Merge remote-tracking branch 'upstream/main'

README.md

@@ -19,7 +19,7 @@
 
 Terraform provider to configure Sonatype Nexus using its API.
 
-Implemented and tested with Sonatype Nexus `3.64.0-03`.
+Implemented and tested with Sonatype Nexus `3.70.1-02`.
 
 ## Usage
 
@@ -37,6 +37,27 @@ provider "nexus" {
 }
 ```
 
+Optionally with mTLS if Nexus is deployed behind a reverse proxy:
+
+```hcl
+provider "nexus" {
+  insecure         = true
+  password         = "admin123"
+  url              = "https://127.0.0.1:8080"
+  username         = "admin"
+  client_cert_path = "/path/to/client.crt"
+  client_key_path  = "/path/to/client.key"
+  root_ca_path     = "/path/to/root_ca.crt"
+}
+```
+
+Note that the `root_ca_path` should contain ALL certificates required for 
+communication. It overrides the system CA store, rather than adding to it.
+
+You can point the `root_ca_path` to the system trust store if required, e.g.:
+
+`root_ca_path = "/etc/ssl/certs/ca-certificates.crt"`
+
 ## Development
 
 ### Build

docs/data-sources/blobstore_list.md

@@ -2,10 +2,10 @@
 page_title: "Data Source nexus_blobstore_list"
 subcategory: "Blobstore"
 description: |-
-  Use this data source to get a list with all blob stores.
+  Use this data source to get a list with all Blob Stores.
 ---
 # Data Source nexus_blobstore_list
-Use this data source to get a list with all blob stores.
+Use this data source to get a list with all Blob Stores.
 ## Example Usage
 ```terraform
 data "nexus_blobstore_list" "all" {}
@@ -16,7 +16,7 @@ data "nexus_blobstore_list" "all" {}
 ### Read-Only
 
 - `id` (String) Used to identify data source at nexus
-- `items` (List of Object) A List of all blob stores (see [below for nested schema](#nestedatt--items))
+- `items` (List of Object) A List of all Blob Stores (see [below for nested schema](#nestedatt--items))
 
 <a id="nestedatt--items"></a>
 ### Nested Schema for `items`

docs/data-sources/repository_bower_group.md

@@ -31,7 +31,7 @@ data "nexus_repository_bower_group" "group" {
 
 Read-Only:
 
-- `member_names` (Set of String)
+- `member_names` (List of String)
 
 
 <a id="nestedatt--storage"></a>

docs/data-sources/repository_docker_group.md

@@ -44,7 +44,7 @@ Read-Only:
 
 Read-Only:
 
-- `member_names` (Set of String)
+- `member_names` (List of String)
 - `writable_member` (String)
 
 

docs/data-sources/repository_docker_hosted.md

@@ -26,7 +26,7 @@ data "nexus_repository_docker_hosted" "example" {
 - `docker` (List of Object) docker contains the configuration of the docker repository (see [below for nested schema](#nestedatt--docker))
 - `id` (String) Used to identify data source at nexus
 - `online` (Boolean) Whether this repository accepts incoming requests
-- `storage` (List of Object) The storage configuration of the repository (see [below for nested schema](#nestedatt--storage))
+- `storage` (List of Object) The storage configuration of the repository docker hosted (see [below for nested schema](#nestedatt--storage))
 
 <a id="nestedatt--cleanup"></a>
 ### Nested Schema for `cleanup`
@@ -62,5 +62,6 @@ Read-Only:
 Read-Only:
 
 - `blob_store_name` (String)
+- `latest_policy` (Boolean)
 - `strict_content_type_validation` (Boolean)
 - `write_policy` (String)

docs/data-sources/repository_go_group.md

@@ -31,7 +31,7 @@ data "nexus_repository_go_group" "go_public" {
 
 Read-Only:
 
-- `member_names` (Set of String)
+- `member_names` (List of String)
 
 
 <a id="nestedatt--storage"></a>

docs/data-sources/repository_maven_group.md

@@ -31,7 +31,7 @@ data "nexus_repository_maven_group" "maven_public" {
 
 Read-Only:
 
-- `member_names` (Set of String)
+- `member_names` (List of String)
 
 
 <a id="nestedatt--storage"></a>

docs/data-sources/repository_npm_group.md

@@ -31,7 +31,7 @@ data "nexus_repository_npm_group" "group" {
 
 Read-Only:
 
