Add Sonatype Nexus repository integration module (#262)

# Add Sonatype Nexus Repository Integration Module

## Summary
Implements a Coder module for Sonatype Nexus Repository Manager
integration that automatically configures Maven, npm, PyPI, and Docker
registries for development workspaces.

## Demo Video & Screenshots

https://github.com/user-attachments/assets/2c51f229-d34d-483b-a0e9-f4e0d79332c2

![Nexus Repository
Integration](https://github.com/user-attachments/assets/1a778a8f-0e48-40f2-ae0f-5b8d5d5ce849)

## Features
- ✅ **Maven Support**: Automatic `settings.xml` configuration
- ✅ **npm Support**: Automatic `.npmrc` configuration with scoped
packages
- ✅ **PyPI Support**: Automatic `pip.conf` configuration
- ✅ **Docker Support**: Registry authentication setup
- ✅ **Flexible Configuration**: Support for multiple repositories per
package manager
- ✅ **Secure Credentials**: API token and password support
- ✅ **Username Options**: Configurable username field (username or
email)

## Nexus Repository Manager Requirements

### Version Requirements
**Yes, this module requires Nexus Repository Manager Pro version** for
full functionality, though basic features work with the Community
Edition (OSS).

### Supported Authentication Methods
This module supports **4 authentication methods**:

1. **User Token Authentication** (Recommended - Pro only)
   - Enhanced security with two-part tokens
   - Ideal for CI/CD and automated environments
   - Requires `nx-usertoken-current` privilege

2. **API Token Authentication** (Pro only)
   - Single-use access tokens via REST API
   - Programmatic token generation and management

3. **Basic Authentication** (OSS & Pro)
   - Standard HTTP Basic Auth with username/password
   - Works with both OSS and Pro versions

4. **Base64 Encoded Credentials** (OSS & Pro)  
   - Base64 encoded `username:password` format
   - Compatible with npm and other package managers

### Testing Instructions

#### Prerequisites
- Nexus Repository Manager instance (OSS or Pro)
- Admin access to configure repositories
- Test repositories for each package manager you want to test

#### Setup Test Environment
1. **Create Test Repositories** in your Nexus instance:
   - Maven: `maven-public`, `maven-releases` 
   - npm: `npm-public`, `@company:npm-private`
   - PyPI: `pypi-public`, `pypi-private`
   - Docker: `docker-public`, `docker-private`

2. **Configure Authentication**:
   - For Pro: Generate user tokens via UI (User menu → User Token)
   - For OSS: Use username/password or base64 encoded credentials
   - Set up appropriate permissions for test repositories

3. **Test the Module**:
   ```hcl
   module "nexus" {
     source         = "registry.coder.com/mavrickrishi/nexus/coder"
     version        = "1.0.0"
     agent_id       = coder_agent.main.id
     nexus_url      = "https://your-nexus-instance.com"
     nexus_password = var.nexus_api_token  # or password
     package_managers = {
       maven  = ["maven-public", "maven-releases"]
       npm    = ["npm-public", "@Company:npm-private"]
       pypi   = ["pypi-public", "pypi-private"]
       docker = ["docker-public", "docker-private"]
     }
   }
   ```

4. **Verify Configuration**:
   - Check generated config files in workspace
   - Test package installation from configured repositories
   - Verify authentication works for each package manager

#### EC2 Deployment Testing
Tested by deploying on EC2 instance with:
- Ubuntu 22.04 LTS
- Nexus Repository Manager Pro
- All package managers (Maven, npm, PyPI, Docker)
- Both token and basic authentication methods

## Usage Example
```hcl
module "nexus" {
  source         = "registry.coder.com/mavrickrishi/nexus/coder"
  version        = "1.0.0"
  agent_id       = coder_agent.main.id
  nexus_url      = "https://nexus.company.com"
  nexus_password = var.nexus_api_token
  package_managers = {
    maven  = ["maven-public", "maven-releases"]
    npm    = ["npm-public", "@Company:npm-private"]
    pypi   = ["pypi-public", "pypi-private"]
    docker = ["docker-public", "docker-private"]
  }
}
```

## Testing
- ✅ 11 comprehensive tests covering all functionality
- ✅ Variable validation tests
- ✅ Package manager configuration tests
- ✅ Error handling tests
- ✅ All tests passing
- ✅ EC2 deployment tested

## Files Added
- `registry/mavrickrishi/modules/nexus/main.tf` - Main module
configuration
- `registry/mavrickrishi/modules/nexus/README.md` - Complete
documentation
- `registry/mavrickrishi/modules/nexus/main.test.ts` - Test suite

## Checklist
- [x] Module follows existing patterns and conventions
- [x] Comprehensive test coverage (11 tests)
- [x] Complete documentation with examples
- [x] Input validation and error handling
- [x] Secure credential handling
- [x] All tests passing
- [x] Demo video included
- [x] Screenshots added
- [x] Testing instructions provided
- [x] Authentication methods documented
- [x] EC2 deployment tested

Closes #202
/claim #202

---------

Co-authored-by: Copilot <[email protected]>
Co-authored-by: Atif Ali <[email protected]>
Co-authored-by: DevCats <[email protected]>
Co-authored-by: DevCats <[email protected]>

Author: 4 people

.icons/nexus-repository.svg

@@ -19,4 +19,5 @@ participating in LFX CNCF programs, and helping the developer community grow.
 ## Modules
 
 - **aws-ami-snapshot**: Create and manage AMI snapshots for Coder workspaces with restore capabilities
+- [nexus-repository](./modules/nexus-repository/) - Configure package managers to use Sonatype Nexus Repository
 - [auto-start-dev-server](modules/auto-start-dev-server/README.md) - Automatically detect and start development servers for various project types

