nexus_api 1.4.1 → 2.0.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1524dfad12c5d501e3d8d6c90a7cd712c8ded00a526093239c04aff862323546
-  data.tar.gz: a1c22bcdd81c450a79cbabf5adeab806eef96f2ae0b70fbe8401f5042f23e0d0
+  metadata.gz: 680f17c06a69fe75f28949eda5fa16454ca8e71ad3eb4f3672a44a334dd78b0e
+  data.tar.gz: '008405bea89567a5e1843fc4e742c2951c2a55a2d150d06893ed159fda43bda9'
 SHA512:
-  metadata.gz: 52ee4482ce15c00b1eae0064c0445c6862cd4bc876e915335c923bc2f1f024bd0cb0cdee09ac41d917fe7d1abfe3a5f4dbcc717894e36e8e5a016eb54605b82e
-  data.tar.gz: ff03e64fdeb4e9c28ffcc94329ca79e2526411982ae36f40177dab99dbef6279810e5bebdfbae5fb50ec324f7f61fc64b6d8a3218b93e726ba44e44183fd3f5a
+  metadata.gz: 84a7ac3b47b5a6fdd06af0db9e9dc60e0d344dfc0408e9d1ddba5e5c7f76e300d57fca066170f009d72dfb4647d27a2287b3d8b991ea910d59482e3f2e5e5843
+  data.tar.gz: 395b05f6af8559f4a0e6ac7c0f80206af0fd16366338fc2d6153f74a5f30b6086138de054af142770e3b641e9f0fb4e1fc37948970769de80ddde652c73033b6

data/CHANGELOG.md

@@ -5,6 +5,52 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 
+## [2.0.1](https://github.com/Cisco-AMP/nexus_api/compare/v2.0.0...v2.0.1) - 2020-09-08
+### Security
+- Use `rake` version `12.3.3` or later to avoid an [OS Command Injection](https://github.com/advisories/GHSA-jppv-gw3r-w3q8)
+
+
+## [2.0.0](https://github.com/Cisco-AMP/nexus_api/compare/v1.6.1...v2.0.0) - 2020-07-27
+### Added
+- Fully implemented create methods for group, hosted, and proxy type repository in the following formats:
+  - docker
+  - maven
+  - npm
+  - pypi
+  - raw
+  - rubygems
+  - yum
+
+
+### Changed
+- Method signature for `NexusAPI::API.create_repository_docker_hosted()`
+- Method signature for `NexusAPI::API.create_repository_maven_hosted()`
+- Method signature for `NexusAPI::API.create_repository_npm_hosted()`
+- Method signature for `NexusAPI::API.create_repository_pypi_hosted()`
+- Method signature for `NexusAPI::API.create_repository_raw_hosted()`
+- Method signature for `NexusAPI::API.create_repository_rubygems_hosted()`
+- Method signature for `NexusAPI::API.create_repository_yum_hosted()`
+
+
+## [1.6.1](https://github.com/Cisco-AMP/nexus_api/compare/v1.6.0...v1.6.1) - 2020-07-20
+### Fixed
+- Parameters for tag creation were being JSON encoded twice resulting in data Nexus could not parse
+
+
+## [1.6.0](https://github.com/Cisco-AMP/nexus_api/compare/v1.5.0...v1.6.0) - 2020-07-20
+### Added
+- `create_repository_raw_hosted()`
+- `create_repository_rubygems_hosted()`
+
+
+## [1.5.0](https://github.com/Cisco-AMP/nexus_api/compare/v1.4.1...v1.5.0) - 2020-06-10
+### Added
+- New methods around the `privileges` endpoint
+- New methods around the `roles` endpoint
+- New methods around the `users` endpoint
+- New `list_all_*` methods for endpoints that paginate so the user doesn't have to page through results themselves if they just want all the raw data
+
+
 ## [1.4.1](https://github.com/Cisco-AMP/nexus_api/compare/v1.4.0...v1.4.1) - 2020-05-08
 ### Changed
 - Error reporting to be more descriptive

data/Gemfile.lock

@@ -1,12 +1,12 @@
 PATH
   remote: .
   specs:
-    nexus_api (1.4.1)
+    nexus_api (2.0.1)
       bundler (~> 2)
       docker-api (~> 1.34.2)
       dotenv (~> 2.7.5)
       pry (~> 0.12.2)
-      rake (~> 10.0)
+      rake (>= 12.3.3)
       rest-client (~> 2.1.0)
       thor (~> 0.20.3)
 