-- `member_names` (Set of String)
+- `member_names` (List of String)
 - `writable_member` (String)
 
 

docs/data-sources/repository_npm_proxy.md

@@ -27,7 +27,7 @@ data "nexus_repository_npm_proxy" "npmjs" {
 - `negative_cache` (List of Object) Configuration of the negative cache handling (see [below for nested schema](#nestedatt--negative_cache))
 - `online` (Boolean) Whether this repository accepts incoming requests
 - `proxy` (List of Object) Configuration for the proxy repository (see [below for nested schema](#nestedatt--proxy))
-- `remove_non_cataloged` (Boolean) Remove non-catalogued versions from the npm package metadata.
+- `remove_non_cataloged` (Boolean, Deprecated) Remove non-catalogued versions from the npm package metadata.
 - `remove_quarantined` (Boolean) Remove quarantined versions from the npm package metadata.
 - `routing_rule` (String) The name of the routing rule assigned to this repository
 - `storage` (List of Object) The storage configuration of the repository (see [below for nested schema](#nestedatt--storage))

docs/data-sources/repository_nuget_group.md

@@ -31,7 +31,7 @@ data "nexus_repository_nuget_group" "group" {
 
 Read-Only:
 
-- `member_names` (Set of String)
+- `member_names` (List of String)
 
 
 <a id="nestedatt--storage"></a>

docs/data-sources/repository_pypi_group.md

@@ -31,7 +31,7 @@ data "nexus_repository_pypi_group" "group" {
 
 Read-Only:
 
-- `member_names` (Set of String)
+- `member_names` (List of String)
 - `writable_member` (String)
 
 

docs/data-sources/repository_r_group.md

@@ -31,7 +31,7 @@ data "nexus_repository_r_group" "group" {
 
 Read-Only:
 
-- `member_names` (Set of String)
+- `member_names` (List of String)
 - `writable_member` (String)
 
 

docs/data-sources/repository_raw_group.md

@@ -31,7 +31,7 @@ data "nexus_repository_raw_group" "raw_public" {
 
 Read-Only:
 
-- `member_names` (Set of String)
+- `member_names` (List of String)
 
 
 <a id="nestedatt--storage"></a>

docs/data-sources/repository_rubygems_group.md

@@ -31,7 +31,7 @@ data "nexus_repository_rubygems_group" "group" {
 
 Read-Only:
 
-- `member_names` (Set of String)
+- `member_names` (List of String)
 - `writable_member` (String)
 
 

docs/data-sources/repository_yum_group.md

@@ -32,7 +32,7 @@ data "nexus_repository_yum_group" "yum_group" {
 
 Read-Only:
 
-- `member_names` (Set of String)
+- `member_names` (List of String)
 
 
 <a id="nestedatt--storage"></a>

docs/data-sources/security_ssl.md

@@ -3,12 +3,24 @@ page_title: "Data Source nexus_security_ssl"
 subcategory: "Security"
 description: |-
   Use this data source to retrieve a SSL certificate from any Nexus-external hostvia Nexus.
-          This resource does NOT retrieve a certificate from the Nexus truststore
+  This resource does NOT retrieve a certificate from the Nexus truststore
 ---
 # Data Source nexus_security_ssl
 Use this data source to retrieve a SSL certificate from any Nexus-external hostvia Nexus.
 		This resource does NOT retrieve a certificate from the Nexus truststore
+## Example Usage
+```terraform
+# Retrieve Cert via Nexus
+data "nexus_security_ssl" "ldap_cert" {
+  host = "google.de"
+  port = 443
+}
 