registry/mavrickrishi/README.md

@@ -0,0 +1,149 @@
+---
+display_name: Nexus Repository
+description: Configure package managers to use Sonatype Nexus Repository for Maven, npm, PyPI, and Docker registries.
+icon: ../../../../.icons/nexus-repository.svg
+verified: true
+tags: [integration, nexus-repository, maven, npm, pypi, docker]
+---
+
+# Sonatype Nexus Repository
+
+Configure package managers (Maven, npm, Go, PyPI, Docker) to use [Sonatype Nexus Repository](https://help.sonatype.com/en/sonatype-nexus-repository.html) with API token authentication. This module provides secure credential handling, multiple repository support per package manager, and flexible username configuration.
+
+```tf
+module "nexus_repository" {
+  source         = "registry.coder.com/mavrickrishi/nexus-repository/coder"
+  version        = "1.0.0"
+  agent_id       = coder_agent.example.id
+  nexus_url      = "https://nexus.example.com"
+  nexus_password = var.nexus_api_token
+  package_managers = {
+    maven  = ["maven-public", "maven-releases"]
+    npm    = ["npm-public", "@scoped:npm-private"]
+    go     = ["go-public", "go-private"]
+    pypi   = ["pypi-public", "pypi-private"]
+    docker = ["docker-public", "docker-private"]
+  }
+}
+```
+
+## Requirements
+
+- Nexus Repository Manager 3.x
+- Valid API token or user credentials
+- Package managers installed on the workspace (Maven, npm, Go, pip, Docker as needed)
+
+> [!NOTE]
+> This module configures package managers but does not install them. You need to handle the installation of Maven, npm, Go, Python pip, and Docker yourself.
+
+## Examples
+
+### Configure Maven to use Nexus repositories
+
+```tf
+module "nexus_repository" {
+  source         = "registry.coder.com/mavrickrishi/nexus-repository/coder"
+  version        = "1.0.0"
+  agent_id       = coder_agent.example.id
+  nexus_url      = "https://nexus.example.com"
+  nexus_password = var.nexus_api_token
+  package_managers = {
+    maven = ["maven-public", "maven-releases", "maven-snapshots"]
+  }
+}
+```
+
+### Configure npm with scoped packages
+
+```tf
+module "nexus_repository" {
+  source         = "registry.coder.com/mavrickrishi/nexus-repository/coder"
+  version        = "1.0.0"
+  agent_id       = coder_agent.example.id
+  nexus_url      = "https://nexus.example.com"
+  nexus_password = var.nexus_api_token
+  package_managers = {
+    npm = ["npm-public", "@mycompany:npm-private"]
+  }
+}
+```
+
+### Configure Go module proxy
+
+```tf
+module "nexus_repository" {
+  source         = "registry.coder.com/mavrickrishi/nexus-repository/coder"
+  version        = "1.0.0"
+  agent_id       = coder_agent.example.id
+  nexus_url      = "https://nexus.example.com"
+  nexus_password = var.nexus_api_token
+  package_managers = {
+    go = ["go-public", "go-private"]
+  }
+}
+```
+
+### Configure Python PyPI repositories
+
+```tf
+module "nexus_repository" {
+  source         = "registry.coder.com/mavrickrishi/nexus-repository/coder"
+  version        = "1.0.0"
+  agent_id       = coder_agent.example.id
+  nexus_url      = "https://nexus.example.com"
+  nexus_password = var.nexus_api_token
+  package_managers = {
+    pypi = ["pypi-public", "pypi-private"]
+  }
+}
+```
+
+### Configure Docker registries
+
+```tf
+module "nexus_repository" {
+  source         = "registry.coder.com/mavrickrishi/nexus-repository/coder"
+  version        = "1.0.0"
+  agent_id       = coder_agent.example.id
+  nexus_url      = "https://nexus.example.com"
+  nexus_password = var.nexus_api_token
+  package_managers = {
+    docker = ["docker-public", "docker-private"]
+  }
+}
+```
+
+### Use custom username
+
+```tf
+module "nexus_repository" {
+  source         = "registry.coder.com/mavrickrishi/nexus-repository/coder"
+  version        = "1.0.0"
+  agent_id       = coder_agent.example.id
+  nexus_url      = "https://nexus.example.com"
+  nexus_username = "custom-user"
+  nexus_password = var.nexus_api_token
+  package_managers = {
+    maven = ["maven-public"]
+  }
+}
+```
+
+### Complete configuration for all package managers
+
+```tf
+module "nexus_repository" {
+  source         = "registry.coder.com/mavrickrishi/nexus-repository/coder"
+  version        = "1.0.0"
+  agent_id       = coder_agent.example.id
+  nexus_url      = "https://nexus.example.com"
+  nexus_password = var.nexus_api_token
+  package_managers = {
+    maven  = ["maven-public", "maven-releases"]
+    npm    = ["npm-public", "@company:npm-private"]
+    go     = ["go-public", "go-private"]
+    pypi   = ["pypi-public", "pypi-private"]
+    docker = ["docker-public", "docker-private"]
+  }
+}
+```

