fix: [#384] Create groups. (#386)

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* feat: Determine what images are running in a k8s cluster.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

* fix: [#384] Create groups.

.dive-ci

@@ -0,0 +1,13 @@
+rules:
+  # If the efficiency is measured below X%, mark as failed.
+  # Expressed as a ratio between 0-1.
+  lowestEfficiency: 0.90
+
+  # If the amount of wasted space is at least X or larger than X, mark as failed.
+  # Expressed in B, KB, MB, and GB.
+  highestWastedBytes: 20MB
+
+  # If the amount of wasted space makes up for X% or more of the image, mark as failed.
+  # Note: the base image layer is NOT included in the total image size.
+  # Expressed as a ratio between 0-1; fails if the threshold is met or crossed.
+  highestUserWastedPercent: 0.25

.github/dependabot.yml

@@ -0,0 +1,15 @@
+---
+version: 2
+updates:
+  - package-ecosystem: 'docker'
+    directory: '/'
+    schedule:
+      interval: 'weekly'
+  - package-ecosystem: 'github-actions'
+    directory: '/'
+    schedule:
+      interval: 'weekly'
+  - package-ecosystem: 'gomod'
+    directory: '/'
+    schedule:
+      interval: 'weekly'

.github/workflows/trivy.yml

@@ -12,11 +12,21 @@ jobs:
         run: |
           docker build -t utrecht/n3dr:${{ github.sha }} .
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.14.0
         with:
           image-ref: 'utrecht/n3dr:${{ github.sha }}'
           format: 'table'
           exit-code: '1'
           ignore-unfixed: true
           vuln-type: 'os,library'
           severity: 'CRITICAL,HIGH'
+          trivyignores: .trivyignore
+      - name: Run Trivy vulnerability scanner in fs mode
+        uses: aquasecurity/[email protected]
+        with:
+          scan-type: 'fs'
+          scan-ref: '.'
+          exit-code: '1'
+          ignore-unfixed: true
+          severity: 'CRITICAL,HIGH'
+          trivyignores: .trivyignore

.trivyignore

@@ -0,0 +1 @@
+#CVE-2023-5363

Dockerfile

@@ -5,13 +5,16 @@ RUN adduser -D -g '' $USERNAME
 COPY . /go/${USERNAME}/
 WORKDIR /go/${USERNAME}/cmd/${USERNAME}
 RUN apk add --no-cache \
-  git=~2 && \
-  CGO_ENABLED=0 go build -ldflags "-X main.Version=${VERSION}" -buildvcs=false && \
-  cp n3dr /n3dr
+        git=~2 && \
+        CGO_ENABLED=0 go build -ldflags "-X main.Version=${VERSION}" -buildvcs=false && \
+        cp n3dr /n3dr
 
-FROM alpine:3.18.3
+FROM alpine:3.18.4
 COPY --from=builder /etc/passwd /etc/passwd
 COPY --from=builder /n3dr /usr/local/bin/n3dr
 COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
+RUN apk add --no-cache \
+        libcrypto3=3.1.4-r1 \
+        libssl3=3.1.4-r1
 USER n3dr
-ENTRYPOINT ["/usr/local/bin/n3dr"]
+ENTRYPOINT ["n3dr"]

README.md

@@ -8,7 +8,7 @@
 [![DevOps SE Questions](https://img.shields.io/stackexchange/devops/t/n3dr.svg?logo=stackexchange)](https://devops.stackexchange.com/tags/n3dr)
 [![ServerFault SE Questions](https://img.shields.io/stackexchange/serverfault/t/n3dr.svg?logo=serverfault)](https://serverfault.com/tags/n3dr)
 [![Docker Pulls](https://img.shields.io/docker/pulls/utrecht/n3dr?logo=docker&logoColor=white)](https://hub.docker.com/r/utrecht/n3dr)
-![Docker Image Size (latest semver)](https://img.shields.io/docker/image-size/utrecht/n3dr?logo=docker&logoColor=white&sort=semver)
+[![Docker Image Size (latest semver)](https://img.shields.io/docker/image-size/utrecht/n3dr?logo=docker&logoColor=white&sort=semver)](https://hub.docker.com/r/utrecht/n3dr)
 ![Issues](https://img.shields.io/github/issues-raw/030/n3dr.svg)
 ![Pull requests](https://img.shields.io/github/issues-pr-raw/030/n3dr.svg)
 ![Total downloads](https://img.shields.io/github/downloads/030/n3dr/total.svg)

build/package/snap/snapcraft.yaml

@@ -1,7 +1,7 @@
 ---
 name: n3dr
 base: core20
-version: 7.3.1
+version: 7.3.2
 summary: Nexus3 Disaster Recovery
 description: |
   Download all artifacts at once or migrate automatically from Nexus to Nexus.

