BarAuth type
Use the BarAuth
type to create configurations that
contain credentials for connecting to an external repository system that stores one or more BAR
files that you want to deploy to an integration runtime. This
configuration is useful if you set up continuous integration and continuous delivery (CI/CD)
pipelines to automate and manage your DevOps processes, and want to directly reference BAR files in
your repository management system for deployment.
Summary of key details for the configuration type
File name or type | Contains secrets | Path extracted/imported to | Maximum allowed per integration runtime |
---|---|---|---|
JSON | Yes |
JSON content is extracted to /home/aceuser/secrets/ Any CA certificates are extracted to /home/aceuser/barurlendpoint |
1 |
About the BarAuth file
The BarAuth
type requires a JSON file that contains credentials for connecting
to an HTTPS endpoint where one or more BAR files are stored.
These BAR files can be referenced in a comma-separated list within the Bar URL field or corresponding spec.barURL parameter when creating an integration runtime. The same credentials must apply for all the BAR files that you reference for deployment to an integration runtime.
You can apply only one configuration of type BarAuth
to an integration runtime. However, multiple integration runtimes can use a BarAuth
configuration to connect to the same endpoint.
The credentials that are needed to connect to an external repository depend on the type of security that is configured for the endpoint. Connections are supported to endpoints that require basic authentication credentials, endpoints that use certificates that are self-signed or issued by a corporate or trusted certificate authority (CA), or endpoints that require no authentication.
- Define the JSON content to use to establish your preferred connection:
- If the endpoint requires no authentication, specify a blank username and password in JSON format
in a text editor:
{"authType":"BASIC_AUTH","credentials":{"username":"","password":""}}
- If the endpoint is secured with basic authentication, specify a valid username and password in
JSON format in a text editor:
{"authType":"BASIC_AUTH","credentials":{"username":"myUsername","password":"myPassword"}}
Note:If you're using basic authentication that requires a username with an API key as the password, you can specify the API key as the myPassword value.
If you are connecting to an endpoint that uses a certificate from a trusted CA, you can connect by using basic authentication without the need to specify any certificate details.
- If you want to ignore all certificate errors from the endpoint, include the
insecureSsl: true
setting in the JSON content in a text editor:{"authType":"BASIC_AUTH","credentials":{"username":"myUsername","password":"myPassword","insecureSsl":"true"}}
- If the endpoint is secured by a certificate that is self-signed or issued by a corporate CA, use
a
caCert
setting to provide the actual certificate. To specify the certificate content in a JSON-compliant format, you must remove any line breaks from the certificate by converting it to a single line.- Use your preferred method to convert the certificate content to a single line. In the following
example, the awk command is used to replace any hidden newline characters in a
certificate file (named caCert.pem) with the end-of-line terminator
(
\n
). The resulting output displays the certificate content as a single line.awk 'NF {sub(/\r/, ""); printf "%s\\n",$0;}' caCert.pem
- In a text editor, add the following JSON content with a
caCert
value that specifies the single-line output for the certificate content:{"authType":"BASIC_AUTH","credentials":{"username":"myUsername","password":"myPassword","caCert":"-----BEGIN CERTIFICATE-----\nThisText\nREPRESENTSa\nVERYlongSringOfCharactersINa\nSingleLine\n-----END CERTIFICATE-----\n"}}
- Use your preferred method to convert the certificate content to a single line. In the following
example, the awk command is used to replace any hidden newline characters in a
certificate file (named caCert.pem) with the end-of-line terminator
(
- If the endpoint requires no authentication, specify a blank username and password in JSON format
in a text editor:
- Save the completed file as filename.json and then close it.
After you create the configuration, ensure that its check box is selected in the configurations table.
When you deploy the integration runtime, the .json file is extracted into the default configuration directory /home/aceuser/secrets/, and any CA certificates that you specify in the credentials are extracted to /home/aceuser/barurlendpoint.
Creating a configuration for the BarAuth type by using the configuration panel
You can create a BarAuth
-type configuration while creating an integration runtime, or independently, as follows.
- Open the Configuration page by clicking the Configuration icon in the navigation pane. Then, click Create configuration. For more information, see Creating configurations on the Configurations page.
- From the
Create configuration
panel, select BarAuth from the Type list. - In the Name field, specify a name for this configuration.
- In the Description field, specify text that might
help you identify the integration runtime for which
authentication credentials are configured, or the HTTPS endpoint that the credentials relate to.
- Complete the BarAuth section by completing either of the following steps.
- Copy the contents of your .json file and then paste it into the
BarAuth text editor.
- Import your .json file from your file system.
- Click the Import barauth file icon .
- Click within the boxed area to select the file from a file browser, or drag and drop the file.
The name of the imported file is displayed.
- If you want to view the file contents, click View file contents to return
to the text editor.
Tip: For security reasons, the password in the .json content that you add is available only as aREDACTED
value after you create the configuration. - Copy the contents of your .json file and then paste it into the
BarAuth text editor.
- Click Create. The configuration is added to the configurations table and can be selected for use with an integration runtime.
Updating or deleting a configuration
If you need to update the content or settings in a configuration, or delete a configuration that's no longer needed, see Creating configurations on the Configurations page.