }} # will make ExternalDNS see only the hosted zones matching provided domain, omit to process all available hosted zones
|
||||
- --provider=aws
|
||||
- --policy=upsert-only # would prevent ExternalDNS from deleting any records, omit to enable full synchronization
|
||||
- --aws-zone-type={{ .Values.externaldns.awsZoneType }} # only look at public hosted zones (valid values are public, private or no value for both)
|
||||
- --registry=txt
|
||||
- --txt-owner-id=external-dns
|
||||
env:
|
||||
- name: AWS_DEFAULT_REGION
|
||||
value: {{ .Values.deployment.clusterRegion }}
|
@@ -77,7 +77,7 @@ data:
|
||||
[INPUT]
|
||||
Name tail
|
||||
Tag nexus.nexus-log
|
||||
Path /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-nxrm.deployment-*-*_{{ .Values.namespaces.nexusNs }}_nxrm-app-*.log
|
||||
Path /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-nxrm.deployment*{{ .Values.namespaces.nexusNs }}_nxrm-app-*.log
|
||||
Parser docker
|
||||
DB /var/fluent-bit/state/flb_container.db
|
||||
Mem_Buf_Limit 5MB
|
||||
@@ -112,7 +112,7 @@ data:
|
||||
[INPUT]
|
||||
Name tail
|
||||
Tag nexus.request-log
|
||||
Path /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-nxrm.deployment-*-*_{{ .Values.namespaces.nexusNs }}_request-log-*.log
|
||||
Path /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-nxrm.deployment*{{ .Values.namespaces.nexusNs }}_request-log-*.log
|
||||
Parser docker
|
||||
DB /var/fluent-bit/state/flb_container.db
|
||||
Mem_Buf_Limit 5MB
|
||||
@@ -147,7 +147,7 @@ data:
|
||||
[INPUT]
|
||||
Name tail
|
||||
Tag nexus.audit-log
|
||||
Path /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-nxrm.deployment-*-*_{{ .Values.namespaces.nexusNs }}_audit-log-*.log
|
||||
Path /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-nxrm.deployment*{{ .Values.namespaces.nexusNs }}_audit-log-*.log
|
||||
Parser docker
|
||||
DB /var/fluent-bit/state/flb_container.db
|
||||
Mem_Buf_Limit 5MB
|
||||
@@ -182,7 +182,7 @@ data:
|
||||
[INPUT]
|
||||
Name tail
|
||||
Tag nexus.tasks-log
|
||||
Path /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-nxrm.deployment-*-*_{{ .Values.namespaces.nexusNs }}_tasks-log-*.log
|
||||
Path /var/log/containers/{{ .Chart.Name }}-{{ .Chart.Version }}.{{ .Release.Name }}-nxrm.deployment*{{ .Values.namespaces.nexusNs }}_tasks-log-*.log
|
||||
Parser docker
|
||||
DB /var/fluent-bit/state/flb_container.db
|
||||
Mem_Buf_Limit 5MB
|
||||
@@ -263,7 +263,7 @@ spec:
|
||||
spec:
|
||||
containers:
|
||||
- name: fluent-bit
|
||||
image: amazon/aws-for-fluent-bit:2.10.0
|
||||
image: amazon/aws-for-fluent-bit:{{ .Values.deployment.fluentBitVersion }}
|
||||
imagePullPolicy: Always
|
||||
env:
|
||||
- name: AWS_REGION
|
@@ -9,7 +9,12 @@ metadata:
|
||||
{{- end }}
|
||||
spec:
|
||||
rules:
|
||||
{{- if .Values.ingress.host }}
|
||||
- host: {{ .Values.ingress.host }}
|
||||
http:
|
||||
{{- else }}
|
||||
- http:
|
||||
{{- end }}
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
@@ -30,7 +35,12 @@ metadata:
|
||||
{{- end }}
|
||||
spec:
|
||||
rules:
|
||||
{{- if .Values.ingress.dockerIngress.host }}
|
||||
- host: {{ .Values.ingress.dockerIngress.host }}
|
||||
http:
|
||||
{{- else}}
|
||||
- http:
|
||||
{{- end }}
|
||||
paths:
|
||||
- path: /
|
||||
pathType: Prefix
|
||||
@@ -38,4 +48,4 @@ spec:
|
||||
service:
|
||||
name: {{ .Chart.Name }}-docker-service
|
||||
port:
|
||||
number: {{ .Values.ingress.dockerIngress.port }}
|
||||
number: {{ .Values.service.docker.port }}
|
@@ -8,3 +8,8 @@ kind: Namespace
|
||||
metadata:
|
||||
name: {{ .Values.namespaces.cloudwatchNs }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: Namespace
|
||||
metadata:
|
||||
name: {{ .Values.namespaces.externaldnsNs }}
|
||||
---
|
16
nxrm-aws-resiliency/templates/serviceaccount.yaml
Normal file
16
nxrm-aws-resiliency/templates/serviceaccount.yaml
Normal file
@@ -0,0 +1,16 @@
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ .Values.serviceAccount.name }}
|
||||
namespace: {{ .Values.namespaces.nexusNs }}
|
||||
annotations:
|
||||
eks.amazonaws.com/role-arn: {{ .Values.serviceAccount.role }}
|
||||
---
|
||||
apiVersion: v1
|
||||
kind: ServiceAccount
|
||||
metadata:
|
||||
name: {{ .Values.serviceAccount.externaldns.name }}
|
||||
namespace: {{ .Values.namespaces.externaldnsNs }}
|
||||
annotations:
|
||||
eks.amazonaws.com/role-arn: {{ .Values.serviceAccount.externaldns.role }}
|
||||
---
|
@@ -26,7 +26,7 @@ spec:
|
||||
selector:
|
||||
app: nxrm
|
||||
ports:
|
||||
- name: docker-connector
|
||||
- name: docker-service
|
||||
protocol: {{ .Values.service.docker.protocol }}
|
||||
port: {{ .Values.service.docker.port }}
|
||||
targetPort: {{ .Values.service.docker.targetPort }}
|
93
nxrm-aws-resiliency/values.yaml
Normal file
93
nxrm-aws-resiliency/values.yaml
Normal file
@@ -0,0 +1,93 @@
|
||||
# Declare variables to be passed into your templates.
|
||||
namespaces:
|
||||
nexusNs: nexusrepo
|
||||
cloudwatchNs: amazon-cloudwatch
|
||||
externaldnsNs: nexus-externaldns
|
||||
externaldns:
|
||||
domainFilter: example.com #your root domain e.g example.com
|
||||
awsZoneType: private # hosted zone to look at (valid values are public, private or no value for both)
|
||||
deployment:
|
||||
clusterRegion: us-east-1
|
||||
name: nxrm.deployment
|
||||
clusterName: nxrm-nexus
|
||||
logsRegion: us-east-1
|
||||
fluentBitVersion: 2.28.0
|
||||
initContainer:
|
||||
image:
|
||||
repository: busybox
|
||||
tag: 1.33.1
|
||||
container:
|
||||
image:
|
||||
repository: sonatype/nexus3
|
||||
tag: 3.41.1
|
||||
containerPort: 8081
|
||||
pullPolicy: IfNotPresent
|
||||
env:
|
||||
nexusDBName: nexus
|
||||
nexusDBPort: 3306
|
||||
requestLogContainer:
|
||||
image:
|
||||
repository: busybox
|
||||
tag: 1.33.1
|
||||
auditLogContainer:
|
||||
image:
|
||||
repository: busybox
|
||||
tag: 1.33.1
|
||||
taskLogContainer:
|
||||
image:
|
||||
repository: busybox
|
||||
tag: 1.33.1
|
||||
serviceAccount:
|
||||
name: nexus-repository-deployment-sa #This SA is created as part of steps under "AWS Secrets Manager"
|
||||
role: arn:aws:iam::000000000000:role/nxrm-nexus-role #Role with secretsmanager permissions
|
||||
externaldns:
|
||||
name: external-dns
|
||||
role: arn:aws:iam::000000000000:role/nexusrepo-external-dns-irsa-role #Role with route53 permissions needed by external-dns
|
||||
ingress:
|
||||
#host: "example.com" #host to apply this ingress rule to. Uncomment this in your values.yaml and set it as you wish
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: alb
|
||||
alb.ingress.kubernetes.io/scheme: internal # scheme
|
||||
alb.ingress.kubernetes.io/subnets: subnet-1,subnet-2 #comma separated list of subnet ids
|
||||
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]'
|
||||
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:0000000000000:certificate/00000000-1111-2222-3333-444444444444 # The AWS Certificate Manager ARN for your HTTPS certificate
|
||||
dockerIngress: #Ingress for Docker Connector - comment out if you don't use docker repositories
|
||||
annotations:
|
||||
kubernetes.io/ingress.class: alb # comment out if you don't use docker repositories
|
||||
alb.ingress.kubernetes.io/scheme: internal # scheme comment out if you don't use docker repositories
