Comments (6)
mkuzniarski
commented on July 23, 2024
1
@stevehipwell you're right, it's in the docs - missed that part.
after adding root secret it worked like a charm.
thanks a lot!
from helm-charts.
stevehipwell
commented on July 23, 2024
@mkuzniarski S3 blob stores are already supported, the config should align to the blobstore API.
from helm-charts.
mkuzniarski
commented on July 23, 2024
thanks, I'll give it a try.
for now I'm struggling with:
Exec lifecycle hook ([/bin/sh -c ${SONATYPE_DIR}/nexus/conf/configure.sh > /proc/1/fd/1 2>/proc/1/fd/2]) for Container "nexus3" in Pod "nexus-nexus3-794bcd4dd6-5msn9_nexus(637c836a-2a1f-42a8-a095-52ecaaa0bbc6)" failed - error: command '/bin/sh -c ${SONATYPE_DIR}/nexus/conf/configure.sh > /proc/1/fd/1 2>/proc/1/fd/2' exited with 1: , message: ""
it happens when I'm trying to pass any configuration with:
config:
enabled: true
from helm-charts.
stevehipwell
commented on July 23, 2024
@mkuzniarski what's the full config you're using?
from helm-charts.
mkuzniarski
commented on July 23, 2024
here's my full config (replaced some data with '***' )
the 'nexus-ad' secret is already created as well as the nexus pvc
image:
repository: sonatype/nexus3
# Overrides the image tag whose default is {{ .Chart.AppVersion }}
tag: ""
pullPolicy: IfNotPresent
pullSecrets: []
nameOverride: ""
fullnameOverride: ""
serviceAccount:
# Specifies whether a service account should be created
create: true
# Annotations to add to the service account
annotations: {}
# The name of the service account to use.
# If not set and create is true, a name is generated using the fullname template
name: ""
podLabels: {}
podAnnotations: {}
podSecurityContext:
fsGroup: 200
securityContext:
runAsGroup: 200
runAsUser: 200
priorityClassName: ""
livenessProbe:
httpGet:
path: /service/rest/v1/status
port: http
initialDelaySeconds: 60
periodSeconds: 30
failureThreshold: 10
timeoutSeconds: 1
readinessProbe:
httpGet:
path: /service/rest/v1/status
port: http
initialDelaySeconds: 60
periodSeconds: 30
failureThreshold: 10
timeoutSeconds: 1
service:
type: ClusterIP
annotations: {}
port: 8081
additionalPorts: []
# - port: 8082
# name: docker-group
# containerPort: 8082
# host: nexus-docker.local
# - port: 8083
# name: docker-hosted
# containerPort: 8083
# host: nexus-docker-hosted.local
metrics:
enabled: false
serviceMonitor:
enabled: false
additionalLabels: {}
# myLabel: myValue
interval: 1m
ingress:
enabled: false
annotations: {}
ingressClassName: ""
hosts: []
# - nexus.local
tls: []
# - hosts:
# - nexus.local
# - nexus-docker.local
# - nexus-docker-hosted.local
# secretName: nexus-local-tls
persistence:
enabled: true
annotations: {}
existingClaim: nexus
storageClassName: aws-efs
accessMode: ReadWriteOnce
size: 8Gi
extraVolumeMounts: []
resources: {}
# We usually recommend not to specify default resources and to leave this as a conscious
# choice for the user. This also increases chances charts run on environments with little
# resources, such as Minikube. If you do want to specify resources, uncomment the following
# lines, adjust them as necessary, and remove the curly braces after 'resources:'.
# limits:
# cpu: 100m
# memory: 128Mi
# requests:
# cpu: 100m
# memory: 128Mi
extraInitContainers: []
extraVolumes: []
nodeSelector: {}
tolerations: []
affinity: {}
caCerts:
enabled: false
secret:
envVars:
jvmMinHeapSize: 1024m
jvmMaxHeapSize: 1024m
jvmAdditionalMemoryOptions: "-XX:MaxDirectMemorySize=2048m"
jvmAdditionalOptions: ""
env: []
# - name: VARIABLE
# value: my-value
logback:
maxHistory: 30
properties:
- nexus.scripts.allowCreation=true
# - nexus.golang.hosted=true
config:
enabled: true
# rootPassword:
# secret: root-secret-name
# key: password
anonymous:
enabled: true
realms:
enabled: true
values:
- NexusAuthenticatingRealm
- NexusAuthorizingRealm
- LdapRealm
- NpmToken
- NuGetApiKey
ldap:
enabled: true
name: cwg
protocol: ldaps
useTrustStore: true
connectionTimeoutSeconds: 30
connectionRetryDelaySeconds: 300
maxIncidentsCount: 3
host: 10.130.1.31
port: 389
authScheme: simple
authUsername: ****
authPassword:
secret: nexus-ad
key: adpassword
authRealm:
searchBase:
userBaseDn: ****
userSubtree: true
userObjectClass: user
userLdapFilter:
userIdAttribute: sAMAccountName
userRealNameAttribute: cn
userEmailAddressAttribute: mail
userPasswordAttribute:
ldapGroupsAsRoles: false
groupType: dynamic
userMemberOfAttribute: memberOf
groupBaseDn:
groupSubtree: false
groupObjectClass:
groupIdAttribute:
groupMemberAttribute:
groupMemberFormat:
blobStores: []
# - name: s3-blobstore
# type: s3
# bucketConfiguration:
# bucket":
# region:
# name":
# bucketSecurity:
# accessKeyId:
# secretAccessKey:
cleanup: []
# - name: ExampleCleanup
# notes: "Cleanup content that hasn't been updated in 14 days downloaded in 28 days."
# format: ALL_FORMATS
# mode: delete
# criteria:
# isPrerelease:
# lastBlobUpdated: "1209600"
# lastDownloaded: "2419200"
# regex:
repoCredentials:
enabled: false
secret:
repos: []
# - name: test-repo
# type: raw-hosted
# online: true
# attributes:
# storage:
# blobStoreName: default
# strictContentTypeValidation: false
# writePolicy: ALLOW
# cleanup:
# policyName:
# - ExampleCleanup
roles: []
# - id: nexus-administrators
# source: default
# name: nexus-administrators
# description: LDAP Administrator Role
# privileges: []
# roles:
# - nx-admin
tasks: []
# - name: "Cleanup service"
# typeId: repository.cleanup
# crontab: "0 0 0 * * ?"
# - name: "Docker cleanup uploads"
# typeId: repository.docker.upload-purge
# crontab: "0 0 0 * * ?"
# attributes:
# age: "24"
# - name: "Docker cleanup artifacts"
# typeId: repository.docker.gc
# crontab: "0 0 1 * * ?"
# attributes:
# repositoryName: "*"
# - name: "Cleanup blob store"
# typeId: blobstore.compact
# crontab: "0 0 2 * * ?"
# attributes:
# blobStoreName: "default"
from helm-charts.
stevehipwell
commented on July 23, 2024
@mkuzniarski I think you need to provide a new root password in a secret to use the config functionality. This should be in the docs?
I only wrote this chart because there wasn't an official one at the time and have kept it because the official one wasn't good enough for my use case. I don't actually use this anymore which is why I'm a bit rusty on the details but I'll try and put some time aside to improve the docs.
from helm-charts.
Related Issues (20)
- [thanos] allow setting objConfig as an object or string HOT 6
- [thanos] no external labels configured for receive HOT 20
- [nexus3] Multiple ingress objects HOT 5
- [nexus3] Allow user credentials specified by kubernetes secret HOT 11
- FR: thoughts about adding tar to the nexus container HOT 2
- Update PlantUML PodDisruptionBudget API HOT 1
- Problem using rootPassword and persistence HOT 5
- [thanos] Unable to update to 1.13.0 - YAML parsing error HOT 3
- [Thanos] StatefulSet PVC Retention Policy HOT 1
- Aggregator Not Sending Logs to outputs After Running for a Few Hours HOT 6
- bug(confluence-server): No template "postgresql.primary.fullname" HOT 2
- More info regarding blob store configuration for Nexus HOT 4
- Allow overriding repository for init containers in Nexus helm chart HOT 2
- [thanos] How to implement authentication HOT 3
- Would you add `resources.extra` field so that I can add my gpu value into the resource? HOT 1
- [Nexus3] Deployment doesn't scale more than one HOT 7
- [nexus] Ldap password escaping \ breaks other passwords that have sed special characters (&) HOT 3
- [thanos] support prometheus sidecar method of deployment HOT 2
- [nexus3] Setting rootPassword.key has no effect HOT 2
- thanos-recever-router ingress creation issue HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from helm-charts.