-
Notifications
You must be signed in to change notification settings - Fork 82
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #2159 from CSCfi/DeRuina-patch-1
Import from Git (Private Repositories) UPDATE
- Loading branch information
Showing
1 changed file
with
129 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -175,6 +175,135 @@ It is also possible to create a build from a given `Dockerfile`: | |
| cat Dockerfile | oc new-build -D - | ||
| ``` | ||
|
|
||
| ### Import from Git (Private Repositories) using the Web GUI | ||
|
|
||
| Deploying a private Git repository to Rahti involves setting up the necessary authentication to access your private repository. Without proper authentication, you will see the error "URL is valid but cannot be reached" (seen in the pictures below). Here's how to resolve this using two authentication methods: | ||
|
|
||
|
|
||
|  | ||
|
|
||
|
|
||
| #### Option 1: Using a Token for Git Authentication | ||
|
|
||
| 1. **Generate a Personal Access Token:** | ||
|
|
||
| - **GitHub:** | ||
| - Go to your GitHub account settings. | ||
| - Navigate to "Developer settings" > "Personal access tokens". | ||
| - Click on "Generate new token". | ||
| - Select the scopes you need (typically, you'll need `repo` scope for private repositories). | ||
| - Generate the token and copy it. | ||
|
|
||
| - **GitLab:** | ||
| - Go to your GitLab profile settings. | ||
| - Navigate to "Access Tokens". | ||
| - Give your token a name, select the required scopes (e.g., `api`, `read_repository`), and create the token. | ||
| - Copy the token. | ||
|
|
||
| 3. **Add the Token to Rahti:** | ||
| - Under "Source Secret" choose "Create new Secret" | ||
| - Name the secret, under "Authentication type" choose "Basic Authentication" | ||
| - Paste the token and create | ||
|
|
||
|  | ||
|
|
||
|
|
||
| #### Option 2: Using a Private SSH Key for Git Authentication | ||
|
|
||
| 1. **Generate an SSH Key Pair (if you don't have one already):** | ||
|
|
||
| - Open a terminal and run the following command to generate a new SSH key pair: | ||
| ```sh | ||
| ssh-keygen -t rsa -b 4096 -C "[email protected]" | ||
| ``` | ||
| - This will create two files: a private key (`id_rsa`) and a public key (`id_rsa.pub`). | ||
|
|
||
| 2. **Add Your Public Key to Your Git Hosting Service:** | ||
|
|
||
| - **GitHub:** | ||
| - Go to your GitHub account settings. | ||
| - Navigate to "SSH and GPG keys". | ||
| - Click "New SSH key" and paste the contents of your `id_rsa.pub` file. | ||
|
|
||
| - **GitLab:** | ||
| - Go to your GitLab profile settings. | ||
| - Navigate to "SSH Keys". | ||
| - Add a new SSH key and paste the contents of your `id_rsa.pub` file. | ||
|
|
||
| 4. **Add the Private SSH Key to Rahti:** | ||
| - Under "Source Secret" choose "Create new Secret" | ||
| - Name the secret, under "Authentication type" choose "SSH Key" | ||
| - Paste the contents of your private SSH key (`id_rsa`) and create | ||
| - | ||
|  | ||
|
|
||
|
|
||
| ### Import from Git (Private Repositories) using the CLI | ||
|
|
||
| This assumes that the users has generated SSH keys and registered their public key with GitHub. | ||
|
|
||
|
|
||
| **[Log into OpenShift CLI (`oc`)](../usage/cli.md#how-to-login-with-oc)**: | ||
|
|
||
| ```bash | ||
| oc login <cluster-url> | ||
| ``` | ||
|
|
||
| **[Create a New Project](../usage/projects_and_quota.md#creating-a-project)**: | ||
|
|
||
| ```bash | ||
| oc new-project <project-name> --display-name=<display-name> --description="csc_project:<project-id>" | ||
| ``` | ||
|
|
||
| **Create SSH Key Secret**: | ||
|
|
||
| ```bash | ||
| oc create secret generic <secret-name> --from-file=ssh-privatekey=<path-to-private-key> --type=kubernetes.io/ssh-auth | ||
| ``` | ||
|
|
||
| **Link the Secret to the Builder Service Account**: | ||
|
|
||
| ```bash | ||
| oc secrets link builder <secret-name> | ||
| ``` | ||
|
|
||
|
|
||
| **Deploy the Application**: | ||
|
|
||
| ```bash | ||
| oc new-app <repository-url> --name=<application-name> | ||
| ``` | ||
|
|
||
| **Monitor the Build**: | ||
|
|
||
| - monitor logs | ||
| ```bash | ||
| oc logs -f buildconfig.build.openshift.io/<application-name> | ||
| ``` | ||
|
|
||
| - The initial build will probably fail due to authentication issues, set the build secret explicitly: | ||
| ```bash | ||
| oc set build-secret --source bc/<application-name> <secret-name> | ||
| ``` | ||
|
|
||
| - Trigger a new build: | ||
| ```bash | ||
| oc start-build <application-name> --follow | ||
| ``` | ||
|
|
||
| **Expose the Application**: | ||
|
|
||
| ```bash | ||
| oc expose deployment <application-name> --name=<service-name> --port=<port> --target-port=<target-port> | ||
| oc expose svc/<service-name> | ||
| ``` | ||
|
|
||
| **Access the Application**: | ||
|
|
||
| - Use the URL provided by: | ||
| ```bash | ||
| oc get route <application-name> | ||
| ``` | ||
|
|
||
| ## Troubleshooting | ||
|
|
||
|
|
||