Skip to main content

Rust / Cargo

Note

Only available in Sonatype Nexus Repository Pro. Interested in a free trial? Start here.

Rust is known for its memory safety, concurrency, and performance. Cargo, Rust's build tool and package manager, automates dependency management, building, and testing.

Cargo uses a Cargo.toml manifest file where developers declare their project's dependencies. It then automatically fetches and builds these dependencies from the crates.io registry or other sources, ensuring consistent builds. It also automates the compilation and linking process, including handling builds for different target platforms and configurations.

Supported Features and Limitations

This section covers supported features and limitations for Rust Cargo in Nexus Repository.

  • Incompatible with Community Plugin - Nexus Repository's native support for Rust Cargo is not compatible with the existing community plugin. You will not be able to migrate data from the plugin.

  • Repository Types - Hosted, proxy, and group

  • Component Upload via Cargo Publish Only - Sonatype Nexus Repository does not currently support uploading components via UI or API; you can use the cargo publish command to publish components to a hosted repository.

  • Cargo Protocol - Nexus Repository only supports Cargo's Sparse protocol; it does not support the older Git protocol

  • Cargo Versions - 1.68+

  • Repository Management - cleanup policies, tasks, import, export, and search

    • Nexus Repository does not currently support the Cargo client native search capability

    • Nexus Repository does support yank and unyank endpoints; however, use yank with caution as it can break builds for users who haven't locked their dependencies

  • Security - SSL configuration (HTTP/HTTPS settings) for secure data transfer and repository access; authentication via anonymous access, user tokens, and cargo tokens

    • The Cargo Bearer Token Realm is required to use cargo tokens

  • REST APIs - Compatible with the repositories, search, component, asset, and tags REST APIs

  • Pro Features - Staging, tagging, content replication, Firewall integration

  • Support Features - Auditing and logging

Authenticating with Cargo Authentication Token

Cargo tokens are configured in the Cargo config file (~/.cargo/config.toml). Each token is associated with a specific repository and only authenticates access to that particular repository. Tokens are primarily used during the crate publishing process.

Take the following steps to use a Cargo authentication token for an existing Cargo hosted repository:

  1. Navigate to AdministrationSecurityRealms in the Nexus Repository user interface.

  2. Activate the Cargo Bearer Token Realm by selecting the plus sign beside this option in the Available realms list.

  3. Obtain the API token by http://<host:port>/repository/<your-registry-name>/me

  4. Obtain the API token by navigating to the repository's url with /me appended (e.g., http://<host:port>/repository/<your-registry-name>/me. Or, use a cargo login command like the one below to obtain the URL:

    cargo login --registry=<your-registry-name>

    1. cargo login - Initiates the Cargo login process.

    2. --registry=<your-registry-name> - Specifies the name of the registry you want to log in to (replace <your-registry-name> with the actual registry name).

  5. Copy the provided API token; it will display in the following format: CargoToken.XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX

  6. Log in using the provided token by adding Bearer in front of your copied token and using it as prompted in a terminal with the cargo login command similar to the one below:

    cargo login --registry <your-registry-name>
Bearer CargoToken.XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX

    Tip

    Be sure to add Bearer before your CargoToken.