Hello,
I need to ensure that I have always access to packages@version that are used in product releases. As far as I can see I have two options:
proxy the public repo
pros: simple to setup, updates automatically as soon as fetching some public package
cons: accumulation of packages that have not really been used, maybe only in test and studies, impossible to clean them up separately from the ones that I need to preserve (for eternity)
duplicate public packges in private repo
pros: be sure to only have the packges that are really used in production releases
cons: a tedious job to do keep up to date (at least manually), possible duplicate packages in private and proxy repo
How others are handling this? Are there some best practices?
The simplest thing to do is use a proxy repository, along with a cleanup policy to remove versions that have not been downloaded through Nexus Repo in a long time:
That’s the simplest thing, but that’s exactly what I do not want. Packages that have been used in production release must stay there forever. (I’m working in industrial environmenst where software versions are in use 10 to 20 years). And the problem is separating these from packages that have been used only for tests or case studies.