Please read the warning at the end of this email ________________________________________________
Hi, The company I work for are currently performing maven builds using a file-based repository on a shared drive. We would like the libraries to be under some form of configuration management, and are evaluating Nexus, Affinity, and Archiva - selected simply because they are mentioned on the Maven site. The requirements that we have are: Not Automatically Fetching Libraries ------------------------------------ We would like to be able to set up a repository that does not automatically download a new library just because a developer specifies it in a .pom file. We would like an administrator to have to add the file to the repository deliberately. The initial archive would ideally be populated first from our file-based repository, alternatively a build could force an initial fetch then the archive configured not to fetch automatically. The reason that we want this is so that if a third party changes a library without changing the version number we won't pick up the new version unknowingly. Also we want to ensure that only known libraries and versions are in a build. Auditing of changes to repository --------------------------------- With information about who does what when. Ideally it would be nice to enable the administrator to add a comment, so they could say why and for which project. "Normal" archiving of plug-ins ------------------------------ The archive should ideally act as a cache for plug-ins, downloading from the internet when required. Security model for Administrators --------------------------------- Basically only administrators should be able to add or remove libraries or versions from the repository. I am looking at Archiva to see how it can achieve the above, Any pointers on what can/can't be done and how it can be achieved would be welcome. (Currently I have had a response from Nexus, who say the "pro" version is needed to meet requirement one, and that requirement two is not available directly but could probably be rigged by having some third-party application query the RSS feed.) Thanks, Chris ________________________________________________ This email and any attachments are confidential and may contain privileged information. If you are not the person for whom they are intended please return the email and then delete all material from any computer. You must not use the email or attachments for any purpose, nor disclose its contents to anyone other than the intended recipient. Any statements made by an individual in this email do not necessarily reflect the views of the Yorkshire Building Society Group. ________________________________________________ Yorkshire Building Society, which is authorised and regulated by the Financial Services Authority, chooses to introduce its customers to: -Legal & General for the purposes of advising on and arranging life assurance and investment products bearing Legal & General's name; and -Homeowners Friendly Society for the purpose of arranging stakeholder Child Trust Funds. We are entered in the FSA Register and our FSA registration number is 106085 http://www.fsa.gov.uk/register Head Office: Yorkshire Building Society, Yorkshire House, Yorkshire Drive, Bradford, BD5 8LJ Tel: 0845 1 200 100 Visit Our Website http://www.ybs.co.uk All communications with us may be monitored/recorded to improve the quality of our service and for your protection and security. ________________________________________________________________________ This e-mail has been scanned for all viruses by Star. The service is powered by MessageLabs. For more information on a proactive anti-virus service working around the clock, around the globe, visit: http://www.star.net.uk ________________________________________________________________________