cmd/n3dr/configRepository.go

@@ -1,6 +1,7 @@
 package main
 
 import (
+	"fmt"
 	"os"
 
 	"github.com/030/n3dr/internal/app/n3dr/config/repository"
@@ -13,8 +14,109 @@ var (
 	configRepoDockerPortSecure, configRepoDelete, snapshot, strictContentTypeValidation bool
 	configRepoDockerPort                                                                int32
 	configRepoName, configRepoRecipe, configRepoType, configRepoProxyURL                string
+	configRepoGroupMemberNames                                                          []string
 )
 
+type repo struct {
+	conn               repository.Repository
+	kind, name, recipe string
+	snapshot           bool
+}
+
+var repoRecipeAndKindNotSupported = "repoRecipe: '%s' not supported in conjunction with repoKind: '%s'"
+
+func (r *repo) createByType() error {
+	switch configRepoType {
+	case "apt":
+		return r.Apt()
+	case "docker":
+		return r.Docker()
+	case "gem":
+		return r.Gem()
+	case "maven2":
+		return r.Maven2()
+	case "npm":
+		return r.Npm()
+	case "raw":
+		return r.Raw()
+	case "yum":
+		return r.Yum()
+	default:
+		return fmt.Errorf("configRepoType should not be empty, but: 'apt', 'docker', 'gem', 'maven2', 'npm' 'raw' or 'yum' and not: '%s'. Did you populate the --configRepoType parameter?", configRepoType)
+	}
+}
+
+func (r *repo) Apt() error {
+	switch r.recipe {
+	case "proxy":
+		return r.conn.CreateAptProxied(r.name)
+	default:
+		return fmt.Errorf(repoRecipeAndKindNotSupported, r.recipe, r.kind)
+	}
+}
+
+func (r *repo) Docker() error {
+	switch r.recipe {
+	case "hosted":
+		return r.conn.CreateDockerHosted(configRepoDockerPortSecure, configRepoDockerPort, r.name)
+	default:
+		return fmt.Errorf(repoRecipeAndKindNotSupported, r.recipe, r.kind)
+	}
+}
+
+func (r *repo) Gem() error {
+	switch r.recipe {
+	case "hosted":
+		return r.conn.CreateGemHosted(r.name)
+	default:
+		return fmt.Errorf(repoRecipeAndKindNotSupported, r.recipe, r.kind)
+	}
+}
+
+func (r *repo) Maven2() error {
+	switch r.recipe {
+	case "group":
+		return r.conn.CreateMavenGroup(configRepoGroupMemberNames, r.name)
+	case "hosted":
+		return r.conn.CreateMavenHosted(r.name, snapshot)
+	case "proxy":
+		return r.conn.CreateMavenProxied(r.name)
+	default:
+		return fmt.Errorf(repoRecipeAndKindNotSupported, r.recipe, r.kind)
+	}
+}
+
+func (r *repo) Npm() error {
+	switch r.recipe {
+	case "hosted":
+		return r.conn.CreateNpmHosted(r.name, snapshot)
+	case "proxy":
+		return r.conn.CreateNpmProxied(r.name)
+	default:
+		return fmt.Errorf(repoRecipeAndKindNotSupported, r.recipe, r.kind)
+	}
+}
+
+func (r *repo) Raw() error {
+	switch r.recipe {
+	case "hosted":
+		return r.conn.CreateRawHosted(r.name)
+	default:
+		return fmt.Errorf(repoRecipeAndKindNotSupported, r.recipe, r.kind)
+	}
+}
+
+func (r *repo) Yum() error {
+	switch r.recipe {
+	case "hosted":
+		return r.conn.CreateYumHosted(r.name)
+	case "proxy":
+		return r.conn.CreateYumProxied(r.name)
+	default:
+		return fmt.Errorf(repoRecipeAndKindNotSupported, r.recipe, r.kind)
+	}
+}
+
 // configRepositoryCmd represents the configRepository command.
 var configRepositoryCmd = &cobra.Command{
 	Use:   "configRepository",
@@ -26,6 +128,9 @@ Examples:
   # Create a Docker repository:
   n3dr configRepository -u some-user -p some-pass -n localhost:9000 --https=false --configRepoName some-name --configRepoType docker
 
