Registries and Repositories

OpeNgine supports the following Git repositories:

  • GitHub

  • Azure DevOps Repositories

  • Google Cloud Source Repositories

repositories:
  git:
    application-1:
      type: "existing-git"
      url: "git@github.com:GloballogicPractices/kubernetes-helm-hello-world-vilov.git"
      login: "{{ lookup('env','SSH_LOGIN') }}"
      sshkey: "{{ lookup('env','SSH_KEY_PATH') }}"
      description: "main git repo"
      branch: "master"
      dockerregistry: "globallogicpractices"
  azuredevops:
    front-end:
     type: existing-azuredevops-repo
     org_name: "{{ lookup('env','AZURE_DEVOPS_ORG_NAME') }}"
     project_name: "{{ lookup('env','AZURE_DEVOPS_PROJECT_NAME') }}"
     repo_name: "{{ lookup('env','AZURE_DEVOPS_REPO_NAME') }}"
     branch: master
     project_local_root: "/Users/dev/source/microservices-demo/front-end"

Element

Description

repositories

Parent element of repositories & registries configuration.

git

Parent element of git repositories section.

azuredevops

Parent element of Azure DevOps Repo section.

application-1.. application-N

Repository identifier, OpeNgine will add credentials for this repo to Jenkins and create pipeline job for each application.

type

Current OpeNgine version supports only existing repositories: existing-git or existing-azuredevops-repo

git.url

git repository url.

git.login

ssh login to be used for git.

git.sshkey

Path to ssh private key file.

git.description

Application description, will be added to pipeline description.

git.dockerregistry

Name of docker registry to be used in the pipeline.

azuredevops.org_name

Azure DevOps Organization name.

azuredevops.project_name

Azure DevOps Project name.

azuredevops.repo_name

Azure DevOps Repository name.

azuredevops.project_local_root

Path to the source code repository on the local machine. Azure Pipelines build & release definition files will be created in the root of the local repository and pushed to the remote repository.

branch

Name of git branch to be used in the pipeline.

For Cloud Source Repositories, use following instruction.

OpeNgine provides support for multiple types of Container registries:

  • DockerHub

  • Azure Container Registry (ACR)

  • Google Container Registry (GCR) (currently works only with Google Cloud Build)

DockerHub configuration:

repositories:
  docker:
    regestry-1:
      type: "existing-dockerhub"
      username: "{{ lookup('env','DOCKER_USERNAME') }}"
      password: "{{ lookup('env','DOCKER_PASSWORD') }}"

Azure Container Registry (ACR) configuration:

repositories:
  acr:
    ACR-1:
      type: existing-acr
      name: OpeNgineDemoACR
      resource_group_name: containerregistries-rg
      server: openginedemoacr.azurecr.io
      login: "{{ lookup('env','AZURE_ACR_CLIENT_ID') }}"
      password: "{{ lookup('env','AZURE_ACR_CLIENT_SECRET') }}"
  acr:
    ACR-2:
      type: provision-acr
      resource_group_name: containerregistries-rg
      sku: "Basic"
      login: "{{ lookup('env','AZURE_CLIENT_ID') }}"
      password: "{{ lookup('env','AZURE_SECRET') }}"

Environment variables:

export AZURE_ACR_CLIENT_ID=<ID of Azure AD Service Principal (SPN) that has push/pull permissions to ACR>
export AZURE_ACR_CLIENT_SECRET=<SPN password>

Element

Description

repositories

Parent element of repositories & registries configuration.

docker

Parent element of docker registry section.

acr

Parent element of ACR registry section.

regestry-1 .. regestry-N

Registry name/identifier. This name is used in the CICD section of the config to define a target container registry.

type

Current OpeNgine version supports only existing-dockerhub registry and two types of ACR: existing-acr and provision-acr. The latter will create a new ACR instance in the same Azure subscription where other OpeNgine resources are provisioned. Service Principal that is used to run OpeNgine installation will be granted Contributor permissions on the newly created ACR.

docker.username

Username for dockerhub registry

docker.password

Password for dockerhub registry

acr.login

Azure AD Service Principal identifier that has at least Push & Pull permissions in ACR.

acr.password

Azure AD Service Principal’s secret (password).

acr.resource_group_name

Azure Resource Group where either existing or newly provisioned ACR is located.

acr.server

FQDN of ACR. Mandatory when using existing ACRs.

acr.sku

Azure Container Registry SKU Mandatory when creating new ACRs.

ACR can be used not only as a Container Registries but it also can store Helm packages and act as a Helm Repository. If you are using ACR, you don’t have to configure any additional settings. However, when using DockerHub, you should configure Helm section as described below in order to use a GitHub repository as a storage for Helm packages.

repositories:
 helm:
   OpeNgineContainerReg:
     type: "existing-github-helm-repo"
     pat: <<your Personal Access Token for GitHub >>
     raw_url: "https://raw.githubusercontent.com/Contoso/OpeNgine-helm-repo/master"
     url: "https://github.com/Contoso/OpeNgine-helm-repo.git"
     email: "username@contoso.com"
     username: "Firstname Lastname"

Element

Description

repositories

Parent element of repositories & registries configuration.

helm

Parent element of Helm repository configuration.

OpeNgineContainerReg

Name of your DockerHub registry (Helm Repository section is needed only when using DockerHub, thus the name of your DockerHub regestry should be provided here).

type

Type of Helm Repository. The only accepted value is existing-github-helm-repo.

pat

Your PAT for GitHub.

raw_url

Raw URL to the GitHub repository, which is used to store Helm packages.

url

Normal URL to the GitHub repository, which is used to store Helm packages.

email

Email address of the Helm Repository owner.

username

Firstname and Lastname of the Helm Repository owner.