This repository has been archived by the owner on Nov 5, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 45
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #273 from mkosiarc/entitlement-docs
Document how to create entitlement subscription secret
- Loading branch information
Showing
2 changed files
with
33 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
32 changes: 32 additions & 0 deletions
32
.../ROOT/pages/how-to-guides/configuring-builds/proc_entitlement_subscription.adoc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,32 @@ | ||
| :_content-type: PROCEDURE | ||
| :troubleshooting_builds: | ||
|
|
||
| [id="entitlement_subscription_{context}"] | ||
| = Using Red Hat entitlement subscription | ||
|
|
||
| Entitlement subscription allows users to install RPMs that are not accessible without it. In order to use it in your builds, you must have access to an entitlement subscription | ||
| and possess the neccessary entitlement certificate files. To obtain them, review https://developers.redhat.com/articles/2022/01/24/create-entitled-builds-red-hat-subscriptions-openshift[Subscription benefits for secure deployments] guide. | ||
|
|
||
| Once you have the *<entitlement-id>.pem* and *<entitlement-id>-key.pem* files, you will need to create a secret in your Konflux namespace. You can do it in two ways: | ||
|
|
||
| . <<Create-entitlement-secret-through-the-UI>> | ||
| . <<Create-entitlement-secret-through-console>> | ||
|
|
||
|
|
||
| [[Create-entitlement-secret-through-the-UI]] | ||
| == Create entitlement secret through the UI | ||
|
|
||
| 1. Access the Secrets section in the konflux UI and click on *Add secret*. | ||
| 2. Set the secret name to *etc-pki-entitlement*. | ||
| 3. Add the first key with the name *<entitlement-id>-key.pem* and and set the value to the contents of the key file. | ||
| 4. Add a second key with the name *<entitlement-id>.pem* and set the value to the contents of the certificate file. | ||
| 5. Save the secret by clicking *Add secret* | ||
|
|
||
| [[Create-entitlement-secret-through-console]] | ||
| == Create entitlement secret through console | ||
|
|
||
| Alternatively, you can create the secret through the CLI. After logging into your cluster and navigating to your namespace, run the following command: | ||
|
|
||
| ---- | ||
| oc create secret generic etc-pki-entitlement -n <your-tenant> --from-file <entitlement-id>-key.pem --from-file <entitlement-id>.pem | ||
| ---- |