--- menu: learn: parent: Patterns quick start title: Installing Patterns in Private Repos weight: 51 aliases: /learn/private-repos/ --- :toc: :_content-type: ASSEMBLY include::modules/comm-attributes.adoc[] [id="private-repos"] == Deploying patterns from private repositories You can deploy patterns from git repositories that are either password-protected or secured with an SSH key. == Using an SSH key To deploy a pattern from an SSH-secured private repository, create a secret for repository access and then reference it in your pattern's Custom Resource. === Create a secret for repository access Generate a secret containing the credentials for accessing your repository. This secret should be formatted according to link:https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#repositories[ArgoCD's declarative setup guidelines]. [source,yaml] ---- apiVersion: v1 kind: Secret metadata: name: private-repo namespace: openshift-operators labels: argocd.argoproj.io/secret-type: repository stringData: type: git url: git@github.com:mbaldessari/mcg-private.git sshPrivateKey: | -----BEGIN OPENSSH PRIVATE KEY----- a3... ... ... -----END OPENSSH PRIVATE KEY----- ---- === Deploy the pattern with the secret Reference the secret you created by passing `TOKEN_SECRET` and `TOKEN_NAMESPACE` to the install command: [source,terminal] ---- ./pattern.sh make TOKEN_SECRET=private-repo TOKEN_NAMESPACE=openshift-operators install ---- This command assumes that the `private-repo` secret exists and that the `origin` remote of the repository points to `git@github.com:mbaldessari/mcg-private.git` as specified in the secret. The install sets the `tokenSecret` and `tokenSecretNamespace` fields on the pattern's Custom Resource, which ensures that all Argo instances can access the private repository. If you need to create the pattern CR manually instead, set those fields directly: [source,yaml] ---- apiVersion: gitops.hybrid-cloud-patterns.io/v1alpha1 kind: Pattern metadata: name: pattern-sample namespace: patterns-operator spec: clusterGroupName: hub gitSpec: targetRepo: git@github.com:mbaldessari/mcg-private.git targetRevision: private-repo tokenSecret: private-repo tokenSecretNamespace: openshift-operators ---- == Using a GitLab private repository with a PAT First, make sure your PAT has at least Read and Download permissions for your private repository. As with the SSH example above, create a secret before running the install: [source,yaml] ---- apiVersion: v1 kind: Secret metadata: name: private-repo namespace: openshift-operators labels: argocd.argoproj.io/secret-type: repository stringData: type: git url: https://gitlab.com/dminnear-rh/mcg-private.git username: oauth2 password: glpat-xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx ---- NOTE: The username must be `oauth2`, not your GitLab handle. Then reference the secret in the install: [source,terminal] ---- ./pattern.sh make TOKEN_SECRET=private-repo TOKEN_NAMESPACE=openshift-operators install ----