Package RegistryβοΈ
This page describes the supported package registry providers and provides detailed instruction on how to adjust configurations to work properly with these package registry providers.
Supported Package Registry ProvidersβοΈ
Currently, KubeRocketCI Tekton pipelines support the following package registries:
- Nexus;
- GitLab;
- GitHub;
- Azure DevOps.
The table below displays the supported registries and the languages they correspond to:
Language | Framework | Build Tool | Proxy Registry | Snapshots/Releases Registry |
---|---|---|---|---|
Java | Java 8 Java 11 Java 17 | Maven | Nexus Gitlab GitHub Azure DevOps | Nexus Gitlab GitHub Azure DevOps |
Python | Python 3.8 FastAPI Flask | Python | Nexus Gitlab Azure DevOps | Nexus Gitlab Azure DevOps |
C# | .Net 3.1 .Net 6.0 | .Net | No proxy is used for this language. | Nexus Gitlab GitHub Azure DevOps |
JavaScript | React Vue Angular Express Next.js Antora | NPM | Nexus Gitlab GitHub Azure DevOps | Nexus Gitlab GitHub Azure DevOps |
Proxy Package Registry ConfigurationβοΈ
By default, KubeRocketCI uses Nexus as the proxy registry for storing and caching application dependencies. This setting is fixed and cannot be modified.
Snapshot/Release Package Registry ConfigurationβοΈ
The edp-tekton Helm Chart allows to override the default settings for package registries through tekton.configs
part of its values.yaml file.
To provide necessary credentials for accessing the package registries, the user should create the package-registries-auth-secret
secret and set the tekton.packageRegistriesSecret.enabled
value to true
to mount the secret into the pipeline.
To replace the default name of the secret, the user should set the tekton.packageRegistriesSecret.name
parameter to the desired value:
tekton:
packageRegistriesSecret:
enabled: true
name: "package-registries-auth-secret"
configs:
# Build Tool: Maven
mavenConfigMap: "custom-maven-settings"
# Build Tool: NPM
npmConfigMap: "custom-npm-settings"
# Build Tool: Python
pythonConfigMap: "custom-python-settings"
# Build Tool: .Net
nugetConfigMap: "custom-nuget-settings"
Customizing Maven SettingsβοΈ
A new custom configuration map should contain the settings.xml
file, which overrides the default Maven configuration.
For example, the following configuration map contains the settings.xml
file with the following settings:
- Proxy registry: Nexus.
- Snapshots/Releases registry: Azure DevOps registry.
- Authentication:
CI_USERNAME
andCI_PASSWORD
- these environment variables are used for authentication to Nexus.CI_AZURE_DEVOPS_USERNAME
andCI_AZURE_DEVOPS_PASSWORD
- these environment variables are used for authentication to Azure DevOps registry.
- Secrets:
CI_AZURE_DEVOPS_USERNAME
andCI_AZURE_DEVOPS_PASSWORD
- these environment variables are taken from thepackage-registries-auth-secret
secret.
Example: custom-maven-settings.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: new-custom-maven-settings
data:
settings.xml: |
<settings xmlns="http://maven.apache.org/SETTINGS/1.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/SETTINGS/1.0.0 http://maven.apache.org/xsd/settings-1.0.0.xsd">
<localRepository>/workspace/source/cache</localRepository>
<pluginGroups>
<pluginGroup>org.sonarsource.scanner.maven</pluginGroup>
</pluginGroups>
<servers>
<!-- The "nexus" server is defined to provide credentials required by the mirror. -->
<server>
<id>nexus</id>
<username>${env.CI_USERNAME}</username>
<password>${env.CI_PASSWORD}</password>
</server>
<!-- The "azure-devops-registry" server is defined to provide credentials required by the Azure DevOps registry.
Username and password are used for authentication.
More documentation: https://learn.microsoft.com/en-us/azure/devops/artifacts/get-started-maven?view=azure-devops -->
<server>
<id>azure-devops-registry</id>
<username>${env.CI_AZURE_DEVOPS_USERNAME}</username>
<password>${env.CI_AZURE_DEVOPS_PASSWORD}</password>
</server>
</servers>
<mirrors>
<mirror>
<!--This sends everything else to /public -->
<id>nexus</id>
<mirrorOf>*</mirrorOf>
<url>http://nexus.nexus:8081/repository/edp-maven-group</url>
</mirror>
</mirrors>
<profiles>
<profile>
<id>sonar</id>
<activation>
<activeByDefault>true</activeByDefault>
</activation>
<properties>
<sonar.login>
${env.SONAR_TOKEN}
</sonar.login>
<sonar.host.url>
${env.SONAR_HOST_URL}
</sonar.host.url>
</properties>
</profile>
<!-- Azure DevOps registry profile for managing artifacts within Azure DevOps. -->
<profile>
<id>azure-devops-registry</id>
<properties>
<altSnapshotDeploymentRepository>azure-devops-registry::default::https://pkgs.dev.azure.com/<ORGANIZATION_NAME>/<PROJECT_NAME>/_packaging/<FEED_NAME>/maven/v1</altSnapshotDeploymentRepository>
<altReleaseDeploymentRepository>azure-devops-registry::default::https://pkgs.dev.azure.com/<ORGANIZATION_NAME>/<PROJECT_NAME>/_packaging/<FEED_NAME>/maven/v1</altReleaseDeploymentRepository>
</properties>
</profile>
</profiles>
<!-- Specify the active profile here. If you want to push packages to nexus (default), gitlab registry, github registry,
or Azure DevOps registry, change the activeProfile id to the required profile id. -->
<activeProfiles>
<activeProfile>azure-devops-registry</activeProfile>
</activeProfiles>
</settings>
Customizing NPM SettingsβοΈ
A new custom configuration map should contain the .npmrc-ci
, .npmrc-publish-snapshots
and .npmrc-publish-releases
files, which override the default npm configuration.
