On Wed, Apr 6, 2011 at 2:32 PM, Shawn Castrianni <[email protected]> wrote: > I see a lot of Maven stuff with Nexus, but no mention of IVY. Artifactory > does mention IVY. Does Nexus have any support for IVY directly?
Not directly, no. But it works with Ivy as any other m2 repo. Matt > > --- > Shawn Castrianni > > -----Original Message----- > From: Matt Benson [mailto:[email protected]] > Sent: Wednesday, April 06, 2011 2:03 PM > To: [email protected] > Subject: Re: IVY design opinion > > On Wed, Apr 6, 2011 at 1:53 PM, Shawn Castrianni > <[email protected]> wrote: >> Kirby and Archie have similar suggestions to using an http resolver with >> authentication. I will look into that. >> >> What does everyone think about Artifactory? It seems like it might also >> solve the problem but also bring other cool features too? > > I've not used Artifactory, but you should be able to get at least logging > info out of Sonatype Nexus OSS, possible more, or look into their > Professional product. > > $0.02 > > Matt > >> >> --- >> Shawn Castrianni >> >> >> -----Original Message----- >> From: Kirby Files [mailto:[email protected]] >> Sent: Wednesday, April 06, 2011 1:44 PM >> To: [email protected] >> Cc: Shawn Castrianni >> Subject: Re: IVY design opinion >> >> Do you have an objection to using an http resolver or ftp resolver? >> Both of these could be used with authentication, supplying ant user.name in >> a property. Not sure if you require actual secure authentication, or just >> username. >> >> Either of these resolvers could also share the same filesystem with your >> private filesystem resolver, which could be restricted to be used only on >> build systems. Both the web server and ftp server would give you a good >> audit trail. You can use either a URL resolver or VFS resolver to access >> HTTP and FTP. >> >> Thanks, >> --- >> Kirby Files >> Software Engineer >> Masergy Communications >> [email protected] >> >> Shawn Castrianni wrote on 04/06/2011 02:07 PM: >>> I have been using IVY for 3 years now and love it. I use the filesystem >>> resolver to get dependencies that I publish from my own builds and the svn >>> resolver to get thirdparty dependencies that I have downloaded from the >>> internet and manually checked in. My company wants to be very strict on >>> thirdparty dependencies so that is why we get them from a controlled SVN >>> repository and not straight from the Internet using ibiblio or whatever. >>> >>> Anyway, I was recently given a new requirement. I must track and trace all >>> dependency downloads within the company so that I can produce an audit log >>> when asked any time in the future. This audit log would contain the >>> date/time and artifacts downloaded by a given user. >>> >>> I have been thinking on how to implement this and here are my thoughts: >>> >>> 1. Turn off read access on the filer server where the filesystem >>> resolver is getting dependencies from so no one can bypass the auditing and >>> grab artifacts directly. Setup a special user with read credentials to the >>> file server that only the ANT/IVY scripts know about. Add custom ANT code >>> to my master build script so that it captures the ivy resolve/retrieve log >>> and sends it to some audit log storage server anytime a user runs the >>> dependency command. >>> >>> 2. Move all of my published artifacts currently on the file server to >>> SVN (similar to the thirdparty SVN repo described above). Change my >>> filesystem resolver to an SVN resolver. Then any user running the >>> dependency command will be pulling artifacts from SVN. I can then just use >>> the SVN server logs as an audit trail. However, I worry about using SVN >>> for hundreds of Gigabytes of data as an IVY dependency artifact repository. >>> We produce about 4GB of data per day. Imagine how big the SVN repo would >>> get after a year. With the current file server approach, we remove >>> dependency artifacts older than a week to avoid this data accumulation >>> problem. >>> >>> 3. Make my own custom IVY resolver that has audit trail support that >>> can still use a filesystem. This is essentially the same as option #1 but >>> the auditing is done in Java code as part of the custom IVY resolver >>> instead of ANT code in the master build script. >>> >>> >>> Anybody out there have any opinions or suggestions? >>> >>> --- >>> Shawn Castrianni >>> >>> --------------------------------------------------------------------- >>> - This e-mail, including any attached files, may contain confidential >>> and privileged information for the sole use of the intended recipient. Any >>> review, use, distribution, or disclosure by others is strictly prohibited. >>> If you are not the intended recipient (or authorized to receive information >>> for the intended recipient), please contact the sender by reply e-mail and >>> delete all copies of this message. >> >> >
