From 727aeb8d509ee65fa5d1e0a999b970e890bd5f75 Mon Sep 17 00:00:00 2001 From: Sergiy Kulanov Date: Wed, 25 Dec 2024 13:32:42 +0200 Subject: [PATCH] operator nexus-operator (3.3.0) Signed-off-by: Sergiy Kulanov --- .../edp.epam.com_nexusblobstores.yaml | 310 ++ .../edp.epam.com_nexuscleanuppolicies.yaml | 148 + .../3.3.0/manifests/edp.epam.com_nexuses.yaml | 79 + .../edp.epam.com_nexusrepositories.yaml | 4437 +++++++++++++++++ .../manifests/edp.epam.com_nexusroles.yaml | 106 + .../manifests/edp.epam.com_nexusscripts.yaml | 105 + .../manifests/edp.epam.com_nexususers.yaml | 130 + ...s-operator-webhook-service_v1_service.yaml | 21 + .../nexus-operator.clusterserviceversion.yaml | 667 +++ .../3.3.0/metadata/annotations.yaml | 18 + .../3.3.0/tests/scorecard/config.yaml | 70 + 11 files changed, 6091 insertions(+) create mode 100644 operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusblobstores.yaml create mode 100644 operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexuscleanuppolicies.yaml create mode 100644 operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexuses.yaml create mode 100644 operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusrepositories.yaml create mode 100644 operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusroles.yaml create mode 100644 operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusscripts.yaml create mode 100644 operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexususers.yaml create mode 100644 operators/nexus-operator/3.3.0/manifests/nexus-operator-webhook-service_v1_service.yaml create mode 100644 operators/nexus-operator/3.3.0/manifests/nexus-operator.clusterserviceversion.yaml create mode 100644 operators/nexus-operator/3.3.0/metadata/annotations.yaml create mode 100644 operators/nexus-operator/3.3.0/tests/scorecard/config.yaml diff --git a/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusblobstores.yaml b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusblobstores.yaml new file mode 100644 index 00000000000..0e9d631ed55 --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusblobstores.yaml @@ -0,0 +1,310 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: nexusblobstores.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusBlobStore + listKind: NexusBlobStoreList + plural: nexusblobstores + singular: nexusblobstore + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Status of the blob store + jsonPath: .status.value + name: Status + type: string + name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusBlobStore is the Schema for the nexusblobstores API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NexusBlobStoreSpec defines the desired state of NexusBlobStore. + properties: + file: + description: File type blobstore. + properties: + path: + description: |- + The path to the blobstore contents. + This can be an absolute path to anywhere on the system Nexus Repository Manager has access to it or can be a path relative to the sonatype-work directory. + type: string + type: object + name: + description: |- + Name of the BlobStore. + Name should be unique across all BlobStores. + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + s3: + description: S3 type blobstore. + properties: + advancedBucketConnection: + description: A custom endpoint URL, signer type and whether path + style access is enabled. + properties: + endpoint: + description: A custom endpoint URL for third party object + stores using the S3 API. + type: string + forcePathStyle: + default: false + description: Setting this flag will result in path-style access + being used for all requests. + type: boolean + maxConnectionPoolSize: + description: Setting this value will override the default + connection pool size of Nexus of the s3 client for this + blobstore. + format: int32 + type: integer + signerType: + description: An API signature version which may be required + for third party object stores using the S3 API. + enum: + - DEFAULT + - S3SignerType + - AWSS3V4SignerType + type: string + type: object + bucket: + description: Details of the S3 bucket such as name and region. + properties: + expiration: + default: 3 + description: How many days until deleted blobs are finally + removed from the S3 bucket (-1 to disable). + format: int32 + type: integer + name: + description: The name of the S3 bucket. + type: string + prefix: + description: The S3 blob store (i.e. S3 object) key prefix. + type: string + region: + default: DEFAULT + description: The AWS region to create a new S3 bucket in or + an existing S3 bucket's region. + type: string + required: + - name + type: object + bucketSecurity: + description: Security details for granting access the S3 API. + properties: + accessKeyId: + description: An IAM access key ID for granting access to the + S3 bucket. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + role: + description: An IAM role to assume in order to access the + S3 bucket. + type: string + secretAccessKey: + description: The secret access key associated with the specified + IAM access key ID. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + sessionToken: + description: An AWS STS session token associated with temporary + security credentials which grant access to the S3 bucket. + properties: + configMapKeyRef: + description: Selects a key of a ConfigMap. + properties: + key: + description: The key to select. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + secretKeyRef: + description: Selects a key of a secret. + properties: + key: + description: The key of the secret to select from. + type: string + name: + description: |- + Name of the referent. + More info: https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#names + TODO: Add other useful fields. apiVersion, kind, uid? + type: string + required: + - key + type: object + x-kubernetes-map-type: atomic + type: object + required: + - accessKeyId + - secretAccessKey + type: object + encryption: + description: The type of encryption to use if any. + properties: + encryptionKey: + description: If using KMS encryption, you can supply a Key + ID. If left blank, then the default will be used. + type: string + encryptionType: + description: The type of S3 server side encryption to use. + enum: + - none + - s3ManagedEncryption + - kmsManagedEncryption + type: string + type: object + required: + - bucket + type: object + softQuota: + description: Settings to control the soft quota. + properties: + limit: + description: The limit in MB. + format: int64 + minimum: 1 + type: integer + type: + description: Type of the soft quota. + enum: + - spaceRemainingQuota + - spaceUsedQuota + type: string + type: object + required: + - name + - nexusRef + type: object + status: + description: NexusBlobStoreStatus defines the observed state of NexusBlobStore. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the blob store. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexuscleanuppolicies.yaml b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexuscleanuppolicies.yaml new file mode 100644 index 00000000000..9af8413c8f2 --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexuscleanuppolicies.yaml @@ -0,0 +1,148 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: nexuscleanuppolicies.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusCleanupPolicy + listKind: NexusCleanupPolicyList + plural: nexuscleanuppolicies + singular: nexuscleanuppolicy + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusCleanupPolicy is the Schema for the cleanuppolicies API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NexusCleanupPolicySpec defines the desired state of NexusCleanupPolicy. + properties: + criteria: + description: Criteria for the cleanup policy. + properties: + assetRegex: + description: AssetRegex removes components that match the given + regex. + example: .* + type: string + lastBlobUpdated: + description: LastBlobUpdated removes components published over + “x” days ago. + example: "30" + maximum: 24855 + minimum: 1 + type: integer + lastDownloaded: + description: LastDownloaded removes components downloaded over + “x” days. + example: "30" + maximum: 24855 + minimum: 1 + type: integer + releaseType: + description: ReleaseType removes components that are of the following + release type. + enum: + - RELEASES + - PRERELEASES + - "" + example: RELEASES + type: string + type: object + description: + description: Description of the cleanup policy. + example: Cleanup policy for go format + type: string + format: + description: Format that this cleanup policy can be applied to. + enum: + - apt + - bower + - cocoapods + - conan + - conda + - docker + - gitlfs + - go + - helm + - maven2 + - npm + - nuget + - p2 + - pypi + - r + - raw + - rubygems + - yum + example: go + type: string + name: + description: Name is a unique name for the cleanup policy. + example: go-cleanup-policy + maxLength: 512 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + required: + - criteria + - format + - name + - nexusRef + type: object + status: + description: NexusCleanupPolicyStatus defines the observed state of NexusCleanupPolicy. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the cleanup policy. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexuses.yaml b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexuses.yaml new file mode 100644 index 00000000000..def11dc830b --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexuses.yaml @@ -0,0 +1,79 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: nexuses.edp.epam.com +spec: + group: edp.epam.com + names: + kind: Nexus + listKind: NexusList + plural: nexuses + singular: nexus + scope: Namespaced + versions: + - additionalPrinterColumns: + - description: Is connected to nexus + jsonPath: .status.connected + name: Connected + type: boolean + name: v1alpha1 + schema: + openAPIV3Schema: + description: Nexus is the Schema for the nexus API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NexusSpec defines the desired state of Nexus. + properties: + secret: + description: |- + Secret is the name of the k8s object Secret related to nexus. + Secret should contain a user field with a nexus username and a password field with a nexus password. + type: string + url: + description: Url is the url of nexus instance. + type: string + required: + - secret + - url + type: object + status: + description: NexusStatus defines the observed state of Nexus. + properties: + connected: + description: Connected shows if operator is connected to nexus. + type: boolean + error: + description: Error represents error message if something went wrong. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusrepositories.yaml b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusrepositories.yaml new file mode 100644 index 00000000000..d997bf0b29f --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusrepositories.yaml @@ -0,0 +1,4437 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: nexusrepositories.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusRepository + listKind: NexusRepositoryList + plural: nexusrepositories + singular: nexusrepository + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusRepository is the Schema for the nexusrepositories API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: |- + NexusRepositorySpec defines the desired state of NexusRepository. + It should contain only one format of repository - go, maven, npm, etc. and only one type - proxy, hosted or group. + properties: + apt: + properties: + hosted: + properties: + apt: + description: Apt contains data of hosted repositories of format + Apt. + properties: + distribution: + description: Distribution to fetch + type: string + required: + - distribution + type: object + aptSigning: + description: AptSigning contains signing data of hosted repositores + of format Apt. + properties: + keypair: + description: PGP signing key pair (armored private key + e.g. gpg --export-secret-key --armor) + type: string + passphrase: + description: Passphrase to access PGP signing key + type: string + required: + - keypair + type: object + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - apt + - aptSigning + - name + type: object + proxy: + properties: + apt: + description: Apt configuration. + properties: + distribution: + description: Distribution to fetch. + type: string + flat: + default: false + description: Whether this repository is flat. + type: boolean + required: + - distribution + type: object + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - apt + - name + - proxy + type: object + type: object + bower: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + bower: + properties: + rewritePackageUrls: + description: Whether to force Bower to retrieve packages + through this proxy repository + type: boolean + required: + - rewritePackageUrls + type: object + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - bower + - name + - proxy + type: object + type: object + cocoapods: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + conan: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + conda: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + docker: + properties: + group: + properties: + docker: + description: Docker contains data of a Docker Repositoriy. + properties: + forceBasicAuth: + description: Whether to force authentication (Docker Bearer + Token Realm required if false) + type: boolean + httpPort: + description: Create an HTTP connector at specified port + type: integer + httpsPort: + description: Create an HTTPS connector at specified port + type: integer + v1Enabled: + description: Whether to allow clients to use the V1 API + to interact with this repository + type: boolean + required: + - forceBasicAuth + - v1Enabled + type: object + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + writableMember: + description: 'Pro-only: This field is for the Group Deployment + feature available in NXRM Pro.' + type: string + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - docker + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + docker: + description: Docker contains data of a Docker Repositoriy. + properties: + forceBasicAuth: + description: Whether to force authentication (Docker Bearer + Token Realm required if false) + type: boolean + httpPort: + description: Create an HTTP connector at specified port + type: integer + httpsPort: + description: Create an HTTPS connector at specified port + type: integer + v1Enabled: + description: Whether to allow clients to use the V1 API + to interact with this repository + type: boolean + required: + - forceBasicAuth + - v1Enabled + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - docker + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + docker: + description: Docker contains data of a Docker Repositoriy. + properties: + forceBasicAuth: + description: Whether to force authentication (Docker Bearer + Token Realm required if false) + type: boolean + httpPort: + description: Create an HTTP connector at specified port + type: integer + httpsPort: + description: Create an HTTPS connector at specified port + type: integer + v1Enabled: + description: Whether to allow clients to use the V1 API + to interact with this repository + type: boolean + required: + - forceBasicAuth + - v1Enabled + type: object + dockerProxy: + description: DockerProxy contains data of a Docker Proxy Repository. + properties: + indexType: + default: REGISTRY + description: Type of Docker Index. + enum: + - HUB + - REGISTRY + - CUSTOM + type: string + indexUrl: + description: |- + Url of Docker Index to use. + TODO: add cel validation. (Required if indexType is CUSTOM) + type: string + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - docker + - dockerProxy + - name + - proxy + type: object + type: object + gitLfs: + properties: + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + type: object + go: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + helm: + properties: + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + maven: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + maven: + default: + contentDisposition: INLINE + layoutPolicy: STRICT + versionPolicy: RELEASE + description: Maven contains additional data of maven repository. + properties: + contentDisposition: + default: INLINE + description: Add Content-Disposition header as 'Attachment' + to disable some content from being inline in a browser. + enum: + - INLINE + - ATTACHMENT + type: string + layoutPolicy: + default: STRICT + description: Validate that all paths are maven artifact + or metadata paths. + enum: + - STRICT + - PERMISSIVE + type: string + versionPolicy: + default: RELEASE + description: VersionPolicy is a type of artifact that + this repository stores. + enum: + - RELEASE + - SNAPSHOT + - MIXED + type: string + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + maven: + default: + contentDisposition: INLINE + layoutPolicy: STRICT + versionPolicy: RELEASE + description: Maven contains additional data of maven repository. + properties: + contentDisposition: + default: INLINE + description: Add Content-Disposition header as 'Attachment' + to disable some content from being inline in a browser. + enum: + - INLINE + - ATTACHMENT + type: string + layoutPolicy: + default: STRICT + description: Validate that all paths are maven artifact + or metadata paths. + enum: + - STRICT + - PERMISSIVE + type: string + versionPolicy: + default: RELEASE + description: VersionPolicy is a type of artifact that + this repository stores. + enum: + - RELEASE + - SNAPSHOT + - MIXED + type: string + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthenticationWithPreemptive contains + HTTP client authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + type: string + preemptive: + description: Whether to use pre-emptive authentication. + Use with caution. Defaults to false. + type: boolean + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Whether to block outbound connections on + the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + maven: + default: + contentDisposition: INLINE + layoutPolicy: STRICT + versionPolicy: RELEASE + description: Maven contains additional data of maven repository. + properties: + contentDisposition: + default: INLINE + description: Add Content-Disposition header as 'Attachment' + to disable some content from being inline in a browser. + enum: + - INLINE + - ATTACHMENT + type: string + layoutPolicy: + default: STRICT + description: Validate that all paths are maven artifact + or metadata paths. + enum: + - STRICT + - PERMISSIVE + type: string + versionPolicy: + default: RELEASE + description: VersionPolicy is a type of artifact that + this repository stores. + enum: + - RELEASE + - SNAPSHOT + - MIXED + type: string + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + npm: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + npm: + properties: + removeNonCataloged: + description: Remove Non-Cataloged Versions + type: boolean + removeQuarantined: + description: Remove Quarantined Versions + type: boolean + required: + - removeNonCataloged + - removeQuarantined + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + nuget: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + nugetProxy: + default: + nugetVersion: V3 + queryCacheItemMaxAge: 3600 + description: NugetProxy contains data specific to proxy repositories + of format Nuget. + properties: + nugetVersion: + default: V3 + description: NugetVersion is the used Nuget protocol version. + enum: + - V2 + - V3 + type: string + queryCacheItemMaxAge: + default: 3600 + description: How long to cache query results from the + proxied repository (in seconds) + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + p2: + properties: + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + pypi: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + r: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + raw: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + raw: + properties: + contentDisposition: + description: 'TODO: check default value' + enum: + - INLINE + - ATTACHMENT + type: string + type: object + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + raw: + properties: + contentDisposition: + description: 'TODO: check default value' + enum: + - INLINE + - ATTACHMENT + type: string + type: object + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + raw: + properties: + contentDisposition: + description: 'TODO: check default value' + enum: + - INLINE + - ATTACHMENT + type: string + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + rubyGems: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + required: + - name + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + required: + - name + - proxy + type: object + type: object + yum: + properties: + group: + properties: + group: + description: Group configuration. + properties: + memberNames: + description: Member repositories' names. + items: + type: string + type: array + required: + - memberNames + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + yumSigning: + properties: + keypair: + description: PGP signing key pair (armored private key + e.g. gpg --export-secret-key --armor) + type: string + passphrase: + description: Passphrase to access PGP signing key + type: string + type: object + required: + - group + - name + type: object + hosted: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + component: + properties: + proprietaryComponents: + description: Components in this repository count as proprietary + for namespace conflict attacks (requires Sonatype Nexus + Firewall) + type: boolean + required: + - proprietaryComponents + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + writePolicy: + default: ALLOW_ONCE + description: WritePolicy controls if deployments of and + updates to assets are allowed. + enum: + - ALLOW + - ALLOW_ONCE + - DENY + - REPLICATION_ONLY + type: string + type: object + yum: + description: Yum contains data of hosted repositories of format + Yum. + properties: + deployPolicy: + description: 'TODO: check default value' + enum: + - PERMISSIVE + - STRICT + type: string + repodataDepth: + type: integer + required: + - repodataDepth + type: object + required: + - name + - yum + type: object + proxy: + properties: + cleanup: + properties: + policyNames: + description: ' Components that match any of the applied + policies will be deleted.' + items: + type: string + type: array + required: + - policyNames + type: object + httpClient: + default: + autoBlock: true + description: HTTP client configuration. + properties: + authentication: + description: HTTPClientAuthentication contains HTTP client + authentication configuration data. + properties: + ntlmDomain: + type: string + ntlmHost: + type: string + password: + description: Password for authentication. + type: string + type: + default: username + description: Type of authentication to use. + enum: + - username + - ntlm + type: string + username: + description: Username for authentication. + type: string + type: object + autoBlock: + default: true + description: Auto-block outbound connections on the repository + if remote peer is detected as unreachable/unresponsive + type: boolean + blocked: + description: Block outbound connections on the repository. + type: boolean + connection: + description: HTTPClientConnection contains HTTP client + connection configuration data. + properties: + enableCircularRedirects: + description: Whether to enable redirects to the same + location (required by some servers) + type: boolean + enableCookies: + description: Whether to allow cookies to be stored + and used + type: boolean + retries: + description: Total retries if the initial connection + attempt suffers a timeout + type: integer + timeout: + description: Seconds to wait for activity before stopping + and retrying the connection", + type: integer + useTrustStore: + description: Use certificates stored in the Nexus + Repository Manager truststore to connect to external + systems + type: boolean + userAgentSuffix: + description: Custom fragment to append to User-Agent + header in HTTP requests + type: string + type: object + type: object + name: + description: |- + A unique identifier for this repository. + Only letters, digits, underscores(_), hyphens(-), and dots(.) are allowed and may not start with underscore or dot. + pattern: ^[a-zA-Z0-9][a-zA-Z0-9_.-]*$ + type: string + negativeCache: + default: + enabled: true + timeToLive: 1440 + description: Negative cache configuration. + properties: + enabled: + default: true + description: Whether to cache responses for content not + present in the proxied repository. + type: boolean + timeToLive: + default: 1440 + description: How long to cache the fact that a file was + not found in the repository (in minutes). + type: integer + type: object + online: + default: true + description: Online determines if the repository accepts incoming + requests. + type: boolean + proxy: + description: Proxy configuration. + properties: + contentMaxAge: + default: 1440 + description: How long to cache artifacts before rechecking + the remote repository (in minutes) + type: integer + metadataMaxAge: + default: 1440 + description: How long to cache metadata before rechecking + the remote repository (in minutes) + type: integer + remoteUrl: + description: Location of the remote repository being proxied. + example: https://remote-repository.com + type: string + required: + - remoteUrl + type: object + routingRule: + description: The name of the routing rule assigned to this + repository. + example: go-proxy-routing-rule + type: string + storage: + default: + blobStoreName: default + strictContentTypeValidation: true + description: Storage configuration. + properties: + blobStoreName: + default: default + description: Blob store used to store repository contents. + example: default + type: string + strictContentTypeValidation: + default: true + description: 'StrictContentTypeValidation: Whether to + validate uploaded content''s MIME type appropriate for + the repository format.' + type: boolean + type: object + yumSigning: + properties: + keypair: + description: PGP signing key pair (armored private key + e.g. gpg --export-secret-key --armor) + type: string + passphrase: + description: Passphrase to access PGP signing key + type: string + type: object + required: + - name + - proxy + type: object + type: object + required: + - nexusRef + type: object + status: + description: NexusRepositoryStatus defines the observed state of NexusRepository. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the repository. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusroles.yaml b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusroles.yaml new file mode 100644 index 00000000000..07655db7df4 --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusroles.yaml @@ -0,0 +1,106 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: nexusroles.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusRole + listKind: NexusRoleList + plural: nexusroles + singular: nexusrole + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusRole is the Schema for the nexusroles API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NexusRoleSpec defines the desired state of NexusRole. + properties: + description: + description: Description of nexus role. + example: Administrator role + type: string + id: + description: |- + ID is the id of the role. + ID should be unique across all roles. + example: nx-admin + maxLength: 512 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + name: + description: Name is the name of the role. + example: nx-admin + type: string + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + privileges: + description: Privileges is a list of privileges assigned to role. + example: + - nx-all + items: + type: string + nullable: true + type: array + required: + - id + - name + - nexusRef + type: object + status: + description: NexusRoleStatus defines the observed state of NexusRole. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the role. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusscripts.yaml b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusscripts.yaml new file mode 100644 index 00000000000..6e47c4c486e --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexusscripts.yaml @@ -0,0 +1,105 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: nexusscripts.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusScript + listKind: NexusScriptList + plural: nexusscripts + singular: nexusscript + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusScript is the Schema for the nexusscripts API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NexusScriptSpec defines the desired state of NexusScript. + properties: + content: + description: Content is the content of the script. + example: security.setAnonymousAccess(Boolean.valueOf(args)) + type: string + execute: + default: false + description: Execute defines if script should be executed after creation. + type: boolean + name: + description: |- + Name is the id of the script. + Name should be unique across all scripts. + example: anonymous + maxLength: 512 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + payload: + description: Payload is the payload of the script. + example: "true" + type: string + required: + - content + - name + - nexusRef + type: object + status: + description: NexusScriptStatus defines the observed state of NexusScript. + properties: + error: + description: Error is an error message if something went wrong. + type: string + executed: + description: Executed defines if script was executed. + type: boolean + value: + description: Value is a status of the script. