Nexus 3 Overview and Installation Guide 🎯

Nexus 3 is a widely used artifact repository manager developed by Sonatype. It helps teams store, manage, and retrieve binary artifacts such as JAR files, Docker images, npm packages, and more. Below, we break down its key features, installation process, and pipeline setup to manage artifacts efficiently. 🚀

Key Features of Nexus 3 ✨

Artifact Repository Manager 🗂️:
- Stores and manages binary artifacts, including libraries, dependencies, and build outputs.
Support for Multiple Repository Formats 📦:
- Formats include Maven, Docker, npm, NuGet, PyPI, Yum, and more.
Proxy and Caching 🔗:
- Improves build performance by caching external repositories like Maven Central.
Hosting Private Repositories 🔒:
- Allows secure storage of proprietary or custom artifacts.
Search and Indexing 🔍:
- Easily find artifacts using robust search capabilities.
Security and Access Control 🔐:
- Define roles and permissions for fine-grained access control.
Integration with CI/CD Tools 🤝:
- Works seamlessly with Jenkins, Travis CI, and more for automated publishing and retrieval.
Lifecycle Management 🔄:
- Define retention policies and track artifact lifecycles.
Monitoring and Reporting 📈:
- Monitor repository health and optimize usage.
RESTful API 🔧:
- Automate tasks like uploading artifacts, managing repositories, and permissions.
High Availability and Scalability 📡:
- Scale horizontally and configure for high availability.
User-Friendly Web Interface 🌐:
- Manage repositories and settings via an intuitive web UI.
Plugin Ecosystem 🧩:
- Extend functionality with plugins to meet specific needs.

Installation Guide 🛠️

Linux Installation Commands 💻:

sudo apt install openjdk-8-jdk -y
cd /opt
wget https://download.sonatype.com/nexus/3/nexus-3.59.0-01-unix.tar.gz
tar -xvf nexus-3.59.0-01-unix.tar.gz
adduser nexus
chown -R nexus:nexus nexus-3.59.0-01/
chown -R nexus:nexus sonatype-work/
vi nexus-3.59.0-01/bin/nexus.rc
# Add "nexus" in the file
/opt/nexus-3.59.0-01/bin/nexus start

Docker Installation Commands 🐳:

Run Nexus 3 Container:

 docker run -d -p 8081:8081 --name nexus sonatype/nexus3

Retrieve Initial Admin Password:

 docker ps
 docker exec -it <container_ID> /bin/bash
 cat sonatype-work/nexus3/admin.password

Access Nexus Web Interface:
- Visit http://localhost:8081 and log in with username admin and the retrieved password.
Cleanup (Optional):
```
 docker stop nexus
 docker rm nexus
```

Setting Up Jenkins and SonarQube 🛠️

1. Set Up Virtual Machines (VMs) for Jenkins and SonarQube 🌐

Jenkins (Direct Install):

  sudo apt update
  sudo apt install openjdk-11-jdk -y
  sudo wget -O /usr/share/keyrings/jenkins-keyring.asc \
    https://pkg.jenkins.io/debian-stable/jenkins.io-2023.key
  echo "deb [signed-by=/usr/share/keyrings/jenkins-keyring.asc]" \
    https://pkg.jenkins.io/debian-stable binary/ | sudo tee \
    /etc/apt/sources.list.d/jenkins.list > /dev/null
  sudo apt-get update
  sudo apt-get install jenkins -y

SonarQube (Docker):

  docker run -d --name sonarqube -p 9000:9000 sonarqube:lts-community

2. Download Plugins in Jenkins 🔌

Navigate to Manage Jenkins > Plugins and install:
- Pipeline
- Maven Integration
- Config File Provider
- SonarQube Scanner
- OWASP Dependency-Check

3. Configure Tools in Jenkins ⚙️

Go to Manage Jenkins > Global Tool Configuration:
- JDK: Add a JDK installation (e.g., JDK 17).
- Maven: Add Maven (e.g., Maven 3.8).
- SonarQube Scanner: Specify the installation directory.
- OWASP Dependency-Check: Configure the tool.

4. Create and Copy Token in SonarQube 🔑

Log in to SonarQube at http://<server_ip>:9000.
Navigate to My Account > Security > Generate Token and copy the token.

5. Configure SonarQube Server in Jenkins 🌐

Go to Manage Jenkins > Configure System > SonarQube Servers:
- Add a new server with:
  - Name: SonarQube
  - Server URL: http://<server_ip>:9000
  - Authentication Token: Paste the generated token.

6. Create Config File in Jenkins for Authentication 🔐

Use Jenkins Credentials to securely store usernames, passwords, and tokens.

Configuring Maven for Nexus 🛠️

Add the following to your pom.xml file:

<distributionManagement>
   <repository>
       <id>maven-releases</id>
       <url>NEXUS-URL/repository/maven-releases/</url>
   </repository>
   <snapshotRepository>
       <id>maven-snapshots</id>
       <url>NEXUS-URL/repository/maven-snapshots/</url>
   </snapshotRepository>
</distributionManagement>

CI/CD Pipeline for Nexus Integration 🔄

Here’s a detailed pipeline configuration to demonstrate how to integrate Nexus and SonarQube:

Pipeline Overview 🌟

pipeline {
    agent any
    tools {
        jdk 'jdk17'
        maven 'maven3'
    }
    environment {
        SCANNER_HOME = tool 'sonar-scanner'
    }
    stages {
        stage('Git Checkout') {
            steps {
                git 'https://github.com/Ank911007/Boardgame-java.git'
            }
        }
        stage('Code Compilation') {
            steps {
                sh 'mvn clean compile'
            }
        }
        stage('Unit Testing') {
            steps {
                sh 'mvn clean test'
            }
        }
        stage('Security Scan: Trivy') {
            steps {
                sh 'trivy fs .'
            }
        }
        stage('Dependency Check') {
            steps {
                dependencyCheck additionalArguments: ' --scan ./ ', odcInstallation: 'DC'
                dependencyCheckPublisher pattern: '**/dependency-check-report.xml'
            }
        }
        stage('Code Quality Analysis: SonarQube') {
            steps {
                withSonarQubeEnv('Sonar-server') {
                    sh ''' $SCANNER_HOME/bin/sonar-scanner \
                        -Dsonar.projectName=BoardGame \
                        -Dsonar.java.binaries=. \
                        -Dsonar.projectKey=BoardGame '''
                }
            }
        }
        stage('Download JAR with Credentials') {
            steps {
                script {
                    withCredentials([usernamePassword(credentialsId: 'your-credentials-id', 
                        usernameVariable: 'user', passwordVariable: 'pass')]) {
                        def jarUrl = 'https://example.com/path/to/your.jar'
                        sh "curl -u $user:$pass -O $jarUrl"
                    }
                }
            }
        }
        stage('Build & Deploy to Nexus') {
            steps {
                withMaven(globalMavenSettingsConfig: 'e7838703-298a-44a7-b080-a9ac14fa0a5e') {
                    sh 'mvn deploy'
                }
            }
        }
    }
}

Summary of Pipeline Stages 📝

Git Checkout 🖇️:
- Clones the project repository.
Code Compilation 🛠️:
- Compiles the code using Maven.
Unit Testing ✅:
- Runs tests to validate code functionality.
Security Scan: Trivy 🛡️:
- Scans the codebase for vulnerabilities.
Dependency Check 🔗:
- Identifies vulnerable dependencies in the project.
Code Quality Analysis: SonarQube 🔍:
- Analyzes the code for quality and maintainability issues.
Download JAR with Credentials📦:
- download the artifact from Nexus to Jenkins Workspace using artifact link address.
Build & Deploy to Nexus 📦:
- Builds the project and deploys the artifact to Nexus.

Verification Steps 🕵️

Verify Code Analysis in SonarQube 🧐:
- Visit http://<server_ip>:9000 and check the project dashboard for detailed code quality metrics.
Verify JAR File Uploaded in Nexus 📂:
- Log in to Nexus at http://<server_ip>:8081.
- Navigate to the repository (e.g., maven-releases) to confirm the artifact is uploaded.
Verify JAR File Uploaded in Jenkins Workspace📂:
1. Verify JAR File Downloaded in Local📂:

Nexus 3, combined with Jenkins and SonarQube, simplifies artifact management and code analysis, making your CI/CD pipelines more robust and efficient. Try it today and take your DevOps workflow to the next level! 🚀