Build GitHub:
SonarCloud analysis:
Licence:
The Nexus RM administration is insufficient. This application implements features that the Nexus RM administration console does not include.
The application requires Java 21+.
| Name | Description | Arguments | Example |
|---|---|---|---|
| Extraction of the expired certificates | This option checks all certificates expiry date and return all the certificates that are already expired and those who will be in the next month. The output is dumped in a CSV file and sorted by most recent to oldest. | 1 | 1 |
| Extraction of the heavy components | This option checks all components assets size and selects the assets that have a size larger than 5 MB. At État de Genève we noticed that, after migrating Nexus RM from an embedded OrientDB database to a PostgreSQL database, processing time for this functionality was reduced by a factor of 300. The output is dumped in a CSV file. | 2 | 2 |
| Extraction of user permissions | This option retrieves the permissions for a specified user. The output is dumped in a CSV file. | 3 and userID | 3 MARTIN |
| Deletion of a component | This option identifies the components that are ready for deletion. By default, it runs in dryRun mode, simulating the deletion and generating a CSV file with the components that would be deleted. To execute in dryRun mode, set the argument list to "4" or to "deleteComponents". To perform actual deletion, set the argument list to "4 realRun". The output is dumped in a CSV file. | 4 and (optionally) realRun | In dryRun mode: 4 In real run mode: 4 realRun |
| Display of the roles and embedded roles | This option dumps the list of all roles. For every role, its sub-roles and its external roles are displayed. The output is dumped in the log file and on the standard output. | 5 | 5 |
| Display of the users by role | This option dumps the list of the users who have some role. The search is deep, that is, it accounts for the fact that a role can contain roles, recursively. Partial role names are accepted, e.g., you can use "ADMI" to search for the users having either role ADMIN-RESTRICTED or role ADMIN-GLOBAL. Watch out: the search is partial, because the Nexus RM API (as well as the Nexus RM GUI) returns only a fraction of the users of type "LDAP". The output is dumped in the log file and on the standard output. | 6 and role name | 6 nx |
| Display of the roles by privilege | This option dumps the list of the roles which have some privilege. The search is shallow, that is, it returns only the roles having the specified privilege - not the roles which embed a role that has the specified privilege. Partial privilege names are accepted, e.g., you can use "REA" to search for the roles having either privilege READ or privilege READ-ONLY. The output is dumped in the log file and on the standard output. | 7 and privilege name | 7 nx |
mvn clean package
Do the following:
- Go to directory
src/main/resources - Copy file
application-base.yml(this file is under Git control) to a new fileapplication.yml(this file is under Git ignore), in the same directory - Edit file
application.yml, provide the missing values; their value isTO_BE_PROVIDED. For the particular case oftrustStorePassword, don't do anything yet
At État de Genève we unfortunately use self-signed certificates, so a trust store must be provided for the HTTPS interaction between the application and the Nexus RM server.
Do the following:
- Get a trust store file.
At État de Genève it is usually a
gina.jksfile - Rename the file into
truststore.jks - Copy file
truststore.jksto directorysrc/main/resources/security - Edit file
application.ymlagain and set the password of the trust store file
There are several ways to do so.
First, run
mvn spring-boot:run
to get the required parameters printed.
Then run
mvn spring-boot:run -Dspring-boot.run.arguments=<ARGS>
where <ARGS> is, for instance, certificate.
First, run
$JAVA_HOME/bin/java -jar target/nexus-rm-management-<VERSION>.jar
to get the required parameters printed.
Then run
$JAVA_HOME/bin/java -jar target/nexus-rm-management-<VERSION>.jar <ARGS>
where <ARGS> is, for instance, certificate.
If you use the IntelliJ, running the application from there is the most convenient way.
Just run class Application.