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexususers.yaml b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexususers.yaml new file mode 100644 index 00000000000..2a62754b5ad --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/edp.epam.com_nexususers.yaml @@ -0,0 +1,130 @@ +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.15.0 + creationTimestamp: null + name: nexususers.edp.epam.com +spec: + group: edp.epam.com + names: + kind: NexusUser + listKind: NexusUserList + plural: nexususers + singular: nexususer + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: NexusUser is the Schema for the nexususers API. + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: NexusUserSpec defines the desired state of NexusUser. + properties: + email: + description: Email is the email address of the user. + example: john.doe@example + maxLength: 254 + type: string + firstName: + description: FirstName of the user. + example: John + type: string + id: + description: |- + ID is the username of the user. + ID should be unique across all users. + example: new-user + maxLength: 512 + type: string + x-kubernetes-validations: + - message: Value is immutable + rule: self == oldSelf + lastName: + description: LastName of the user. + example: Doe + type: string + nexusRef: + description: NexusRef is a reference to Nexus custom resource. + properties: + kind: + default: Nexus + description: Kind specifies the kind of the Nexus resource. + type: string + name: + description: Name specifies the name of the Nexus resource. + type: string + required: + - name + type: object + roles: + description: Roles is a list of roles assigned to user. + example: + - nx-admin + items: + type: string + minItems: 1 + type: array + secret: + description: |- + Secret is the reference of the k8s object Secret for the user password. + Format: $secret-name:secret-key. + Updating user password is not supported. + example: $nexus-user-secret:password-filed + type: string + status: + default: active + description: Status is a status of the user. + enum: + - active + - disabled + example: active + type: string + required: + - email + - firstName + - id + - lastName + - nexusRef + - roles + - secret + type: object + status: + description: NexusUserStatus defines the observed state of NexusUser. + properties: + error: + description: Error is an error message if something went wrong. + type: string + value: + description: Value is a status of the user. + type: string + type: object + type: object + served: true + storage: true + subresources: + status: {} +status: + acceptedNames: + kind: "" + plural: "" + conditions: null + storedVersions: null diff --git a/operators/nexus-operator/3.3.0/manifests/nexus-operator-webhook-service_v1_service.yaml b/operators/nexus-operator/3.3.0/manifests/nexus-operator-webhook-service_v1_service.yaml new file mode 100644 index 00000000000..75498356840 --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/nexus-operator-webhook-service_v1_service.yaml @@ -0,0 +1,21 @@ +apiVersion: v1 +kind: Service +metadata: + creationTimestamp: null + labels: + app.kubernetes.io/component: webhook + app.kubernetes.io/created-by: nexus-operator + app.kubernetes.io/instance: webhook-service + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: service + app.kubernetes.io/part-of: nexus-operator + name: nexus-operator-webhook-service +spec: + ports: + - port: 443 + protocol: TCP + targetPort: 9443 + selector: + control-plane: controller-manager +status: + loadBalancer: {} diff --git a/operators/nexus-operator/3.3.0/manifests/nexus-operator.clusterserviceversion.yaml b/operators/nexus-operator/3.3.0/manifests/nexus-operator.clusterserviceversion.yaml new file mode 100644 index 00000000000..42254dfce44 --- /dev/null +++ b/operators/nexus-operator/3.3.0/manifests/nexus-operator.clusterserviceversion.yaml @@ -0,0 +1,667 @@ +apiVersion: operators.coreos.com/v1alpha1 +kind: ClusterServiceVersion +metadata: + annotations: + alm-examples: |- + [ + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "Nexus", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexus-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexus", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexus-sample" + }, + "spec": { + "secret": "nexus-secret", + "url": "https://nexus-example.com" + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusBlobStore", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexusblobstore-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexusblobstore", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexusblobstore-sample" + }, + "spec": { + "file": { + "path": "storage-blobstore/nexusblobstore-sample" + }, + "name": "nexusblobstore-sample", + "nexusRef": { + "name": "nexus-sample" + }, + "softQuota": { + "limit": 1000, + "type": "spaceUsedQuota" + } + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusCleanupPolicy", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexuscleanuppolicy-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexuscleanuppolicy", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexuscleanuppolicy-sample" + }, + "spec": { + "criteria": { + "lastBlobUpdated": 30 + }, + "description": "Cleanup policy for go", + "format": "go", + "name": "go-cleanup-policy", + "nexusRef": { + "name": "nexus-sample" + } + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusRepository", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexusrepository-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexusrepository", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexusrepository-sample" + }, + "spec": { + "go": { + "proxy": { + "cleanup": { + "policyNames": [ + "cleanup-policy" + ] + }, + "httpClient": { + "autoBlock": true, + "blocked": true, + "connection": { + "retries": 1440, + "timeout": 1440, + "userAgentSuffix": "user-agent-suffix" + } + }, + "name": "go-proxy", + "negativeCache": { + "enabled": true, + "timeToLive": 1440 + }, + "online": true, + "proxy": { + "contentMaxAge": 1440, + "metadataMaxAge": 1440, + "remoteUrl": "https://test.com" + }, + "routingRule": "routing-rule", + "storage": { + "blobStoreName": "blob-store-name", + "strictContentTypeValidation": true + } + } + }, + "nexusRef": { + "name": "nexus-sample" + } + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusRole", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexusrole-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexusrole", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexusrole-sample" + }, + "spec": { + "description": "test-role", + "id": "test-role", + "name": "test-role", + "nexusRef": { + "kind": "Nexus", + "name": "nexus-sample" + }, + "privileges": [ + "nx-blobstores-all" + ] + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusScript", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexusscript-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexusscript", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexusscript-sample" + }, + "spec": { + "content": "security.setAnonymousAccess(Boolean.valueOf(args))\n", + "name": "anonymous", + "nexusRef": { + "name": "nexus-sample" + }, + "payload": "true" + } + }, + { + "apiVersion": "edp.epam.com/v1alpha1", + "kind": "NexusUser", + "metadata": { + "labels": { + "app.kubernetes.io/created-by": "nexus-operator", + "app.kubernetes.io/instance": "nexususer-sample", + "app.kubernetes.io/managed-by": "kustomize", + "app.kubernetes.io/name": "nexususer", + "app.kubernetes.io/part-of": "nexus-operator" + }, + "name": "nexususer-sample" + }, + "spec": { + "email": "test@gmail.com", + "firstName": "John1", + "id": "test-user", + "lastName": "Doe", + "nexusRef": { + "kind": "Nexus", + "name": "nexus-sample" + }, + "roles": [ + "nx-admin" + ], + "secret": "$user-secret:password" + } + } + ] + capabilities: Deep Insights + categories: Developer Tools + containerImage: