Repository Management with Nexus

10.4. Setting up a Procured Repository

If you installed Nexus Professional, the Nexus Procurement Suite is already installed and available via the Artifact Procurement option in the Enterprise menu of the Nexus interface.

This section will walk through the process of creating and configuring a hosted repository named Approved From Central which will be procured from the Central proxy repository. Setting up a procured repository consists of the following steps:

  • Enabling Remote Index Downloads for a Proxy Repository
  • Creating a Hosted Repository to be Procured
  • Configuring Procurement for the Hosted Repository
  • Configuring Procurement Rules

Before configuring a procured repository, you need to make sure that you have enabled Remote Index downloading for the proxied repository that will serve as the source for your procured repository.

Note

If you are attempting to procure components from a remote repository which does not have a repository index, you can still use the procurement suite. Without a remote repository index, you will need to configure procurement rules manually without the benefit of the already populated repository tree shown in Section 10.5, “Configuring Procurement”.

10.4.1. Enable Remote Index Downloads

When you configure procurement rules for a hosted repository, the administrative interface displays the repository as a tree view using the Maven repository format of the of groups and components using populated from remote repository’s index. Nexus ships with a set of proxy repositories, but remote index downloading is disabled by default.

To use procurement effectively, you will need to tell Nexus to download the remote indexes for a proxy repository. Click on Repositories under Views/Repositories in the Nexus menu, then click on the Central Repository in the list of repositories. Click on the Configuration tab, locate Download Remote Indexes, and switch this option to True as shown in Figure 10.3, “Enabling Remote Index Downloads for a Proxy Repository”.

figs/web/procure_central-download-remote-index.png

Figure 10.3. Enabling Remote Index Downloads for a Proxy Repository


Click on the Save button in the dialog shown in Figure 10.3, “Enabling Remote Index Downloads for a Proxy Repository”. Right-click on the repository row in the Repositories list and select "Update Index". Nexus will then download the remote repository index and recreate the index for any Repository Groups that contain this proxied repository.

Nexus may take a few minutes to download the remote index for a large repository. Depending on your connection to the Internet, this process can take anywhere from under a minute to a few minutes. The size of the remote index for the Central Repository currently exceeds 50MB and is growing in parallel to the size of the repository itself.

To check on the status of the remote index download, click on System Feeds under Views in the Nexus menu. Click on the last feed to see a list of "System Changes in Nexus". If you see a log entry like the one highlighted in Figure 10.4, “Verification that the Remote Index has been Downloaded”, Nexus has successfully downloaded the Remote Index from Maven Central.

figs/web/procure_reindex-system-feed.png

Figure 10.4. Verification that the Remote Index has been Downloaded


10.4.2. Create a Hosted Repository

When you configure procurement you are establishing a relationship between a proxy repository and a hosted repository. The hosted repository will be the static container for the components, while the proxy repository acts as the component source. To create a hosted repository, select Repositories from the Views/Repositories section of the Nexus menu, and click on the Add button selecting Hosted Repository as shown in Figure 10.5, “Adding the "Approved From Central" Hosted Repository”.

figs/web/procure_add-hosted.png

Figure 10.5. Adding the "Approved From Central" Hosted Repository


Selecting Hosted Repository will then load the Configuration form. Create a repository with a Repository ID of "approved-from-central" and a name of "Approved From Central". Make the release policy "Release". Click the Save button to create the new Hosted Repository.

10.4.3. Configuring Procurement for Hosted Repository

At this point, the list of Repositories will have a new Hosted repository named "Approved From Central". The next step is to start procurement for the new repository. When you do this, you are establishing a relationship between the new hosted repository and another repository as source of compnents. Typically this source is a proxy repository. In this case, we’re configuring procurement for the repository and we’re telling the Procurement Suite to procure artifacts from the Central proxy repository. To configure this relationship and to start procurement, click on Artifact Procurement under the Enterprise menu. In the Procurement panel, click on Add Procured Repository as shown in Figure 10.6, “Adding a Procured Repository”.

figs/web/procure_add-procured-repository.png

Figure 10.6. Adding a Procured Repository


You will then be presented with the Start Procurement dialog as shown in Figure 10.7, “Configuring Procurement for a Hosted Repository”. Select the "Central" proxy repository from the list of available Source repositories.

figs/web/procure_configure-procurement-confirm.png

Figure 10.7. Configuring Procurement for a Hosted Repository


Procurement is now configured and started, if you are using an instance of Nexus installed on localhost port 8081, you can configure your clients to reference the new repository at http://localhost:8081/nexus/content/repositories/approved-from-central

By default, all artifacts are denied and without further customization of the procurement rules no components will be available in the new repository.

One interesting thing to note about the procured repository is that the repository type changed, once procurement was started. When procurement is activate for a hosted repository, the repository will not show up in the repositories list as a User Managed Repository. Instead it will show up as a proxy repository in the list of Nexus Managed Repositories. Use the drop down for User Managed/Nexus Managed Repositories in the Repositories list. Click Refresh in the Repositories list, and look at the Approved From Central repository in the list of Nexus Managed Repositories. You will see that the repository type column contains proxy as shown in Figure 10.8, “Hosted Repository is a Nexus Managed Proxy Repository while Procurement is Active”. When procurement is started for a hosted repository it is effectively a proxy repository, and when it is stopped it will revert back to being a normal hosted repository.

figs/web/procure_started-now-proxy.png

Figure 10.8. Hosted Repository is a Nexus Managed Proxy Repository while Procurement is Active


10.4.4. Procured Repository Administration

Once you’ve defined the relationship between a hosted repository and a proxy repository and you have started procurement, you can start defining the rules which will control which components are allowed in a procured repository and which components are denied. You can also start and stop procurement. This section details some of the administration panels and features which are available for a procured repository.

A procurement rule is a rule to allow or deny the procurement of a group, artifact, or a collection of groups or artifacts. You load the Artifact Procurement interface by selecting Artifact Procurement in the Enterprise menu of the Nexus left hand navigation. Clicking on this link will load a list of procured repositories. Clicking on the repository will display the proxied source repository and the current content of the procured repository in a tree as shown in Figure 10.9, “Viewing a Repository in the Artifact Procurement Interface”.

This section will illustrate the steps required for blocking access to an specific component and then selectively allowing access to a particular version of that same component. This is a common use-case in organizations which want to standardize on specific versions of a particular dependency.

Note

If you are attempting to procure components from a remote repository which does not have a repository index, you can still use the procurement suite. Without a remote repository index, you will need to configure procurement rules manually without the benefit of the already populated repository tree shown in this section.

figs/web/procure_repository-view.png

Figure 10.9. Viewing a Repository in the Artifact Procurement Interface


The directory tree in Figure 10.9, “Viewing a Repository in the Artifact Procurement Interface” is the index of the proxy repository from which artifacts are being procured.