Configuring Oracle Object Storage Artifact Credentials
Spinnaker stages that read data from artifacts can consume Oracle Object Storage objects as artifacts.
Download credentials
If you have enabled Oracle Cloud provider in Spinnaker, you may use the same region, Tenancy’s OCID, user’s OCID, private key file, and fingerprint to enable Oracle Object Storage Artifact. You will need the following to enable Oracle Object Storage Artifact in Spinnaker:
-
A user in IAM for the person or system who will be using Spinnaker, and that user must be granted access to Object Storage or in one IAM group with permissions of Object Storage.
See Adding Users , and Object Storage Policy
-
The user’s home region.
See Managing Regions . (e.g.
--region us-ashburn-1) -
RSA key pair in PEM format (minimum 2048 bits).
See How to Generate an API Signing Key . (e.g.
--ssh-private-key-file-path /home/ubuntu/.oci/myPrivateKey.pem) -
Fingerprint of the public key.
See How to Get the Key’s Fingerprint . (e.g.
--fingerprint 11:22:33:..:aa) -
Tenancy’s OCID and user’s OCID.
See Where to Get the Tenancy’s OCID and User’s OCID . (e.g.
--tenancyId ocid1.tenancy.oc1..aa... --user-id ocid1.user.oc1..aa...) -
Upload the public key from the key pair in the Console.
-
Namespace: this is your Tenancy name. On Oracle Cloud Console, click on the user menu. The Tenancy name is next to your user name.
See Object Storage Namespaces , and Managing Compartments . (e.g.
--namespace my-tenancy)
Add the credentials either to a secrets manager for use by reference or to a volume mounted into the clouddriver pods by modifying the deployment.yaml for clouddriver.
Add the account and enable it
Add to clouddriver-local.yml the following configuration
artifacts:
enabled: true
oracle:
enabled: true
accounts:
- name: my-dev-account
namespace: <replaceme>
region: region
userId: userId
fingerprint: fingerprint
sshPrivateKeyFilePath: /mnt/someplace|encryptedFileReference
privateKeyPassphrase: phrase|encryptedReference
tenancyId: <replaceme>