Merge branch 'podmansuppor'

molecule/default-podman/converge.yml

@@ -0,0 +1,3 @@
+---
+- name: Import default converge playbook
+  import_playbook: ../playbook.yml

molecule/default-podman/prepare.yml

@@ -0,0 +1,123 @@
+---
+- name: Prepare Nexus3
+  hosts: localhost
+  gather_facts: false
+  tasks:
+    - name: Gather facts about the nexus3-oss container
+      community.docker.docker_container_info:
+        name: nexus3-oss
+      register: nexus3_info
+
+    - name: Set nexus3_ip variable for podman network
+      ansible.builtin.set_fact:
+        nexus3_ip: localhost
+      when: "'podman' in nexus3_info.container.NetworkSettings.Networks"
+
+    - name: Set nexus3_ip variable for bridge network
+      ansible.builtin.set_fact:
+        nexus3_ip: "{{ nexus3_info.container.NetworkSettings.Networks.bridge.IPAddress }}"
+      when: "'bridge' in nexus3_info.container.NetworkSettings.Networks"
+
+    - name: Show nexus3_ip
+      ansible.builtin.debug:
+        var: nexus3_ip
+
+    - name: Wait for Nexus writable API endpoint to be available
+      ansible.builtin.uri:
+        url: "http://{{ nexus3_ip }}:8081/service/rest/v1/status/writable"
+        method: GET
+        validate_certs: false
+        status_code: 200
+      register: __nexus_writable__
+      until: __nexus_writable__.status == 200
+      retries: 30
+      delay: 10
+
+    - name: Fetch the admin.password from the nexus3-oss container
+      community.docker.docker_container_exec:
+        container: nexus3-oss
+        command: "cat /nexus-data/admin.password"
+      register: __nexus_initial_admin_password__
+
+    - name: Update password of admin user
+      ansible.builtin.uri:
+        url: "http://{{ nexus3_ip }}:8081/service/rest/v1/security/users/admin/change-password"
+        user: admin
+        password: "{{ __nexus_initial_admin_password__.stdout }}"
+        method: PUT
+        force_basic_auth: true
+        validate_certs: false
+        status_code: 204
+        headers:
+          Content-Type: text/plain
+          accept: application/json
+        body: "changeme"
+        body_format: raw
+
+    - name: Disable Anonmous access
+      ansible.builtin.uri:
+        url: "http://{{ nexus3_ip }}:8081/service/rest/v1/security/anonymous"
+        user: admin
+        password: changeme
+        method: PUT
+        force_basic_auth: true
+        validate_certs: false
+        status_code: 200
+        body: |
+          {
+            "enabled": false,
+            "userId": "anonymous",
+            "realmName": "NexusAuthorizingRealm"
+          }
+        body_format: json
+
+    # - name: Create license file
+    #   ansible.builtin.copy:
+    #     content: "{{ lookup('env', 'NEXUS_LICENSE_B64') | b64decode }}"
+    #     dest: "nexus.lic"
+    #     mode: '0644'
+    #   register: __license_status__
+    #   when: (lookup('env', 'NEXUS_LICENSE_B64') is defined or nexus_license_b64 is defined) and nexus_enable_pro
+
+    # - name: Upload license file through API
+    #   ansible.builtin.uri:
+    #     url: "http://{{ nexus3_ip }}:8081/service/rest/v1/system/license"
+    #     method: POST
+    #     validate_certs: false
+    #     user: admin
+    #     password: changeme
+    #     force_basic_auth: true
+    #     headers:
+    #       Accept: "application/json"
+    #       Content-Type: "application/octet-stream"
+    #     src: "nexus.lic"
+    #     status_code: 200
+    #   register: __uploaded_license__
+    #   when: (lookup('env', 'NEXUS_LICENSE_B64') is defined or nexus_license_b64 is defined) and nexus_enable_pro
+    #   ignore_errors: true
+
+    # - name: Remove license from file system
+    #   ansible.builtin.file:
+    #     path: "nexus.lic"
+    #     state: absent
+
+    # - name: Stop container
+    #   community.docker.docker_container:
+    #     name: nexus3-oss
+    #     state: stopped
+
+    # - name: Start container
+    #   community.docker.docker_container:
+    #     name: nexus3-oss
+    #     state: started
+
+    # - name: Wait for Nexus writable API endpoint to be available
+    #   ansible.builtin.uri:
+    #     url: "http://{{ nexus3_ip }}:8081/service/rest/v1/status/writable"
+    #     method: GET
+    #     validate_certs: false
+    #     status_code: 200
+    #   register: __nexus_writable__
+    #   until: __nexus_writable__.status == 200
+    #   retries: 30
+    #   delay: 10

molecule/default/group_vars/all.yml

@@ -301,6 +301,10 @@ nexus_repos_cleanup_policies:
 
