Merge pull request #65 from Jbaudon/main

Support Context Path changing

README.md

@@ -20,6 +20,7 @@ Check and, if you would like, change the following environment variables for the
 | NEXUS_PACKAGES         | Whether to allow all packages or only selected packages [`all`, `selected`]                                                                      |
 | NEXUS_HOST             | Hostname of Nexus OSS host                                                                                                                       |
 | NEXUS_PORT             | Port of Nexus OSS                                                                                                                                |
+| NEXUS_PATH             | [Context path](https://help.sonatype.com/en/configuring-the-runtime-environment.html#changing-the-context-path) of Nexus OSS. Only used if the Nexus is hosted behind a reverse proxy with a URL like `https://your_url.domain/nexus/`. If not defined, the base URI remains `/`.                                                                                                                              |
 | ENTR_FALLBACK          | If defined, don't use `entr` to check for allowlist updates (this will be less reactive but we have found `entr` to not work in some situations) |
 
 Example allowlist files are included in the repository for [PyPI](allowlists/pypi.allowlist) and [CRAN](allowlists/cran.allowlist).

entrypoint.sh

@@ -36,34 +36,34 @@ nexus-allowlist --version
 # Initial configuration
 if [ -f "$NEXUS_DATA_DIR/admin.password" ]; then
     echo "$(timestamp) Initial password file present, running initial configuration"
-    nexus-allowlist --admin-password "$NEXUS_ADMIN_PASSWORD" --nexus-host "$NEXUS_HOST" --nexus-port "$NEXUS_PORT" change-initial-password --path "$NEXUS_DATA_DIR"
-    nexus-allowlist --admin-password "$NEXUS_ADMIN_PASSWORD" --nexus-host "$NEXUS_HOST" --nexus-port "$NEXUS_PORT" initial-configuration --packages "$NEXUS_PACKAGES" --pypi-package-file "$ALLOWLIST_DIR/pypi.allowlist" --cran-package-file "$ALLOWLIST_DIR/cran.allowlist"
+    nexus-allowlist --admin-password "$NEXUS_ADMIN_PASSWORD" --nexus-host "$NEXUS_HOST" --nexus-path "$NEXUS_PATH" --nexus-port "$NEXUS_PORT" change-initial-password --path "$NEXUS_DATA_DIR"
+    nexus-allowlist --admin-password "$NEXUS_ADMIN_PASSWORD" --nexus-host "$NEXUS_HOST" --nexus-path "$NEXUS_PATH" --nexus-port "$NEXUS_PORT" initial-configuration --packages "$NEXUS_PACKAGES" --pypi-package-file "$ALLOWLIST_DIR/pypi.allowlist" --cran-package-file "$ALLOWLIST_DIR/cran.allowlist"
 else
     echo "$(timestamp) No initial password file found, skipping initial configuration"
 fi
 
 # Test authentication
-if ! nexus-allowlist --admin-password "$NEXUS_ADMIN_PASSWORD" --nexus-host "$NEXUS_HOST" --nexus-port "$NEXUS_PORT" test-authentication; then
+if ! nexus-allowlist --admin-password "$NEXUS_ADMIN_PASSWORD" --nexus-host "$NEXUS_HOST" --nexus-path "$NEXUS_PATH" --nexus-port "$NEXUS_PORT" test-authentication; then
     echo "$(timestamp) API authentication test failed, exiting"
     exit 1
 fi
 
 if [ -n "$ENTR_FALLBACK" ]; then
     echo "$(timestamp) Using fallback file monitoring"
     # Run allowlist configuration now
-    nexus-allowlist --admin-password "$NEXUS_ADMIN_PASSWORD" --nexus-host "$NEXUS_HOST" --nexus-port "$NEXUS_PORT" update-allowlists --packages "$NEXUS_PACKAGES" --pypi-package-file "$PYPI_ALLOWLIST" --cran-package-file "$CRAN_ALLOWLIST"
+    nexus-allowlist --admin-password "$NEXUS_ADMIN_PASSWORD" --nexus-host "$NEXUS_HOST" --nexus-path "$NEXUS_PATH" --nexus-port "$NEXUS_PORT" update-allowlists --packages "$NEXUS_PACKAGES" --pypi-package-file "$PYPI_ALLOWLIST" --cran-package-file "$CRAN_ALLOWLIST"
     # Periodically check for modification of allowlist files and run configuration again when they are
     hash=$(hashes)
     while true; do
         new_hash=$(hashes)
         if [ "$hash" != "$new_hash" ]; then
-            nexus-allowlist --admin-password "$NEXUS_ADMIN_PASSWORD" --nexus-host "$NEXUS_HOST" --nexus-port "$NEXUS_PORT" update-allowlists --packages "$NEXUS_PACKAGES" --pypi-package-file "$PYPI_ALLOWLIST" --cran-package-file "$CRAN_ALLOWLIST"
+            nexus-allowlist --admin-password "$NEXUS_ADMIN_PASSWORD" --nexus-host "$NEXUS_HOST" --nexus-path "$NEXUS_PATH" --nexus-port "$NEXUS_PORT" update-allowlists --packages "$NEXUS_PACKAGES" --pypi-package-file "$PYPI_ALLOWLIST" --cran-package-file "$CRAN_ALLOWLIST"
             hash=$new_hash
         fi
         sleep 5
     done
 else
     echo "$(timestamp) Using entr for file monitoring"
     # Run allowlist configuration now, and again whenever allowlist files are modified
-    find "$ALLOWLIST_DIR"/*.allowlist | entr -n nexus-allowlist --admin-password "$NEXUS_ADMIN_PASSWORD" --nexus-host "$NEXUS_HOST" --nexus-port "$NEXUS_PORT" update-allowlists --packages "$NEXUS_PACKAGES" --pypi-package-file "$PYPI_ALLOWLIST" --cran-package-file "$CRAN_ALLOWLIST"
+    find "$ALLOWLIST_DIR"/*.allowlist | entr -n nexus-allowlist --admin-password "$NEXUS_ADMIN_PASSWORD" --nexus-host "$NEXUS_HOST" --nexus-path "$NEXUS_PATH" --nexus-port "$NEXUS_PORT" update-allowlists --packages "$NEXUS_PACKAGES" --pypi-package-file "$PYPI_ALLOWLIST" --cran-package-file "$CRAN_ALLOWLIST"
 fi

nexus_allowlist/__about__.py

@@ -1 +1 @@
-__version__ = "v0.10.0"
+__version__ = "v0.11.0"

nexus_allowlist/cli.py

@@ -40,6 +40,12 @@ def main() -> None:
         default="80",
         help="Port of the Nexus server (default 80)",
     )
+    parser.add_argument(
+        "--nexus-path",
+        type=str,
+        default="",
+        help="Context path of the Nexus server (default /)",
+    )
     parser.add_argument(
         "--version",
         action="version",
@@ -138,6 +144,7 @@ def change_initial_password(args: argparse.Namespace) -> None:
         password=initial_password,
         nexus_host=args.nexus_host,
         nexus_port=args.nexus_port,
+        nexus_path=args.nexus_path,
     )
 
     nexus_api.change_admin_password(args.admin_password)
@@ -148,6 +155,7 @@ def test_authentiation(args: argparse.Namespace) -> None:
         password=args.admin_password,
         nexus_host=args.nexus_host,
         nexus_port=args.nexus_port,
+        nexus_path=args.nexus_path,
     )
 
     if not nexus_api.test_auth():
@@ -178,6 +186,7 @@ def initial_configuration(args: argparse.Namespace) -> None:
         password=args.admin_password,
         nexus_host=args.nexus_host,
         nexus_port=args.nexus_port,
+        nexus_path=args.nexus_path,
     )
 
     # Ensure only desired repositories exist
@@ -221,6 +230,7 @@ def update_allow_lists(args: argparse.Namespace) -> None:
         password=args.admin_password,
         nexus_host=args.nexus_host,
         nexus_port=args.nexus_port,
+        nexus_path=args.nexus_path,
     )
 
     # Parse allowlists

nexus_allowlist/nexus.py

@@ -33,8 +33,11 @@ def __init__(
         username: str = "admin",
         nexus_host: str,
         nexus_port: str,
+        nexus_path: str,
     ) -> None:
-        self.nexus_api_root = f"http://{nexus_host}:{nexus_port}/service/rest"
+        self.nexus_api_root = (
+            f"http://{nexus_host}:{nexus_port}{nexus_path}/service/rest"
+        )
         self.username = username
         self.password = password