+  # Create a Maven2 repository if credentials and FQDN have been set in a '~/.n3dr/config.yml' file:
+  n3dr configRepository --configRepoName some-name --configRepoType maven2
+
   # Create a Maven2 repository:
   n3dr configRepository -u some-user -p some-pass -n localhost:9000 --https=false --configRepoName some-name --configRepoType maven2
 
@@ -40,6 +145,16 @@ Examples:
 
   # Create a Rubygems repository:
   n3dr configRepository -u admin -p some-pass -n localhost:9000 --https=false --configRepoName 3rdparty-rubygems --configRepoType gem
+
+  # Create Maven2 proxies:
+  n3dr configRepository --configRepoType maven2 --configRepoName 3rdparty-maven --configRepoRecipe proxy --configRepoProxyURL https://repo.maven.apache.org/maven2/
+  n3dr configRepository --configRepoType maven2 --configRepoName 3rdparty-maven-gradle-plugins --configRepoRecipe proxy --configRepoProxyURL https://plugins.gradle.org/m2/
+
+  # Create a NPM proxy:
+  n3dr configRepository --configRepoType npm --configRepoName 3rdparty-npm --configRepoRecipe proxy --configRepoProxyURL https://registry.npmjs.org/
+
+  # Create a Maven2 group:
+  n3dr configRepository --configRepoType maven2 --configRepoRecipe group --configRepoName some-group --configRepoGroupMemberNames releases,snapshots
 `,
 	Run: func(cmd *cobra.Command, args []string) {
 		n := connection.Nexus3{
@@ -49,10 +164,10 @@ Examples:
 			StrictContentTypeValidation: strictContentTypeValidation,
 			User:                        n3drUser,
 		}
-		r := repository.Repository{Nexus3: n}
+		rr := repository.Repository{Nexus3: n}
 
 		if configRepoDelete {
-			if err := r.Delete(configRepoName); err != nil {
+			if err := rr.Delete(configRepoName); err != nil {
 				log.Fatal(err)
 			}
 			os.Exit(0)
@@ -62,64 +177,17 @@ Examples:
 			log.Fatal("configRepoReceipe should not be empty")
 		}
 
-		if configRepoRecipe == "proxy" {
-			if configRepoProxyURL == "" {
-				log.Fatal("configRepoProxyURL should not be empty")
-			}
-			r.ProxyRemoteURL = configRepoProxyURL
+		if configRepoRecipe == "proxy" && configRepoProxyURL == "" {
+			log.Fatal("configRepoProxyURL should not be empty")
+		} else {
+			rr.ProxyRemoteURL = configRepoProxyURL
+			log.Infof("configRepoProxyURL has been set to: '%s'", rr.ProxyRemoteURL)
 		}
 
-		switch configRepoType {
-		case "apt":
-			if configRepoRecipe == "proxy" {
-				if err := r.CreateAptProxied(configRepoName); err != nil {
-					log.Fatal(err)
-				}
-			}
-		case "docker":
-			if configRepoRecipe == "hosted" {
-				if err := r.CreateDockerHosted(configRepoDockerPortSecure, configRepoDockerPort, configRepoName); err != nil {
-					log.Fatal(err)
-				}
-			}
-		case "gem":
-			if configRepoRecipe == "hosted" {
-				if err := r.CreateGemHosted(configRepoName); err != nil {
-					log.Fatal(err)
-				}
-			}
-		case "maven2":
-			if configRepoRecipe == "hosted" {
-				if err := r.CreateMavenHosted(configRepoName, snapshot); err != nil {
-					log.Fatal(err)
-				}
-			}
-		case "npm":
-			if configRepoRecipe == "hosted" {
-				if err := r.CreateNpmHosted(configRepoName, snapshot); err != nil {
-					log.Fatal(err)
-				}
-			}
-		case "raw":
-			if configRepoRecipe == "hosted" {
-				if err := r.CreateRawHosted(configRepoName); err != nil {
-					log.Fatal(err)
-				}
-			}
-		case "yum":
-			if configRepoRecipe == "hosted" {
-				if err := r.CreateYumHosted(configRepoName); err != nil {
-					log.Fatal(err)
-				}
-			} else if configRepoRecipe == "proxy" {
-				if err := r.CreateYumProxied(configRepoName); err != nil {
-					log.Fatal(err)
-				}
-			} else {
-				log.Fatalf("configRepoRecipe: '%s' not supported in conjunction with configRepoType: '%s'", configRepoRecipe, configRepoType)
-			}
-		default:
-			log.Fatalf("configRepoType should not be empty, but: 'apt', 'docker', 'maven2', 'raw' or 'yum' and not: '%s'. Did you populate the --configRepoType parameter?", configRepoType)
+		log.Infof("creating repo: '%s' of type: '%s'", configRepoName, configRepoType)
+		r := repo{conn: rr, kind: configRepoType, name: configRepoName, recipe: configRepoRecipe, snapshot: snapshot}
+		if err := r.createByType(); err != nil {
+			log.Fatalf("repo not created. Error: '%v'", err)
 		}
 	},
 }
@@ -140,4 +208,5 @@ func init() {
 	configRepositoryCmd.Flags().Int32Var(&configRepoDockerPort, "configRepoDockerPort", 8082, "The docker connector port, e.g. 8082")
 	configRepositoryCmd.Flags().BoolVar(&configRepoDockerPortSecure, "configRepoDockerPortSecure", false, "Whether the docker connector port should be secure")
 	configRepositoryCmd.Flags().BoolVar(&strictContentTypeValidation, "strictContentTypeValidation", true, "whether strictContentTypeValidation should be enabled")
+	configRepositoryCmd.Flags().StringSliceVar(&configRepoGroupMemberNames, "configRepoGroupMemberNames", []string{}, "The repository type, e.g.: 'apt', 'raw'")
 }

