Preparing the Git connection

For an authoring or development environment, set up a connection to a Git server.

About this task

You set up the Git organization for Automation Document Processing after the operator deploys the environment. However, you can configure a secure connection to the required Git server as part of the operator deployment. You accomplish this step by importing a certificate from Git hub and creating a secret that you can add to your CR YAML.

Procedure

If the root certificate authority (CA) key of the external service is not signed by the operator root CA key, provide the TLS certificate of the external service to the component's truststore.
The certificate includes the root CA key and the key of each component. If the external service is not installed by the same custom resource, the root CA key of the service is not signed by the operator root CA key. If the service is installed by the same custom resource, check the documentation of the external service to see whether it uses the same root CA key.
  1. Get the root CA that is used to sign your external service and save it to a certificate, for example external-service-cert.crt.
    See OpenSSL for instructions to export the root CA of your external service.

    You can also download the certificate by clicking the lock icon in your browser address bar. Navigate to the secure connection information to view and download the certificate to your local system.

  2. To create the secret, run the following command in the OpenShift project:
    kubectl create secret generic secretName --from-file=tls.crt=your_cert_path/external-service-cert.crt
    Substitute your values for secretName and your_cert_path/external-service-cert.crt. The certificate and key files must be in Privacy Enhanced Mail (PEM) format, and must start with -----BEGIN CERTIFICATE-----.
  3. Add the secret to the component's truststore.
    When you prepare your CR YAML, add the secret in the shared_configuration.trusted_certificate_list parameter if you want this service to be trusted by all components installed by the operator.
    For example:
    shared_configuration:
      …
      trusted_certificate_list: [adw-tls-secret, baw-tls-secret, git-tls-secret]
    This variable is an array and multiple values can be provided by separating them with a comma as shown in the example.

What to do next

To prepare your environment for other components from other patterns or capabilities, see Preparing for other components.