@@ -15,18 +15,18 @@ GEM
   specs:
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
-    coderay (1.1.2)
+    coderay (1.1.3)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
-    diff-lcs (1.3)
+    diff-lcs (1.4.4)
     docile (1.3.2)
     docker-api (1.34.2)
       excon (>= 0.47.0)
       multi_json
     domain_name (0.5.20190701)
       unf (>= 0.0.5, < 1.0.0)
-    dotenv (2.7.5)
-    excon (0.73.0)
+    dotenv (2.7.6)
+    excon (0.76.0)
     hashdiff (1.0.1)
     http-accept (1.7.0)
     http-cookie (1.0.3)
@@ -34,14 +34,14 @@ GEM
     method_source (0.9.2)
     mime-types (3.3.1)
       mime-types-data (~> 3.2015)
-    mime-types-data (3.2020.0425)
-    multi_json (1.14.1)
+    mime-types-data (3.2020.0512)
+    multi_json (1.15.0)
     netrc (0.11.0)
     pry (0.12.2)
       coderay (~> 1.1.0)
       method_source (~> 0.9.0)
-    public_suffix (4.0.4)
-    rake (10.5.0)
+    public_suffix (4.0.6)
+    rake (13.0.1)
     rest-client (2.1.0)
       http-accept (>= 1.7.0, < 2.0)
       http-cookie (>= 1.0.2, < 2.0)
@@ -51,17 +51,17 @@ GEM
       rspec-core (~> 3.9.0)
       rspec-expectations (~> 3.9.0)
       rspec-mocks (~> 3.9.0)
-    rspec-core (3.9.0)
-      rspec-support (~> 3.9.0)
-    rspec-expectations (3.9.0)
+    rspec-core (3.9.2)
+      rspec-support (~> 3.9.3)
+    rspec-expectations (3.9.2)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
-    rspec-mocks (3.9.0)
+    rspec-mocks (3.9.1)
       diff-lcs (>= 1.2.0, < 2.0)
       rspec-support (~> 3.9.0)
-    rspec-support (3.9.0)
+    rspec-support (3.9.3)
     safe_yaml (1.0.5)
-    simplecov (0.18.5)
+    simplecov (0.19.0)
       docile (~> 1.1)
       simplecov-html (~> 0.11)
     simplecov-html (0.12.2)
@@ -84,4 +84,4 @@ DEPENDENCIES
   webmock (~> 3.8)
 
 BUNDLED WITH
-   2.0.2
+   2.1.4

data/README.md

@@ -5,10 +5,10 @@ A ruby gem that wraps the [Sonatype Nexus Repository Manager 3](https://help.son
 ## Latest Version Tested
 Title | Value
 ---|---
-**Version** | `3.22.0-02`
+**Version** | `3.24.0-02`
 **Edition** | `PRO`
-**Build Revision** | `140e045ce3cdd3f35e6f9d13127d7299d21f7251`
-**Build Timestamp** | `2020-03-27-1616-27700`
+**Build Revision** | `302d6f23f1414581162efaf0fa7b4d81dbf9b251`
+**Build Timestamp** | `2020-06-03-2332-51567`
 
 
 ## Installation
@@ -59,38 +59,177 @@ api = NexusAPI::API.new(
   username: NEXUS_USERNAME,
   password: NEXUS_PASSWORD,
   hostname: NEXUS_HOSTNAME,
-  docker_pull_hostname: DOCKER_PUSH_HOSTNAME,  # Optional
-  docker_push_hostname: DOCKER_PULL_HOSTNAME,  # Optional
+  docker_pull_hostname: DOCKER_PULL_HOSTNAME,  # Optional
+  docker_push_hostname: DOCKER_PUSH_HOSTNAME,  # Optional
   config: "team_configs/#{CONFIG_NAME}",       # Optional
 )
 # NOTE: All Docker commands will fail if the docker hostnames are not initialized
 