cmd/n3dr/root.go

@@ -219,7 +219,7 @@ func parseConfig(cfgFile string) error {
 			return err
 		}
 	} else {
-		log.Warnf("Looked for config file: '%v', but found: '%v' including err: '%v'. Check whether it exists, the YAML is correct and the content is valid", cfgFile, viper.ConfigFileUsed(), err)
+		log.Debugf("Looked for config file: '%v', but found: '%v' including err: '%v'. Check whether it exists, the YAML is correct and the content is valid", cfgFile, viper.ConfigFileUsed(), err)
 	}
 
 	return nil

docs/CHANGELOG.md

@@ -2,6 +2,18 @@
 ## [Unreleased]
 
 
+<a name="7.3.2"></a>
+## [7.3.2] - 2023-12-02
+### Build
+- **deps:** bump golang.org/x/net from 0.15.0 to 0.17.0
+
+### Feat
+- Determine what images are running in a k8s cluster.
+
+### Fix
+- [[#384](https://github.com/030/n3dr/issues/384)] Create groups.
+
+
 <a name="7.3.1"></a>
 ## [7.3.1] - 2023-10-14
 ### Fix
@@ -394,7 +406,8 @@ The `backup`, `upload` and `repositories` commands have been removed.
 <a name="1.0.0"></a>
 ## 1.0.0 - 2019-05-12
 
-[Unreleased]: https://github.com/030/n3dr/compare/7.3.1...HEAD
+[Unreleased]: https://github.com/030/n3dr/compare/7.3.2...HEAD
+[7.3.2]: https://github.com/030/n3dr/compare/7.3.1...7.3.2
 [7.3.1]: https://github.com/030/n3dr/compare/7.3.0...7.3.1
 [7.3.0]: https://github.com/030/n3dr/compare/7.2.5...7.3.0
 [7.2.5]: https://github.com/030/n3dr/compare/7.2.4...7.2.5

docs/README.md

@@ -238,7 +238,7 @@ n3dr config \
 ### Build
 
 ```bash
-docker build -t utrecht/n3dr:7.3.1 .
+docker build -t utrecht/n3dr:7.3.2 .
 ```
 
 [![dockeri.co](https://dockeri.co/image/utrecht/n3dr)](https://hub.docker.com/r/utrecht/n3dr)
@@ -248,7 +248,7 @@ docker build -t utrecht/n3dr:7.3.1 .
 ```bash
 docker run -it \
   -v /home/${USER}/.n3dr:/root/.n3dr \
-  -v /tmp/n3dr:/tmp/n3dr utrecht/n3dr:7.3.1
+  -v /tmp/n3dr:/tmp/n3dr utrecht/n3dr:7.3.2
 ```
 
 ### Upload
@@ -257,7 +257,7 @@ docker run -it \
 docker run -it \
   --entrypoint=/bin/ash \
   -v /home/${USER}/.n3dr:/root/.n3dr \
-  -v /tmp/n3dr:/tmp/n3dr utrecht/n3dr:7.3.1
+  -v /tmp/n3dr:/tmp/n3dr utrecht/n3dr:7.3.2
 ```
 
 navigate to the repository folder, e.g. `/tmp/n3dr/download*/` and upload: