Authentication
Most of the operations available in the Application Collection require authentication, such as: installing a Helm chart, running a container image or consuming the REST API. In this page, you will learn how to generate an access token and configure the most common tools to use the Collection.
Creating an access token
Before reading this block, make sure you have an account with access to Application Collection.
- Open the webapp in your browser of choice and sign in
- In the upper-right corner you will see your profile picture. Click on it
- In the pop-up, click on
Access tokens
- Insert a meaningful description for the new token in the input below Create Token
- Click on
Create
. This will show a green box, with the token contents on it
Integrations
At this point, you already created an access token, but you are not sure about how to use it.
Below we will show you how to quickly use it with docker
, podman
, helm
, kubectl
and curl
.
Note: every time an access token is created, copy-pastable helper commands are shown for configuring the token inmediately.
Docker
In order to set up docker
with the new token, you will need to open a terminal and run:
docker login dp.apps.rancher.io/containers -u <your-suse-email> -p <the-access-token>
After that, you can check the configuration by pulling an image. This is an example of the output you should get upon a successful pull:
$ docker pull dp.apps.rancher.io/containers/openjdk:17.0.10
17.0.10: Pulling from containers/openjdk
26cbacfd9b54: Pull complete
d3e7d6906a04: Pull complete
Digest: sha256:0f14a2a18e441da428b63e3854fe29fa6f9f20af5b99ba9780adb36bee65f5e4
Status: Downloaded newer image for dp.apps.rancher.io/containers/openjdk:17.0.10
dp.apps.rancher.io/containers/openjdk:17.0.10
Podman
You can also configure podman
to pull images from the Collection. Execute the following command:
podman login dp.apps.rancher.io/containers -u <your-suse-email> -p <the-access-token>
You can verify that the configuration is correct by pulling an image, for example:
$ podman pull dp.apps.rancher.io/containers/ruby:3.3.0
Trying to pull dp.apps.rancher.io/containers/ruby:3.3.0...
Getting image source signatures
Copying blob sha256:6911d8a6e0d680cdfa227956a00667fe6cd1e2c111fa3c588d1cccc0b621bfe2
Copying blob sha256:4191f2fe96e960b152f79a6b0dcb40ad599b834e72b79edc61e6a627fec776c7
Copying config sha256:c7b272c4b0b6d09b43a32cf3215d0c86c5f148c00d6d049755f292e1c018cfa6
Writing manifest to image destination
c7b272c4b0b6d09b43a32cf3215d0c86c5f148c00d6d049755f292e1c018cfa6
Helm
Configuring helm
to use the Collection is a matter of running a single command:
helm registry login dp.apps.rancher.io/charts -u <your-suse-email> -p <the-access-token>
You can check that it worked by pulling one of the Collection’s charts:
$ helm pull oci://dp.apps.rancher.io/charts/apache-apisix --version 2.4.0
Pulled: dp.apps.rancher.io/charts/apache-apisix:2.4.0
Digest: sha256:533b7684559691782b42ee81bfde1a19ddfe81eb7cce108b01435ce7d25a7027
NOTE: it’s likely you will want to install charts on a Kubernetes cluster. For that, you will need to continue to the next section of this document.
Kubernetes
If you want to deploy images from the Collection to k8s workloads, then you will need to configure a Kubernetes pull secret:
kubectl create secret docker-registry application-collection --docker-server=dp.apps.rancher.io --docker-username=<your-suse-email> --docker-password=<the-access-token>
After that, you should be able to run any workload using our images:
$ kubectl run nginx --image dp.apps.rancher.io/containers/nginx:1.24.0 --overrides='{"spec": {"imagePullSecrets":[{"name": "application-collection"}]}}'
$ kubectl get pod nginx
NAME READY STATUS RESTARTS AGE
nginx 1/1 Running 0 10s
There are other ways of passing the imagePullSecret
that may fit your needs better. For that, you can check this article.
cURL
If you got to this point, you probably want to start using the REST API.
This is an example of making a request with cURL, that uses basic authentication with the newly created token:
curl -u <your-suse-email>:<the-access-token> https://api.apps.rancher.io/v1/applications
However, if you’re going to intensively use the API, we suggest using other tools such as Postman or the embedded Swagger UI.
In any case, you will need to pick Basic Authentication, using your email as username
and token as password
.