Sonatype-Nexus

Nexus OSS is a free open source repository manager. It supports a wide range of package formats and it's used by hundreds of tech companies.

This chart bootstraps a Nexus OSS deployment on a cluster using Helm. This setup is best configured in GCP since:

  • google cloud storage is used for backups
  • GCE Ingress controller is used for using a pre-allocated static IP in GCE.

There is also the option of using a proxy for Nexus that authenticates Nexus against an external identity provider (only GCP IAM at the moment) which is disabled by default.

Prerequisites

  • Kubernetes 1.8+ with Beta APIs enabled
  • PV provisioner support in the underlying infrastructure
  • Fulfill Nexus kubernetes requirements

Flow control for binaries and build artifacts.

✔ Store: Give your teams a single source of truth for every component they use.

✔ Adapt: Provide universal coverage for all major package formats and types.

✔ Cache: Optimize build performance and reliability by caching proxies of remote repositories.

✔ Scale: Install on an unlimited amount of servers for an unlimited amount of users.

The world's most popular repository

  • Centralized repository for managing all popular component formats
  • Single source of truth for all binaries and build artifacts.
  • Gain insight into component security, license, and quality issues.

Universal support for all popular formats

  • Store and distribute Maven/Java, npm, NuGet, RubyGems, Docker, P2, OBR, APT and YUM and more.
  • Manage components from dev through delivery: binaries, containers, assemblies, and finished goods.
  • Awesome support for the Java Virtual Machine (JVM) ecosystem, including Gradle, Ant, Maven, and Ivy.
  • Compatible with popular tools like Eclipse, IntelliJ, Hudson, Jenkins, Puppet, Chef, Docker, and more.

Explore the Nexus Platform

  • Docker: Automate container security and scale DevOps with Lifecycle container analysis.
  • Java: Automate open source governance and scale DevOps with precise intelligence for Java components.
  • JavaScript: Automate open source governance and scale DevOps with precise intelligence for JavaScript components.
  • .Net: Automate open source governance and scale DevOps with precise intelligence for.Net components.
  • PyPI: Proxy and host PyPI components and define and enforce rules for PyPI component usage to ensure only the best PyPI components enter your Nexus Repository.
  • GitHub: The Nexus Platform plugin for Jenkins pushes component intelligence into GitHub where developers can view and respond to policy violations.
  • PHP: Generate a software bill of materials for PHP components to identify potential security risks and prioritize remediation based on severity.
  • Swift: Generate a software bill of materials for Swift components to identify potential security risks and prioritize remediation based on severity.
  • CocoaPods: Generate a software bill of materials for CocoaPods to identify potential security risks and prioritize remediation based on severity.
  • Ruby Gems: Proxy and host Ruby Gem repositories and generate a software bill of materials for Ruby Gem components to identify potential security risks.
  • C and C++: Generate a software bill of materials for C and C++ components to identify potential security risks and prioritize remediation based on severity.
  • Eclipse: Empower developers with precise component intelligence directly within the Eclipse IDE.
  • IntelliJ IDEA: Empower developers with precise component intelligence directly within IntelliJ IDEA.
  • Microsoft Visual Studio: Empower developers with precise component intelligence directly within Microsoft Visual Studio.
  • Jenkins: Shift security and quality practices left by automatically sending alerts or failing Jenkins builds when application components are out of compliance with your open source policies.
  • Atlassian Bamboo: Shift security and quality practices left by automatically sending alerts or failing Bamboo builds when application components are out of compliance with your open source policies.
  • Maven: Infuse your Maven builds with the most precise component intelligence and automatically fail builds based on policy violations, including violations found in transitive dependencies.
  • SonarQube: View Sonatype's precise component intelligence directly in SonarQube 6.x projects and dashboards, ensuring teams are evaluating every facet of high-quality application development.
  • Xebia Labs: Identify the risk associated with open source components used within your applications and understand where those applications are deployed - QA, UAT, Production.
  • npm: Node.js developers, Grunt users, and others can use Nexus Repository Manager to proxy npmjs.org and locally host their own npm packages.
  • NuGet: .Net developers can take advantage of the NuGet package manager and the integration in VisualStudio to manage their own and third-party packages.
  • Bower: Use Nexus Repository Manager to proxy and host Bower repositories.
  • Yum: Establish a deployment pipeline from your Maven build to your Linux servers using RPM packages and YUM repositories.
  • RPM: Define and enforce rules for RPM usage to ensure only the best RPM components enter your Yum Nexus Repository.
  • GitLFS: Reduce download times by hosting large files locally in Nexus Repository, so all of your binaries are managed in one central location.
  • AWS: Manage and secure open source and third-party components in the cloud with Nexus Repository and IQ Server.
  • OpenShift: Use Nexus to store and manage binaries, build artifacts, and Docker containers within your OpenShift environment.
  • Mesosphere DC/OS: Deploy Nexus Repository as a free solution for managing open source components and Docker containers within DC/OS.
  • Atlassian Crowd: Connect the Nexus Repository to the same security backend as Confluence, Bamboo, and JIRA.
  • Atlassian Bitbucket: The Nexus Notifier plugin for Jenkins pushes component intelligence into Bitbucket Code Insights where developers can view and respond to policy violations.

Tell us about a new Kubernetes application

Newsletter

Never miss a thing! Sign up for our newsletter to stay updated.

About

Discover and share new Kubernetes applications

Navigation