Get Started

Resolving Nexus Image Deletion Issue

by the Hossted team
21.02.2025

Problem:

The client experienced a problem where one of the images in their Nexus Repository was deleted unexpectedly without any trace. The client needed assistance in answering the following questions:

  • How was the image deleted and is it possible to recover it?
  • How can future abrupt deletions of images be prevented?
  • How can Nexus logging be enabled to record all activities?

Process:

Step 1 – Initial Investigation

The expert examined the scenario by identifying key areas to investigate:

  • Audit Logs: Checking if audit logging was enabled in Nexus. This would allow the review of DELETE events to identify the process or user responsible for the deletion.
  • Blob Storage: The image in Nexus is stored as a blob. The expert recommended reviewing the blob storage directory to check if the image was still present.
  • Database Query: The Nexus internal database was queried to check for references to the deleted image.
  • Backup Strategy: The expert asked the client to confirm whether a backup strategy was in place, as it could help recover the image if it was not present in the blob store.

Step 2 – Proposed Solutions

The expert provided recommendations for solving the problem and preventing future occurrences:

  • How to recover the deleted image:
    • Audit Logs: If audit logging was enabled, the logs should indicate who initiated the delete operation.
    • Blob Store: If the image is still present in the blob store, it can potentially be recovered. The expert recommended checking the $NEXUS_DATA/blobs directory.
    • Backup Recovery: If no image was found in the blob store, the next step would be to restore the image from a backup, if available.
  • Preventing future image deletions:
    • Role-Based Access Control (RBAC): The expert suggested enforcing strict role-based access control to limit delete permissions to only authorized users. This can be managed under Security -> Roles and Users.
    • Retention Policies: Implementing retention policies would ensure that important images are protected from accidental deletion by retaining them for a specified period.
    • Restrict Direct Blob Deletion: The expert recommended restricting the ability to directly delete blobs by adjusting repository permissions to only allow admin-level access for such operations.
  • Enabling Nexus logging to capture all activities:
    • Audit Logging: The expert instructed the client to navigate to Administration -> Capabilities and enable the Audit capability.
    • Detailed Activity Logging: For more detailed logs, the expert recommended adjusting the log level to INFO or DEBUG under Administration -> Logging -> Root Log Level.
    • Accessing Logs: The expert explained how to access the logs stored on the server:
      • nexus.log for general activity logs
      • audit.log for audit-specific events related to sensitive actions like deletions

Solution:

The expert’s recommendations allowed the client to investigate how the image was deleted and recover it if needed. The implementation of role-based access control (RBAC) and retention policies effectively mitigated the risk of accidental deletions. Additionally, enabling audit logging provided a way to monitor and track future deletion activities within Nexus.

Conclusion:

This case demonstrated the importance of having robust logging, access control, and retention mechanisms in place to protect against unauthorized or accidental deletions. The expert’s advice ensured the client could recover the deleted image and implement preventive measures to safeguard against similar issues in the future. This case also highlights the value of audit logging for maintaining traceability of critical repository actions.

Related articles
OSSpedia
DevOps 6 Apr 2024 Nexus Open Source Application: Orchestrating Artifact Management Developer Tools NEX