kikou2016 / docker-nexus3-github-auth Goto Github PK

This docker image is based on sonatype/docker-nexus3 with the nexus3-github-oauth-plugin enabled.

$ docker volume create --name nexus-data
$ docker run -d -p 8081:8081 --name nexus -v nexus-data:/nexus-data lokkju/nexus3-github-auth

Log in to your nexus and go to Administration > Security > Realms. Move the Github Realm to the right. The realm order in the form determines the order of the realms in your authentication flow. We recommend putting Github after the built-in realms:

When logged in through Github, all organizations and teams the user is a member of will be mapped into roles like so:

organization name/team name e.g. dummy-org/developers

You need to manually create these roles in Administration > Security > Roles > (+) Create Role > Nexus Role in order to assign them the desired priviliges. Note that anybody is allowed to login (authenticate) with a valid Github Token from your Github instance, but he/she won't have any priviledges assigned with their teams (authorization).

The following steps need to be done by every developer who wants to login to your nexus with Github.

In your github account under Settings > Personal access tokens generate a new OAuth token. The only scope you need is read:org

When logging in to nexus, use your github user name as the username and the oauth token you just generated as the password. This also works through maven, gradle etc.