Repository Results view
The repository results page is an audit of a proxy repository configured with Repository Firewall. This view lists all the components requested through the proxy and any violations found near the time the component was requested.
Repository Summary
The summary section contains metrics on the health and contents of the repository. Here you will find the total number of components, the number of violations that affect some of the components, and a spread of the severity of those violations. You will also see if any components have been quarantined and are blocked from downloading through the proxy.
Re-evaluate Repository
Components are evaluated when they are first requested through the proxy repository. This allows for components with unacceptable risk to be quarantined before they are downloaded through the proxy.
The Next-Gen Firewall capability Automatic Quarantine Release will automatically re-evaluate the components for 14 days after the first request to check for changes in any violations they may have. After which, components are not evaluated anymore to minimize load on the repository manager and IQ Server.
You may perform a re-evaluation of all the components within the repository by selecting the Re-evaluate Repository
option in the upper right of this page. Keep in mind that the time to complete re-evaluation depends on the number of components in the repository and may introduce load on the server for repositories that have a large number of components. We recommend limiting how often this audit is done to avoid strain on production services or delaying new requests through the proxy.
Repository components
This table lists all the components in the proxy repository and their associated violations found as of their last evaluation. By default, the view is aggregated by components while only displaying the highest policy violation for that component.
The aggregate by component
toggle can be switched off to view all violations.
View Component Details
Selecting an individual component from the list to view the component's details page.
Refer to Repository Component Details view
Releasing quarantined components
Components are released from quarantine by waiving the policy failing violations on the component.
These violations can be waived from the component details page. Once the failing violations have been waived, the component will be released from quarantine.
Filtering Repository Results
Use the following filters to refine the results:
Component Match State
All - no filter
Exact - Components identifiable by Sonatype
Unknown - Components unknown to Sonatype
Violations
all/none - no filter
Not Violating - components with no violations
Open - violations not waived or remediated
Quarantined - components that have been quarantined due to a failing violation
Waived - violations that have been waived
Viewing results in Nexus Repository
As developers request components from a proxy repository, Firewall audits them using the policies in the IQ Server. There are a couple of ways to navigate to this report.
The IQ Policy Violations are summarized in the Nexus Repository Pro and detailed in IQ Server.
In Nexus Repository Pro 3, the audit results are summarized in the IQ Policy Violations column of the Repositories view.
This view is located in the Repository sub-menu of the Administration menu.
The IQ Policy Violations column includes the following items:
A count of components by their highest policy violation level.
A count of quarantined components.
A link to Repository Results on IQ Server.
The IQ Policy Violations column alerts you if there are any errors in the audit and quarantine process. If there is an error a red exclamation mark will appear to the right of the Repository Results along with a description of the error. Additional information will be available in the Nexus Repository logs.
Without permissions to the Repository Results view, the IQ Policy Violations column displays either Audit Enabled
or Quarantine Enabled
.