Skip to content

Commit c18007f

Browse files
author
Agil Antony
committed
ROX29350 Updating docs for Google Artifact Registry integration
ROX29350 Review comments ROX29350 Minor updates ROX29350 Review comments ROX29350 Review comments
1 parent 39e2c3e commit c18007f

File tree

2 files changed

+45
-34
lines changed

2 files changed

+45
-34
lines changed
Lines changed: 18 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -1,27 +1,29 @@
11
// Module included in the following assemblies:
22
//
33
// * integration/integrate-with-image-registries.adoc
4+
45
:_mod-docs-content-type: PROCEDURE
56
[id="manual-configuration-image-registry-gar_{context}"]
67
= Manually configuring Google Artifact Registry
78

8-
You can integrate {product-title} with Google Artifact Registry.
9+
You can integrate {rh-rhacs-first} with the Google Artifact Registry (GAR).
910

1011
.Prerequisites
11-
* You need either a link:https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity[workload identity] or a service account key for authentication.
12-
* The associated service account must have the *Artifact Registry Reader* Identity
13-
and Access Management (IAM) role `roles/artifactregistry.reader`.
12+
* You have a workload identity or service account key for authentication.
13+
+
14+
For more information, see link:https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity[Authenticate to Google Cloud APIs from GKE workloads] (Google Cloud documentation).
15+
* You have the artifact registry reader Identity
16+
and Access Management (IAM) role, `roles/artifactregistry.reader` for the associated service account.
1417
1518
.Procedure
16-
. In the {product-title-short} portal, go to *Platform Configuration* -> *Integrations*.
17-
. Under the *Image Integrations* section, select *Google Artifact Registry*.
18-
. Click *New integration*.
19-
. Enter the details for the following fields:
20-
.. *Integration name*: The name of the integration.
21-
.. *Registry endpoint*: The address of the registry.
22-
.. *Project*: The Google Cloud project name.
23-
.. *Use workload identity*: Check to authenticate using a workload identity.
24-
.. *Service account key (JSON)*: Your service account key for authentication.
25-
. Select *Create integration without testing* to create the integration without testing the connection to the registry.
26-
. Select *Test* to test that the integration with the selected registry is working.
27-
. Select *Save*.
19+
. In the {product-title-short} portal, click *Platform Configuration* -> *Integrations*.
20+
. In the *Image Integrations* section, click *Google Artifact Registry*.
21+
. To create a new integration, click *New integration*.
22+
. Enter a name for your integration.
23+
. Enter the address of your registry.
24+
. Optional: Enter the name of your Google Cloud project. {product-title-short} matches the images against the project of the registry. If you do not specify the project name, {product-title-short} matches the images against all the projects.
25+
. Optional: Select the *Use workload identity* checkbox to authenticate by using a workload identity.
26+
. Enter your service account key for authentication.
27+
. Optional: Select the *Create integration without testing* checkbox to create your integration without testing the connection to the registry.
28+
. Optional: To test your integration with the selected registry, click *Test*.
29+
. To save your integration, click *Save*.
Lines changed: 27 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -1,32 +1,41 @@
11
// Module included in the following assemblies:
22
//
33
// * integration/integrate-with-image-registries.adoc
4+
45
:_mod-docs-content-type: PROCEDURE
56
[id="manual-configuration-image-registry-gcr_{context}"]
67
= Manually configuring Google Container Registry
78

8-
You can integrate {product-title} with Google Container Registry (GCR).
9+
You can integrate {rh-rhacs-first} with Google Container Registry (GCR).
910

1011
.Prerequisites
11-
* You need either a link:https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity[workload identity] or a service account key for authentication.
12-
* The associated service account must have access to the registry.
13-
See link:https://cloud.google.com/container-registry/docs/access-control[Configuring access control] for information about granting users and other projects access to GCR.
14-
* If you are using link:https://cloud.google.com/container-registry/docs/container-analysis[GCR Container Analysis], you must also grant the following roles to the service account:
12+
* You have a workload identity or service account key for authentication.
13+
+
14+
For more information, see link:https://cloud.google.com/kubernetes-engine/docs/how-to/workload-identity[Authenticate to Google Cloud APIs from GKE workloads] (Google Cloud documentation).
15+
* You have access to the registry for the associated service account.
16+
+
17+
For more information, see link:https://cloud.google.com/container-registry/docs/access-control[Access control with IAM] (Google Cloud documentation).
18+
* You have granted the following roles to the service account, if you use GCR Container Analysis:
19+
+
1520
** Container Analysis Notes Viewer
1621
** Container Analysis Occurrences Viewer
1722
** Storage Object Viewer
23+
+
24+
For more information, see link:https://cloud.google.com/container-registry/docs/container-analysis[Container analysis and vulnerability scanning] (Google Cloud documentation).
1825
1926
.Procedure
20-
. In the {product-title-short} portal, go to *Platform Configuration* -> *Integrations*.
21-
. Under the *Image Integrations* section, select *Google Container Registry*.
22-
. Click *New integration*.
23-
. Enter the details for the following fields:
24-
.. *Integration name*: The name of the integration.
25-
.. *Type*: Select *Registry*.
26-
.. *Registry Endpoint*: The address of the registry.
27-
.. *Project*: The Google Cloud project name.
28-
.. *Use workload identity*: Check to authenticate using a workload identity.
29-
.. *Service account key (JSON)*: Your service account key for authentication.
30-
. Select *Create integration without testing* to create the integration without testing the connection to the registry.
31-
. Select *Test* to test that the integration with the selected registry is working.
32-
. Select *Save*.
27+
. In the {product-title-short} portal, click *Platform Configuration* -> *Integrations*.
28+
. In the *Image Integrations* section, click *Google Container Registry*.
29+
. To create a new integration, click *New integration*.
30+
. Enter a name for your integration.
31+
. Choose the appropriate type of integration that you want to configure:
32+
** To configure an integration that includes the container image registry, select *Registry*.
33+
** To configure an integration that includes Scanner, select *Scanner*.
34+
** To configure an integration that includes the container image registry and Scanner, select *Registry+Scanner*.
35+
. Enter the address of your registry.
36+
. Optional: Enter the name of your Google Cloud project. {product-title-short} matches the images against the project of the registry. If you do not specify the project name, {product-title-short} matches the images against all the projects.
37+
. Optional: Select the *Use workload identity* checkbox to authenticate by using a workload identity.
38+
. Enter your service account key for authentication.
39+
. Optional: Select the *Create integration without testing* checkbox to create your integration without testing the connection to the registry.
40+
. Optional: To test your integration with the selected registry, click *Test*.
41+
. To save your integration, click *Save*.

0 commit comments

Comments
 (0)