Skip to content

Changelog📜

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[84.0.0-bb.4] - 2025-12-01📜

Added📜

  • Added docs/migration-oss.md with comprehensive step-by-step guide for migrating from legacy Nexus Repository Manager (H2 database) to NXRM-HA (PostgreSQL) for OSS deployments
  • Added docs/migration-pro.md with migration guide for Pro license deployments
  • Added PVC configuration values for OSS deployments with file-based blob storage:
  • upstream.storageClass.enabled - Enable custom storage class creation
  • upstream.storageClass.name - Specify cluster storage class (local-path, gp2, managed-csi, etc.)
  • upstream.pvc.accessModes - PVC access mode (default: ReadWriteOnce)
  • upstream.pvc.storage - PVC storage size (default: 20Gi)
  • upstream.pvc.volumeClaimTemplate.enabled - Enable for OSS mode with file-based blob storage
  • upstream.pvc.existingClaim - Use existing PVC if already created
  • Added network-policies/egress-s3.yaml with egress policies for Nexus outreach and blobstorage job

Changed📜

  • Moved networkpolicies/egress-s3.yaml to network-policies/egress-s3.yaml for consistent directory naming
  • Updated network-policies/istio.yaml to dynamically add ingress rules for Docker registry ports configured in nexus.docker.registries

[84.0.0-bb.3] - 2025-11-04📜

Added📜

  • Added docs/migration.md with comprehensive guide for migrating from legacy nexus chart to nxrm-ha chart
  • Added nexus.database.* values for simplified external PostgreSQL configuration (host, user, password)
  • Template now auto-generates nexus-postgresql secret from nexus.database.* values when using external PostgreSQL

Changed📜

  • BREAKING: Changed nameOverride and fullnameOverride from nexus-repository-manager to nxrm-ha (affects resource names: StatefulSet, Services, Secrets)
  • BREAKING: Changed default hostname from nexus to nxrm-ha (affects ingress/VirtualService hosts: nxrm-ha.dev.bigbang.mil)
  • Updated docs/general.md with accurate PostgreSQL configuration documentation and nxrm-ha resource naming
  • Updated docs/README.md with complete rewrite for nxrm-ha chart architecture, passthrough pattern, database configuration, and nxrm-ha resource naming
  • Updated docs/migration.md to include Flux suspension steps, nxrm-ha resource naming in examples and validation commands
  • Updated docs/PROMETHEUS.md to use correct nxrm-ha addon name
  • Updated docs/test-package-against-bb.md to use correct nxrm-ha addon name
  • Updated init container to use same nexus-postgresql secret as main container (eliminates duplicate configuration)
  • Improved custom_admin_password comment to clarify it sets Nexus UI password, not database password
  • Updated postgresql/secret.yaml template to conditionally create secret for both internal and external PostgreSQL scenarios
  • Simplified database configuration to use upstream chart’s standard DB_HOST, DB_USER, DB_PASSWORD env vars with JVM argument interpolation
  • Updated Helm test configurations to use nxrm-ha service and secret names
  • Updated test RBAC resources to use templated names instead of hardcoded nxrm-ha prefix

Removed📜

  • Removed outdated docs/overview.md (duplicate of README.md)

Fixed📜

  • Fixed database configuration duplication by centralizing secret creation in single template
  • Removed unused nexus.databaseSecretName helper from _helpers.tpl
  • Fixed ServiceMonitor selector to use correct app.kubernetes.io/name label instead of app label
  • Fixed custom_admin_password to take priority over existing secret during helm upgrades, ensuring EULA acceptance job and other automation can authenticate correctly during migrations
  • Fixed blobstorage job to use /bin/bash instead of sh to support bash-specific features (set -o pipefail, process substitution) required for idempotent operation
  • Fixed blobstorage job STATUS check to use default value ${STATUS:-0} to prevent numeric comparison failures when curl returns empty status
  • Fixed blobstorage job to skip existing blobstores instead of attempting updates, enabling true idempotent behavior for migrations
  • Fixed S3 blobstore ServiceEntry to use protocol: TLS instead of HTTPS to allow proper TLS passthrough in Istio environments
  • Updated docs/migration.md Step 4 to include required additionalEnv override with database environment variables for Pro license deployments
  • Updated docs/migration.md to document proper custom_admin_password location (root level) and added instructions for retrieving existing admin password during migration
  • Added missing NetworkPolicies for S3 egress (egress-outreach-manager and allow-blobstorage-egress) to allow port 443 traffic required for S3 blob storage connectivity

[84.0.0-bb.2] - 2025-10-09📜

Removed📜

  • Removed duplicate kyverno extraLabels in values.yaml

[84.0.0-bb.1] - 2025-10-03📜

Added📜

  • Added test-values.yaml to enable nxrm-ha addon for testing

[84.0.0-bb.0] - 2025-09-29📜

Added📜

  • Intial implementation of NXRM-HA chart as passthrough subchart