diff --git a/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusblobstores.yaml b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusblobstores.yaml new file mode 100644 index 00000000000..0e9d631ed55 --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusblobstores.yaml @@ -0,0 +1,310 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: nexusblobstores.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusBlobStore + listKind: NexusBlobStoreList + plural: nexusblobstores + singular: nexusblobstore + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status of the blob store + jsonPath: .status.value + name: Status + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusBlobStore is the Schema for the nexusblobstores API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NexusBlobStoreSpec defines the desired state of NexusBlobStore. + properties: + file: + description: File type blobstore. + properties: + path: + description: |- + The path to the blobstore contents. + This can be an absolute path to anywhere on the system Nexus Repository Manager has access to it or can be a path relative to the sonatype-work directory. + type: string + type: object + name: + description: |- + Name of the BlobStore. + Name should be unique across all BlobStores. + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + s3: + description: S3 type blobstore. + properties: + advancedBucketConnection: + description: A custom endpoint URL, signer type and whether path + style access is enabled. + properties: + endpoint: + description: A custom endpoint URL for third party object + stores using the S3 API. + type: string + forcePathStyle: + default: false + description: Setting this flag will result in path-style access + being used for all requests. + type: boolean + maxConnectionPoolSize: + description: Setting this value will override the default + connection pool size of Nexus of the s3 client for this + blobstore. + format: int32 + type: integer + signerType: + description: An API signature version which may be required + for third party object stores using the S3 API. + enum: + - DEFAULT + - S3SignerType + - AWSS3V4SignerType + type: string + type: object + bucket: + description: Details of the S3 bucket such as name and region. + properties: + expiration: + default: 3 + description: How many days until deleted blobs are finally + removed from the S3 bucket (-1 to disable). + format: int32 + type: integer + name: + description: The name of the S3 bucket. + type: string + prefix: + description: The S3 blob store (i.e. S3 object) key prefix. + type: string + region: + default: DEFAULT + description: The AWS region to create a new S3 bucket in or + an existing S3 bucket's region. + type: string + required: + - name + type: object + bucketSecurity: + description: Security details for granting access the S3 API. + properties: + accessKeyId: + description: An IAM access key ID for granting access to the + S3 bucket. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + role: + description: An IAM role to assume in order to access the + S3 bucket. + type: string + secretAccessKey: + description: The secret access key associated with the specified + IAM access key ID. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + sessionToken: + description: An AWS STS session token associated with temporary + security credentials which grant access to the S3 bucket. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - accessKeyId + - secretAccessKey + type: object + encryption: + description: The type of encryption to use if any. + properties: + encryptionKey: + description: If using KMS encryption, you can supply a Key + ID. If left blank, then the default will be used. + type: string + encryptionType: + description: The type of S3 server side encryption to use. + enum: + - none + - s3ManagedEncryption + - kmsManagedEncryption + type: string + type: object + required: + - bucket + type: object + softQuota: + description: Settings to control the soft quota. + properties: + limit: + description: The limit in MB. + format: int64 + minimum: 1 + type: integer + type: + description: Type of the soft quota. + enum: + - spaceRemainingQuota + - spaceUsedQuota + type: string + type: object + required: + - name + - nexusRef + type: object + status: + description: NexusBlobStoreStatus defines the observed state of NexusBlobStore. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the blob store. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexuscleanuppolicies.yaml b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexuscleanuppolicies.yaml new file mode 100644 index 00000000000..9af8413c8f2 --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexuscleanuppolicies.yaml @@ -0,0 +1,148 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: nexuscleanuppolicies.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusCleanupPolicy + listKind: NexusCleanupPolicyList + plural: nexuscleanuppolicies + singular: nexuscleanuppolicy + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusCleanupPolicy is the Schema for the cleanuppolicies API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NexusCleanupPolicySpec defines the desired state of NexusCleanupPolicy. + properties: + criteria: + description: Criteria for the cleanup policy. + properties: + assetRegex: + description: AssetRegex removes components that match the given + regex. + example: .