|
1 | 1 | // Module included in the following assemblies:
|
2 | 2 | //
|
3 | 3 | // * integration/integrate-with-image-registries.adoc
|
| 4 | + |
4 | 5 | :_mod-docs-content-type: PROCEDURE
|
5 | 6 | [id="manual-configuration-image-registry-gcr_{context}"]
|
6 | 7 | = Manually configuring Google Container Registry
|
7 | 8 |
|
8 |
| -You can integrate {product-title} with Google Container Registry (GCR). |
| 9 | +You can integrate {rh-rhacs-first} with Google Container Registry (GCR). |
9 | 10 |
|
10 | 11 | .Prerequisites
|
11 |
| -* You need either a link:https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity[workload identity] or a service account key for authentication. |
12 |
| -* The associated service account must have access to the registry. |
13 |
| -See link:https://cloud.google.com/container-registry/docs/access-control[Configuring access control] for information about granting users and other projects access to GCR. |
14 |
| -* If you are using link:https://cloud.google.com/container-registry/docs/container-analysis[GCR Container Analysis], you must also grant the following roles to the service account: |
| 12 | +* You have a workload identity or service account key for authentication. |
| 13 | ++ |
| 14 | +For more information, see link:https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity[Authenticate to Google Cloud APIs from GKE workloads] (Google Cloud documentation). |
| 15 | +* You have access to the registry for the associated service account. |
| 16 | ++ |
| 17 | +For more information, see link:https://cloud.google.com/container-registry/docs/access-control[Access control with IAM] (Google Cloud documentation). |
| 18 | +* You have granted the following roles to the service account, if you use GCR Container Analysis: |
| 19 | ++ |
15 | 20 | ** Container Analysis Notes Viewer
|
16 | 21 | ** Container Analysis Occurrences Viewer
|
17 | 22 | ** Storage Object Viewer
|
| 23 | ++ |
| 24 | +For more information, see link:https://cloud.google.com/container-registry/docs/container-analysis[Container analysis and vulnerability scanning] (Google Cloud documentation). |
18 | 25 |
|
19 | 26 | .Procedure
|
20 |
| -. In the {product-title-short} portal, go to *Platform Configuration* -> *Integrations*. |
21 |
| -. Under the *Image Integrations* section, select *Google Container Registry*. |
22 |
| -. Click *New integration*. |
23 |
| -. Enter the details for the following fields: |
24 |
| -.. *Integration name*: The name of the integration. |
25 |
| -.. *Type*: Select *Registry*. |
26 |
| -.. *Registry Endpoint*: The address of the registry. |
27 |
| -.. *Project*: The Google Cloud project name. |
28 |
| -.. *Use workload identity*: Check to authenticate using a workload identity. |
29 |
| -.. *Service account key (JSON)*: Your service account key for authentication. |
30 |
| -. Select *Create integration without testing* to create the integration without testing the connection to the registry. |
31 |
| -. Select *Test* to test that the integration with the selected registry is working. |
32 |
| -. Select *Save*. |
| 27 | +. In the {product-title-short} portal, click *Platform Configuration* -> *Integrations*. |
| 28 | +. In the *Image Integrations* section, click *Google Container Registry*. |
| 29 | +. To create a new integration, click *New integration*. |
| 30 | +. Enter a name for your integration. |
| 31 | +. Choose the appropriate type of integration that you want to configure: |
| 32 | +** To configure an integration that includes the container image registry, select *Registry*. |
| 33 | +** To configure an integration that includes Scanner, select *Scanner*. |
| 34 | +** To configure an integration that includes the container image registry and Scanner, select *Registry+Scanner*. |
| 35 | +. Enter the address of your registry. |
| 36 | +. Optional: Enter the name of your Google Cloud project. {product-title-short} matches the images against the project of the registry. If you do not specify the project name, {product-title-short} matches the images against all the projects. |
| 37 | +. Optional: Select the *Use workload identity* checkbox to authenticate by using a workload identity. |
| 38 | +. Enter your service account key for authentication. |
| 39 | +. Optional: Select the *Create integration without testing* checkbox to create your integration without testing the connection to the registry. |
| 40 | +. Optional: To test your integration with the selected registry, click *Test*. |
| 41 | +. To save your integration, click *Save*. |
0 commit comments