 nexus_repos_maven_hosted:
   - name: repo-1
+    online: true
+    storage:
+      strictContentTypeValidation: true
+      writePolicy: ALLOW_ONCE # Disable redeploy
     cleanup:
       policyNames:
         - maven_cleanup
@@ -310,37 +314,76 @@ nexus_repos_maven_hosted:
       versionPolicy: RELEASE
       layoutPolicy: STRICT
       contentDisposition: INLINE
-  - name: maven-snapshots
+  - name: repo-2
+    online: true
+    storage:
+      strictContentTypeValidation: false
+      writePolicy: ALLOW # Allow redeploy
     cleanup:
-      policyNames:
-        - maven_cleanup
+      policyNames: []
+    component:
+      proprietaryComponents: false
+    maven:
+      versionPolicy: SNAPSHOT
+      layoutPolicy: PERMISSIVE
+      contentDisposition: ATTACHMENT
+  - name: repo-3-offline
+    online: false
+    storage:
+      strictContentTypeValidation: false
+      writePolicy: DENY # Read only
+    cleanup:
+      policyNames: []
+    component:
+      proprietaryComponents: false
+    maven:
+      versionPolicy:
+      layoutPolicy: PERMISSIVE
+      contentDisposition: ATTACHMENT
+  - name: maven-snapshots
+    online: true
     storage:
       strictContentTypeValidation: true
       writePolicy: ALLOW_ONCE
+    cleanup:
+      policyNames:
+        - maven_cleanup
+    component:
+      proprietaryComponents: true
     maven:
       contentDisposition: INLINE
       layoutPolicy: STRICT
       versionPolicy: SNAPSHOT
-    component:
-      proprietaryComponents: true
-
   - name: maven-releases
     online: true
     storage:
       strictContentTypeValidation: true
+    cleanup:
+      policyNames:
+        - maven_cleanup
+    component:
+      proprietaryComponents: true
     maven:
       contentDisposition: INLINE
       layoutPolicy: STRICT
       versionPolicy: RELEASE
-    component:
-      proprietaryComponents: true
+  - name: repo-cleanup-order-1
     cleanup:
       policyNames:
         - maven_cleanup
-
-  - name: repo-2
+        - maven_releases_cleanup
+        - maven_prereleases_cleanup
+  - name: repo-cleanup-order-2
+    cleanup:
+      policyNames:
+        - maven_releases_cleanup
+        - maven_cleanup
+        - maven_prereleases_cleanup
+  - name: repo-cleanup-order-3
     cleanup:
       policyNames:
+        - maven_prereleases_cleanup
+        - maven_releases_cleanup
         - maven_cleanup
 
 nexus_repos_maven_proxy:

tasks/main.yml

@@ -617,7 +617,7 @@
     (existing_maven_hosted_repos | selectattr('name', 'equalto', item.name) | first).format | default('maven2') != item.format | default('maven2') or
     (existing_maven_hosted_repos | selectattr('name', 'equalto', item.name) | first).type | default('hosted') != item.type | default('hosted') or
     (existing_maven_hosted_repos | selectattr('name', 'equalto', item.name) | first).online | default(true) != item.online | default(true) or
-    (existing_maven_hosted_repos | selectattr('name', 'equalto', item.name) | first).cleanup.policyNames | default(omit) != item.cleanup.policyNames | default(omit) or
+    (existing_maven_hosted_repos | selectattr('name', 'equalto', item.name) | first).cleanup.policyNames | default([]) | sort != item.cleanup.policyNames | default([]) | sort or
     (existing_maven_hosted_repos | selectattr('name', 'equalto', item.name) | first).storage.blobStoreName | default(omit) != item.storage.blobStoreName | default(None) or
     (existing_maven_hosted_repos | selectattr('name', 'equalto', item.name) | first).storage.strictContentTypeValidation | default(false) != item.storage.strictContentTypeValidation | default(false) or
     (existing_maven_hosted_repos | selectattr('name', 'equalto', item.name) | first).storage.writePolicy | default(omit) != item.storage.writePolicy | default(None) or
@@ -654,7 +654,7 @@
     (existing_maven_proxy_repos | selectattr('name', 'equalto', item.name) | first).maven.versionPolicy | default(omit) != item.maven.versionPolicy | default(None) or
     (existing_maven_proxy_repos | selectattr('name', 'equalto', item.name) | first).maven.layoutPolicy | default(omit) != item.maven.layoutPolicy | default(None) or
     (existing_maven_proxy_repos | selectattr('name', 'equalto', item.name) | first).maven.contentDisposition | default(omit) != item.maven.contentDisposition | default(None) or
-    (existing_maven_proxy_repos | selectattr('name', 'equalto', item.name) | first).cleanup.policyNames | default(omit) != item.cleanup.policyNames | default(omit) or
+    (existing_maven_proxy_repos | selectattr('name', 'equalto', item.name) | first).cleanup.policyNames | default([]) | sort != item.cleanup.policyNames | default([]) | sort or
     (existing_maven_proxy_repos | selectattr('name', 'equalto', item.name) | first).routingRuleName | default(omit) != item.routingRule | default(omit)
 
 - name: Show maven_hosted_repos_to_update