Nexus Integrations

Sonatype provides a wide range of integrations for Nexus Repository Manager and IQ Server, as well as tempates for various cloud deployments for both products. In general, integrations to Nexus IQ Server require a Lifecycle license, while integrations between Nexus IQ Server and Nexus Repository Manager require either a Lifecycle or Firewall license, and/or Nexus Repository Pro. 


Nexus Integrations Capability Matrix

The following provides a summary view of our current integration offerings with leading DevOps toolchain applications and technology stacks. 


For additional information regarding supported languages and package formats, see:  https://www.sonatype.com/languages-packages


Legend:  = Supported,  = Not Tested, = Not Available, = Community

CI/CD Systems


JenkinsAzure DevOpsBambooCircle CI

ServerCloudServerCloudServerData CenterCircle CI

Policy Evaluation

Perform a policy evaluation within build pipeline

Policy Summary

Get policy evaluation summary within build pipeline

Publish to Nexus Repository Manager

Ability to push build artifacts to Nexus Repository manager

Dashboard Widgets

View summary policy evaluation information in graphical form within build pipeline

Build Failure Report

View detailed policy evaluation results within build pipeline




Legend:  = Supported,  = Not Tested,  = Not Available

Source  Control Management (SCM)


GitHubGitLabBitbucket

CloudEnterprise CloudEnterpriseCloudServerData Center

Build Status

Automated Pull/Merge Requests  

Automatically create pull requests for policy violations on components with suggested remediation.

maven, gradle, npm, go

maven, gradle, npm, go

maven, gradle, npm, go

maven, gradle, npm, go

maven, gradle, npm, go

maven, gradle, npm, go

maven, gradle, npm, go

Pull/Merge Request Commenting 

Developer is notified of component issues upon commit to repository. Information is consolidated at Pull/Merge Request level.

Code Insights

Code Insights

Code Commenting

Detailed, line-level information is provided of component issues upon commit to repository. 

Line-level comments in PR Review

maven, gradle, npm, go

Line-level comments in PR Review

maven, gradle, npm, go

Line-level comments in PR Review

maven, gradle, npm, go

Line-level comments in PR Review

maven, gradle, npm, go

Code Insights

Line-level comments in PR Review

maven, gradle, npm, go

Code Insights

Line-level comments in PR Review

maven, gradle, npm, go

CI/CD Integration

Integration with SCM system's build capability

Actions

Pipelines

Pipelines

n/a

n/a

DepShield 

Free source scanning for public repositories




Legend:  = Supported,  = Not Tested,  = Not Available,  = Community

IDE Integration


EclipseIDEAVisual StudioVS Code

Component Intelligence - Lifecycle Intelligence

View component status within IDE using premium data from Nexus Lifecycle Intelligence

Component Intelligence - OSSIndex

View component status with IDE using data from OSSIndex

Build file formats

Java Classpath

(Maven, Gradle, ...)

Java Classpath

(Maven, Gradle, ...)

NuGet

npm, RubyGems, Go* , R, PyPi

*(Go supports dep and go mod buids, and only on linux)Int




Legend:  = Supported,  = Not Tested,  = Not Available,  = Community

Package / Build Tools


MavenGradle

Policy Evaluation

Perform a policy evaluation using standardized build tools




Legend:  = Supported,  = Not Tested,  = Not Available

Ticketing Systems


Jira

Jira CloudJira ServerJira Data Center
Atlassian Jira Notifications

Jira ticket automatically created upon policy violation

Nexus IQ for Jira 

Jira ticket automatically created upon policy violation,  advanced ability to group tickets via policy or component



--  Icons made by Alfredo Hernandez from Flaticon