+
+# You can create various types of repositories in different formats
+api.create_repository_docker_group(
+  name: REPOSITORY_NAME,
+  members: REPOSITORY_MEMBERS,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+api.create_repository_docker_hosted(
+  name: REPOSITORY_NAME,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+api.create_repository_docker_proxy(
+  name: REPOSITORY_NAME,
+  remote_url: URL_TO_PROXY,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+
+api.create_repository_maven_group(
+  name: REPOSITORY_NAME,
+  members: REPOSITORY_MEMBERS,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+api.create_repository_maven_hosted(
+  name: REPOSITORY_NAME,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+api.create_repository_maven_proxy(
+  name: REPOSITORY_NAME,
+  remote_url: URL_TO_PROXY,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+
+api.create_repository_npm_group(
+  name: REPOSITORY_NAME,
+  members: REPOSITORY_MEMBERS,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+api.create_repository_npm_hosted(
+  name: REPOSITORY_NAME,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+api.create_repository_npm_proxy(
+  name: REPOSITORY_NAME,
+  remote_url: URL_TO_PROXY,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+
+api.create_repository_pypi_group(
+  name: REPOSITORY_NAME,
+  members: REPOSITORY_MEMBERS,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+api.create_repository_pypi_hosted(
+  name: REPOSITORY_NAME,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+api.create_repository_pypi_proxy(
+  name: REPOSITORY_NAME,
+  remote_url: URL_TO_PROXY,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+
+api.create_repository_raw_group(
+  name: REPOSITORY_NAME,
+  members: REPOSITORY_MEMBERS,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+api.create_repository_raw_hosted(
+  name: REPOSITORY_NAME,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+api.create_repository_raw_proxy(
+  name: REPOSITORY_NAME,
+  remote_url: URL_TO_PROXY,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+
+api.create_repository_rubygems_group(
+  name: REPOSITORY_NAME,
+  members: REPOSITORY_MEMBERS,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+api.create_repository_rubygems_hosted(
+  name: REPOSITORY_NAME,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+api.create_repository_rubygems_proxy(
+  name: REPOSITORY_NAME,
+  remote_url: URL_TO_PROXY,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+
+api.create_repository_yum_group(
+  name: REPOSITORY_NAME,
+  members: REPOSITORY_MEMBERS,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+api.create_repository_yum_hosted(
+  name: REPOSITORY_NAME,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+api.create_repository_yum_proxy(
+  name: REPOSITORY_NAME,
+  remote_url: URL_TO_PROXY,
+  options: HASH_OF_REPOSITORY_OPTIONS  # Optional
+)
+
+
 # You can query information through the list methods
-api.list_repositories
-api.list_repository_names
-api.list_assets(repository: REPOSITORY_NAME)
+api.list_all_assets(repository: REPOSITORY_NAME)
+api.list_assets(repository: REPOSITORY_NAME, paginate: BOOLEAN)
 api.list_asset(id: ASSET_ID)
-api.list_components(repository: REPOSITORY_NAME)
+
+api.list_all_components(repository: REPOSITORY_NAME)
+api.list_components(repository: REPOSITORY_NAME, paginate: BOOLEAN)
 api.list_component(id: ASSET_ID)
+
+api.list_privileges
+api.list_privilege(privilege_id: ID)
+
+api.list_repositories
+api.list_repository_names
+
+api.list_roles
+api.list_role(id: ROLE_ID)
+
 api.list_scripts
-api.list_tags
+
+api.list_all_tags
+api.list_tags(paginate: BOOLEAN)
+
+api.list_users
+
 
 # You can search for an asset by its name
 # Optionally, you can pass in additional fields to filter the results
+api.search_all_assets(
+  name: ASSET_NAME,
+  format: REPOSITORY_FORMAT,    # Optional
+  repository: REPOSITORY_NAME,  # Optional
+  sha1: SHA1,                   # Optional
+  version: VERSION,             # Optional
+)
+# You can also paginate through the results if you want to do some additional filtering
 api.search_asset(
   name: ASSET_NAME,
   format: REPOSITORY_FORMAT,    # Optional
   repository: REPOSITORY_NAME,  # Optional
   sha1: SHA1,                   # Optional
   version: VERSION,             # Optional
+  paginate: BOOLEAN             # Optional
 )
 
+
 # The following endpoints will paginate: 
 #  - list_assets
 #  - list_components
 #  - list_tags
 #  - search_asset
-# You can use the following pattern to page through each method:
+# Or you can use the following methods to automatically gather data from all pages for you:
+#  - list_all_assets
+#  - list_all_components
+#  - list_all_tags
+#  - search_all_assets
+# Or you can use the following pattern to page through if additional processing is desired:
 set = Array.new.tap do |set|
   loop do
     set.concat(api.METHOD_YOU_WANT(ARGUMENTS, paginate: true))
@@ -98,9 +237,11 @@ set = Array.new.tap do |set|
   end
 end
 
+
 # You can move all components that are tagged to a new destination
 api.move_components_to(destination: DESTINATION, tag: TAG)
 
+
 # You can download an asset by using its asset_id
 # Optionally, you can rename the file on download
 api.download(
@@ -108,6 +249,7 @@ api.download(
   name: NEW_FILE_NAME,  # Optional
 )
 
+
 # Different asset types require differing information to be uploaded
 # Optionally, you can tag the component provided the tag already exists
 api.upload_maven_component(
@@ -146,12 +288,14 @@ api.upload_yum_component(
   tag: TAG,                     # Optional
 )
 