* + type: string + lastBlobUpdated: + description: LastBlobUpdated removes components published over + “x” days ago. + example: "30" + maximum: 24855 + minimum: 1 + type: integer + lastDownloaded: + description: LastDownloaded removes components downloaded over + “x” days. + example: "30" + maximum: 24855 + minimum: 1 + type: integer + releaseType: + description: ReleaseType removes components that are of the following + release type. + enum: + - RELEASES + - PRERELEASES + - "" + example: RELEASES + type: string + type: object + description: + description: Description of the cleanup policy. + example: Cleanup policy for go format + type: string + format: + description: Format that this cleanup policy can be applied to. + enum: + - apt + - bower + - cocoapods + - conan + - conda + - docker + - gitlfs + - go + - helm + - maven2 + - npm + - nuget + - p2 + - pypi + - r + - raw + - rubygems + - yum + example: go + type: string + name: + description: Name is a unique name for the cleanup policy. + example: go-cleanup-policy + maxLength: 512 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + required: + - criteria + - format + - name + - nexusRef + type: object + status: + description: NexusCleanupPolicyStatus defines the observed state of NexusCleanupPolicy. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the cleanup policy. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexuses.yaml b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexuses.yaml new file mode 100644 index 00000000000..def11dc830b --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexuses.yaml @@ -0,0 +1,79 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: nexuses.edp.epam.com +spec: + group: edp.epam.com + names: + kind: Nexus + listKind: NexusList + plural: nexuses + singular: nexus + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Is connected to nexus + jsonPath: .status.connected + name: Connected + type: boolean + name: v1alpha1 + schema: + openAPIV3Schema: + description: Nexus is the Schema for the nexus API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NexusSpec defines the desired state of Nexus. + properties: + secret: + description: |- + Secret is the name of the k8s object Secret related to nexus. + Secret should contain a user field with a nexus username and a password field with a nexus password. + type: string + url: + description: Url is the url of nexus instance. + type: string + required: + - secret + - url + type: object + status: + description: NexusStatus defines the observed state of Nexus. + properties: + connected: + description: Connected shows if operator is connected to nexus. + type: boolean + error: + description: Error represents error message if something went wrong. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusrepositories.yaml b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusrepositories.yaml new file mode 100644 index 00000000000..d997bf0b29f --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusrepositories.yaml @@ -0,0 +1,4437 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: nexusrepositories.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusRepository + listKind: NexusRepositoryList + plural: nexusrepositories + singular: nexusrepository + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusRepository is the Schema for the nexusrepositories API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + NexusRepositorySpec defines the desired state of NexusRepository. + It should contain only one format of repository - go, maven, npm, etc. and only one type - proxy, hosted or group. + properties: + apt: + properties: + hosted: + properties: + apt: + description: Apt contains data of hosted repositories of format + Apt. + properties: + distribution: + description: Distribution to fetch + type: string + required: + - distribution + type: object + aptSigning: + description: AptSigning contains signing data of hosted repositores + of format Apt. + properties: + keypair: + description: PGP signing key pair (armored private key + e.g. gpg --export-secret-key --armor) + type: string + passphrase: + description: Passphrase to access PGP signing key + type: string + required: + - keypair + type: object + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - apt + - aptSigning + - name + type: object + proxy: + properties: + apt: + description: Apt configuration. + properties: + distribution: + description: Distribution to fetch. + type: string + flat: + default: false + description: Whether this repository is flat. + type: boolean + required: + - distribution + type: object + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - apt + - name + - proxy + type: object + type: object + bower: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + bower: + properties: + rewritePackageUrls: + description: Whether to force Bower to retrieve packages + through this proxy repository + type: boolean + required: + - rewritePackageUrls + type: object + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - bower + - name + - proxy + type: object + type: object + cocoapods: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + