Repository Management with Nexus
9.4. Setting up a Procured Repository
If you installed Nexus Professional, the Nexus Procurement Suite is already installed and available via the Artifact Procurement option in the Enterprise menu of the Nexus interface.
This section will walk through the process of creating and configuring a hosted repository named "Approved From Central" which will be procured from the "Central" proxy repository. Setting up a procured repository consists of the following steps:
- Enabling Remote Index Downloads for a Proxy Repository
- Creating a Hosted Repository to be Procured
- Configuring Procurement for the Hosted Repository
- Configuring Procurement Rules
Before configuring a procured repository, you need to make sure that you have enabled Remote Index downloading for the proxied repository that will serve as the source for your procured repository.
If you are attempting to procure components from a remote repository which does not have a repository index, you can still use the procurement suite. Without a remote repository index, you will need to configure procurement rules manually without the benefit of the already populated repository tree shown in Section 9.5, “Configuring Procurement”.
When you configure procurement rules for a hosted repository, the administrative interface displays the repository as a tree view using the Maven repository format of the of groups and components using populated from remote repository’s index. Nexus ships with a set of proxy repositories, but remote index downloading is disabled by default.
To use procurement effectively, you will need to tell Nexus to download the remote indexes for a proxy repository. Click on "Repositories" under Views/Repositories in the Nexus menu, then click on the Central Repository in the list of repositories. Click on the Configuration tab, locate Download Remote Indexes, and switch this option to "True" as shown in Figure 9.3, “Enabling Remote Index Downloads for a Proxy Repository”.
Click on the Save button in the dialog shown in Figure 9.3, “Enabling Remote Index Downloads for a Proxy Repository”. Right-click on the repository row in the Repositories list and select "Update Index". Nexus will then download the remote repository index and recreate the index for any Repository Groups that contain this proxied repository.
Nexus may take a few minutes to download the remote index for a large repository. Depending on your connection to the Internet, this process can take anywhere from under a minute to a few minutes. The size of the remote index for the Central Repository currently exceeds 50MB and is growing in parallel to the size of the repository itself.
To check on the status of the remote index download, click on System Feeds under Views in the Nexus menu. Click on the last feed to see a list of "System Changes in Nexus". If you see a log entry like the one highlighted in Figure 9.4, “Verification that the Remote Index has been Downloaded”, Nexus has successfully downloaded the Remote Index from Maven Central.
When you configure procurement you are establishing a relationship
between a proxy repository and a hosted repository. The hosted
repository will be the static container for the components, while the
proxy repository acts as the component source. To create a hosted
repository, select Repositories from the Views/Repositories section of
the Nexus menu, and click on the
Add button selecting Hosted
Repository as shown in Figure 9.5, “Adding the "Approved From Central" Hosted Repository”.
Selecting Hosted Repository will then load the Configuration form. Create a repository with a Repository ID of "approved-from-central" and a name of "Approved From Central". Make the release policy "Release". Click the Save button to create the new Hosted Repository.
At this point, the list of Repositories will have a new Hosted
repository named "Approved From Central". The next step is to start procurement for
the new repository. When you do this, you are establishing a
relationship between the new hosted repository and another repository
as source of compnents. Typically this source is a proxy repository.
In this case, we’re configuring procurement for the repository
and we’re telling the Procurement Suite to procure artifacts from the
Central proxy repository. To configure this relationship and to
start procurement, click on Artifact Procurement under the Enterprise
menu. In the Procurement panel, click on
Add Procured Repository as
shown in Figure 9.6, “Adding a Procured Repository”.
You will then be presented with the Start Procurement dialog as shown in Figure 9.7, “Configuring Procurement for a Hosted Repository”. Select the "Central" proxy repository from the list of available Source repositories.
Procurement is now configured and started, if you are using an instance of Nexus installed on localhost port 8081, you can configure your clients to reference the new repository at http://localhost:8081/nexus/content/repositories/approved-from-central
By default, all artifacts are denied and without further customization of the procurement rules no components will be available in the new repository.
One interesting thing to note about the procured repository is that
the repository type changed, once procurement was started. When
procurement is activate for a hosted repository, the repository will
not show up in the repositories list as a User Managed
Repository. Instead it will show up as a proxy repository in the list
of Nexus Managed Repositories. Use the drop down for
Managed/Nexus Managed Repositories in the Repositories list. Click
Refresh in the Repositories list, and look at the Approved From
Central repository in the list of Nexus Managed Repositories. You
will see that the repository type column contains "proxy" as shown in
Figure 9.8, “Hosted Repository is a Nexus Managed Proxy Repository while Procurement is Active”. When procurement is started for a
hosted repository it is effectively a proxy repository, and when it is
stopped it will revert back to being a normal hosted repository.
Once you’ve defined the relationship between a hosted repository and a proxy repository and you have started procurement, you can start defining the rules which will control which components are allowed in a procured repository and which components are denied. You can also start and stop procurement. This section details some of the administration panels and features which are available for a procured repository.
A procurement rule is a rule to allow or deny the procurement of a group, artifact, or a collection of groups or artifacts. You load the Artifact Procurement interface by selecting Artifact Procurement in the Enterprise menu of the Nexus left hand navigation. Clicking on this link will load a list of procured repositories. Clicking on the repository will display the proxied source repository and the current content of the procured repository in a tree as shown in Figure 9.9, “Viewing a Repository in the Artifact Procurement Interface”.
This section will illustrate the steps required for blocking access to an specific component and then selectively allowing access to a particular version of that same component. This is a common use-case in organizations which want to standardize on specific versions of a particular dependency.
If you are attempting to procure components from a remote repository which does not have a repository index, you can still use the procurement suite. Without a remote repository index, you will need to configure procurement rules manually without the benefit of the already populated repository tree shown in this section.
The directory tree in Figure 9.9, “Viewing a Repository in the Artifact Procurement Interface” is the index of the proxy repository from which artifacts are being procured.