+
 # Docker is a special case and uses the local Docker daemon
 # If this daemon is not installed and running these methods will fail
 # NOTE: Docker login/logout is handled as part of the docker methods
 api.download_docker_component(image: IMAGE_NAME, tag: DOCKER_TAG)
 api.upload_docker_component(image: IMAGE_NAME, tag: DOCKER_TAG)
 
+
 # You can create/delete tags and associate/disassociate them from components
 # (we use the SHA1 rather than the file name because the Nexus search is inconsistent)
 api.create_tag(name: TAG)
@@ -159,10 +303,12 @@ api.associate_tag(name: TAG, sha1: SHA1_SUM, repository: REPOSITORY_NAME)
 api.delete_associated_tag(name: TAG, sha1: SHA1_SUM, repository: REPOSITORY_NAME)
 api.delete_tag(name: TAG)
 
+
 # You can query the Nexus status
 api.status
 api.status_writable
 
+
 # Using an asset's URL you can gather its filesize as a String
 api.get_asset_size(asset_url: URL)
 ```

data/bin/test

@@ -1,2 +1,3 @@
 #!/usr/bin/env bash
-bundle exec rake test
+
+bundle exec rspec ${1:+$1}

data/lib/endpoints/assets.rb

@@ -6,6 +6,15 @@ module NexusAPI
       @connection.get_response(endpoint: "assets?repository=#{repository}", paginate: paginate)
     end
 
+    def list_all_assets(repository: nil)
+      Array.new.tap do |assets|
+        loop do
+          assets.concat(list_assets(repository: repository, paginate: true))
+          break unless paginate?
+        end
+      end
+    end
+
     # GET /service/rest/v1/assets/{id}
     def list_asset(id:)
       @connection.get_response(endpoint: "assets/#{id}")

data/lib/endpoints/components.rb

@@ -6,6 +6,15 @@ module NexusAPI
       @connection.get_response(endpoint: "components?repository=#{repository}", paginate: paginate)
     end
 
+    def list_all_components(repository: nil)
+      Array.new.tap do |components|
+        loop do
+          components.concat(list_components(repository: repository, paginate: true))
+          break unless paginate?
+        end
+      end
+    end
+
     # POST /service/rest/v1/components
     def upload_maven_component(filename:, group_id:, artifact_id:, version:, repository: nil, tag: nil)
       repository ||= @team_config.maven_repository

data/lib/endpoints/privileges.rb

@@ -1,8 +1,20 @@
 module NexusAPI
   class API
     # GET /service/rest/beta/security/privileges
+    def list_privileges
+      @connection.get_response(endpoint: 'security/privileges', api_version: 'beta')
+    end
+
     # GET /service/rest/beta/security/privileges/{privilegeId}
+    def list_privilege(privilege_id:)
+      @connection.get_response(endpoint: "security/privileges/#{privilege_id}", api_version: 'beta')
+    end
+
     # DELETE /service/rest/beta/security/privileges/{privilegeId}
+    def delete_privilege(privilege_id:)
+      @connection.delete(endpoint: "security/privileges/#{privilege_id}", api_version: 'beta')
+    end
+
     # POST /service/rest/beta/security/privileges/application
     # PUT /service/rest/beta/security/privileges/application/{privilegeId}
     # POST /service/rest/beta/security/privileges/repository-admin
@@ -10,6 +22,21 @@ module NexusAPI
     # POST /service/rest/beta/security/privileges/repository-content-selector
     # PUT /service/rest/beta/security/privileges/repository-content-selector/{privilegeId}
     # POST /service/rest/beta/security/privileges/repository-view
+    def create_privilege_repository_view(name:, description: nil, actions: ['READ'], format: '*', repository: '*')
+      parameters = {
+        # The name is also used as the privilege_id
+        'name' => name,
+        'description' => description,
+        # READ, BROWSE, EDIT, ADD, DELETE, RUN, ASSOCIATE, DISASSOCIATE, ALL
+        'actions' => actions,
+        # The repository format (i.e 'nuget', 'npm') this privilege will grant access to (or * for all)
+        'format' => format,
+        # The name of the repository this privilege will grant access to (or * for all)
+        'repository' => repository
+      }
+      @connection.post(endpoint: 'security/privileges/repository-view', parameters: parameters, api_version: 'beta')
+    end
+
     # PUT /service/rest/beta/security/privileges/repository-view/{privilegeId}
     # POST /service/rest/beta/security/privileges/script
     # PUT /service/rest/beta/security/privileges/script/{privilegeId}