Skip to content

Sonatype Nexus Repository Manager (NXRM) DocumentationπŸ“œ

Table of ContentsπŸ“œ

Iron BankπŸ“œ

You can pull the Iron Bank image here and view the container approval here.

HelmπŸ“œ

Please reference complete list of providable variables here

git clone https://repo1.dso.mil/platform-one/big-bang/apps/developer-tools/nexus-repository-manager.git
helm install nexus-repository-manager chart

BigBang Additions, Comments, and Important InformationπŸ“œ

Random Admin PasswordπŸ“œ

NXRM’s upstream chart ships with a standardized password and an optional values parameter to randomize a password. The problem with this approach it the user would be required to exec into the pod to retrieve the password. We are leveraging the existing nexus.env['NEXUS_SECURITY_RANDOMPASSWORD'] item to force the creation of the random password on the pod. However, we are generating a random password via randAlphaNum and creating a Kubernetes secret. This method allows us to overwrite the generated file containing the Nexus generated random password with a Kubernetes secret to enable programmatic ingestion.

If you change the admin user’s password via the UI you also must update the secret. Failure to do so will result in proxy/saml job failures on subsequent upgrades.

Ensure the following is present to enable the randomized Kubernetes password:

# values.yaml
nexus:
  env:
    - name: NEXUS_SECURITY_RANDOMPASSWORD
      key: "true"
...
secret:
  enabled: true
  mountPath: /nexus-data/admin.password
  subPath: admin.password
  readOnly: true

PrometheusπŸ“œ

See PROMETHEUS.MD for information about integration with Prometheus.

LicenseπŸ“œ

We expect you to secure your license; the license will be provided as a binary. Encode the binary file as a base64 encoded string, secure with sops, and place in .Values.addons.nexusRepositoryManager.license_key. The _helpers.tpl will create a named template and generate the appropriate secret within the namespace. The chart will reference the license via a secret volumeMount to ensure the application starts licensed.

NXRM Dependent PackagesπŸ“œ

Nexus IQ Server requires Nexus Repository Manager.


Last update: 2023-01-23 by kevin.wilder