UNCLASSIFIED - NO CUI

Skip to content

Update Ironbank to v3.81.1-01

Ghost Userrequested to merge
renovate/ironbank into main

This MR contains the following updates:

Package Update Change
ironbank/sonatype/nexus/nexus (source) minor 3.79.0-09 -> 3.81.1-01
registry1.dso.mil/ironbank/sonatype/nexus/nexus (source) minor 3.79.0-09 -> 3.81.1-01

Complete MR checklist

Assignee

  • Followed upgrade instructions outlined in docs/DEVELOPMENT_MAINTENANCE.md
  • Update Docs with new/updated steps as needed
  • Tested and Validated Changes made with supporting info like logs or screenshots from test pipelines

Add supporting info below

image image image image

Reviewer only

  • Tested and Validated changes

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻️ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about these updates again.

  • If you want to rebase/retry this MR, check this box

This MR was automatically generated by Renovate Bot.

Upgrade Notices

🚨 UPGRADE NOTICE: Nexus Repository Manager 3.81.1-01

⚠️ Breaking Change Alert

CRITICAL: Nexus Repository Manager version 3.81.1-01 contains a breaking change that affects data persistence and will cause authentication failures after pod restarts.

🔄 What Changed

Sonatype modified the internal directory structure where /opt/sonatype/sonatype-work/nexus3 changed from a symlink to the persistent volume to a real directory in ephemeral storage.
This causes the admin password file and other working data to be stored in ephemeral storage instead of the persistent volume.

Required Fix

Note: The -Dkaraf.data=/nexus-data JVM parameter is already included in the package's default values, but when upgrading to 3.81.1-01, you MUST append this parameter to your override values to ensure it takes effect.

Add the following complete JVM parameter string to your values override file:

nexus:
  env:
    - name: INSTALL4J_ADD_VM_PARAMS
      value: "-Dcom.redhat.fips=false -Xms2703M -Xmx2703M -XX:MaxDirectMemorySize=2703M -XX:+UnlockExperimentalVMOptions -XX:+UseContainerSupport -Djava.util.prefs.userRoot=/nexus-data/javaprefs -Dkaraf.data=/nexus-data"

💥 Impact Without Fix

  • accept-eula jobs will fail with 401 Unauthorized errors
  • Admin password will be regenerated on every pod restart
  • Authentication will fail after any pod restart or scaling event
  • Data persistence will be broken

This configuration ensures all Nexus working data remains in the persistent volume as expected, with the critical -Dkaraf.data=/nexus-data parameter included in your override values.

Edited by Matt Vasquez

Merge request reports

UNCLASSIFIED - NO CUI