conan: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + conda: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + docker: + properties: + group: + properties: + docker: + description: Docker contains data of a Docker Repositoriy. + properties: + forceBasicAuth: + description: Whether to force authentication (Docker Bearer + Token Realm required if false) + type: boolean + httpPort: + description: Create an HTTP connector at specified port + type: integer + httpsPort: + description: Create an HTTPS connector at specified port + type: integer + v1Enabled: + description: Whether to allow clients to use the V1 API + to interact with this repository + type: boolean + required: + - forceBasicAuth + - v1Enabled + type: object + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + writableMember: + description: 'Pro-only: This field is for the Group Deployment + feature available in NXRM Pro.' + type: string + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - docker + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + docker: + description: Docker contains data of a Docker Repositoriy. + properties: + forceBasicAuth: + description: Whether to force authentication (Docker Bearer + Token Realm required if false) + type: boolean + httpPort: + description: Create an HTTP connector at specified port + type: integer + httpsPort: + description: Create an HTTPS connector at specified port + type: integer + v1Enabled: + description: Whether to allow clients to use the V1 API + to interact with this repository + type: boolean + required: + - forceBasicAuth + - v1Enabled + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - docker + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + docker: + description: Docker contains data of a Docker Repositoriy. + properties: + forceBasicAuth: + description: Whether to force authentication (Docker Bearer + Token Realm required if false) + type: boolean + httpPort: + description: Create an HTTP connector at specified port + type: integer + httpsPort: + description: Create an HTTPS connector at specified port + type: integer + v1Enabled: + description: Whether to allow clients to use the V1 API + to interact with this repository + type: boolean + required: + - forceBasicAuth + - v1Enabled + type: object + dockerProxy: + description: DockerProxy contains data of a Docker Proxy Repository. + properties: + indexType: + default: REGISTRY + description: Type of Docker Index. + enum: + - HUB + - REGISTRY + - CUSTOM + type: string + indexUrl: + description: |- + Url of Docker Index to use. + TODO: add cel validation. (Required if indexType is CUSTOM) + type: string + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - docker + - dockerProxy + - name + - proxy + type: object + type: object + gitLfs: + properties: + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + type: object + go: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + helm: + properties: + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + maven: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + maven: + default: + contentDisposition: INLINE + layoutPolicy: STRICT + versionPolicy: RELEASE + description: Maven contains additional data of maven repository. + properties: + contentDisposition: + default: INLINE + description: Add Content-Disposition header as 'Attachment' + to disable some content from being inline in a browser. + enum: + - INLINE + - ATTACHMENT + type: string + layoutPolicy: + default: STRICT + description: Validate that all paths are maven artifact + or metadata paths. + enum: + - STRICT + - PERMISSIVE + type: string + versionPolicy: + default: RELEASE + description: VersionPolicy is a type of artifact that + this repository stores. + enum: + - RELEASE + - SNAPSHOT + - MIXED + type: string + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + maven: + default: + contentDisposition: INLINE + layoutPolicy: STRICT + versionPolicy: RELEASE + description: Maven contains additional data of maven repository. + properties: + contentDisposition: + default: INLINE + description: Add Content-Disposition header as 'Attachment' + to disable some content from being inline in a browser. + enum: + - INLINE + - ATTACHMENT + type: string + layoutPolicy: + default: STRICT + description: Validate that all paths are maven artifact + or metadata paths. + enum: + - STRICT + - PERMISSIVE + type: string + versionPolicy: + default: RELEASE + description: VersionPolicy is a type of artifact that + this repository stores. + enum: + - RELEASE + - SNAPSHOT + - MIXED + type: string + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthenticationWithPreemptive contains + HTTP client authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + type: string + preemptive: + description: Whether to use pre-emptive authentication. + Use with caution. Defaults to false. + type: boolean + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Whether to block outbound connections on + the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + maven: + default: + contentDisposition: INLINE + layoutPolicy: STRICT + versionPolicy: RELEASE + description: Maven contains additional data of maven repository. + properties: + contentDisposition: + default: INLINE + description: Add Content-Disposition header as 'Attachment' + to disable some content from