You configure credentials for remote repositories in a Git server. Business experts can
connect a decision service to a remote repository after the credentials are configured in Decision Designer.
Before you begin
You need to have the Administer platform for decision services permission
to access the administration page. For more information, see Managing user permissions.
The credentials that are related to the remote repository must have write access. For more
information about configuring Git credentials, see Configuring Decision
Designer.
The encryption key that stores the credentials must be set in Kubernetes. Its identifier is
displayed in the ID field on the administration page in Decision Designer. The administrator can check which
key is used to encrypt which credentials.
Procedure
-
Go to the administration page in Decision Designer by adding
/admin-platform at the end of the URL of Decision Designer in your browser:
https://<decision_designer_url>/admin-platform
The Credentials tab opens on the Settings page.
- To add a remote repository, click New.
- In the ID field, enter a Git URI. You can enter a URI in HTTP,
HTTPS, or SSH:
https://myGitServer.com/<user>/<repository_name>.git
For SSH, you can enter a URI with the following
patterns:
git@myGitServer.com:<user>/<repository_name>.git
ssh://git@myGitServer.com:<port>/<user>/<repository_name>.git
Including
the SSH protocol is useful if you need to change the default SSH port.
To enter credentials for all repositories in the same hostname at once, you can create
credentials based on the hostname. The URI that you enter becomes shorter, as shown in this
example:
https://myGitServer.com
You can also create and enter credentials for all repositories of a specific user, as shown in
this example:
https://myGitServer.com/<user>
Entering credentials for the same hostname or the same user works for the SSH URI as well.
The credentials system looks for the biggest common prefix that matches with the repository URI
you want to connect to. If you connect a remote repository
https://mygithubserver.com/myuser/myRepo.git, the longest ID is used for
authentication.
- In the Authentication type field, select a type from the drop-down
menu.
Note:
- If you are using GitHub, you can select SSH_KEY.
- If you are using Gitea, you can select USERNAME or
SSH_KEY.
Table 1. Types
| Type |
Description |
| USERNAME |
Enter the username and the password to access the remote repository.
Restriction: You cannot use password-based HTTP basic authentication to connect to a
GitHub repository. You must use a personal access token instead of password.
|
| SSH_KEY |
You can generate a public/private key pair by using the following
command: ssh-keygen -t rsa -b 4096 -C “yourEmail@example.com” -m PEM -f "yourKeyName" -q -P ""
Restriction: Automation Decision Services does not
support the custom OpenSSH private key format that is generated by ssh-keygen by
default. The -m PEM parameter is used here because you must have a PKCS
#1 PEM private key.
Two keys are generated:
- Private key to keep in Automation Decision Services:
yourKeyName
- Public key to put on GitHub: yourKeyName.pub
You can enter the private key or the public key in the SSH key field:
- To enter the private key, copy the content of
yourKeyName and paste it in the SSH
key field.
- To enter the public key from GitHub, there are two ways:
- You can put the public key in your profile settings, and it can be used in all repositories that
you have access to.
- You can put the public key in the repository setting (deploy key).
|
| API_KEY |
Restriction: This type is reserved for usage in the future releases. Do not use it to
enter a personal access token.
|
- In the Credentials type field, select GIT
from the drop-down menu.
- Click Save.
- Optional: To edit or delete the configuration, click the edit icon or the
delete icon next to a selected ID.
What to do next
A business expert can now connect a decision service to the remote repository. For more
information, see Connecting a project to a remote Git repository.