Package server that can serve artifacts as Maven and Debian packages
Description
Binary Repository Managers (https://en.wikipedia.org/wiki/Binary_repository_manager) allow easy access and management of artifacts created and consumed by projects. Software like JFrog Artifactory (https://www.jfrog.com/artifactory/) or Sonatype Nexus (https://www.sonatype.com/nexus-repository-oss) are examples of multi-protocol repositories.
We want to enhance our existing artifacts system, allowing access using the most common package managers.
Proposal
The MVP will focus on:
- Maven: https://maven.apache.org/guides/introduction/introduction-to-repositories.html
- Debian: https://wiki.debian.org/DebianRepository
Artifacts will be in a single storage (local or on Object Storage).
- Define the architecture:
- standalone daemon vs. managed by main application
- authentication and authorization (similar to what we have now with GitLab Container Registry)
- single-way (download only) vs. bidirectional (upload via package managers)
- storage type (artifacts can actually be local or Object Storage, transparent to application
- cloud native approach
- Define the protocol
- http vs. https only
- dealing with certificates, self signing, letsencrypt
- automatic creation of metadata vs. manual publishing
Edited by Fabio Busatto