+# Import Cert into Nexus
+resource "nexus_security_ssl_truststore" "ldap_cert" {
+  pem = data.nexus_security_ssl.ldap_cert.pem
+}
+```
 <!-- schema generated by tfplugindocs -->
 ## Schema
 

docs/data-sources/security_ssl_truststore.md

@@ -8,15 +8,13 @@ description: |-
 Use this data source to retrieve ALL certificates in the Nexus truststore.
 ## Example Usage
 ```terraform
-# Retrieve Cert via Nexus
-data "nexus_security_ssl" "ldap_cert" {
-  host = "google.de"
-  port = 443
+# Retrieve certificates from Nexus truststore
+data "nexus_security_ssl_truststore" "nexus_truststore" {
 }
 
-# Import Cert into Nexus
-resource "nexus_security_ssl_truststore" "ldap_cert" {
-  pem = data.nexus_security_ssl.ldap_cert.pem
+# Output Nexus truststore certificates
+output "truststore" {
+  value = data.nexus_security_ssl_truststore.nexus_truststore
 }
 ```
 <!-- schema generated by tfplugindocs -->

docs/data-sources/security_user_token.md

@@ -23,6 +23,8 @@ output "nexus_user_token_enabled" {
 
 ### Read-Only
 
-- `enabled` (Boolean) Activate the feature of user tokens.
+- `enabled` (Boolean) Activation of the user tokens feature.
+- `expiration_days` (Number) Number of days user tokens remain valid.
+- `expiration_enabled` (Boolean) Activation of the user tokens expiration feature.
 - `id` (String) Used to identify data source at nexus
 - `protect_content` (Boolean) Require user tokens for repository authentication. This does not effect UI access.

docs/index.md

@@ -8,7 +8,7 @@ description: |-
 
 The Nexus provider allows Terraform to read from, write to, and configure [Sonatype Nexus Repository Manager](https://www.sonatype.com/product-nexus-repository).
 
--> **Note** This provider hat been implemented and tested with Sonatype Nexus Repository Manager OSS `3.64.0-03`.
+-> **Note** This provider hat been implemented and tested with Sonatype Nexus Repository Manager OSS `3.70.1-02`.
 
 ## Usage
 

docs/resources/repository_apt_proxy.md

@@ -62,13 +62,13 @@ resource "nexus_repository_apt_proxy" "bionic_proxy" {
 - `flat` (Boolean) Distribution to fetch
 - `http_client` (Block List, Min: 1, Max: 1) HTTP Client configuration for proxy repositories (see [below for nested schema](#nestedblock--http_client))
 - `name` (String) A unique identifier for this repository
+- `negative_cache` (Block List, Min: 1, Max: 1) Configuration of the negative cache handling (see [below for nested schema](#nestedblock--negative_cache))
 - `proxy` (Block List, Min: 1, Max: 1) Configuration for the proxy repository (see [below for nested schema](#nestedblock--proxy))
 - `storage` (Block List, Min: 1, Max: 1) The storage configuration of the repository (see [below for nested schema](#nestedblock--storage))
 
 ### Optional
 
 - `cleanup` (Block List) Cleanup policies (see [below for nested schema](#nestedblock--cleanup))
-- `negative_cache` (Block List, Max: 1) Configuration of the negative cache handling (see [below for nested schema](#nestedblock--negative_cache))
 - `online` (Boolean) Whether this repository accepts incoming requests
 - `routing_rule` (String) The name of the routing rule assigned to this repository
 
@@ -118,6 +118,15 @@ Optional:
 
 
 
+<a id="nestedblock--negative_cache"></a>
+### Nested Schema for `negative_cache`
+
+Required:
+
+- `enabled` (Boolean) Whether to cache responses for content not present in the proxied repository
+- `ttl` (Number) How long to cache the fact that a file was not found in the repository (in minutes)
+
+
 <a id="nestedblock--proxy"></a>
 ### Nested Schema for `proxy`
 
@@ -149,15 +158,6 @@ Optional:
 Optional:
 