For example, the following configuration map contains the .npmrc-ci
, .npmrc-publish-snapshots
and .npmrc-publish-releases
files with the following settings:
- Proxy registry: Nexus.
- Snapshots/Releases registry: Azure DevOps registry.
- Authentication:
- 'upBase64' ("${CI_USERNAME}:${CI_PASSWORD}" string in base64) - this environment variable is used for authentication to Nexus.
CI_AZURE_DEVOPS_USERNAME
andCI_AZURE_DEVOPS_PASSWORD_IN_BASE64
- these environment variables are used for authentication to Azure DevOps registry.
- Secrets:
CI_AZURE_DEVOPS_USERNAME
andCI_AZURE_DEVOPS_PASSWORD_IN_BASE64
- these environment variables are taken from thepackage-registries-auth-secret
secret.
Example: custom-npm-settings.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: custom-npm-settings
data:
.npmrc-ci: |
registry=${NEXUS_HOST_URL}/repository/edp-npm-group
_auth=${upBase64}
cache=${NPM_CACHE_DIR}
.npmrc-publish-snapshots: |
registry=https://pkgs.dev.azure.com/<ORGANIZATION_NAME>/<PROJECT_NAME>/_packaging/<FEED_NAME>/npm/registry
username=${CI_AZURE_DEVOPS_USERNAME}
_password=${CI_AZURE_DEVOPS_PASSWORD_IN_BASE64}
email=${CI_AZURE_DEVOPS_USERNAME}
cache=${NPM_CACHE_DIR}
.npmrc-publish-releases: |
registry=https://pkgs.dev.azure.com/<ORGANIZATION_NAME>/<PROJECT_NAME>/_packaging/<FEED_NAME>/npm/registry
_auth=${upBase64}
cache=${NPM_CACHE_DIR}
Customizing Python ConfigurationsβοΈ
For customizing python settings, a new configuration map can be prepared to replace the default pythonConfigMap. This custom configuration map should contain the PIP_TRUSTED_HOST, PIP_INDEX, PIP_INDEX_URL, REPOSITORY_URL_SNAPSHOTS and REPOSITORY_URL_RELEASES environment variables, which overrides the default python configuration.
For example, the following configuration map contains the following settings:
- Proxy registry: Azure DevOps registry.
- Snapshots/Releases registry: Azure DevOps registry.
- Authentication:
- 'upBase64' ("${CI_USERNAME}:${CI_PASSWORD}" string in base64) - this environment variable is used for authentication to Azure DevOps registry.
Example: custom-python-settings.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: custom-python-settings
data:
PIP_INDEX_PATH: "/<ORGANIZATION_NAME>/<PROJECT_NAME>/_packaging/<FEED_NAME>/pypi"
PIP_INDEX_URL_PATH: "/<ORGANIZATION_NAME>/<PROJECT_NAME>/_packaging/<FEED_NAME>/pypi/simple"
REPOSITORY_SNAPSHOTS_PATH: "/<ORGANIZATION_NAME>/<PROJECT_NAME>/_packaging/<FEED_NAME>/pypi/upload"
REPOSITORY_RELEASES_PATH: "/<ORGANIZATION_NAME>/<PROJECT_NAME>/_packaging/<FEED_NAME>/pypi/upload"
Customizing NuGet SettingsβοΈ
A new custom configuration map should contain the nuget.config
file, which overrides the default NuGet configuration.
For example, the following configuration map contains the nuget.config
file with the following settings:
- Snapshots/Releases registry: Azure DevOps registry.
- Authentication:
CI_AZURE_DEVOPS_USERNAME
andCI_AZURE_DEVOPS_PASSWORD
- these environment variables are used for authentication to Azure DevOps registry.
- Secrets:
CI_AZURE_DEVOPS_USERNAME
andCI_AZURE_DEVOPS_PASSWORD
- these environment variables are taken from thepackage-registries-auth-secret
secret.
Example: custom-nuget-settings.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: custom-nuget-settings
data:
nuget.config: |
<?xml version="1.0" encoding="utf-8"?>
<configuration>
<packageSources>
<add key="nugetStorageSnapshots" value="https://pkgs.dev.azure.com/<ORGANIZATION_NAME>/<PROJECT_NAME>/_packaging/<FEED_NAME>/nuget/v3/index.json" />
<add key="nugetStorageReleases" value="https://pkgs.dev.azure.com/<ORGANIZATION_NAME>/<PROJECT_NAME>/_packaging/<FEED_NAME>/nuget/v3/index.json" />
</packageSources>
<packageSourceCredentials>
<nugetStorageSnapshots>
<add key="Username" value="%CI_AZURE_DEVOPS_USERNAME%" />
<add key="ClearTextPassword" value="%CI_AZURE_DEVOPS_PASSWORD%" />
</nugetStorageSnapshots>
<nugetStorageReleases>
<add key="Username" value="%CI_AZURE_DEVOPS_USERNAME%" />
<add key="ClearTextPassword" value="%CI_AZURE_DEVOPS_PASSWORD%" />
</nugetStorageReleases>
</packageSourceCredentials>
</configuration>