1
0
Woodpecker CI plugin to publish artifacts to Sonatype Nexus
Go to file
Konstantin Demin 481a3072f5
All checks were successful
ci/woodpecker/tag/build Pipeline was successful
ci/woodpecker/manual/latest Pipeline was successful
version 0.0.2
2024-05-28 19:14:06 +03:00
.ci ci: fix 2024-05-28 19:13:38 +03:00
.vscode initial commit 2024-05-28 14:41:14 +03:00
.woodpecker ci: fix 2024-05-28 19:13:38 +03:00
nexus/upload_spec initial commit 2024-05-28 14:41:14 +03:00
.dockerignore ci: fix 2024-05-28 19:13:38 +03:00
.gitignore ci: introduce 2024-05-28 14:46:02 +03:00
Dockerfile initial commit 2024-05-28 14:41:14 +03:00
Dockerfile.ci ci: introduce 2024-05-28 14:46:02 +03:00
docs.md initial commit 2024-05-28 14:41:14 +03:00
error.go initial commit 2024-05-28 14:41:14 +03:00
flags.go initial commit 2024-05-28 14:41:14 +03:00
go.mod initial commit 2024-05-28 14:41:14 +03:00
go.sum initial commit 2024-05-28 14:41:14 +03:00
impl.go initial commit 2024-05-28 14:41:14 +03:00
LICENSE initial commit 2024-05-28 14:41:14 +03:00
main.go version 0.0.2 2024-05-28 19:14:06 +03:00
Makefile ci: fix 2024-05-28 19:13:38 +03:00
nexus-repo.go initial commit 2024-05-28 14:41:14 +03:00
nexus-request.go initial commit 2024-05-28 14:41:14 +03:00
nexus-status.go initial commit 2024-05-28 14:41:14 +03:00
README.md ci: introduce 2024-05-28 14:46:02 +03:00
settings.go initial commit 2024-05-28 14:41:14 +03:00
upload-spec.go initial commit 2024-05-28 14:41:14 +03:00
upload.go initial commit 2024-05-28 14:41:14 +03:00

plugin-sonatype-nexus

build-status goreport docker-pulls license

Woodpecker CI plugin/standalone executable to publish artifacts to Sonatype Nexus.

Example .woodpecker.yml:

steps:
- name: publish
  image: rockdrilla/woodpecker-sonatype-nexus
  settings:
    url: https://nexus.domain.com
    auth_base64:
      # consult with #3406 for that syntax
      # ref: https://github.com/woodpecker-ci/woodpecker/pull/3406
      from_secret: nexus-auth-b64
    upload:
      - repository: project-apt
        paths:
          - dist/all/*.deb
          - dist/amd64/*.deb
      - repository: project-raw
        paths:
          - dist/raw/all-in-one.tar.xz
        # property from upload specification for "raw" repository
        directory: /build/
      - repository: project-r
        paths:
          - dist/r/*.tar.gz
        # property from upload specification for "r" repository
        pathId: /src/contrib/

Example .gitlab-ci.yml:

publish R:
  stage: publish
  image: rockdrilla/woodpecker-sonatype-nexus
  variables:
    NEXUS_URL: https://nexus.domain.com
   #NEXUS_AUTH_BASE64 is stored as CI variable
    NEXUS_REPOSITORY: project-r
    NEXUS_PATHS: "dist/r/*.tar.gz"
    NEXUS_PROPERTIES: "pathId=/src/contrib/"

Example manual invocation (within rockdrilla/woodpecker-sonatype-nexus container):

# publish R
publish-nexus \
  --nexus.url          https://nexus.domain.com \
  --nexus.auth        'upload-user:super-$ecret-passw0rd' \
  --nexus.repository   project-r \
  --nexus.paths       'dist/r/*.tar.gz' \
  --nexus.properties  'pathId=/src/contrib/'

Woodpecker CI plugin

Plugin documentation is provided in separate document.

Other CI systems / standalone executable

Environment

Environment variable Required Description
NEXUS_URL yes Sonatype Nexus URL (e.g. https://nexus.domain.com)
NEXUS_AUTH no * HTTP Basic Authentication (plain-text, in form {username}:{password})
NEXUS_AUTH_BASE64 no * HTTP Basic Authentication (base64-encoded)
NEXUS_AUTH_HEADER no * generic HTTP authentication header (in form {Header}={Value})
NEXUS_REPOSITORY yes Repository name (of type "hosted")
NEXUS_PATHS yes Comma-separated list of files to upload (accepts globs)
NEXUS_PROPERTIES no Comma-separated list of additional repository-specific properties (in form {key}={value})

Command-line flags

Flag Required Multiple times? Description
--nexus.url yes no Sonatype Nexus URL (e.g. https://nexus.domain.com)
--nexus.auth no * no HTTP Basic Authentication (plain-text, in form {username}:{password})
--nexus.auth.base64 no * no HTTP Basic Authentication (base64-encoded)
--nexus.auth.header no * no generic HTTP authentication header (in form {Header}={Value})
--nexus.repository yes no Repository name (of type "hosted")
--nexus.paths yes yes List of files to upload (accepts globs)
--nexus.properties no yes Additional repository-specific properties (in form {key}={value})

Notes

  • At least one authentication setting must be provided.

    If there are more than one setting were specified then setting is selected in order of priority (from most to least):

    • NEXUS_AUTH_HEADER
    • NEXUS_AUTH_BASE64
    • NEXUS_AUTH
  • Preferred setting for HTTP Basic Authentication is NEXUS_AUTH_BASE64 as there is minimal chance for breaking value during serialization/deserialization.

  • Generic authentication setting NEXUS_AUTH_HEADER is provided for cases where authentication differs from HTTP Basic Authentication.

  • The one may use User Tokens for HTTP Basic Authentication.

    There is no need for special handling as tokens are conform to scheme:

    {token name code}:{token pass code}

  • The one may consult with Sonatype Nexus REST API for repository-specific properties for component uploads.

    Sonatype Nexus REST API is available via:

    • Web UI - https://nexus.domain.com/#admin/system/api
    • Swagger - https://nexus.domain.com/service/rest/swagger.json

    Points of interest are:

    • /v1/formats/upload-specs
    • /v1/components (with POST method)

    Also, there is fallback upload spec:

    • if component/asset field does not specify Optional: true then this field is required.

Known limitations

  • No more than 32 assets may be uploaded at once (if destination repository type supports multiple upload).

    This is (merely) artificial limit for single upload - plugin will upload all listed files but via several calls.

    If you suppose that Sonatype Nexus is viable to receive more assets at once - feel free to contact me.