|
||||
alb.ingress.kubernetes.io/subnets: subnet-1,subnet-2 #comma separated list of subnet ids, comment out if you don't use docker repositories
|
||||
alb.ingress.kubernetes.io/listen-ports: '[{"HTTPS":443}]' #comment out if you don't use docker repositories
|
||||
alb.ingress.kubernetes.io/certificate-arn: arn:aws:acm:us-east-1:0000000000000:certificate/00000000-1111-2222-3333-444444444444 # Comment out if you don't use docker repositories - The AWS Certificate Manager ARN for your HTTPS certificate
|
||||
external-dns.alpha.kubernetes.io/hostname: dockerrepo1.example.com, dockerrepo2.example.com, dockerrepo3.example.com # Add more docker subdomains using dockerrepoName.example.com othereise comment out if you don't use docker repositories
|
||||
pv:
|
||||
storage: 120Gi
|
||||
volumeMode: Filesystem
|
||||
accessModes: ReadWriteOnce
|
||||
reclaimPolicy: Retain
|
||||
path: /mnt
|
||||
zones:
|
||||
zone1: us-east-1a
|
||||
zone2: us-east-1b
|
||||
pvc:
|
||||
accessModes: ReadWriteOnce
|
||||
storage: 100Gi
|
||||
|
||||
service: #Nexus Repo NodePort Service
|
||||
nexus:
|
||||
type: NodePort
|
||||
protocol: TCP
|
||||
port: 80
|
||||
targetPort: 8081
|
||||
docker: #Nodeport Service for Docker Service
|
||||
type: NodePort
|
||||
protocol: TCP
|
||||
port: 9090
|
||||
targetPort: 8081
|
||||
secret:
|
||||
license:
|
||||
arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:nxrm-nexus-license
|
||||
alias: nxrm-license.lic
|
||||
rds:
|
||||
arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:nxrmrds-cred-nexus
|
||||
adminpassword:
|
||||
arn: arn:aws:secretsmanager:us-east-1:000000000000:secret:admin-nxrm-password
|
BIN
single-inst-oss-pro-kubernetes/.DS_Store
vendored
BIN
single-inst-oss-pro-kubernetes/.DS_Store
vendored
Binary file not shown.
BIN
single-inst-oss-pro-kubernetes/templates/.DS_Store
vendored
BIN
single-inst-oss-pro-kubernetes/templates/.DS_Store
vendored
Binary file not shown.
39
upgrade.sh
Executable file
39
upgrade.sh
Executable file
@@ -0,0 +1,39 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
# Sonatype Nexus (TM) Open Source Version
|
||||
# Copyright (c) 2008-present Sonatype, Inc.
|
||||
# All rights reserved. Includes the third-party code listed at http://links.sonatype.com/products/nexus/oss/attributions.
|
||||
#
|
||||
# This program and the accompanying materials are made available under the terms of the Eclipse Public License Version 1.0,
|
||||
# which accompanies this distribution and is available at http://www.eclipse.org/legal/epl-v10.html.
|
||||
#
|
||||
# Sonatype Nexus (TM) Professional Version is available from Sonatype, Inc. "Sonatype" and "Sonatype Nexus" are trademarks
|
||||
# of Sonatype, Inc. Apache Maven is a trademark of the Apache Software Foundation. M2eclipse is a trademark of the
|
||||
# Eclipse Foundation. All other trademarks are the property of their respective owners.
|
||||
#
|
||||
|
||||
if [ $# != 3 ]; then
|
||||
echo "Usage: $0 <dir> <chart-version> <app-version>"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
DIR="$1"
|
||||
CHART_VERSION="$2"
|
||||
APP_VERSION="$3"
|
||||
|
||||
OUTPUT_FILE=$(mktemp)
|
||||
|
||||
cat "$DIR/Chart.yaml" \
|
||||
| sed -E "s/version: .+/version: $CHART_VERSION/" \
|
||||
| sed -E "s/appVersion: .+/appVersion: $APP_VERSION/" \
|
||||
> "$OUTPUT_FILE"
|
||||
|
||||
mv "$OUTPUT_FILE" "$DIR/Chart.yaml"
|
||||
|
||||
cat "$DIR/values.yaml" \
|
||||
| sed -E "s/^ tag: .+$/ tag: $APP_VERSION/" \
|
||||
> "$OUTPUT_FILE"
|
||||
|
||||
mv "$OUTPUT_FILE" "$DIR/values.yaml"
|
||||
|
||||
git diff "$DIR"
|
Reference in New Issue
Block a user