Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-23185

Nexus Firewall does not queue asset deletion requests, and does not retry on failures

    Details

    • Notability:
      2

      Description

      A customer ran repository cleanup policies against several proxy repositories that had Nexus Firewall enabled in Nexus Repo 3.19.1. A slowly responding IQ Server caused the outbound connection pool to be exhausted, resulting a large number of asset deletions which were never processed by their IQ Server instance.

      2020-03-12 14:43:10,412-0400 WARN [event-7-thread-108326] *SYSTEM com.sonatype.nexus.clm.internal.RemovedAssetSender - Problem notifying IQ server of removed asset rubygems:gems/CFPropertyList-2.2.0.gem: Timeout waiting for connection from pool
      

      Every asset deleted sends an HTTP DELETE request to "/rest/integration/repositories/<repo-id>/components". These requests are not queued, and if they fail, there is no retry mechanism to resend the failing requests.

      Expected:

      1. There should be a mechanism in Nexus Repo to limit throttle the number of requests sent to IQ Server at one time, to prevent overloading it.
      2. If a request fails to be sent, there should be a retry mechanism to ensure it is sent later.

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            rseddon Rich Seddon
            CC:
            Erich Sanderford
            Last Updated By:
            Peter Lynch Peter Lynch
            Votes:
            0 Vote for this issue
            Watchers:
            9 Start watching this issue

              Dates

              Created:
              Updated:
              Date of First Response:

                tigCommentSecurity.panel-title