Air-Gapped Environments
The Digital.ai Release plugin manager has the ability to work in an air-gapped environment, where there's no internet access.
There are 3 options to choose from.
- Configure a reverse HTTP proxy, through which the plugin manager can access the official plugin repository
- Set up a local Nexus instance, and create a
proxy
repository in it that points to Digital.ai official plugin repository - Set up a local Nexus instance, and set up its contents to mirror the official plugin repository, without creating a proxy repository
All the configuration values are located in <distributionRoot>/conf/xl-release.conf
file
Configure access through a reverse HTTP proxy
Only the relevant parts are included here, the rest should stay at default values.
Proxy that doesn't require security credentials
xl {
features {
plugins {
servers {
xebialabs-plugins {
...
<b>proxy {
host: http://proxy.example.com
port: 8888</b>
}
}
}
repositories {
...
}
}
}
}
Proxy that does require security credentials
xl {
features {
plugins {
servers {
xebialabs-plugins {
...
<b>proxy {
host: http://proxy.example.com
port: 8888
credentials {
username: "user"
password: "password"
}
}</b>
}
}
repositories {
...
}
}
}
}
Configure proxy repository on a local Nexus
To achieve this, a Nexus instance with a proxy
type repository has to exist, and the instance has to be visible to the Digital.ai Release server.
To setup this kind of repository please consult Nexus documentation.
Plugin manager only supports Sonatype Nexus 2. Version 3 is unsupported.
The following configuration snippet will make plugin manager always go to your local Nexus, and never to official one. The local Nexus will however require access to the official Nexus.
xl {
features {
plugins {
servers {
<b>local-nexus {</b>
server-type = "nexus"
<b>url = "http://local-nexus-hostname:local-nexus-port/nexus"</b>
credentials {
<b>username = "your-local-nexus-instance-username"
password = "your-local-nexus-instance-password"</b>
}
}
}
repositories {
xlr-official {
<b>server-ref = "local-nexus"</b>
...
}
}
}
}
}
Note: when setting up a proxy repository in Nexus use credentials for official Nexus that came with the distribution, in <xl-release-root>/lib/xlr-server-10.4.0.jar/reference.conf
file. Keys are:
- Username:
xl.features.plugins.servers.xebialabs-official.credentials.username
- Password:
xl.features.plugins.servers.xebialabs-official.credentials.password
Configure Nexus mirror
This option is when your Release server and Nexus have to reside in an environment with zero internet access ("air-gapped").
The solution is to set up a local Nexus instance, and copy the required parts of the official-plugins repository from the official Nexus. Special care needs to be taken to achieve a mirror like repository that matches the folder structure, file names, metadata, hashes, versions etc. of the official-plugins repository from the official Nexus.
Required subtree: official-plugins/com/xebialabs/xlrelease
Note: copying official-plugins/com/xebialabs/deployit
and official-plugins/com/xebialabs/xldeploy
subtrees is not needed for Digital.ai Release server to work, cause the Release server doesn't traverse them at all.
Note: there is no mirror
repository type in Nexus. The word is used here as an analogy.