docker.io/epamedp/nexus-operator:3.3.0 + createdAt: "2024-12-25T09:37:07Z" + description: An Operator for managing Nexus entities. + operators.operatorframework.io/builder: operator-sdk-v1.38.0 + operators.operatorframework.io/project_layout: go.kubebuilder.io/v4 + repository: https://github.com/epam/edp-nexus-operator + name: nexus-operator.v3.3.0 + namespace: placeholder +spec: + apiservicedefinitions: {} + customresourcedefinitions: + owned: + - description: NexusBlobStore is the Schema for the nexusblobstores API. + displayName: Nexus Blob Store + kind: NexusBlobStore + name: nexusblobstores.edp.epam.com + version: v1alpha1 + - description: NexusCleanupPolicy is the Schema for the cleanuppolicies API. + displayName: Nexus Cleanup Policy + kind: NexusCleanupPolicy + name: nexuscleanuppolicies.edp.epam.com + version: v1alpha1 + - description: Nexus is the Schema for the nexus API. + displayName: Nexus + kind: Nexus + name: nexuses.edp.epam.com + version: v1alpha1 + - description: NexusRepository is the Schema for the nexusrepositories API. + displayName: Nexus Repository + kind: NexusRepository + name: nexusrepositories.edp.epam.com + version: v1alpha1 + - description: NexusRole is the Schema for the nexusroles API. + displayName: Nexus Role + kind: NexusRole + name: nexusroles.edp.epam.com + version: v1alpha1 + - description: NexusScript is the Schema for the nexusscripts API. + displayName: Nexus Script + kind: NexusScript + name: nexusscripts.edp.epam.com + version: v1alpha1 + - description: NexusUser is the Schema for the nexususers API. + displayName: Nexus User + kind: NexusUser + name: nexususers.edp.epam.com + version: v1alpha1 + description: | + Nexus Operator is an operator that is responsible for establishing + a connection to provided NexusRepository Server, reconciling Nexus entities (groups, + users, repositories, etc) according to the created CRs. + + ## Quick Start + + 1. Login into Nexus and create user. Attach permissions to user such as scripts, rules, blobs etc. Insert user credentials into Kubernetes secret. + + ```yaml + apiVersion: v1 + kind: Secret + metadata: + name: nexus-admin-password + data: + password: cGFzcw== # base64-encoded value of "pass" + user: dXNlcg== # base64-encoded value of "user" + ``` + + 2. Create Custom Resource `kind: Nexus` with Nexus instance URL and secret created on the previous step: + + ```yaml + apiVersion: edp.epam.com/v1alpha1 + kind: Nexus + metadata: + name: nexus + spec: + secret: nexus-admin-password + url: http://nexus.example.com + ``` + + Wait for the `.status` field with `status.connected: true` + + 3. Create Role using Custom Resources NexusRole: + + ```yaml + apiVersion: edp.epam.com/v1alpha1 + kind: NexusRole + metadata: + name: edp-admin + spec: + description: Read and write access to all repos and scripts + id: edp-admin + name: edp-admin + nexusRef: + kind: Nexus + name: nexus + privileges: + - nx-apikey-all + - nx-repository-view-*-*-add + - nx-repository-view-*-*-browse + - nx-repository-view-*-*-edit + - nx-repository-view-*-*-read + - nx-script-*-add + - nx-script-*-delete + - nx-script-*-run + - nx-search-read + ``` + displayName: EDP Nexus Operator + icon: + - base64data: AAABAAMAEBAAAAEAIABoBAAANgAAACAgAAABACAAKBEAAJ4EAAAwMAAAAQAgAGgmAADGFQAAKAAAABAAAAAgAAAAAQAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYo3X2mJp89ZaNOP+qqgMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3lptp95eS/feWh/z4ln3v+ZZxr/uVaVAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JqMJveWiP73lHtI+JZyevmXapf5l2CxAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD5l33h+pd0e/mXaf36l17g+pdSmwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JZxn/qXa6P6ll7V+pZXZvqVS3b+jTgJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPuWaUT6lmG1+5VTj/qWTHz8l0Bb+5U1k/qUJTf9lSCP/5QVeP6XCRsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/kSQH+5U1j/yTLGj8lSLI/5YWZP2WDuD/lgWSAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+VJjX9lSLH/JMWaP6VDuT+lQJy/pcAmQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD9lB+L/5YWZv6VDuT8kwJo/pgA7v6fAJj/tgAHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/pUWcv2VDuH+lAJ1/pgA7PycAGj+pQDv/asAwP6uABMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6TCRr9lQWW/pgAm/6eAJ79pADs/KkAaP2yAO/9uADZ/7sAIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/mQAK/aoAyP2xAOv8twBo/L4A8PzEAOT3zAAjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6tABn8twDh/L4A6vzEAGj7ygDx/NAAzf//AAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/70AK/zEAOz8ygDp+tIAu/vXAP783ABZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD5yAAv+9AA3PvWAP763QD+++MAqQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP7iAAn82wBt+uIAvPjmAJsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAAAACAAAABAAAAAAQAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPeXp0D3l6Rg7ZWeHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9pilOfaYof72l5z+95eX1/aWkZP4l4pP7pmIDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/f38E9pec8feXl/73l5L+95eN/viXiP74loP6+JZ+xvmXd4L2lG8+/5lmBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3l5ey95eS/vaXjf32lof2+JeD/viXfv74l3n++Zdz/vmXb/75lmny+JZkTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiXkG/3l43+95aI/veZgyP3lH1D+ZZ5hvmXdMr4lm78+Zdp/vmXZP77ll+YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+ZaLLPeXiP74l4P+9pd/XvmVd1z4lnFu+JdtKv6bYxL4lmVT+ZZgl/mXW5cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+ZeD5viXfv74lnih/JlyVfmXbv75l2r++pZk5PqWX6H5lldd9ZNOGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD3lX2l+Jd5/vqXc+P/mWYU+Zdq/PmXZP76l1/++pda/vqXVf76l1D4/38AAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPeWd2L5l3T/+Zdv/viZbCj6l2TO+pdf/vmWW4b7l1aC+5ZRxvqWS/v+l0IbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9pRzH/iXb/75l2r++pZma/mWXYv6l1r++ZVWkQAAAADffz8I/48/EP6NOAkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+ZZp2vmXZf76lmCu+5RYSPqXVf77l1DU/5kzBf+ZPxT6lUGk/Zc6oPGTNRP/kSQO/5cpVvqUJjz2lCAf/38ABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6mGY5+ZZhjfqXW57ni0UL+5ZQ7fqWS/7+mEcZ+5dAov+ZMxT8lTe4+5Ux4fqRKDj7kydA/JUi5v2WHv78lRj8/pYT4vyVDm0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/pNDE/+ZMwr7lTqT+5U3wv+MMxT8lSu6/JUn+fyVIm//lBUY/ZYYvv6WFP7+lg/+/pUJ9f+ZAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+RNg78ljLb/ZUtv/6TKBP9lSK6/ZYe/v2VF6v/lg8R/ZUPh/2WCf3+lgT+/5UATQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/5kiD/+TKDL9lSj3/JUiv/KMGRT9lRi8/pYU/v6VDtj/lgUs/5YDTv6WAO/+lwCZAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7lStN/5YmSf6VIWr9lh7+/JUYvf+MDBT/lQ69/pYJ/v2VBPT/lwBb/5cAJf6cALj/AAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPmRJDH8lSLr/pEbHP2VGKn+lhT+/ZUOvP+MABT9lQS//pYA/v2YAP7/mwCS/5YAEf+fAAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/pMaE/2WHv79lhjD/o0OEv6WDtn+lgr+/ZUEuv6TABP/lwDA/psA/v6eAP79oQDC/qYAFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/ZYZ9P6WFP79lA6L/5UFLv6VBfX+lgD+/5cAuf+ZABT9nQDC/qEA/v6lAP79pwDh/6oAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+lRTX/pYP//+WCv3/lANP/5QAYv6YAP7+mwD+/Z4At/+ZABT9pADD/qgA/v2rAP78rgDz/7MATgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+WDmn9lgr4/pYF/v2WAO//mQAj/5sAnP6eAP7+oQD+/aUAtv+lABT9qgDF/a4A/v2xAP78tQD8/LcAbgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+RAA78lgBV/5gAof6aALz+mwAS/6EAzP6kAP7+qAD+/akAtP+yABT9sQDF/bQA/v23AP78uwD+/b0AiQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/6oAA/6iAAv+pAAf/acA6v2rAP79rgD+/bIAs/+yABT9uADH/boA/vy+AP78wQD++8MAl///AAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/qgA//a4A+f2xAP79tAD