/nexus-blobstore-s3

Primary LanguageJavaEclipse Public License 1.0EPL-1.0

This repository is no longer maintained as the S3 implementation has been formally moved into the Repository Manager codebase as a supported feature.

Nexus Repository S3 Blobstores

Join the chat at https://gitter.im/sonatype/nexus-developers

This project adds S3 backed blobstores to Sonatype Nexus Repository 3. It allows Nexus Repository to store the components and assets in Amazon AWS S3 instead of a local filesystem.

Contribution Guidelines

Go read our contribution guidelines to get a bit more familiar with how we would like things to flow.

Requirements

NOTE: Nexus Repository 3.12 now bundles the S3 blobstore plugin and it's no longer necessary to build or install separately.

Also, there is a good amount of information available at Bundle Development Overview

Building

To build the project and generate the bundle use Maven

mvn clean install

If everything checks out, the nexus-blobstore-s3 bundle should be available in the target folder

Installing

See install.sh. This copies the nexus-blobstore-s3 jar file to the right place and updates the configuration files. Use at your own risk.

Alternatively, copy nexus-blobstore-s3-*.jar and the AWS SDK bundle jar into the nexus/deploy subdirectory.

Start the bundle from the Nexus Repository console:

bundle:list | grep nexus-blobstore-s3
bundle:start <bundleNumber>

Configuration

Log in as admin and create a new blobstore, selecting S3 as the type. If any fields are left blank, AWS credentials in ~/.aws/credentials will be used.

S3 Bucket Policy

The AWS user for accessing the S3 Blobstore bucket needs to be granted permission for these actions:

  • s3:PutObject
  • s3:GetObject
  • s3:DeleteObject
  • s3:ListBucket
  • s3:GetLifecycleConfiguration
  • s3:PutLifecycleConfiguration

Sample minimal policy where <user-arn> is the ARN of the AWS user and <s3-bucket-name> the S3 bucket name:

{
    "Version": "2012-10-17",
    "Id": "NexusS3BlobStorePolicy",
    "Statement": [
        {
            "Sid": "NexusS3BlobStoreAccess",
            "Effect": "Allow",
            "Principal": {
                "AWS": "<user-arn>"
            },
            "Action": [
                "s3:PutObject",
                "s3:GetObject",
                "s3:DeleteObject",
                "s3:ListBucket",
                "s3:GetLifecycleConfiguration",
                "s3:PutLifecycleConfiguration"
            ],
            "Resource": [
                "arn:aws:s3:::<s3-bucket-name>",
                "arn:aws:s3:::<s3-bucket-name>/*"
            ]
        }
    ]
}

Troubleshooting

How can I remove or fix a misbehaving S3 blobstore? You may need to adjust the OrientDB configuration manually to fix it. Check out this article: https://support.sonatype.com/hc/en-us/articles/235816228-Relocating-Blob-Stores

For S3 blobstores use

update repository_blobstore set attributes.s3.bucket='newbucketname' where name='mys3blobstore'

to adjust the bucket name.

The Fine Print

It is worth noting that this is NOT SUPPORTED by Sonatype, and is a contribution of ours to the open source community (read: you!)

Remember:

  • Use this contribution at the risk tolerance that you have
  • Do NOT file Sonatype support tickets related to S3 support
  • DO file issues here on GitHub, so that the community can pitch in

Phew, that was easier than I thought. Last but not least of all:

Have fun creating and using this plugin and the Nexus platform, we are glad to have you here!

Getting help

Looking to contribute to our code but need some help? There's a few ways to get information: