When I attempted to implement Nuget in 1.1 I realized that nitro_repo design would not allow it. To be done in a clean manner.

So the 2.0 plan will be to scrap the current repository code to be a totally new structure and contain re usable components and to stop trying to standardize everything and just take advantage of the data provided by the artifact layout.

1. Have all of the the layout providers be in crates outside of the main Cargo project. Allowing for more organized code
2. We also need to clean up the design of the the storage API and implement external storages
3. I also need to evaluate the use of DynamicRepository and DynamicStorage enums and consider using a Box in the future
4. Design search providers to be used for the different artifact layouts

Repository Types I hope to implement with this release

• Nuget
• Cargo
• pypi
• Apt and RPM
• Docker

The End Goal of this project

I would like to really start to get public support into this project and make it an actual alternative to projects such as Nexus

One of the key features of a lot of artifact managers are browsers.
Example: https://repo.kingtux.me/ and hit browse.

So on the base page you will get a listing of all the storages available. Controller: https://github.com/wherkamp/nitro_repo/blob/master/src/repository/controller.rs#L32
After selecting a storage it will do a new listing of all of the repos in the storage. https://github.com/wherkamp/nitro_repo/blob/master/src/repository/controller.rs#L32
After that you will start doing listing from https://github.com/wherkamp/nitro_repo/blob/master/src/repository/controller.rs#L65
The final one you will need to specify the accept type to application/json. If the user is logged in please make sure the Authorization value is set. So the backend knows what to show if something is set to private.

Improve how settings are updated. Currently the system is ugly and very buggy.

Support for NPM repo type

• Ensure Proper Permission checks are happening at all routes.
• Permission Check Policy
• Refactor https://github.com/wherkamp/nitro_repo/blob/master/backend/src/repository/models.rs#L206 to reflect new system

Example Permission Idea

1. Admin Overrides everything
2. User Manager. Can Manage User
3. Repository Manager. Creates Repos, Create Storages, and modify settings
4. Deployer(Contains Special Properties)
5. Viewer(Contains Special Properties) Same as deployer. This will only matter if the repository is set to private. If it is set to public. The rules wont matter

Deployer Special Properties

• * is a wild card
• {} Will be parsed as json
• () are just meant as variables for example
• Available Repository classifiers. type Meaning the repository type. Such as NPM or Maven. policy Reference if its Snapshot, Mixed, Release.

Examples

1. */* can deploy to all repositories
2. (storage_name)/* Can deploy to all repositories in a specific storage
3. (storage_name)/(repository)
4. (storage_name)/{"type": "npm"} can deploy to all npm repos
5. (storage_name)/{"policy": "Snapshot"} can deploy to all Snapshot. Policy can be combined with type.

Any combination of the rules can be combined so */{"policy":"Release", "type": "maven"} So this will say any storage. But only maven policies set to Release

The frontend contains a lot of minor visual bugs due to my bad CSS.
This is an issue tracking those. All of these I am accepting of any idea or approach of making it cleaner.

• The collapsing of the horizontal menus through out Admin Panel
  
• Some of the menus create this ugly length.
  

I need to go through and create a good cors setup. Currently the current system is very unstable and can create security bugs.

Tasks

• Refactor Nitro_Repo to allow for different database types(SQLIte and Postgres) and to allow different user storage methods
• Session Token Storages methods such as Redis and In-Memory
• Complete Login Tokens #100

Token Types

Session Tokens nrs_{} for sessions.

1. Created upon first connection to website. Stored in Cookies
2. Stored in Memory or Redis
3. Will reference the Authentication Token
4. 24 life time.
   Authentication Token nrp_{}
5. Stored in Database
6. Life Span is specified upon creation. So 24 if for session token. or even like 90 days if you are going to use this for like your deploying from Maven
7. Can be sent with API requests instead of session tokens. For API stuff
8. Will be an alternative for deploying using usernames and passwords

When a user deploys something to the repository. Let store some extra data about the deploy

Here is what I am thinking. Create a nitro-repo.json file in the folder created that has the following data

1. Who did the deploy
2. The time it was deployed
3. Machine it was sent from IP? machine info?

I am open to any ideas and concerns about doing this. Also it would be able to be disabled if chosen.

• Make a decent repository browser.
• Clean up index page
• Add and modify users
• Modify settings

• Storages will be stored in a central file and be loaded upon application load [Working Directory]
• Repository info will be stored first with a name inside the storage config for reference and then a .settings.repositories.json
• Settings will be split up among different files. [Working Directory]

After this set of changes users will be the only thing stored in the database. #326

A RAW repository format

OpenAPI Documentation Library: https://github.com/juhaku/utoipa

• SAML 2.0
• OpenID connect
• TOTP/RFC6238 for Google Authenticator

When any of these login methods are in use. They will need to use an Auth Token

• Show the last time the repository was pushed to. Suggested by @ryandw11

Re Design the nitro_repo webiste to give clear instructions.
https://nitro-repo.kingtux.dev

Instructions needed

• System Admin Install Instructions

Pages Needed

• Features
• Knowledge Base
• Internal Workings

Nitro Repo needs to start having public builds and releases and a way of installing them.

Generic Features

• Web hooks after a deploy
• Manual Upload - Requested by Ryandw11 #134

Admin Panel

• System Status Information
• Repository Status

Storage's never change in value. So lets cache them so we can have quicker responses and less database requests.

Go through the code and improve the memory usage

Implement Changing the Security Settings in the frontend

Add Support for APT repositories.

• Get disk usage
  • By Repository
  • By Storage
• View Logs online(Might become its own separate project)
  • Sort Logs for a specific Repository
  • Sort Logs for entire system

• Do the project readme rendering

• Add and modify users
• Improve API calls for the repo handlers
• Add settings for repos
• Require authentication for getting files

• Frontend Rewrite due to #223
• Generate pom.xml a421dbd
• Show Status of Upload
• Handle Errors from Backend

Hey @wyatt-herkamp, feel free to submit a PR to showcase your project!

• SeaQL/sea-orm#403

Do to bugs in how NPM was implemented on my behalf and how I have changed how Nitro_Repo interacts with files the NPM implementation had to be scrapped.

Logins Tokens will act like Github Login Tokens. Allowing to be used instead of passwords when doing deploys and stuff like that.

The Auth Tokens (https://github.com/wherkamp/nitro_repo/tree/master/migrations/2021-09-29-194126_create_auth_tokens) will be where it is contained.

In the future this will exist so we can add Google Authenticator Support.
We will add setting so an admin can say that only use the Auth Token as a login in deploy

Requirements

• Make sure the backend is being stored in a secure way
• Add controllers for creating, deleting, and seeing a list of the tokens created(But token is not sent back)
• Frontend listing
• Frontend Create
• Frontend Delete
• Finally add handling in the backend for accepting these tokens.
• Bonus: Delete all tokens system wide. (If a security breach happened)
• Bonus: Create a requirement system wide and per repository

Bonus Tasks are optional to complete this issue. Will be added in the future if not here.

As of now Nitro_Repo is built around Linux. With some testing Nitro_Repo seems to work fine on Windows however, I would like to improve the experience.

• Github Actions build Nitro Repo
• Window Installer Powered Setup and Update
• Setup nitro_repo as a service with the installer
• Add Windows Setup Documentation

• In Repository Settings Change the type to a Enum with Values
• The enum will contain specific settings for that repository Type
• Refactor the models file inside the repository file
• Refactor the repository update controllers again....
• Make sure all defaults are logical

Notes

• STORAGE_CONFIG will only list the the type. Not the type specific settings

Example Enum

pub enum RepositoryType{
  Maven(MavenSettings),
  NPM(NPMsettings),
}

Anytime you change something in the Admin Panel go ahead and refresh the data being used from the backend.

Add Artifact Searching.

Both Strongbox https://strongbox.github.io/user-guide/artifact-query-language.html and https://www.jfrog.com/confluence/display/JFROG/Artifactory+Query+Language

Both have an similar query language for artifact searching. Add it in the backend manage. However, frontend will call it.

Push this as a separate library

• Cleanup how badges are stored
• Allow optional size values when rendering SVG
• Add Debug, Trace, and Error logging to the badge handler.

Add the following features to Repository Pages

• Repository README

Requested Here: https://www.reddit.com/r/opensource/comments/ra9lc3/comment/hnnegjj/?utm_source=share&utm_medium=web2x&context=3

• Refactor the the typescript backend API to be consistent with locations
• Try to compress components into a more reusable way
• Get style sheets to be re-used

Repositories

• Display details about the Repo under General(Name, Storage, Type 8f0ebcc
• Set Policy ba82b8a
• Change Frontend and Badge Settings ba82b8a

Settings

• General Settings (Site Name)