+/LYAsfK2ABX8vQDI/MEA/vzEAP78xwD+/csAiwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/sgBk/LQA/v23AP/9ugD+/L0AsP7CABX8xADJ/McA/vzKAP77zQD++9AAUwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD9tgCK/boA//y+AP78wQD+/MUArf7CABX8ywDK+80A/vvQAP761ADo/9oADgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP//AAH9vgCn/MEA/vzEAP78xwD+/csArP7OABX60AD1+9QA/vvXAP762gB+AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+qAAb8wwC3/McA/vzKAP77zQD++9AA5fvUAP771wD/+9oA/vrdAOb//wADAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+/AAj8yQCy/M0A/vvQAP770wD++9cA/vvaAP773QD++uAA/vrlADsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP//AAL6zwB8+9MA+PvXAP772gD++90A/vrgAP764wD++uUAcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/1gAm+9oApvrdAPr64AD++uMA/vrmAP755wCFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/ucAFvniAGH75gCT+OcApffoAEQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKAAAADAAAABgAAAAAQAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6pqQn2mKo595efIO6ZmQ//f38CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6WrRb2mKbT95ij1PSWnqn2lpp6+JWYTfeSkiGqVVUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOeLogv2mKGs9pif/vaXnP72lpj895iW8fiXkuX1l43C9paKePOWhSz/AAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP///wH3l52A9pec/PeXmf73l5X+95eS/veXj/73l4v++JeI/viXhfz3l4HY95d8kfiVd0v3lHEk8ZNrE/+qVQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD1l5pU95iZ7veXlv73l5L+95eP/veXi/74l4j++JeE/viXgf74l37++Jd6/viWd/z5lnPf+ZZvsvuXbYX7lmlE/39VBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4k5om9peV3feXkv73l47+9paK+veWh+P4l4T++JeB/viXfv74l3r++Jd3/vmXc/75l3D++Zds/viWaf75l2Xn/5dhKgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/qqoD+JeSwPeXj/73l4v+95eI/feSeyH6lX019pV9fviWesH6l3fd+JZ07/mXcPz5l23/+Zdp/vmXZv75l2P++5VfUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JePfveXi/74l4j++JeE/veXgWr/kW0H9pB3HtqRbQf4lXYp+ZZyVfmXbYL5l2mx+Zdm3fmXYv36l1/++pZacwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+paMM/eXiP74l4T++JeB/viYfrr/f2YK+ZZ2vviXc9H5lW+F+pRqN/9VAAP/lGoM/pBjF/qVWzX7l1yF+pdYcQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA////AfiWheb4l4H++Jd+/viWe+T+kG4X+phynPmXcP75l23++Zdq/vmWZuj4lmKe+ZZdVfiWWyfzllEW/5kzBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiWgZz4l37++Jd6/viXd+/7mHVD+JdwVPmXbf75l2n++Zdm/vqXY/76l1/++pdc/vmXWOn6llW6+5ZRhAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiZfUv4l3r++Jd3/vmWdPr4l3Bx/5FbDvmWafn5l2b++Zdi/vqXX/76l1z++pdY/vqXVf76l1L++5ZP+v9/KgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPWXcRv5lnfr+Zd0//mXcf76l2yd/otcC/mXZ7z5l2P++pdf/vmWXbT7mFmc+5ZV0PqWUuT7lk/1+pZL/v+WRycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO+PbxD4l3PA+Zdw//mXbf75lmrJ/pdnG/qXYm/6l1/++pdc/vmWWMD/fwAC/49PEPqVTzr8mExo+ZRHlf+XRi8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP9/fwT5l3CR+Jdt/vmXav75l2b0+ZdhL/+WWyf5l1z4+pdY/vqXVeX2lFIfAAAAAP+qAAPwljwR/6oqBv9/PwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD5l2xl+JZp9fmXZv75l2P++pZfa/+ZWRT6llfS+pdV/vuXUvD7l09K/1UAA/6LRQv6lkNm+pZBv/uVPIr4lTcp/38AAv8AAAH+li4W/pQpH/+UHxjwlh4R/o0cCf9/AAIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD5lGor+ZZmyfmWY/76l2D++pdcs/6NVAn6llSm+pdS/vuXT/r6lUp35X8zCvqVQXT/mT8U+pU8avyWOu/7lTbN/JcyVv+ZAAX/lyxF/ZUorP2WJcD8lCGt/ZUdmf2UGob+lRZy/5USXv+UDiQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD//wAB8pFhFf+TYC35ll1V+JVZcgAAAAD6llBp+pZO7fqWS/76lUil/5E2DvqWQKr8lj5//osuC/+VNE37lTPy/JUw8v2WK5f+iScN/pEkHP2VIrP9lh/+/ZYc/vyVGP79lhX7/ZYR9v6WDtb/kQwqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6RPBX4lkEn/38qBvyWO2L7lTr0+pQ2cf6LLgv8lS5t+5Us7vyVKfz9lSWp/5MhJuV/GQr9lRqO/pYY7/6WFv7+lhL+/pYP/v2VC/v8lAh1/wAAAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+UNRj8ljfF+5Yz9vyULn3yjCYU/JUqbf2WJfL9liP9/JQfyv6VGFL/jw8Q/JQUYv2VEtr+lg/+/pYL/v6WCP7+lgSm/5EADgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7ljJH+5Uw6PuVLPf8lCl8/5kZCvuSIlL8lh/z/ZYc/vyVGPD/lhR8/5kACv+RDiP9lQm//ZUH/v6WBP7+lQHa/5YAIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8AAAH/fyoG/JYrevyVKfr9lSX1+pMgbf+ZGQr8lBtx/ZUY7/6WFf79lRL8/pUOnf6XABv+mAAZ/pUDpP6WAfT+lgD8/5QASAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+RJA7/lStG64knDf2WJZz8liP9/ZUf9fyVGXn/jBkU/pQUcf2VEfT+lg/+/pYL/v6VB8b/lgNC/okADf+WAHD9mADj/pkAlwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6NKhL9lCmt/5YkMf6QIRf9lR7C/ZYc/vyVGPb/lBV4/5kACv+WDFX9lQr0/pYH/v2VBP79lQHp/5YAZP9/AAL/mwBA/p0Ax/9VAAMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP6JJw38lSS1/JQiyv6NHBL/lxhK/JUY5v6WFv79lRH0/pUMaP+ZAAr8lQZ0/5UE8P6WAv7+lgD+/ZgA/v+aAJH/pQAU/58AIP+UABgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+fHwj9liGh/ZYf//2VGqL+mw4S/JQTc/2VEvz+lg/+/ZUL9P6WBnX/jAAU/JQAdf6VAPX+mAD+/poA//2dAPr+ngCs/6AAKwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+qAAP9lhyN/ZYc/vyVGPf8lRVt/58ACP+WDpD+lgv//pYH/v6WBPT+lQB0/5kACv+WAFr9mgD2/pwA/v6eAP79oAD9/aEA4/+jAEYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8lRt5/JUY/P6WFv79lhLg/5QNN/+WABH9lQfD/pYF/P6WAv79lgDz/5kAZP+ZAAr+ngB3/Z4A8v6gAP7+ogD+/qUA/v2mAPL8qABh/58ACAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8lBZn/ZUV9f6WEv7+lg/+/ZULxv6RABz/lQNG/pUB5P6WAP7+mAD+/poA8vycAHL/mQAU/58AeP6iAPb+pAD+/qcA/v2pAP79qwDr/64Agv6wAA0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+lRJS/ZUS7v6WD//+lgv+/ZUI/v+UBLn+iQAN/pYAX/6YAP7+mgD+/pwA/v2eAPT8oABx/5kACvylAF79pwD3/qkA/v2rAP79rQD+/K8A+vywALr+sQAXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+kQkc/ZUOwf2VC/r+lgj+/pYF/v2WAvj+lQB0/5kABf6bAI/9nAD6/p4A/v6gAP7/ogDx/KIAYf+ZAAr+qQB7/asA8/2tAP79rwD+/bEA/vyzAP39tgCz/7oAJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+JIMKPyUCHj/lgSt/ZYB4P6WAP79lwDh+5kARv6bABL9nQC3/aAA/f6iAP7+pAD+/acA8f+pAG7/pQAU/KwAfP2vAPf9sQD+/bMA/v21AP78twD+/LkAw/++ADsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+iwAL/5QAGP+UAEP+mQCf/ZsA0/6cAB/5nAAx/6MA3v6kAP7+pgD+/qkA/v2rAPP8rQBt5ZkACvyxAGP9tAD3/bUA/v23AP79uQD+/LwA/v2+AOL7vQBGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/58ACP+XACAAAAAA/qQAUv+mAPD+qQD+/asA/v2tAP79sADv/LIAXf7GAAn8tAB//bgA8/25AP78uwD+/L4A/vy/AP77wQDc/8cAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+oAG39qwDz/a0A/v2vAP79sQD+/LQA7/y2AGr/vwAU/bkAgPy7APn8vgD+/MAA/vzCAP78xAD+/MYA3vvIAEsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+fAAj9rgCR/K8A+/2xAP79swD+/bUA/vy4APL8uABp5bIACvy+AGf8wAD5/MIA/vzEAP78xgD+/MgA/vzLAOP/ywA7AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/qgAY/LEAu/yzAP79tQD+/bcA//25AP79vADt/L0AWf7GAAn9wgCC/MQA9PzGAP78yAD+/MoA/vvMAP78zgC0/tIAFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/7UAJv21AMj9twD+/bkA//y7AP78vQD+/MAA7fzDAGb+wgAV/cYAg/vHAPr8ygD++8wA/vvOAP770AD5+tIAeQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+zACX8uQDY/bsA//y+AP78wAD+/MIA/vzEAPD8xwBl/sYACfrLAGz7zQD6+84A/vvQAP770gD++tUA9fnXAC0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/vABR/L4A5fy/AP78wgD+/MQA/vzGAP77xwDs/MwAVf7iAAn9zwCV+tAA/fvSAP771QD++9cA/vzZALP/zAAFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/vwAE/L8AYPzCAO/8xAD+/MYA/vzIAP78ygD+/M0A6/zQAHP70gCl+tMA+/vUAP771wD++9kA/vvbAOz62gA4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/38AAvvAAE38xgDx/MgA/vzKAP78zAD++84A/vvQAPn60wD6+9UA/vvXAP/72QD++9sA/vveAPv43gB8/38AAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP+qAAP8ygBq/MoA6vzMAP77zgD/+9AA/vvSAP771AD++9cA/vvZAP772wD++90A/vrfAP764gCw/uIAEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/1AAG+ckAW/zOANT70AD++9IA//vVAP771wD++9kA/vvbAP773QD++98A/vrhAP764wDY9+cAIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/wAAAf/MAB770wCp+9UA+vvXAP772QD++9sA/vvdAP773wD++uEA/vrjAP765gD2+ecALAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/1AAG/NYAXvvaAND62wDy+90A/frfAP764QD++uMA/vrlAP765wD++ugAOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/YABT53ABg++AAn/nfANX65AD3+uUA/vrnAP766gD6+usAMwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/98ACPLaABX45QAo++cATfnnAGL45wBN5+cACwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA== + mediatype: image/png + install: + spec: + deployments: + - label: + app.kubernetes.io/component: manager + app.kubernetes.io/created-by: nexus-operator + app.kubernetes.io/instance: controller-manager + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/name: deployment + app.kubernetes.io/part-of: nexus-operator + control-plane: controller-manager + name: nexus-operator-controller-manager + spec: + replicas: 1 + selector: + matchLabels: + control-plane: controller-manager + strategy: {} + template: + metadata: + annotations: + kubectl.kubernetes.io/default-container: manager + labels: + control-plane: controller-manager + spec: + containers: + - args: + - --leader-elect + command: + - /manager + env: + - name: SETUP_SELF_SIGNED_CERTIFICATES + value: "false" + image: docker.io/epamedp/nexus-operator:3.3.0 + livenessProbe: + httpGet: + path: /healthz + port: 8081 + initialDelaySeconds: 15 + periodSeconds: 20 + name: manager + ports: + - containerPort: 9443 + name: webhook-server + protocol: TCP + readinessProbe: + httpGet: + path: /readyz + port: 8081 + initialDelaySeconds: 5 + periodSeconds: 10 + resources: + limits: + cpu: 500m + memory: 128Mi + requests: + cpu: 10m + memory: 64Mi + securityContext: + allowPrivilegeEscalation: false + capabilities: + drop: + - ALL + volumeMounts: + - mountPath: /tmp/k8s-webhook-server/serving-certs + name: cert + readOnly: true + securityContext: + runAsNonRoot: true + serviceAccountName: nexus-operator-controller-manager + terminationGracePeriodSeconds: 10 + volumes: + - name: cert + secret: + defaultMode: 420 + secretName: webhook-server-cert + permissions: + - rules: + - apiGroups: + - "" + resources: + - configmaps + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - get + - list + - watch + - create + - update + - patch + - delete + - apiGroups: + - "" + resources: + - events + verbs: + - create + - patch + - apiGroups: + - "" + resources: + - secrets + verbs: + - get + - list + - watch + - apiGroups: + - edp.epam.com + resources: + - nexusblobstores + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexusblobstores/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexusblobstores/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexuscleanuppolicies + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexuscleanuppolicies/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexuscleanuppolicies/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexuses + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexuses/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexuses/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexusrepositories + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexusrepositories/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexusrepositories/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexusroles + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexusroles/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexusroles/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexusscripts + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexusscripts/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexusscripts/status + verbs: + - get + - patch + - update + - apiGroups: + - edp.epam.com + resources: + - nexususers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - edp.epam.com + resources: + - nexususers/finalizers + verbs: + - update + - apiGroups: + - edp.epam.com + resources: + - nexususers/status + verbs: + - get + - patch + - update + serviceAccountName: nexus-operator-controller-manager + strategy: deployment + installModes: + - supported: true + type: OwnNamespace + - supported: false + type: SingleNamespace + - supported: false + type: MultiNamespace + - supported: true + type: AllNamespaces + keywords: + - artifact + - edp + - kuberocketci + - nexus + - operator + - storage + links: + - name: Nexus Operator + url: https://github.com/epam/edp-nexus-operator + maintainers: + - email: SupportEPMD-EDP@epam.com + name: epmd-edp + maturity: stable + minKubeVersion: 1.20.0 + provider: + name: KubeRocketCI + url: https://docs.kuberocketci.io + version: 3.3.0 + webhookdefinitions: + - admissionReviewVersions: + - v1 + containerPort: 443 + deploymentName: nexus-operator-controller-manager + failurePolicy: Fail + generateName: vnexusrepository.kb.io + rules: + - apiGroups: + - edp.epam.com + apiVersions: + - v1alpha1 + operations: + - CREATE + - UPDATE + resources: + - nexusrepositories + sideEffects: None + targetPort: 9443 + type: ValidatingAdmissionWebhook + webhookPath: /validate-edp-epam-com-v1alpha1-nexusrepository diff --git a/operators/nexus-operator/3.3.0/metadata/annotations.yaml b/operators/nexus-operator/3.3.0/metadata/annotations.yaml new file mode 100644 index 00000000000..2c8a612a805 --- /dev/null +++ b/operators/nexus-operator/3.3.0/metadata/annotations.yaml @@ -0,0 +1,18 @@ +annotations: + # Core bundle annotations. + operators.operatorframework.io.bundle.mediatype.v1: registry+v1 + operators.operatorframework.io.bundle.manifests.v1: manifests/ + operators.operatorframework.io.bundle.metadata.v1: metadata/ + operators.operatorframework.io.bundle.package.v1: nexus-operator + operators.operatorframework.io.bundle.channels.v1: stable + operators.operatorframework.io.bundle.channel.default.v1: stable + operators.operatorframework.io.metrics.builder: operator-sdk-v1.38.0 + operators.operatorframework.io.metrics.mediatype.v1: metrics+v1 + operators.operatorframework.io.metrics.project_layout: go.kubebuilder.io/v4 + + # Annotations for OpenShift. + com.redhat.openshift.versions: "v4.7-v4.17" + + # Annotations for testing. + operators.operatorframework.io.test.mediatype.v1: scorecard+v1 + operators.operatorframework.io.test.config.v1: tests/scorecard/ diff --git a/operators/nexus-operator/3.3.0/tests/scorecard/config.yaml b/operators/nexus-operator/3.3.0/tests/scorecard/config.yaml new file mode 100644 index 00000000000..b3f2fc8ea6a --- /dev/null +++ b/operators/nexus-operator/3.3.0/tests/scorecard/config.yaml @@ -0,0 +1,70 @@ +apiVersion: scorecard.operatorframework.io/v1alpha3 +kind: Configuration +metadata: + name: config +stages: +- parallel: true + tests: + - entrypoint: + - scorecard-test + - basic-check-spec + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: basic + test: basic-check-spec-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-bundle-validation + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-bundle-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-validation + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-crds-have-validation-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-crds-have-resources + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-crds-have-resources-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-spec-descriptors + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-spec-descriptors-test + storage: + spec: + mountPath: {} + - entrypoint: + - scorecard-test + - olm-status-descriptors + image: quay.io/operator-framework/scorecard-test:v1.26.0 + labels: + suite: olm + test: olm-status-descriptors-test + storage: + spec: + mountPath: {} +storage: + spec: + mountPath: {}