registry/mavrickrishi/modules/nexus-repository/README.md

@@ -0,0 +1,147 @@
+import { describe, expect, it } from "bun:test";
+import {
+  executeScriptInContainer,
+  runTerraformApply,
+  runTerraformInit,
+  testRequiredVariables,
+} from "~test";
+
+describe("nexus-repository", async () => {
+  await runTerraformInit(import.meta.dir);
+
+  testRequiredVariables(import.meta.dir, {
+    agent_id: "test-agent",
+    nexus_url: "https://nexus.example.com",
+    nexus_password: "test-password",
+  });
+
+  it("configures Maven settings", async () => {
+    const state = await runTerraformApply(import.meta.dir, {
+      agent_id: "test-agent",
+      nexus_url: "https://nexus.example.com",
+      nexus_password: "test-token",
+      package_managers: JSON.stringify({
+        maven: ["maven-public"],
+      }),
+    });
+
+    const output = await executeScriptInContainer(state, "ubuntu:20.04");
+    expect(output.stdout.join("\n")).toContain("☕ Configuring Maven...");
+    expect(output.stdout.join("\n")).toContain("🥳 Configuration complete!");
+  });
+
+  it("configures npm registry", async () => {
+    const state = await runTerraformApply(import.meta.dir, {
+      agent_id: "test-agent",
+      nexus_url: "https://nexus.example.com",
+      nexus_password: "test-token",
+      package_managers: JSON.stringify({
+        npm: ["npm-public"],
+      }),
+    });
+
+    const output = await executeScriptInContainer(state, "ubuntu:20.04");
+    expect(output.stdout.join("\n")).toContain("📦 Configuring npm...");
+    expect(output.stdout.join("\n")).toContain("🥳 Configuration complete!");
+  });
+
+  it("configures PyPI repository", async () => {
+    const state = await runTerraformApply(import.meta.dir, {
+      agent_id: "test-agent",
+      nexus_url: "https://nexus.example.com",
+      nexus_password: "test-token",
+      package_managers: JSON.stringify({
+        pypi: ["pypi-public"],
+      }),
+    });
+
+    const output = await executeScriptInContainer(state, "ubuntu:20.04");
+    expect(output.stdout.join("\n")).toContain("🐍 Configuring pip...");
+    expect(output.stdout.join("\n")).toContain("🥳 Configuration complete!");
+  });
+
+  it("configures multiple package managers", async () => {
+    const state = await runTerraformApply(import.meta.dir, {
+      agent_id: "test-agent",
+      nexus_url: "https://nexus.example.com",
+      nexus_password: "test-token",
+      package_managers: JSON.stringify({
+        maven: ["maven-public"],
+        npm: ["npm-public"],
+        pypi: ["pypi-public"],
+      }),
+    });
+
+    const output = await executeScriptInContainer(state, "ubuntu:20.04");
+    expect(output.stdout.join("\n")).toContain("☕ Configuring Maven...");
+    expect(output.stdout.join("\n")).toContain("📦 Configuring npm...");
+    expect(output.stdout.join("\n")).toContain("🐍 Configuring pip...");
+    expect(output.stdout.join("\n")).toContain(
+      "✅ Nexus repository configuration completed!",
+    );
+  });
+
+  it("handles empty package managers", async () => {
+    const state = await runTerraformApply(import.meta.dir, {
+      agent_id: "test-agent",
+      nexus_url: "https://nexus.example.com",
+      nexus_password: "test-token",
+      package_managers: JSON.stringify({}),
+    });
+
+    const output = await executeScriptInContainer(state, "ubuntu:20.04");
+    expect(output.stdout.join("\n")).toContain(
+      "🤔 no maven repository is set, skipping maven configuration.",
+    );
+    expect(output.stdout.join("\n")).toContain(
+      "🤔 no npm repository is set, skipping npm configuration.",
+    );
+    expect(output.stdout.join("\n")).toContain(
+      "🤔 no pypi repository is set, skipping pypi configuration.",
+    );
+    expect(output.stdout.join("\n")).toContain(
+      "🤔 no docker repository is set, skipping docker configuration.",
+    );
+  });
+
+  it("configures Go module proxy", async () => {
+    const state = await runTerraformApply(import.meta.dir, {
+      agent_id: "test-agent",
+      nexus_url: "https://nexus.example.com",
+      nexus_password: "test-token",
+      package_managers: JSON.stringify({
+        go: ["go-public", "go-private"],
+      }),
+    });
+
+    const output = await executeScriptInContainer(state, "ubuntu:20.04");
+    expect(output.stdout.join("\n")).toContain("🐹 Configuring Go...");
+    expect(output.stdout.join("\n")).toContain(
+      "Go proxy configured via GOPROXY environment variable",
+    );
+    expect(output.stdout.join("\n")).toContain("🥳 Configuration complete!");
+  });
+
+  it("validates nexus_url format", async () => {
+    await expect(
+      runTerraformApply(import.meta.dir, {
+        agent_id: "test-agent",
+        nexus_url: "invalid-url",
+        nexus_password: "test-token",
+        package_managers: JSON.stringify({}),
+      }),
+    ).rejects.toThrow();
+  });
+
+  it("validates username_field values", async () => {
+    await expect(
+      runTerraformApply(import.meta.dir, {
+        agent_id: "test-agent",
+        nexus_url: "https://nexus.example.com",
+        nexus_password: "test-token",
+        username_field: "invalid",
+        package_managers: JSON.stringify({}),
+      }),
+    ).rejects.toThrow();
+  });
+});