being inline in a browser. + enum: + - INLINE + - ATTACHMENT + type: string + layoutPolicy: + default: STRICT + description: Validate that all paths are maven artifact + or metadata paths. + enum: + - STRICT + - PERMISSIVE + type: string + versionPolicy: + default: RELEASE + description: VersionPolicy is a type of artifact that + this repository stores. + enum: + - RELEASE + - SNAPSHOT + - MIXED + type: string + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + npm: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + npm: + properties: + removeNonCataloged: + description: Remove Non-Cataloged Versions + type: boolean + removeQuarantined: + description: Remove Quarantined Versions + type: boolean + required: + - removeNonCataloged + - removeQuarantined + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + nuget: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + nugetProxy: + default: + nugetVersion: V3 + queryCacheItemMaxAge: 3600 + description: NugetProxy contains data specific to proxy repositories + of format Nuget. + properties: + nugetVersion: + default: V3 + description: NugetVersion is the used Nuget protocol version. + enum: + - V2 + - V3 + type: string + queryCacheItemMaxAge: + default: 3600 + description: How long to cache query results from the + proxied repository (in seconds) + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + p2: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + pypi: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + r: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + raw: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + raw: + properties: + contentDisposition: + description: 'TODO: check default value' + enum: + - INLINE + - ATTACHMENT + type: string + type: object + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + raw: + properties: + contentDisposition: + description: 'TODO: check default value' + enum: + - INLINE + - ATTACHMENT + type: string + type: object + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + raw: + properties: + contentDisposition: + description: 'TODO: check default value' + enum: + - INLINE + - ATTACHMENT + type: string + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + rubyGems: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + yum: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + yumSigning: + properties: + keypair: + description: PGP signing key pair (armored private key + e.g. gpg --export-secret-key --armor) + type: string + passphrase: + description: Passphrase to access PGP signing key + type: string + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + yum: + description: Yum contains data of hosted repositories of format + Yum. + properties: + deployPolicy: + description: 'TODO: check default value' + enum: + - PERMISSIVE + - STRICT + type: string + repodataDepth: + type: integer + required: + - repodataDepth + type: object + required: + - name + - yum + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + yumSigning: + properties: + keypair: + description: PGP signing key pair (armored private key + e.g. gpg --export-secret-key --armor) + type: string + passphrase: + description: Passphrase to access PGP signing key + type: string + type: object + required: + - name + - proxy + type: object + type: object + required: + - nexusRef + type: object + status: + description: NexusRepositoryStatus defines the observed state of NexusRepository. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the repository. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusroles.yaml b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusroles.yaml new file mode 100644 index 00000000000..07655db7df4 --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusroles.yaml @@ -0,0 +1,106 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: nexusroles.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusRole + listKind: NexusRoleList + plural: nexusroles + singular: nexusrole + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusRole is the Schema for the nexusroles API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NexusRoleSpec defines the desired state of NexusRole. + properties: + description: + description: Description of nexus role. + example: Administrator role + type: string + id: + description: |- + ID is the id of the role. + ID should be unique across all roles. + example: nx-admin + maxLength: 512 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + name: + description: Name is the name of the role. + example: nx-admin + type: string + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + privileges: + description: Privileges is a list of privileges assigned to role. + example: + - nx-all + items: + type: string + nullable: true + type: array + required: + - id + - name + - nexusRef + type: object + status: + description: NexusRoleStatus defines the observed state of NexusRole. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the role. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusscripts.yaml b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusscripts.yaml new file mode 100644 index 00000000000..6e47c4c486e --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusscripts.yaml @@ -0,0 +1,105 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: nexusscripts.