Uploaded image for project: 'Dev - Nexus Repo'
  1. Dev - Nexus Repo
  2. NEXUS-35107

API: POST /service/rest/v1/repositories/docker/proxy accepts non existing cleanup policy

    Details

    • Type: Bug
    • Status: New
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 3.38.0, 3.41.0
    • Fix Version/s: None
    • Component/s: REST
    • Labels:
    • Notability:
      3

      Description

      ISSUE:

      RESTful API does not validate the cleanup policy, and it accepts the request.
      Later trying to modify this repository with PUT fails with 400.

      2022-09-06 02:42:09,148+0000 DEBUG [qtp524083805-98]  admin org.sonatype.nexus.cleanup.internal.storage.orient.OrientCleanupPolicyEntityAdapter - Finding cleanups with query: SELECT FROM cleanup WHERE (name = :name) LIMIT 1, parameters: {name=Non-Existing-CleanupPolicy}
      2022-09-06 02:42:09,149+0000 DEBUG [qtp524083805-98]  admin org.sonatype.nexus.repository.docker.api.DockerProxyRepositoriesApiResourceV1 - Failed to edit a repository via REST: "null"
      java.lang.IllegalStateException: null
              at com.google.common.base.Preconditions.checkState(Preconditions.java:494)
              at org.sonatype.nexus.orient.entity.EntityAdapter.editEntity(EntityAdapter.java:327)
              at org.sonatype.nexus.repository.config.internal.orient.OrientConfigurationStoreImpl.lambda$2(OrientConfigurationStoreImpl.java:92)
              at org.sonatype.nexus.orient.transaction.OrientOperations.lambda$2(OrientOperations.java:62)
              at org.sonatype.nexus.transaction.OperationPoint.lambda$0(OperationPoint.java:53)
              at org.sonatype.nexus.transaction.OperationPoint.proceed(OperationPoint.java:64)
              at org.sonatype.nexus.transaction.TransactionalWrapper.proceedWithTransaction(TransactionalWrapper.java:58)
              at org.sonatype.nexus.transaction.Operations.proceedWithTransaction(Operations.java:232)
              at org.sonatype.nexus.transaction.Operations.transactional(Operations.java:223)
              at org.sonatype.nexus.transaction.Operations.run(Operations.java:175)
              at org.sonatype.nexus.orient.transaction.OrientOperations.run(OrientOperations.java:62)
              at org.sonatype.nexus.repository.config.internal.orient.OrientConfigurationStoreImpl.update(OrientConfigurationStoreImpl.java:92)
      ...
      

      REPRODUCE STEPS:

      Try the following curl request:

      curl -v -uadmin:admin123 -X POST "http://localhost:8081/service/rest/v1/repositories/docker/proxy" -H 'accept: application/json' -H 'Content-Type: application/json' -d '{
        "name": "docker-proxy-test",
        "url": "http://localhost:8081/repository/docker-proxy",
        "online": true,
        "storage": {
          "blobStoreName": "default",
          "strictContentTypeValidation": true,
          "writePolicy": "ALLOW"
        },
        "cleanup": {
          "policyNames": [
            "Non-Existing-CleanupPolicy"
          ]
        },
        "docker": {
          "v1Enabled": true,
          "forceBasicAuth": true,
          "httpPort": null,
          "httpsPort": null,
          "subdomain": null
        },
        "dockerProxy": {
          "indexType": "HUB",
          "indexUrl": null
        },
        "proxy": {
          "remoteUrl": "https://registry-1.docker.io",
          "contentMaxAge": -1,
          "metadataMaxAge": 1440
        },
        "negativeCache": {
          "enabled": true,
          "timeToLive": 1440
        },
        "httpClient": {
          "blocked": false,
          "autoBlock": true,
          "connection": {
            "retries": null,
            "userAgentSuffix": null,
            "timeout": null,
            "enableCircularRedirects": false,
            "enableCookies": false,
            "useTrustStore": false
          },
          "authentication": {
            "type": "username",
            "username": "testuser",
      "password": "testpwd",
            "ntlmHost": "",
            "ntlmDomain": ""
          }
        },
        "routingRuleName": null,
        "format": "docker",
        "type": "proxy"
      }'

      EXPECTATION:

      Repository creation API (regardless of repository format) should validate the cleanup policy names.

      Acceptance Criteria:

             Return 400 when clean up policy is not found stating that the clean up policy isn't found

        Attachments

          Activity

            People

            Assignee:
            Unassigned Unassigned
            Reporter:
            hosako Hajime Osako
            Last Updated By:
            Michael Martz Michael Martz
            Team:
            NXRM - Neo
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Dates

              Created:
              Updated:

                tigCommentSecurity.panel-title