and Sonatype

Automated consistency across the CI/CD pipeline., a subsidiary of eBay, Inc., is an online marketplace where buyers can find new and used cars as well as motorcycles, trucks and motorhomes. The company’s services are aimed at professional car dealers and private customers in Germany. Two-thirds of all car dealers registered in Germany use the Internet vehicle marketplace provided by

The Challenge: Choosing a Repository That Integrates Into the CI/CD Pipeline

The DevOps, Release and Build Team provides services and solutions to the whole of eBay Classifieds, which manages local classifieds in regions around the world. The team’s main initiative is to boost collaboration and faster delivery for the product development teams and site operation teams. Sonatype Nexus Repository is utilized as part of the CI/CD pipeline to provide a consistent, secure environment across all development environments.

“We’ve had a single Sonatype instance standing up for two years. The maintenance and support effort is zero because everything just works.”

Team Lead of Engineering Support

The DevOps, Release and Build Team of seven engineers at are responsible for providing secure CI/CD pipeline solutions for multiple teams. They also manage the use of reporting tools such as Atlassian Confluence and JIRA.

“We are serving several teams inside eBay classified and would like to create consistency across the teams,” explained Donato Emma, Team Lead of Engineering Support. Before the CI/CD pipeline was implemented, infrastructure was managed manually.  There was no centralized storage for multiple binary types, making it virtually impossible to track open source component usage.

Any pipeline solution would have to accommodate multiple groups and projects, while providing security within that pipeline.

The Solution: Embracing Sonatype Nexus Repository as a Local, Private Repository Integrated With Tools Such as SonarQube, Selenium Grid, OpenStack, Jenkins, and Ansible concentrated their consistency efforts on the creation of a CI/CD pipeline. For integrated security, uses Sonatype Nexus Repository as a local, private repository integrated with tools such as SonarQube, Selenium Grid, OpenStack, Jenkins and Ansible.

“Sonatype Nexus Repository is a key part of the CI/CD pipeline for several of the platforms inside,” says Donato Emma. “We are using the Sonatype Nexus Repository to store artifacts. Since the introduction of Sonatype Nexus 3, we have begun to use it for different types of artifacts such as Bower, PyPi and other formats. We are also using this repository to store binaries being used in the build process and to proxy outside of the repository. A single Sonatype Nexus instance is capable of handling quite a large amount of data."

Docker containers are a key part of the pipeline. “Sonatype Nexus 3 is used for the Docker registry functionality,” Emma explained. “We have not found the need to write plugins because the functionality offered by Sonatype Nexus is more than adequate for what we’re doing.”

The Outcome: Creating a Consistent, Secure Development Environment Across Multiple Teams

The use of  Sonatype Nexus Repository as a centralized storage for multiple binary types has created a consistent, secure environment across multiple teams. Two hundred software engineers in multiple groups at are now getting the benefits of the Sonatype platform.

There is a consistent development environment, with surprisingly little need for support.

“We were having a little trouble on our side on how to configure a specific type of security for the Sonatype Nexus Repository. We wrote a support ticket to Sonatype, not expecting much of a response based upon our experience with other companies. We were really surprised at how fast we got an answer back from the support team at Sonatype,” explains Emma. “We received a reply within the same day and were able to sort out the issue. It was unexpected, to be honest. There was no need for escalation of the issue. It was quite a nice experience.”

Donato Emma and are happy with the outcome of the CI/CD pipeline, and the role Sonatype Nexus Repository plays.