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusScript + listKind: NexusScriptList + plural: nexusscripts + singular: nexusscript + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusScript is the Schema for the nexusscripts API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NexusScriptSpec defines the desired state of NexusScript. + properties: + content: + description: Content is the content of the script. + example: security.setAnonymousAccess(Boolean.valueOf(args)) + type: string + execute: + default: false + description: Execute defines if script should be executed after creation. + type: boolean + name: + description: |- + Name is the id of the script. + Name should be unique across all scripts. + example: anonymous + maxLength: 512 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + payload: + description: Payload is the payload of the script. + example: "true" + type: string + required: + - content + - name + - nexusRef + type: object + status: + description: NexusScriptStatus defines the observed state of NexusScript. + properties: + error: + description: Error is an error message if something went wrong. + type: string + executed: + description: Executed defines if script was executed. + type: boolean + value: + description: Value is a status of the script. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexususers.yaml b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexususers.yaml new file mode 100644 index 00000000000..2a62754b5ad --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexususers.yaml @@ -0,0 +1,130 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: nexususers.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusUser + listKind: NexusUserList + plural: nexususers + singular: nexususer + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusUser is the Schema for the nexususers API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NexusUserSpec defines the desired state of NexusUser. + properties: + email: + description: Email is the email address of the user. + example: john.doe@example + maxLength: 254 + type: string + firstName: + description: FirstName of the user. + example: John + type: string + id: + description: |- + ID is the username of the user. + ID should be unique across all users. + example: new-user + maxLength: 512 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + lastName: + description: LastName of the user. + example: Doe + type: string + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + roles: + description: Roles is a list of roles assigned to user. + example: + - nx-admin + items: + type: string + minItems: 1 + type: array + secret: + description: |- + Secret is the reference of the k8s object Secret for the user password. + Format: $secret-name:secret-key. + Updating user password is not supported. + example: $nexus-user-secret:password-filed + type: string + status: + default: active + description: Status is a status of the user. + enum: + - active + - disabled + example: active + type: string + required: + - email + - firstName + - id + - lastName + - nexusRef + - roles + - secret + type: object + status: + description: NexusUserStatus defines the observed state of NexusUser. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the user. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.3.0/manifests/nexus-operator-webhook-service_v1_service.yaml b/operators/nexus-operator/3.3.0/manifests/nexus-operator-webhook-service_v1_service.yaml new file mode 100644 index 00000000000..75498356840 --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/nexus-operator-webhook-service_v1_service.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: webhook + app.kubernetes.io/created-by: nexus-operator + app.kubernetes.io/instance: webhook-service + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: service + app.kubernetes.io/part-of: nexus-operator + name: nexus-operator-webhook-service +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 9443 + selector: + control-plane: controller-manager +status: + loadBalancer: {} diff --git a/operators/nexus-operator/3.3.0/manifests/nexus-operator.clusterserviceversion.yaml b/operators/nexus-operator/3.3.0/manifests/nexus-operator.clusterserviceversion.yaml new file mode 100644 index 00000000000..42254dfce44 --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/nexus-operator.clusterserviceversion.yaml @@ -0,0 +1,667 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "Nexus", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexus-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexus", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexus-sample" + }, + "spec": { + "secret": "nexus-secret", + "url": "https://nexus-example.com" + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusBlobStore", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexusblobstore-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexusblobstore", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexusblobstore-sample" + }, + "spec": { + "file": { + "path": "storage-blobstore/nexusblobstore-sample" + }, + "name": "nexusblobstore-sample", + "nexusRef": { + "name": "nexus-sample" + }, + "softQuota": { + "limit": 1000, + "type": "spaceUsedQuota" + } + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusCleanupPolicy", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexuscleanuppolicy-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexuscleanuppolicy", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexuscleanuppolicy-sample" + }, + "spec": { + "criteria": { + "lastBlobUpdated": 30 + }, + "description": "Cleanup policy for go", + "format": "go", + "name": "go-cleanup-policy", + "nexusRef": { + "name": "nexus-sample" + } + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusRepository", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexusrepository-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexusrepository", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexusrepository-sample" + }, + "spec": { + "go": { + "proxy": { + "cleanup": { + "policyNames": [ + "cleanup-policy" + ] + }, + "httpClient": { + "autoBlock": true, + "blocked": true, + "connection": { + "retries": 1440, + "timeout": 1440, + "userAgentSuffix": "user-agent-suffix" + } + }, + "name": "go-proxy", + "negativeCache": { + "enabled": true, + "timeToLive": 1440 + }, + "online": true, + "proxy": { + "contentMaxAge": 1440, + "metadataMaxAge": 1440, + "remoteUrl": "https://test.com" + }, + "routingRule": "routing-rule", + "storage": { + "blobStoreName": "blob-store-name", + "strictContentTypeValidation": true + } + } + }, + "nexusRef": { + "name": "nexus-sample" + } + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusRole", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexusrole-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexusrole", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexusrole-sample" + }, + "spec": { + "description": "test-role", + "id": "test-role", + "name": "test-role", + "nexusRef": { + "kind": "Nexus", + "name": "nexus-sample" + }, + "privileges": [ + "nx-blobstores-all" + ] + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusScript", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexusscript-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexusscript", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexusscript-sample" + }, + "spec": { + "content": "security.setAnonymousAccess(Boolean.valueOf(args))\n", + "name": "anonymous", + "nexusRef": { + "name": "nexus-sample" + }, + "payload": "true" + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusUser", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexususer-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexususer", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexususer-sample" + }, + "spec": { + "email": "test@gmail.com", + "firstName": "John1", + "id": "test-user", + "lastName": "Doe", + "nexusRef": { + "kind": "Nexus", + "name": "nexus-sample" + }, + "roles": [ + "nx-admin" + ], + "secret": "$user-secret:password" + } + } + ] + capabilities: Deep Insights + categories: Developer Tools + containerImage: docker.io/epamedp/nexus-operator:3.3.0 + createdAt: "2024-12-25T09:37:07Z" + description: An Operator for managing Nexus entities. + operators.operatorframework.io/builder: operator-sdk-v1.38.0 + operators.operatorframework.io/project_layout: go.kubebuilder.io/v4 + repository: https://github.com/epam/edp-nexus-operator + name: nexus-operator.v3.3.0 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: NexusBlobStore is the Schema for the nexusblobstores API. + displayName: Nexus Blob Store + kind: NexusBlobStore + name: nexusblobstores.edp.epam.com + version: v1alpha1 + - description: NexusCleanupPolicy is the Schema for the cleanuppolicies API. + displayName: Nexus Cleanup Policy + kind: NexusCleanupPolicy + name: nexuscleanuppolicies.edp.epam.com + version: v1alpha1 + - description: Nexus is the Schema for the nexus API. + displayName: Nexus + kind: Nexus + name: nexuses.edp.epam.com + version: v1alpha1 + - description: NexusRepository is the Schema for the nexusrepositories API. + displayName: Nexus Repository + kind: NexusRepository + name: nexusrepositories.edp.epam.com + version: v1alpha1 + - description: NexusRole is the Schema for the nexusroles API. + displayName: Nexus Role + kind: NexusRole + name: nexusroles.edp.epam.com + version: v1alpha1 + - description: NexusScript is the Schema for the nexusscripts API. + displayName: Nexus Script + kind: NexusScript + name: nexusscripts.edp.epam.com + version: v1alpha1 + - description: NexusUser is the Schema for the nexususers API. + displayName: Nexus User + kind: NexusUser + name: nexususers.edp.epam.com + version: v1alpha1 + description: | + Nexus Operator is an operator that is responsible for establishing + a connection to provided NexusRepository Server, reconciling Nexus entities (groups, + users, repositories, etc) according to the created CRs. + + ## Quick Start + + 1. Login into Nexus and create user. Attach permissions to user such as scripts, rules, blobs etc. Insert user credentials into Kubernetes secret. + + ```yaml + apiVersion: v1 + kind: Secret + metadata: + name: nexus-admin-password + data: + password: cGFzcw== # base64-encoded value of "pass" + user: dXNlcg== # base64-encoded value of "user" + ``` + + 2. Create Custom Resource `kind: Nexus` with Nexus instance URL and secret created on the previous step: + + ```yaml + apiVersion: edp.epam.com/v1alpha1 + kind: Nexus + metadata: + name: nexus + spec: + secret: nexus-admin-password + url: http://nexus.example.com + ``` + + Wait for the `.status` field with `status.connected: true` + + 3. Create Role using Custom Resources NexusRole: + + ```yaml + apiVersion: edp.epam.com/v1alpha1 + kind: NexusRole + metadata: + name: edp-admin + spec: + description: Read and write access to all repos and scripts + id: edp-admin + name: edp-admin + nexusRef: + kind: Nexus + name: nexus + privileges: + - nx-apikey-all + - nx-repository-view-*-*-add + - nx-repository-view-*-*-browse + - nx-repository-view-*-*-edit + - nx-repository-view-*-*-read + - nx-script-*-add + - nx-script-*-delete + - nx-script-*-run + - nx-search-read + ``` + displayName: EDP Nexus Operator + icon: + - base64data: mediatype: image/png + install: + spec: + deployments: + - label: + app.kubernetes.io/component: manager + app.kubernetes.io/created-by: nexus-operator + app.kubernetes.io/instance: controller-manager + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: deployment + app.kubernetes.io/part-of: nexus-operator + control-plane: controller-manager + name: nexus-operator-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + strategy: {} + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --leader-elect + command: + - /manager + env: + - name: SETUP_SELF_SIGNED_CERTIFICATES + value: "false" + image: docker.io/epamedp/nexus-operator:3.3.0 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + securityContext: + runAsNonRoot: true + serviceAccountName: nexus-operator-controller-manager + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: webhook-server-cert + permissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - edp.epam.com + resources: + - nexusblobstores + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexusblobstores/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexusblobstores/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexuscleanuppolicies + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexuscleanuppolicies/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexuscleanuppolicies/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexuses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexuses/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexuses/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexusrepositories + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexusrepositories/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexusrepositories/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexusroles + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexusroles/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexusroles/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexusscripts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexusscripts/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexusscripts/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexususers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexususers/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexususers/status + verbs: + - get + - patch + - update + serviceAccountName: nexus-operator-controller-manager + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: false + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - artifact + - edp + - kuberocketci + - nexus + - operator + - storage + links: + - name: Nexus Operator + url: https://github.com/epam/edp-nexus-operator + maintainers: + - email: SupportEPMD-EDP@epam.com + name: epmd-edp + maturity: stable + minKubeVersion: 1.20.0 + provider: + name: KubeRocketCI + url: https://docs.kuberocketci.io + version: 3.3.0 + webhookdefinitions: + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: nexus-operator-controller-manager + failurePolicy: Fail + generateName: vnexusrepository.kb.io + rules: + - apiGroups: + - edp.epam.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - nexusrepositories + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-edp-epam-com-v1alpha1-nexusrepository diff --git a/operators/nexus-operator/3.3.0/metadata/annotations.yaml b/operators/nexus-operator/3.3.0/metadata/annotations.yaml new file mode 100644 index 00000000000..2c8a612a805 --- /dev/null +++ b/operators/nexus-operator/3.3.0/metadata/annotations.yaml @@ -0,0 +1,18 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: nexus-operator + operators.operatorframework.io.bundle.channels.v1: stable + operators.operatorframework.io.bundle.channel.default.v1: stable + operators.operatorframework.io.metrics.builder: operator-sdk-v1.38.0 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v4 + + # Annotations for OpenShift. + com.redhat.openshift.versions: "v4.7-v4.17" + + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ diff --git a/operators/nexus-operator/3.3.0/tests/scorecard/config.yaml b/operators/nexus-operator/3.3.0/tests/scorecard/config.yaml new file mode 100644 index 00000000000..b3f2fc8ea6a --- /dev/null +++ b/operators/nexus-operator/3.3.0/tests/scorecard/config.yaml @@ -0,0 +1,70 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-resources + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-crds-have-resources-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-status-descriptors + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-status-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {}