From: Jessica Wagantall Date: Mon, 1 Oct 2018 22:48:14 +0000 (-0700) Subject: Add user info for Nexus3 X-Git-Url: https://gerrit.linuxfoundation.org/infra/gitweb?a=commitdiff_plain;h=253fe6149c320b3f8609a40f12c6e43dc67407dd;p=releng%2Fdocs.git Add user info for Nexus3 Add information on how to create Nexus3 users and the privileges that are given to them. Issue: RELENG-1093 Change-Id: I61fe446b99b1be227ea21a44903941c70da9fd32 Signed-off-by: Jessica Wagantall --- diff --git a/docs/_static/nexus3-roles.png b/docs/_static/nexus3-roles.png new file mode 100644 index 0000000..5a91324 Binary files /dev/null and b/docs/_static/nexus3-roles.png differ diff --git a/docs/nexus3.rst b/docs/nexus3.rst index 0b0d3ea..acf66c8 100644 --- a/docs/nexus3.rst +++ b/docs/nexus3.rst @@ -108,3 +108,36 @@ sure to define the docker registries. For example: .. note:: More information in https://dmp.fabric8.io + +Users, Roles and Privileges +=========================== + +Users, roles and privileges are key to manage and restrict access into Nexus +repositories. Anonymous users have read permissions, while administration +teams and CI accounts have write and delete permissions. + +For LF projects, we have created roles to help with the administration of Docker +images, NPM/Pypi/Helm repositories and administrative tasks. + +.. image:: _static/nexus3-roles.png + :alt: Nexus 3 roles. + :align: center + +Nexus 3 does not require to define patterns for Repository Targets to allow a +specific directory structure name to exist. + +Like Nexus 2, we require to have one user entry per repo in Nexus 3. + +Provide the following parameters for every user: + +:ID: Should match the Gerrit repository name. For example "aai-aai-common" + +:First name: Same as ID + +:Last name: We use a generic last name for users, for example "Deployment" + +:Email: Repo name + "deploy@example.org". For example "aai-aai-common-deploy@onap.org" + +:Status: Active. Can be "Disabled" if the Gerrit repo is no longer in use + +:Roles: docker. This role will allow the user to administer Docker images