The content in this post may be outdated. For the most recent post concerning private Git repositories, please visit the Private Git Repositories series.

Many times you will find yourself in a situation where you can not use public repository for your code, e.g. free public hosted git repository at Github, because your code is private. In such case, you simply follow the previous steps, but the build is going to fail, because OpenShift will not be able to download the source code as it will not have the credentials to authenticate itself against the git repository.

But do not worry, there is a solution.

You can upload some private key to OpenShift and authorize its public counterpart at the git hosting, and with those in place, OpenShift will be able to access your private git repository. I do not want to go into too many details here, you can read more in the documentation linked earlier.

First, generate an RSA key that is going to be uploaded to OpenShift (be careful not to overwrite your current keys)

<code>ssh-keygen -t rsa -C "my_secret_key_for_OpenShift"</code>

Then, you upload the key to OpenShift:

<code>oc secrets new-sshauth sshsecret --ssh-privatekey=$HOME/.ssh/id_rsa</code>

After that, you provide this key to the builder service account:

<code>oc secrets add serviceaccount/builder secrets/sshsecret</code>

Finally, you need to update your build configuration:

<code>oc patch buildConfig myapp -p '{"spec":{"source":{"sourceSecret":{"name":"sshsecret"}}}}'</code>

And that’s it! Authorize the public key for your repository and you are ready to go!

Categories

News, OpenShift Online

< Back to the blog