Skip to content

sonatype/central_nxrm_two_portal

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

120 Commits
.config
.config
 
 
.github
.github
 
 
example_projects
example_projects
 
 
nxrm_two_portal
nxrm_two_portal
 
 
nxrm_two_portal_lambda
nxrm_two_portal_lambda
 
 
portal_api
portal_api
 
 
proxy_endpoints
proxy_endpoints
 
 
repository
repository
 
 
user_auth
user_auth
 
 
.envrc
.envrc
 
 
.gitignore
.gitignore
 
 
.licensure.yml
.licensure.yml
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
Dockerfile
Dockerfile
 
 
LICENSE-APACHE
LICENSE-APACHE
 
 
LICENSE-MIT
LICENSE-MIT
 
 
README.md
README.md
 
 
flake.lock
flake.lock
 
 
flake.nix
flake.nix
 
 
justfile
justfile
 
 
ossrh-proxy-service-dev-public-key.pem
ossrh-proxy-service-dev-public-key.pem
 
 
ossrh-proxy-service-prod-public-key.pem
ossrh-proxy-service-prod-public-key.pem
 
 
rustfmt.toml
rustfmt.toml
 
 
settings-example.xml
settings-example.xml
 
 

Repository files navigation

The nxrm_two_portal Project

nxrm_two_portal

This is the core service focused on implementing a subset of the NXRM2 API that is used by various publishing plugins and tools. The service is currently implemented as an axum server, but in the future the intent is to pull out the core functionality into an AWS Lambda Function.

portal_api

This is the API related to publishing via the new Central Publisher Portal.

example_projects

This is a collection of projects that demonstrate real-world usages of the plugins we intend to support with the translation API.

nexus-staging-maven-plugin

Local Setup

For local development, we recommend using Nix + Direnv. This will provide a development environment with all required dependencies.

Using the Nix setup provides convenience wrappers for Maven have been provided (mvnLocalProxy, mvnStagingProxy, & mvnProductionProxy). They expect valid settings files with a server central.testing and a name settings-<environment>.xml (local, staging, & production). There is a settings-example.xml included for convenience.

Lambda Setup

This was clickops-ed.

Lambda role requires s3 access, added JSON here for posterity sake, the dual resources are necessary for ListObjectsV2 to run. S3 actions can be severely trimmed down.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowAccessToS3BucketForLambda",
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": [
                "arn:aws:s3:::jeffry-test-bucket-cdv-2856/*",
                "arn:aws:s3:::jeffry-test-bucket-cdv-2856"
            ]
        }
    ]
}

Public Key creation

We need a public key in the container (and later in AWS Secrets Manager) for verifying the JWT, so how do I create the key (assuming you have a .pem file that is the certificates):

openssl x509 -pubkey -noout -in user-service-public-key.pem | pbcopy

Lambda Container Image Build Process

  1. Start an aws-vault session via aws-vault exec sonatype-central --duration 12h
  2. Login to ECR via just aws-ecr-login
  3. Build the docker image via just docker-image-build
  4. If local testing passes, tag and upload it to ECR via just docker-image-push
  5. From there, run just aws-lambda-update to have the function roll over to production

Common commands

Build & Run Tests

nix flake check

Run The Local Proxy

just run-local

Note: This reduces some of the noise around HTTPS requests to the Portal

Non-Nix

You'll need the following installed:

  • Rust (cargo)
  • Java (java, mvn)
  • GPG (gpg)

License

This code is licensed under the dual-license approach of MIT OR Apache-2.0.

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0, MIT licenses found

Licenses found

Apache-2.0
LICENSE-APACHE
MIT
LICENSE-MIT
Activity
Custom properties

Stars

0 stars

Watchers

10 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages