What We Learned from Studying 36,000 OSS Projects | Press Release

blog-logo Sonatype Blog

Nexus Repo and Datree Integration Deliver Automated Pipeline Control

November 01, 2019 By Brent Kostak

If your organization or development team currently uses, is considering, or has plans to use open source software to accelerate development and innovation, then you are likely familiar with the transformational shift in developer workflows. The benefits of using open source are well-known, but the outcomes of increased package distribution and hundreds of source code repos have left development teams on the edge of an unforeseeable battle against scalable efficiency.

In the DevOps era of speed, collaboration, and automated continuous integration and delivery, what is the key ingredient to maintaining highly optimized development pipelines? How can teams gain better control over developer efficiencies and governance while, at the same time, provide flexibility and productivity?

From Air Cover to the Git Level

The importance of Nexus Repository Manager to centralize proprietary, open source, and other third party components for binary and build artifacts delivers complete control over dependency management. Organizations who use a binary repository manager gain true, universal 'air cover' of making sure their development teams are producing reliable, higher quality builds in less time throughout the entire CI/CD pipeline.

The question that comes to mind now, after years of innovation on the binary and build side of the toolchain, is what about efficiencies at the git level? How can organizations and development teams automate policy control for developer best practices on every GitHub commit? After all, this is exactly where we have developer ‘boots on the ground’.

We are excited to announce the integration of Nexus Repository and Datree for developers and DevOps teams!

Datree is a git-based policy engine that allows organizations to enforce custom policies around their git projects. Datree helps teams adopt development best practices, coding standards, and security policies by performing automated GitHub checks on every commit. Creating custom rules in Datree, organizations can now automatically enforce control over components being pulled from/pushed to their Nexus Repository Manager instances.

Getting Started with the Nexus Repository/Datree Integration

A few simple steps and your organization can start integrating Datree and Nexus Repository Manager to any GitHub account. In Datree’s Properties Explorer panel, select the file type and regex conditions.

Datree Properties Explorer

Set the rule type and metadata, (e.g. Docker: Image must be pulled from Nexus Repository) in the Policy Management panel.

Set rule type in Datatree metadata

 

Datatree with Docker pulled from Nexus Private Registry

Once custom policies are created, Datree Smart Policy tests will run on GitHub checks to verify these components are being pulled from/pushed to Nexus Repository Manager.

Datree policy rules

Development teams now have the power to automate their pipeline control, one commit at a time, using the Nexus Repository and Datree integration. Applying Datree’s policy control as a pull request 'gatekeeper’ brings back visibility and codebase control while Nexus Repository handles everything else in the DevOps toolchain for binary and build artifact management.

Check out Nexus Repository Manager and Datree to start optimizing your organization’s control over developer efficiencies and governance.

Tags: github, open source management, policy enforcement, Nexus Repository, Open Source, integrations, policy, featured, Product, Post developers/devops

Written by Brent Kostak

Brent is the Product Marketing Manager connecting developers and DevOps communities to Sonatype Nexus tools and technologies