Skip to content
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.

Commit f77c065

Browse files
authoredOct 14, 2023
Merge pull request #379 from 030/378-change-admin-pass
fix: [#378] Change initial admin pass (automatically).
2 parents 7f22bde + aec17a7 commit f77c065

File tree

6 files changed

+279
-7
lines changed

6 files changed

+279
-7
lines changed
 

‎.github/workflows/dip.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,7 @@ jobs:
3535
NEXUS_VERSION=$(./dip image --name=sonatype/nexus3 --regex=^3\.[0-9]+\.[0-9]+$)
3636
echo "Check whether the latest Nexus3 version: '${NEXUS_VERSION}' is used..."
3737
sed -i "s|\(sonatype/nexus3:\).*|\1${NEXUS_VERSION}|" README.md
38+
sed -i "s|\(sonatype/nexus3:\).*|\1${NEXUS_VERSION}|" configs/k8s/nexus3.yaml
3839
sed -i "s|\(sonatype/nexus3:\)[0-9]\+\.[0-9]\+\.[0-9]\+\(.*\)|\1${NEXUS_VERSION}\2|" docs/quickstarts/DOCKER.md
3940
sed -i "s|\(NEXUS_VERSION=\).*|\1${NEXUS_VERSION}|" ./test/integration-tests.sh
4041
sed -i "s|\(nexus-version: \)[0-9]\.[0-9]\{2\}\.[0-9]$|\1${NEXUS_VERSION}|" ./.github/workflows/integration.yml
@@ -60,6 +61,7 @@ jobs:
6061
sed -i "s|^\(version: \)\([0-9]\+\.\)\{2\}[0-9]\+|\1${{ env.NEW_TAG }}|" build/package/snap/snapcraft.yaml
6162
echo "Checking README.md..."
6263
sed -i "s|\(n3dr:\)\([0-9]\+\.\)\{2\}[0-9]\+|\1${{ env.NEW_TAG }}|" docs/README.md
64+
sed -i "s|\(n3dr:\)\([0-9]\+\.\)\{2\}[0-9]\+|\1${{ env.NEW_TAG }}|" configs/k8s/nexus3.yaml
6365
sed -i "s|\(n3dr\/releases\/tag\/\)\([0-9]\+\.\)\{2\}[0-9]\+|\1${{ env.NEW_TAG }}|g" README.md
6466
sed -i "s|\(releases\/download\/\)\([0-9]\+\.\)\{2\}[0-9]\+|\1${{ env.NEW_TAG }}|g" README.md
6567
sed -i "s|\(n3dr\/releases\/tag\/\)\([0-9]\+\.\)\{2\}[0-9]\+|\1${{ env.NEW_TAG }}|g" ./docs/quickstarts/snippets/n3dr/DOWNLOAD.md

‎.github/workflows/snapcraft.yml

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,8 @@ jobs:
2222
sudo snap install --dangerous ${{ steps.snapcraft.outputs.snap }}
2323
n3dr --version | grep "[0-9]\."
2424
- uses: snapcore/action-publish@v1
25+
env:
26+
SNAPCRAFT_STORE_CREDENTIALS: ${{ secrets.SNAPCRAFT_LOGIN }}
2527
with:
26-
store_login: ${{ secrets.SNAPCRAFT_LOGIN }}
2728
snap: ${{ steps.snapcraft.outputs.snap }}
2829
release: candidate

‎cmd/n3dr/configUser.go

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -18,13 +18,13 @@ var (
1818
// configUserCmd represents the configUser command.
1919
var configUserCmd = &cobra.Command{
2020
Use: "configUser",
21-
Short: "A brief description of your command",
22-
Long: `A longer description that spans multiple lines and likely contains examples
23-
and usage of using your command. For example:
21+
Short: "Configure users.",
22+
Long: `Create users or change their passwords.
2423
25-
Cobra is a CLI library for Go that empowers applications.
26-
This application is a tool to generate the needed files
27-
to quickly create a Cobra application.`,
24+
Examples:
25+
# Change the admin password:
26+
n3dr configUser --changePass --https false --n3drUser admin --n3drURL nexus3:8081 --n3drPass initial-pass --pass some-pass --email admin@example.org --firstName admin --id admin --lastName admin
27+
`,
2828
Run: func(cmd *cobra.Command, args []string) {
2929
fmt.Println("configUser called")
3030

‎configs/k8s/README.md

Lines changed: 54 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,54 @@
1+
# kind
2+
3+
## create secret
4+
5+
```bash
6+
echo -n 'helloworld' | tr -d "\n\r" | base64 -w 0
7+
```
8+
9+
## create cluster
10+
11+
```bash
12+
mkdir -p /tmp/k8s/kind/nexus-data && \
13+
sudo chown 8484 -R /tmp/k8s/kind/nexus-data && \
14+
~/go/bin/kind create cluster --config=configs/k8s/kind.yaml
15+
```
16+
17+
## add ingress
18+
19+
```bash
20+
kubectl apply -f https://raw.githubusercontent.com/kubernetes/ingress-nginx/main/deploy/static/provider/kind/deploy.yaml && \
21+
kubectl wait --namespace ingress-nginx \
22+
--for=condition=ready pod \
23+
--selector=app.kubernetes.io/component=controller \
24+
--timeout=90s
25+
```
26+
27+
## deploy nexus
28+
29+
```bash
30+
kubectl apply -f configs/k8s/nexus3.yaml
31+
```
32+
33+
## access nexus
34+
35+
open `/etc/hosts`, add:
36+
37+
```bash
38+
127.0.0.1 nexus3.some-domain
39+
```
40+
41+
open a web browser, navigate to: <http://nexus3.some-domain/> and login as
42+
`admin` with password: `helloworld`.
43+
44+
## n3dr
45+
46+
```bash
47+
kubectl logs nexus3-0 -n nexus3
48+
```
49+
50+
## cleanup
51+
52+
```bash
53+
~/go/bin/kind delete cluster
54+
```

‎configs/k8s/kind.yaml

Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
---
2+
kind: Cluster
3+
apiVersion: kind.x-k8s.io/v1alpha4
4+
nodes:
5+
- role: control-plane
6+
kubeadmConfigPatches:
7+
- |
8+
kind: InitConfiguration
9+
nodeRegistration:
10+
kubeletExtraArgs:
11+
node-labels: "ingress-ready=true"
12+
system-reserved: memory=8Gi
13+
extraPortMappings:
14+
- containerPort: 80
15+
hostPort: 80
16+
protocol: TCP
17+
- containerPort: 443
18+
hostPort: 443
19+
protocol: TCP
20+
extraMounts:
21+
- hostPath: /tmp/k8s/kind/nexus-data
22+
containerPath: /nexus-data