 - `policy_names` (Set of String) List of policy names
-
-
-<a id="nestedblock--negative_cache"></a>
-### Nested Schema for `negative_cache`
-
-Optional:
-
-- `enabled` (Boolean) Whether to cache responses for content not present in the proxied repository
-- `ttl` (Number) How long to cache the fact that a file was not found in the repository (in minutes)
 ## Import
 Import is supported using the following syntax:
 ```shell

docs/resources/repository_bower_group.md

@@ -86,7 +86,7 @@ resource "nexus_repository_bower_group" "group" {
 
 Required:
 
-- `member_names` (Set of String) Member repositories names
+- `member_names` (List of String) Member repositories names
 
 
 <a id="nestedblock--storage"></a>

docs/resources/repository_bower_proxy.md

@@ -43,14 +43,14 @@ resource "nexus_repository_bower_proxy" "bower_io" {
 
 - `http_client` (Block List, Min: 1, Max: 1) HTTP Client configuration for proxy repositories (see [below for nested schema](#nestedblock--http_client))
 - `name` (String) A unique identifier for this repository
+- `negative_cache` (Block List, Min: 1, Max: 1) Configuration of the negative cache handling (see [below for nested schema](#nestedblock--negative_cache))
 - `proxy` (Block List, Min: 1, Max: 1) Configuration for the proxy repository (see [below for nested schema](#nestedblock--proxy))
 - `rewrite_package_urls` (Boolean) Whether to force Bower to retrieve packages through this proxy repository
 - `storage` (Block List, Min: 1, Max: 1) The storage configuration of the repository (see [below for nested schema](#nestedblock--storage))
 
 ### Optional
 
 - `cleanup` (Block List) Cleanup policies (see [below for nested schema](#nestedblock--cleanup))
-- `negative_cache` (Block List, Max: 1) Configuration of the negative cache handling (see [below for nested schema](#nestedblock--negative_cache))
 - `online` (Boolean) Whether this repository accepts incoming requests
 - `routing_rule` (String) The name of the routing rule assigned to this repository
 
@@ -100,6 +100,15 @@ Optional:
 
 
 
+<a id="nestedblock--negative_cache"></a>
+### Nested Schema for `negative_cache`
+
+Required:
+
+- `enabled` (Boolean) Whether to cache responses for content not present in the proxied repository
+- `ttl` (Number) How long to cache the fact that a file was not found in the repository (in minutes)
+
+
 <a id="nestedblock--proxy"></a>
 ### Nested Schema for `proxy`
 
@@ -131,15 +140,6 @@ Optional:
 Optional:
 
 - `policy_names` (Set of String) List of policy names
-
-
-<a id="nestedblock--negative_cache"></a>
-### Nested Schema for `negative_cache`
-
-Optional:
-
-- `enabled` (Boolean) Whether to cache responses for content not present in the proxied repository
-- `ttl` (Number) How long to cache the fact that a file was not found in the repository (in minutes)
 ## Import
 Import is supported using the following syntax:
 ```shell

docs/resources/repository_cocoapods_proxy.md

@@ -41,13 +41,13 @@ resource "nexus_repository_cocoapods_proxy" "cocoapods_org" {
 
 - `http_client` (Block List, Min: 1, Max: 1) HTTP Client configuration for proxy repositories (see [below for nested schema](#nestedblock--http_client))
 - `name` (String) A unique identifier for this repository
+- `negative_cache` (Block List, Min: 1, Max: 1) Configuration of the negative cache handling (see [below for nested schema](#nestedblock--negative_cache))
 - `proxy` (Block List, Min: 1, Max: 1) Configuration for the proxy repository (see [below for nested schema](#nestedblock--proxy))
 - `storage` (Block List, Min: 1, Max: 1) The storage configuration of the repository (see [below for nested schema](#nestedblock--storage))
 
 ### Optional
 
 - `cleanup` (Block List) Cleanup policies (see [below for nested schema](#nestedblock--cleanup))
-- `negative_cache` (Block List, Max: 1) Configuration of the negative cache handling (see [below for nested schema](#nestedblock--negative_cache))
 - `online` (Boolean) Whether this repository accepts incoming requests
 - `routing_rule` (String) The name of the routing rule assigned to this repository
 
@@ -97,6 +97,15 @@ Optional:
 
 
 
+<a id="nestedblock--negative_cache"></a>
+### Nested Schema for `negative_cache`
+
+Required:
+
+- `enabled` (Boolean) Whether to cache responses for content not present in the proxied repository
+- `ttl` (Number) How long to cache the fact that a file was not found in the repository (in minutes)
+
+
 <a id="nestedblock--proxy"></a>
 ### Nested Schema for `proxy`
 
@@ -128,15 +137,6 @@ Optional:
 Optional:
 
 - `policy_names` (Set of String) List of policy names
-
-
-<a id="nestedblock--negative_cache"></a>
-### Nested Schema for `negative_cache`
-
-Optional:
-
-- `enabled` (Boolean) Whether to cache responses for content not present in the proxied repository
-- `ttl` (Number) How long to cache the fact that a file was not found in the repository (in minutes)
 ## Import
 Import is supported using the following syntax:
 ```shell