You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Create a new [incoming application link](https://confluence.atlassian.com/bitbucketserver/configure-an-incoming-link-1108483657.html) from
432
+
the BitBucket administration dashboard. You will be asked to enter a unique name and the redirect URL for the external application. The redirect URL
433
+
should be set to `$WGE_DASHBOARD_URL/oauth/bitbucketserver`. You will also need to select permissions for the application. The minimum set of
434
+
permissions needed for WGE to create pull requests on behalf of users is `Repositories - Write`. An example of configuring these settings is shown below.
435
+
436
+
<figure>
437
+
438
+
<img src={oauthBitbucket} width="500"/>
439
+
440
+
<figcaption>Configuring a new incoming application link</figcaption>
441
+
</figure>
442
+
443
+
444
+
Save your application and take note of the **Client ID** and **Client Secret**. Save
445
+
them into the `git-provider-credentials` secret, along with:
446
+
447
+
- `GIT_HOST_TYPES`to tell WGE that the host is bitbucket-server
448
+
- `BITBUCKET_SERVER_HOSTNAME`where the OAuth app is hosted
If BitBucket Server is running on the default port (7990), make sure you include the port number in the values of the secret. For example: `GIT_HOST_TYPES=git.example.com:7990=bitbucket-server`
Navigate to [VisualStudio](https://app.vsaex.visualstudio.com/app/register) and register a new application, as explained in the [docs](https://learn.microsoft.com/en-us/azure/devops/integrate/get-started/authentication/oauth?view=azure-devops#1-register-your-app). Set the authorization callback URL and select which scopes to grant. Set the callback URL to `$WGE_DASHBOARD_URL/oauth/azuredevops`.
477
+
478
+
Select the `Code (read and write)` scope from the list. This is necessary so that WGE can create pull requests on behalf of users. An example of configuring these settings is shown below.
479
+
480
+
<figure>
481
+
<img src={oauthAzureDevOps}/>
482
+
<figcaption>Creating a new application</figcaption>
483
+
</figure>
484
+
485
+
After creating your application, you will be presented with the application settings. Take note of the `App ID` and `Client Secret` values—you will use them to configure WGE.
377
486
487
+
<figure>
488
+
<img src={oauthAzureDevOpsSuccess}/>
489
+
<figcaption>Application settings</figcaption>
490
+
</figure>
378
491
492
+
In your cluster, create a secret named `git-provider-credentials` that contains the `App ID` and `Client Secret` values from the newly created application.
Flux will reconcile the helm-release and WGE will be deployed into the cluster. You can check the `flux-system` namespace to verify all pods are running.
545
+
546
+
</TabItem>
547
+
</Tabs>
548
+
549
+
### Enable Infrastructure Management via Tf-Controller
379
550
380
551
381
552
@@ -553,12 +724,6 @@ and information as to why they're not.
553
724
554
725
555
726
556
-
557
-
558
-
### Cluster User
559
-
560
-
561
-
562
727
### Customise the UI
563
728
564
729
#### Login
@@ -574,176 +739,8 @@ extraEnvVars:
574
739
value: "Login with ACME"
575
740
```
576
741
577
-
### Install Other Components
578
-
579
-
#### Cluster Management via CAPI
580
-
581
-
TBA
582
-
583
-
#### Policy via Weave Policy Agent
584
-
585
-
To install [Policy Agent](../../policy/intro.mdx) follow any of the following approaches:
586
-
587
-
<Tabs groupId="policy agent" default>
588
-
<TabItem value="cli" label="cli">
589
-
590
-
You could configure this stage by using the following flags and examples:
Flux will reconcile the helm-release and WGE will be deployed into the cluster. You can check the `flux-system` namespace to verify all pods are running.
616
-
617
-
</TabItem>
618
-
</Tabs>
619
-
620
-
#### Infrastructure via Tf-Controller
621
-
622
-
// TBA
623
-
624
-
625
-
### Configure Write Access to Git
626
-
627
-
Weave GitOps Enterprise creates pull requests for adding resources. To do this, it needs to be able to write to the Git repository.
628
-
Here we provide guidance for GitHub, GitLab, BitBucket Server, and Azure DevOps.
629
-
630
-
<Tabs groupId="git-provider" default>
631
-
<TabItem value="github" label="GitHub">
632
-
GitHub requires no additional configuration for OAuth git access
633
-
</TabItem>
634
-
<TabItem value="gitlab" label="GitLab">
635
-
636
-
Create a GitLab OAuth application that will request `api` permissions to create pull requests on your behalf.
637
-
638
-
Follow the [GitLab docs](https://docs.gitlab.com/ee/integration/oauth_provider.html).
639
-
640
-
The application should have at least these scopes:
641
-
642
-
- `api`
643
-
- `openid`
644
-
- `email`
645
-
- `profile`
646
-
647
-
Add callback URLs to the application for each address the UI will be exposed on, e.g.:
648
-
649
-
- `https://localhost:8000/oauth/gitlab`for port-forwarding and testing
650
-
- `https://git.example.com/oauth/gitlab`for production use
651
-
652
-
Save your application, taking note of the **Client ID** and **Client Secret**. Save
653
-
them into the `git-provider-credentials` secret, along with:
654
-
655
-
- `GIT_HOST_TYPES`to tell WGE that the host is gitlab
Create a new [incoming application link](https://confluence.atlassian.com/bitbucketserver/configure-an-incoming-link-1108483657.html) from
672
-
the BitBucket administration dashboard. You will be asked to enter a unique name and the redirect URL for the external application. The redirect URL
673
-
should be set to `$WGE_DASHBOARD_URL/oauth/bitbucketserver`. You will also need to select permissions for the application. The minimum set of
674
-
permissions needed for WGE to create pull requests on behalf of users is `Repositories - Write`. An example of configuring these settings is shown below.
675
-
676
-
<figure>
677
-
678
-
<img src={oauthBitbucket} width="500"/>
679
-
680
-
<figcaption>Configuring a new incoming application link</figcaption>
681
-
</figure>
682
-
683
-
684
-
Save your application and take note of the **Client ID** and **Client Secret**. Save
685
-
them into the `git-provider-credentials` secret, along with:
686
-
687
-
- `GIT_HOST_TYPES`to tell WGE that the host is bitbucket-server
688
-
- `BITBUCKET_SERVER_HOSTNAME`where the OAuth app is hosted
If BitBucket Server is running on the default port (7990), make sure you include the port number in the values of the secret. For example: `GIT_HOST_TYPES=git.example.com:7990=bitbucket-server`
Navigate to [VisualStudio](https://app.vsaex.visualstudio.com/app/register) and register a new application, as explained in the [docs](https://learn.microsoft.com/en-us/azure/devops/integrate/get-started/authentication/oauth?view=azure-devops#1-register-your-app). Set the authorization callback URL and select which scopes to grant. Set the callback URL to `$WGE_DASHBOARD_URL/oauth/azuredevops`.
717
-
718
-
Select the `Code (read and write)` scope from the list. This is necessary so that WGE can create pull requests on behalf of users. An example of configuring these settings is shown below.
719
-
720
-
<figure>
721
-
<img src={oauthAzureDevOps}/>
722
-
<figcaption>Creating a new application</figcaption>
723
-
</figure>
724
-
725
-
After creating your application, you will be presented with the application settings. Take note of the `App ID` and `Client Secret` values—you will use them to configure WGE.
726
-
727
-
<figure>
728
-
<img src={oauthAzureDevOpsSuccess}/>
729
-
<figcaption>Application settings</figcaption>
730
-
</figure>
731
-
732
-
In your cluster, create a secret named `git-provider-credentials` that contains the `App ID` and `Client Secret` values from the newly created application.
0 commit comments