‎configs/k8s/nexus3.yaml

Lines changed: 193 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,193 @@
1+
---
2+
apiVersion: v1
3+
kind: Namespace
4+
metadata:
5+
name: nexus3
6+
---
7+
apiVersion: v1
8+
kind: Secret
9+
metadata:
10+
name: n3dr
11+
namespace: nexus3
12+
data:
13+
admin-password: aGVsbG93b3JsZA==
14+
---
15+
apiVersion: apps/v1
16+
kind: StatefulSet
17+
metadata:
18+
name: nexus3
19+
namespace: nexus3
20+
spec:
21+
replicas: 1
22+
selector:
23+
matchLabels:
24+
app: nexus3
25+
serviceName: nexus3
26+
template:
27+
metadata:
28+
labels:
29+
app: nexus3
30+
spec:
31+
containers:
32+
- image: sonatype/nexus3:3.59.0
33+
imagePullPolicy: IfNotPresent
34+
name: nexus3
35+
livenessProbe:
36+
failureThreshold: 6
37+
initialDelaySeconds: 120
38+
httpGet:
39+
path: /
40+
port: 8081
41+
scheme: HTTP
42+
periodSeconds: 60
43+
timeoutSeconds: 30
44+
readinessProbe:
45+
failureThreshold: 6
46+
initialDelaySeconds: 120
47+
httpGet:
48+
path: /
49+
port: 8081
50+
scheme: HTTP
51+
periodSeconds: 60
52+
timeoutSeconds: 30
53+
ports:
54+
- containerPort: 8081
55+
name: nexus3
56+
protocol: TCP
57+
resources:
58+
limits:
59+
cpu: 1250m
60+
memory: 2Gi
61+
requests:
62+
cpu: 1m
63+
memory: 50Mi
64+
securityContext:
65+
readOnlyRootFilesystem: false
66+
runAsUser: 8484
67+
runAsGroup: 8484
68+
volumeMounts:
69+
- mountPath: /nexus-data
70+
name: nexus3
71+
- mountPath: /tmp
72+
name: tmp
73+
volumes:
74+
- name: tmp
75+
emptyDir: {}
76+
volumeClaimTemplates:
77+
- apiVersion: v1
78+
kind: PersistentVolumeClaim
79+
metadata:
80+
name: nexus3
81+
spec:
82+
accessModes:
83+
- ReadWriteOnce
84+
resources:
85+
requests:
86+
storage: 4Gi
87+
volumeMode: Filesystem
88+
volumeName: nexus3
89+
---
90+
apiVersion: v1
91+
kind: Service
92+
metadata:
93+
name: nexus3
94+
namespace: nexus3
95+
spec:
96+
selector:
97+
app: nexus3
98+
ports:
99+
- protocol: TCP
100+
port: 8081
101+
targetPort: 8081
102+
---
103+
apiVersion: batch/v1
104+
kind: CronJob
105+
metadata:
106+
name: n3dr
107+
namespace: nexus3
108+
spec:
109+
schedule: '*/15 * * * *'
110+
jobTemplate:
111+
spec:
112+
template:
113+
spec:
114+
containers:
115+
- image: utrecht/n3dr:7.2.4
116+
imagePullPolicy: IfNotPresent
117+
name: n3dr
118+
command:
119+
- /bin/sh
120+
- -c
121+
- |
122+
cat /tmp/nexus-data/admin.password
123+
echo $NEXUS_ADMIN_PASSWORD
124+
if [ -e /tmp/nexus-data/admin.password ]; then
125+
echo "changing randomized generated password..."
126+
pw=$(cat /tmp/nexus-data/admin.password)
127+
n3dr configUser \
128+
--changePass \
129+
--https false \
130+
--n3drUser admin \
131+
--n3drURL nexus3:8081 \
132+
--n3drPass "${pw}" \
133+
--pass "${NEXUS_ADMIN_PASSWORD}" \
134+
--email admin@example.org \
135+
--firstName Administrator \
136+
--id admin \
137+
--lastName User \
138+
--showLogo=false
139+
else
140+
echo "Assumed that initial password has been changed as"
141+
echo "/tmp/nexus-data/admin.password file was not been"
142+
echo "found."
143+
fi
144+
env:
145+
- name: NEXUS_ADMIN_PASSWORD
146+
valueFrom:
147+
secretKeyRef:
148+
name: n3dr
149+
key: admin-password
150+
securityContext:
151+
readOnlyRootFilesystem: false
152+
runAsUser: 8484
153+
runAsGroup: 8484
154+
volumeMounts:
155+
- mountPath: /tmp/nexus-data
156+
name: nexus3
157+
volumes:
158+
- name: nexus3
159+
persistentVolumeClaim:
160+
claimName: nexus3-nexus3-0
161+
restartPolicy: Never
162+
---
163+
apiVersion: networking.k8s.io/v1
164+
kind: Ingress
165+
metadata:
166+
name: nexus3
167+
namespace: nexus3
168+
spec:
169+
rules:
170+
- host: nexus3.some-domain
171+
http:
172+
paths:
173+
- pathType: Prefix
174+
path: /
175+
backend:
176+
service:
177+
name: nexus3
178+
port:
179+
number: 8081
180+
---
181+
apiVersion: v1
182+
kind: PersistentVolume
183+
metadata:
184+
name: nexus3
185+
namespace: nexus3
186+
spec:
187+
storageClassName: standard
188+
accessModes:
189+
- ReadWriteOnce
190+
capacity:
191+
storage: 4Gi
192+
hostPath:
193+
path: /nexus-data

0 commit comments

Comments
 (0)
Please sign in to comment.