Skip to main content
Version: Deploy 23.1

Air-gapped environments

This topic describes how the Digital.ai Deploy plugin manager operates in environments with restricted internet access.

There are three options to choose from:

  1. Configure a reverse HTTP proxy, through which the plugin manager can access the official plugin repository
  2. Set up a local Nexus instance, and create a proxy repository in it that points to Digital.ai official plugin repository
  3. Set up a local Nexus instance, and set up its contents to mirror the official plugin repository, without creating a proxy repository

All the configuration values are located in <distributionRoot>/centralConfiguration/deploy-plugins.yaml file

Configure access through a reverse HTTP proxy

Only the relevant parts are included here, the rest should stay at default values.

Proxy that doesn't require security credentials

deploy:
plugins:
repositories:
...
servers:
- name: xebialabs-official
...
proxy:
host: http://proxy.example.com
port: 8888

Proxy that does require security credentials

deploy:
plugins:
repositories:
...
servers:
- name: xebialabs-official
...
proxy:
host: http://proxy.example.com
port: 8888
credentials:
username = "user"
password = "password"

Configure proxy repository on a local Nexus

To achieve this, a Nexus instance with a proxy type repository has to exist, and the instance has to be visible to the Digital.ai Deploy server. To setup this kind of repository please consult Nexus documentation.

Plugin manager only supports Sonatype Nexus 2. Version 3 is unsupported.

The following configuration snippet will make plugin manager always go to your local Nexus, and never to official one. The local Nexus will however require access to the official Nexus.

deploy:
plugins:
repositories:
- name: xld-official
server-ref: local-nexus
...
servers:
- credentials:
username: your-local-nexus-instance-username
password: your-local-nexus-instance-password
name: local-nexus
server-type: nexus
url: http://local-nexus-hostname:local-nexus-port/nexus

Note: when setting up a proxy repository in Nexus use credentials that came with the distribution, in deploy-plugin.yaml file. Keys are:

  • Username: deploy.plugins.servers.xebialabs-official.credentials.username
  • Password: deploy.plugins.servers.xebialabs-official.credentials.password

Configure Nexus mirror

The last, and probably most involving option is to setup a local Nexus, and copy the entire official-plugins repository from the official Nexus. Special care needs to be taken to achieve a mirror like repository that matches the folder structure, file names, metadata, hashes, versions etc. of the official-plugins repository from the official Nexus.

Note: there is no mirror repository type in Nexus. The word is used here as an analogy.