InnerSource Repository Configuration
NEW IN RELEASE 135
Organizations that use Nexus Repository Manager 3 (NXRM3) as their InnerSource code repository can integrate IQ server with the repository to view version data of InnerSource components. This data will be available in the Version Explorer graph in the component details page which improves remediation of issues. Please refer to the InnerSource Insight documentation to learn more about InnerSource components and IQ server support for InnerSource.
InnerSource code repository
This is typically the repository that a developer (or CI server) would configure the local environment to access InnerSource component distributions. This can either be a hosted or a proxy repository and it can even be a mixed repository that hosts both open source and InnerSource components. The credentials used for connection configurations must have privileges to browse and locate components and their versions. Note: In the case of proxy repositories only the components downloaded to the repository will be considered.
Repository configuration levels
An InnerSource repository can be configured in IQ at different levels in the application and organization hierarchy. Child organizations and applications can be configured to inherit parent repository connection settings. Similarly, settings can also be disabled at any level and block child organizations and applications from overriding or configuring local connections.
By default InnerSource Repository configuration is disabled on the Root Organization which will be inherited by all organizations and applications, however, the default setting also permits overrides to this configuration so that other organizations and applications can configure their own settings.
Configuring InnerSource repository connections on Organizations and Applications
To configure an InnerSource repository connection for any application or organization:
- Click the Orgs and Policies icon in the IQ toolbar.
- Select the organization or application you wish to edit from the sidebar.
- Scroll down to the InnerSource Repositories section which should look similar to the below.
This section lists the effective InnerSource repository connections applicable to the selected application or organization. Depending on how it is setup, it should specify if the connections are inherited from a parent organization or local to itself or none if no applicable repository connections for this.
4. To change this configuration click the edit button to pull up the configuration shown below.
The options will vary slightly depending on whether you are editing the Root Organization, a child organization, or an application.
- For the Root Organization, you are able to select whether InnerSource Repository Configuration is enabled or disabled, and whether or not child organizations and applications are able to override this configuration.
- For child organizations, you are able to select whether or not InnerSource Repository Configuration is enabled, disabled, or inherited from the parent, as well as whether or not applications are able to override this setting.
- For applications, you are able to select whether or not InnerSource Repository Configuration is enabled, disabled or inherited from the parent.
If a parent organization has disabled overrides then the settings from that parent will be inherited and the user interface for editing the configuration will be disabled with a message indicating the reason.
Configuring a Repository connection
In order to add a new repository connection:
- Select the Enable and Override Repository Connections option and click Update in the InnerSource Repository Configuration page.
- Click on the Add a Repository button, which should now be enabled after Step 1.
- This will display the Add InnerSource Repository Configuration pop up shown below.
4. Enter the following parameters
Valid values in this drop-down are "maven", "npm" or "generic", which correspond to the InnerSource component format that the repository is hosting. Select "generic" if the repository is hosting multiple formats.
Note that if you create multiple repository connections with one for a specific format (for example maven) and another for generic format IQ server will use the specific format when resolving all versions for a component of that format (i.e., maven in this example.)
|Repository Base URL||The base URL to the NXRM3 repository. For example, http://repository-host:8081/|
Choose Allow Anonymous Access if the repository does not require API authentication when querying for InnerSource component data. Otherwise, select Enter Username and Password.
|Username||Enter the username or the user token code that has privileges to query InnerSource component data. (a.k.a, service account username for the repository.)|
|Password||Enter the password or the passcode of the user token. (a.k.a, service account password for the repository.)|
5. Click Test Configuration to verify a connection can be made to the NXRM3 server.
6. Click Create when finished.
Editing or Deleting an existing repository connection
For editing an existing repository connection or to delete one you can click the editor delete icons of the respective connection from the InnerSource Repository Configuration page. The edit pop up which is similar to the add configuration pop up above allows you to change the existing connection details and clicking the delete icon will remove the selected connection.
Make sure you have the right permissions to access/view the InnerSource configuration (View IQ Elements) and to edit repository connection details (Edit IQ Elements).