What privileges does a user need to upload/deploy to every repository hosted on local Sonatype Nexus 3.0 server?

Question

Note: since I'm the only one searching for it it feels like I want to use bad practice.

I want to create a deploy-user. Its only purpose is to be configured in the settings.xml as a server-entity:

<servers>
 <server>
  <id>nexus</id>
  <username>deploy-user</username>
  <password>somepassword</password>
 </server>
</servers>

The user only needs permission to upload artifacts to all the repositories hosted on the Nexus 3.0 server. I've created a role "Deployment" and need to know which privileges need to be applied.

Answer 1

For nexus 3.x, create a new role (e.g. "deploy") and assign it the add, edit and read permissions (nx-repository-view-<repo_type>-<repo_name>-add/edit/read).

This suffices for maven; other clients may need more privileges.

Answer 2

Nexus 2

The User must have Artifact Upload privilege, which can be searched in privileges tab.

• Create a custom Role for your user, add Artifact Upload privilege to the Role.
• Bind the Role to your user.

Below is an example of nexus 2.x:

And this is for nexus 3.x:

Answer 3

Nexus 3

With Nexus 3.15.2-01, I could successfully deploy a maven site with a user that had a role with the following Privileges:

• nx-repository-view-<RepoType>-<RepoName>-add and
• nx-repository-view-<RepoType>-<RepoName>-edit

e.g. nx-repository-view-raw-Cloudogu-Docs-add.

See cloudogu/continuous-delivery-slides-example for an example.

A good exmplanation of nx-repository-view vs nx-repository-admin can be found in this answer.

Answer 4

Recently edited on Aug-26...

Steps required for uploading to Nexus server.

1. First create a custom deployment role.
2. Then add these privileges Nexus deployment role , All Repositories -create , All Repositories -read, All Repositories -view, All Repositories -update to custom role you have created.
3. Then assign this custom deployment role to the users who ever requires upload/deploy artifacts to Nexus.