Curious. How come I cannot select multiple routing rules for a repository? Currently, I can only select one, so I have to basically create 1 routing rule for each repo which would have to be all “block” or all “allow” mode. This seems pretty inflexible.
Yes, great question, James. There’s no fundamental reason that I can recall, and I can see that it would make managing complex rules easier in some situations. Just a matter of there only being so many hours in a month, and we’re working on some great items in other areas.
I assume you’ve seen that you can add multiple matchers within a single rule.
What’s your use case, can you share any details? Are you just poking at the feature to see how it might work for you, or do you have some monster routing rule groaning at the seams?
Not a super complex use case really, just that we have a pre-existing distinct routing rule assigned to a repo and now we need another one. The workaround, as you point out, is to use multiple matchers, but then I lose granularity as the matcher becomes more specific to the repo or component type and loses its distinct description. For example, I have a rule:
prevent-docker-leaks to block proprietary namespace requests from calling dockerhub-external repo
and I want to add:
block-mysql-old-versions to block select versions of mysql images from being pulled from dockerhub-external repo
So, since I can only assign 1 rule to a repo (and cannot assign a rule to a group), I have to create rules like
dockerhub-external-blocks with multiple matchers combining the 2 above.
As noted, I lose the distinct description for each rule as the rule becomes more of a bucket of matchers that block things, so I have to document what each matcher is external to Nexus. I think it makes more sense to be able to assign multiple rules per repo, but that may be difficult and/or expensive to implement.