Create Your Credentials

How to Add Credentials to Access Repositories and Deployment Endpoints.

Intro to Credentials

Credentials are objects within DeployHub that contain username and password pairs. Credentials access the various objects used to retrieve files, interact with git, execute actions, and deploy files. Each Credential can be assigned to various objects within DeployHub, so that a single Credential could be assigned to many Endpoints with the same username/password pair. Credentials are primarily used for accessing Endpoints and Repositories but can be applied to any object in DeployHub that requires a User Name and Password. Credentials are assigned to Domains. Anyone with access to the Domain can view the Credentials. Further restrictions can be applied at the Credential access level .

Note: In order to define a Repository or Endpoint you will need to first define the Credential used to access them.

Containers and Credentials

You may not need Credentials if you only deploy containers. DeployHub uses Helm to perform container deployments. Helm interacts with the Kubernetes cluster, Helm Chart Museum and the container registry to pull charts and images for the deployment. Credentials are only needed to access private container registries and private Chart Museums and are assigned at the Endpoint or Environment level.

Use the Credential List View for Adding or Deleting

Credentials are found under the Setup menu on the left of the DeployHub main panel. By selecting the Credentials menu, you see a list of all Credentials to which you have access. You can also use the Search bar, represented by a funnel icon, to filter Credentials based on Name or Domain.

The Credentials List View has the following Tabs:

Tab Description
Refresh Refreshes the browser.
Add Allows you to Add a new Credential. You will select from:
  • Encrypted in database
  • Private Key
Delete Deletes the selected item.

By double clicking on an item in the list, you will be taken to the Dashboard view.

Use the Credential Dashboard for Viewing and Editing

The Dashboard view displays all information related to a specific Credential.

Common Credential Details

Field Description
Full Domain The fully qualified path of the Domain to which the Credential belongs.
Name The name of the Credential.
Summary A general description of the Credential.
Type The kind of Credential. There are two different Types of Credentials:
  • Encrypted in Database: This Credential Type is used to access external Data Sources such as Git or SalesForce. The username/password pair resides in DeployHub’s database using 3DES encryption.
  • SSH Private Key: An operating system level SSH key used to access Endpoints for deployments.
Owner Type User or Group.
Owner The User name or Group name who created the Credential.
Created The date and time the Credential was created.
Modified The date and time the Credential was last modified.

SSH Private Keys for Connecting to Endpoints

SSH Private Keys are used to access the Endpoints for deployments over ssh protocol. These keys are generated at the operating system level and need to be made available to DeployHub in order to connect to the Endpoints. If you are using SSH Private keys, you will find these files in your Home directory under the .ssh directory. These files need to be created by you using ssh-keygen. ssh-keygen is a Linux or UNIX command line program. It will generate a id_rsa file or id_dsa file depending on your parameters used. See SSH Keygen more information on generating and using SSH Private keys. Following are additional detail paramters needed for SSH Private Key.

Field Description
Username The User name who owns the key and will be used for logging in to the Endpoint.
Filename The fully qualified path to your SSH id_rsa or id_dsa file.

Encrypted in Database User and Password Pairs for Accessing External Data Sources

This Credential can be used for accessing any external repository or tool such as Git, SalesForce, or any kind of Data Source external to DeployHub. The data entered into the Username and Password fields is encrypted in the DeployHub database.

Field Description
Username The User name that will be used to access the object.
Password The password that will be used to access the object.

Credential Access Controls

The Access Section allows Users within designated Groups to update the Credential in various ways. To add a Group to one of the access lists, drag and drop the Group from the Available Groups list onto desired access list. All Users who belong to a Group that appear in one of the Access lists will be granted access to the Credential in the following ways:

Access Description
View Allows the User to see the Credential. If the User does not belong to a Group in the View Access list, the Credential will not appear in the List View.
Change Allows the User to change the Credential’s characteristics i.e. Name, Summary, etc.
Read Allows the User to use the Credential by assigning it to an object such as an EndPoint or Repository.
Last modified July 9, 2020: small cleanup (b45ee8f)