Airtight environments
This topic describes how the Digital.ai Deploy plugin manager operates in environments with restricted internet access.
There are three options to choose from:
- Configure a reverse HTTP proxy, through which the plugin manager can access the official plugin repository
- Set up a local Nexus instance, and create a
proxyrepository in it that points to Digital.ai official plugin repository - Set up a local Nexus instance, and set up its contents to mirror the official plugin repository, without creating a proxy repository
All the configuration values are located in <distributionRoot>/centralConfiguration/deploy-plugins.yaml file
Configure access through a reverse HTTP proxy
Only the relevant parts are included here, the rest should stay at default values.
Proxy that doesn't require security credentials
deploy: plugins: repositories: ... servers:
- name: xebialabs-official ... proxy: host: http://proxy.example.com port: 8888
Proxy that does require security credentials
deploy: plugins: repositories: ... servers:
- name: xebialabs-official ... proxy: host: http://proxy.example.com port: 8888 credentials: username = "user" password = "password"
Configure proxy repository on a local Nexus
To achieve this, a Nexus instance with a proxy type repository has to exist, and the instance has to be visible to the Digital.ai Deploy server.
To setup this kind of repository please consult Nexus documentation.
Plugin manager only supports Sonatype Nexus 2. Version 3 is unsupported.
The following configuration snippet will make plugin manager always go to your local Nexus, and never to official one. The local Nexus will however require access to the official Nexus.
deploy:
plugins:
repositories:
- name: xld-official
server-ref: local-nexus
...
servers:
- credentials:
username: your-local-nexus-instance-username
password: your-local-nexus-instance-password
name: local-nexus
server-type: nexus
url: http://local-nexus-hostname:local-nexus-port/nexus
Note: when setting up a proxy repository in Nexus use credentials that came with the distribution, in deploy-plugin.yaml file. Keys are:
- Username:
deploy.plugins.servers.xebialabs-official.credentials.username - Password:
deploy.plugins.servers.xebialabs-official.credentials.password
Configure Nexus mirror
The last, and probably most involving option is to setup a local Nexus, and copy the entire official-plugins repository from the official Nexus. Special care needs to be taken to achieve a mirror like repository that matches the folder structure, file names, metadata, hashes, versions etc. of the official-plugins repository from the official Nexus.
Note: there is no mirror repository type in Nexus. The word is used here as an analogy.