Skip to content

Fix nxrm-ha helm chart to allow deploy nexus community edition #926

New issue
New issue
Open
Open
Fix nxrm-ha helm chart to allow deploy nexus community edition#926
@mtroshyn

Description

@mtroshyn
mtroshyn
opened on Feb 26, 2026

Current version 89.1.0 of nxrm-ha from https://sonatype.github.io/helm3-charts/ has hardcode parameter for INSTALL4J_ADD_VM_PARAMS env var in file ./templates/statefulset.yaml

-Dnexus.licenseFile=${LICENSE_FILE}

This parameter doesn't allow to deploy nexus community addition, because each time you try to deploy nexus can't start and asks the licence file. Several users have already reported about problem with deployment here https://community.sonatype.com/t/how-to-deploy-sonatype-nexus-ce-to-k8s/14360/4

Without this parameter deployment of nexus community addition is successful.

My proposal is to update nxrm-ha helm template and make option -Dnexus.licenseFile=${LICENSE_FILE} configurable based on values. For example, in our setup we use unpacked helm package and made changes to ./templates/statefulset.yaml
original code

            - name: INSTALL4J_ADD_VM_PARAMS
          {{- if .Values.statefulset.clustered }}
              value: "{{ .Values.statefulset.container.env.install4jAddVmParams }} -Dnexus.licenseFile=${LICENSE_FILE} \
          -Dnexus.datastore.clustered.enabled={{ .Values.statefulset.clustered }} -Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs \
          -Dnexus.datastore.nexus.jdbcUrl=jdbc:postgresql://${DB_HOST}:{{ .Values.statefulset.container.env.nexusDBPort }}/${DB_NAME}{{ .Values.statefulset.container.env.jdbcUrlParams }} \
          -Dnexus.datastore.nexus.username=${DB_USER} \
          -Dnexus.datastore.nexus.password=${DB_PASSWORD}"
          {{ else }}
              value: "{{ .Values.statefulset.container.env.install4jAddVmParams }} -Dnexus.licenseFile=${LICENSE_FILE} \
              -Dnexus.datastore.enabled=true -Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs \
              -Dnexus.datastore.nexus.jdbcUrl=jdbc:postgresql://${DB_HOST}:{{ .Values.statefulset.container.env.nexusDBPort }}/${DB_NAME}{{ .Values.statefulset.container.env.jdbcUrlParams }} \
              -Dnexus.datastore.nexus.username=${DB_USER} \
              -Dnexus.datastore.nexus.password=${DB_PASSWORD}"
          {{ end }}

our workaround

          {{- $licenseConfigured := or .Values.secret.license.licenseSecret.enabled .Values.secret.license.existingSecret .Values.aws.secretmanager.enabled .Values.azure.keyvault.enabled .Values.externalsecrets.enabled }}
            - name: INSTALL4J_ADD_VM_PARAMS
          {{- if .Values.statefulset.clustered }}
          {{- if $licenseConfigured }}
              value: "{{ .Values.statefulset.container.env.install4jAddVmParams }} -Dnexus.licenseFile=${LICENSE_FILE} \
-Dnexus.datastore.clustered.enabled={{ .Values.statefulset.clustered }} -Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs \
-Dnexus.datastore.nexus.jdbcUrl=jdbc:postgresql://${DB_HOST}:{{ .Values.statefulset.container.env.nexusDBPort }}/${DB_NAME}{{ .Values.statefulset.container.env.jdbcUrlParams }} \
-Dnexus.datastore.nexus.username=${DB_USER} \
-Dnexus.datastore.nexus.password=${DB_PASSWORD}"
          {{- else }}
              value: "{{ .Values.statefulset.container.env.install4jAddVmParams }} \
-Dnexus.datastore.clustered.enabled={{ .Values.statefulset.clustered }} -Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs \
-Dnexus.datastore.nexus.jdbcUrl=jdbc:postgresql://${DB_HOST}:{{ .Values.statefulset.container.env.nexusDBPort }}/${DB_NAME}{{ .Values.statefulset.container.env.jdbcUrlParams }} \
-Dnexus.datastore.nexus.username=${DB_USER} \
-Dnexus.datastore.nexus.password=${DB_PASSWORD}"
          {{- end }}
          {{ else }}
          {{- if $licenseConfigured }}
              value: "{{ .Values.statefulset.container.env.install4jAddVmParams }} -Dnexus.licenseFile=${LICENSE_FILE} \
-Dnexus.datastore.enabled=true -Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs \
-Dnexus.datastore.nexus.jdbcUrl=jdbc:postgresql://${DB_HOST}:{{ .Values.statefulset.container.env.nexusDBPort }}/${DB_NAME}{{ .Values.statefulset.container.env.jdbcUrlParams }} \
-Dnexus.datastore.nexus.username=${DB_USER} \
-Dnexus.datastore.nexus.password=${DB_PASSWORD}"
          {{- else }}
              value: "{{ .Values.statefulset.container.env.install4jAddVmParams }} \
-Dnexus.datastore.enabled=true -Djava.util.prefs.userRoot=${NEXUS_DATA}/javaprefs \
-Dnexus.datastore.nexus.jdbcUrl=jdbc:postgresql://${DB_HOST}:{{ .Values.statefulset.container.env.nexusDBPort }}/${DB_NAME}{{ .Values.statefulset.container.env.jdbcUrlParams }} \
-Dnexus.datastore.nexus.username=${DB_USER} \
-Dnexus.datastore.nexus.password=${DB_PASSWORD}"
          {{- end }}
          {{ end }}

We check if one of values .Values.secret.license.licenseSecret.enabled .Values.secret.license.existingSecret .Values.aws.secretmanager.enabled .Values.azure.keyvault.enabled .Values.externalsecrets.enabled is true and only in this case option -Dnexus.licenseFile=${LICENSE_FILE} will be added, in another case - no.
Please add this patch or similar to new chart version.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions