I’ve got some questions about Assets and Components in the Nexus 3 API. The goal of my Bundle is to go through all the binaries uploaded to a users Repository and scan them. I need to scan things like zip files, jar files, etc. In Nexus 2, these were all stored on the file system and could be easily accessed. In Nexus 3, it seems that everything is now stored in a DB. My questions are:
How can I retrieve these items? In my task, I plan on using the repository and accessing everything through the StorageTx. Is this correct or is there an easier way? From there, I will get all the Assets/Components associated with the repository. Should I get the Asset or Component if I want the binaries?
Once I get the Asset/Component, how do I go about converting these into files so that I can scan them? Do I want to get the Blob from the associated item and then work with the InputStream? Since this method of storage is new in Nexus 3, I’m not exactly sure where the actual Artifacts are being stored.
Once I’ve scanned items, I plan on saving new data to the item. I believe this is done very similar to retrieving items but instead I call the storageTx.saveAsset method.
All of what I’ve done so far can be found here, blackduck-nexus3/QueryManager.java at master · blackducksoftware/blackduck-nexus3 · GitHub. If any of this seems off or incorrect let me know. Alternatively, if you have an easier class I can use to achieve everything I need, I’d love to know about it.