Skip to content

Add a Custom App Store Registry#

Overview#

An App Store Registry is a container registry that contains OCI compliant images of an App. It is where you will upload your full App content and code as a single OCI image.

The manifest.spec.image field will point to the specific App image with a specific tag for each version.

Adding a Registry to the App Store#

Creating a Credentials Secret#

Before you can add a Registry to the App Store, you must create a Kubernetes secret that contains the credentials to connect to the Registry git repository over HTTPS. This can be done using the following resource where you replace the data with the correct base64 encoded values.

apiVersion: v1
kind: Secret
type: Opaque
metadata:
  name: your-creds # A unique secret name
data:
  username: <base64(username)> # Base64 encoded username
  password: <base64(password or token)> # Base64 encoded password/token

kubectl apply -f - <<EOF
apiVersion: v1
kind: Secret
type: Opaque
metadata:
  name: your-creds # A unique secret name
data:
  username: <base64(username)> # Base64 encoded username
  password: <base64(password or token)> # Base64 encoded password/token
EOF

Make sure to give the secret a different name than the Catalog Credentials secret

Creating the Registry#

You can create your own Registry using the following resource. This uses the above created secret as authSecretRef.

apiVersion: appstore.eda.nokia.com/v1
kind: Registry
metadata:
  name: your-registry # name of your registry
spec:
  remoteURL: <url-to-your-registry.com> # link to your registry
  authSecretRef: your-registry-creds # reference to valid credentials for your registry
  skipTLSVerify: {true|false}

kubectl apply -f - <<EOF
apiVersion: appstore.eda.nokia.com/v1
kind: Registry
metadata:
  name: your-registry # name of your registry
spec:
  remoteURL: <url-to-your-registry.com> # link to your registry
  authSecretRef: your-registry-creds # reference to valid credentials for your registry
  skipTLSVerify: {true|false}
EOF

Mirroring a Registry to the App Store#

If it is not possible to use a registry that is referenced in the manifests of a certain catalog, you can mirror that registry to a local registry and then update the Registry resource in the EDA Kubernetes cluster and update the mirrorUrl to point to the mirror hostname.

Only the hostname/FQDN will be replaced, image repositories and tags are assumed to be the same when using a mirror.

Limitations#

Using Artifactory container registry with Apps using embedded container images#

Artifactory currently doesn't support OCI compliant images with embedded container images. If you are creating an advanced App that uses its own container image, you can not use Artifactory as a registry. An alternative could be to host your own Harbor registry.

Regular MicroPython Apps do not have this limitation, for these Artifactory will work fine.