Open exabrial opened 5 years ago
Well nuts, I tried adding PUT in the case block of AptHandler, but we're still getting a 405 error. Any help appreciated
I think I figured out the second problem. So while we were accepting PUT requests, the Wagon plugin is not setting the expected Content-Type to multipart-/form-data
and uploading it as such. The apt repo is going to need to be a lot more flexible
So we're able to workaround the lack of PUT
support with some clever HaProxy rules. We use HaProxy to terminate TLS and provide a bit of protection against attacks on our nexus repo. Our HaProxy route for Nexus now looks like this, which rewrites the PUT
to POST
and adds the multipart-form
content-type header:
frontend www-https
bind :443 ssl crt /xxx/xxx/xxx/xxx.xxx.xxx.pem alpn h2,http/1.1
reqadd X-Forwarded-Proto:\ https
default_backend nexus-backend
acl acl_apt-repo path_beg -i /repository/xxx-nexus-apt
http-request set-method POST if METH_PUT acl_apt-repo
http-request set-header Content-Type multipart/form-data if METH_PUT acl_apt-repo
http-request set-path /repository/xxx-nexus-apt/ if METH_PUT acl_apt-repo
backend nexus-backend
option httpchk OPTIONS / HTTP/1.0
server nexus-workhorse 127.0.0.1:8081 #check
And our pom configuration looks like this:
<plugin>
<groupId>org.codehaus.mojo</groupId>
<artifactId>wagon-maven-plugin</artifactId>
<executions>
<execution>
<id>upload-to-nexus</id>
<phase>deploy</phase>
<goals>
<goal>upload-single</goal>
</goals>
<configuration>
<serverId>xxx-nexus-apt</serverId>
<fromFile>${project.build.directory}/${jdeb.name}</fromFile>
<url>https://xxx.xxx.com/repository/xxx-nexus-apt</url>
</configuration>
</execution>
</executions>
</plugin>
APT is now part of Nexus Repository Manager. Version 3.17.0 includes the APT plugin by default. If this is still an issue if using 3.17.0 or later please file an issue at https://issues.sonatype.org/. Links to the new source code location are in the top level README.md
First, thanks for the work on this. We were using Freight, but it's super slow because it has to re-sign the entire repository, and you have to build a lot of glue code to get it to add new files. Overall, not a great experience.
One thing we noticed is that we build our packages with JDeb, then after that we would like to push the released deb files to our new shiney Nexus Apt repo. Both the maven deploy plugin and the maven wagon plugin only seem to support HTTP PUT, not HTTP POST, which only the latter seems to be supported by the nexus apt plugin.
I think this is a code change we can make, as it looks like there's just a handful of
case
statements that need to updated. Is there a reason this wasn't included in the original?