--- /dev/null
+import org.sonatype.nexus.security.realm.RealmManager
+import org.sonatype.nexus.repository.attributes.AttributesFacet
+import org.sonatype.nexus.security.user.UserManager
+import org.sonatype.nexus.repository.manager.RepositoryManager
+import org.sonatype.nexus.security.user.UserNotFoundException
+
+/* Use the container to look up some services. */
+realmManager = container.lookup(RealmManager.class)
+userManager = container.lookup(UserManager.class, "default") //default user manager
+repositoryManager = container.lookup(RepositoryManager.class)
+
+/* Managers are used when scripting api cannot. Note that scripting api can only create mostly, and that creation methods return objects of created entities. */
+/* Perform cleanup by removing all repos and users. Realms do not need to be re-disabled, admin and anonymous user will not be removed. */
+userManager.listUserIds().each({ id ->
+ if (id != "anonymous" && id != "admin")
+ userManager.deleteUser(id)
+})
+
+repositoryManager.browse().each {
+ repositoryManager.delete(it.getName())
+}
+
+/* Add bearer token realms at the end of realm lists... */
+realmManager.enableRealm("NpmToken")
+realmManager.enableRealm("DockerToken")
+
+/* Create the docker user. */
+security.addUser("docker", "docker", "docker", "docker@example.com", true, "docker", ["nx-anonymous"])
+
+/* Create npm and docker repositories. Their default configuration should be compliant with our requirements, except the docker registry creation. */
+repository.createNpmHosted("npm-private")
+def r = repository.createDockerHosted("docker", 8082, 0)
+
+/* force basic authentication true by default, must set to false for docker repo. */
+conf=r.getConfiguration()
+conf.attributes("docker").set("forceBasicAuth", false)
+repositoryManager.update(conf)
--- /dev/null
+---
+- name: "check if the configuration script is uploaded"
+ uri:
+ url: "{{ nexus_url }}/service/rest/v1/script/configure"
+ method: GET
+ force_basic_auth: yes
+ user: admin
+ password: admin123
+ status_code: [200, 404]
+ register: script
+- block:
+ - name: "upload the configuration script"
+ uri:
+ url: "{{ nexus_url }}/service/rest/v1/script"
+ method: POST
+ force_basic_auth: yes
+ user: admin
+ password: admin123
+ body_format: json
+ body:
+ name: configure
+ type: groovy
+ content: "{{ lookup('file', 'files/configure.groovy') }}"
+ status_code: [204]
+ - name: "execute configuration script"
+ uri:
+ url: "{{ nexus_url }}/service/rest/v1/script/configure/run"
+ method: POST
+ force_basic_auth: yes
+ user: admin
+ password: admin123
+ body_format: raw
+ headers: { "Content-Type": "text/plain" }
+ when: script.status == 404
--- /dev/null
+---
+- name: Load docker images and push into registry
+ block:
+ - set_fact:
+ component: "{{ (item.path | basename | splitext)[0] }}"
+
+ - name: Docker login
+ docker_login:
+ registry: "{{ runtime_images[component].registry }}"
+ username: admin
+ password: admin123
+
+ - name: Load and push component {{ component }}
+ docker_image:
+ name: "{{ runtime_images[component].registry }}{{ runtime_images[component].path }}"
+ tag: "{{ runtime_images[component].tag }}"
+ push: yes
+ load_path: "{{ item.path }}"
+
--- /dev/null
+---
+- name: Change ownership of nexus_data
+ file:
+ path: "{{ app_data_path }}/nexus_data"
+ owner: 200
+ group: 200
+ recurse: yes
+
+- name: Load nexus image
+ docker_image:
+ name: sonatype/nexus3
+ load_path: "{{ app_data_path }}/offline_data/docker_images_infra/sonatype_nexus3_latest.tar"
+ state: present
+
+- name: Create nexus network
+ docker_network:
+ name: nexus_network
+ state: present
+
+- name: Run nexus container
+ docker_container:
+ name: nexus
+ image: sonatype/nexus3
+ networks:
+ - name: nexus_network
+ volumes:
+ - "{{ app_data_path }}/nexus_data:/nexus-data:rw"
+ state: started
+ restart_policy: unless-stopped