Terraform provider to configure Sonatype Nexus using its API.
Implemented and tested with Sonatype Nexus 3.70.1-02
.
provider "nexus" {
insecure = true
password = "admin123"
url = "https://127.0.0.1:8080"
username = "admin"
client_cert_path = "/path/to/client.crt"
client_key_path = "/path/to/client.key"
root_ca_path = "/path/to/root_ca.crt"
}
Optionally with mTLS if Nexus is deployed behind a reverse proxy:
provider "nexus" {
insecure = true
password = "admin123"
url = "https://127.0.0.1:8080"
username = "admin"
client_cert_path = "/path/to/client.crt"
client_key_path = "/path/to/client.key"
root_ca_path = "/path/to/root_ca.crt"
}
Note that the root_ca_path
should contain ALL certificates required for
communication. It overrides the system CA store, rather than adding to it.
You can point the root_ca_path
to the system trust store if required, e.g.:
root_ca_path = "/etc/ssl/certs/ca-certificates.crt"
There is a makefile to build the provider and place it in repos root dir.
make
To use the local build version you need tell terraform where to look for it via a terraform config override.
Create dev.tfrc
in your terraform code folder (f.e. in dev.tfrc):
# dev.tfrc
provider_installation {
# Use /home/developer/tmp/terraform-nexus as an overridden package directory
# for the datadrivers/nexus provider. This disables the version and checksum
# verifications for this provider and forces Terraform to look for the
# nexus provider plugin in the given directory.
# relative path also works, but no variable or ~ evaluation
dev_overrides {
"datadrivers/nexus" = "../../"
}
# For all other providers, install them directly from their origin provider
# registries as normal. If you omit this, Terraform will _only_ use
# the dev_overrides block, and so no other providers will be available.
direct {}
}
Tell your shell environment to use override file:
export TF_CLI_CONFIG_FILE=dev.tfrc
Now run your terraform commands (plan
or apply
), init
is not required.
# start local nexus
make start-services
# run local terraform code
cd examples/local-development
terraform plan
terraform apply
NOTE: For testing Nexus Pro features, place the license.lic
in scripts/
.
For testing start a local Docker containers using make
make start-services
This will start a Docker and MinIO containers and expose ports 8081 and 9000.
Now start the tests
make testacc
or skipped tests:
SKIP_S3_TESTS=true make testacc
SKIP_AZURE_TESTS=true make testacc
SKIP_PRO_TESTS=true make testacc
Set env variable TF_LOG=DEBUG
to see additional output.
Use printState()
function to discover terraform state (and resource props) during test.
Debug configurations are also available for VS Code.
When creating or updating resources/data resources please make sure to update the examples in the respective folder (./examples/resources/<name>
for resources, ./examples/data-sources/<name>
for data sources)
Next you can use the following command to generate the terraform documentation from go files
make docs