diff --git a/downstream/assemblies/platform/assembly-controller-custom-credentials.adoc b/downstream/assemblies/platform/assembly-controller-custom-credentials.adoc index 3f595b5965..4d880ae1d1 100644 --- a/downstream/assemblies/platform/assembly-controller-custom-credentials.adoc +++ b/downstream/assemblies/platform/assembly-controller-custom-credentials.adoc @@ -23,13 +23,17 @@ Vault credentials and machine credentials are separate entities. ==== * When creating a new credential type, you must avoid collisions in the `extra_vars`, `env`, and file namespaces. * Environment variable or extra variable names must not start with `ANSIBLE_` because they are reserved. -* You must have System administrator (superuser) permissions to be able to create and edit a credential type (`CredentialType`) and to be -able to view the `CredentialType.injection` field. +* You must have System administrator (superuser) permissions to be able to create and edit a credential type (`CredentialType`) and be able to view the `CredentialType.injection` field. ==== include::platform/ref-controller-content-sourcing.adoc[leveloffset=+1] + include::platform/ref-controller-api-considerations.adoc[leveloffset=+1] -include::platform/ref-get-started-credential-types.adoc[leveloffset=+1] + +include::platform/con-controller-content-verification.adoc[leveloffset=+2] + +include::platform/proc-get-started-credential-types.adoc[leveloffset=+1] + include::platform/proc-controller-create-credential-type.adoc[leveloffset=+1] diff --git a/downstream/images/credential-types-listed-verify.png b/downstream/images/credential-types-listed-verify.png new file mode 100644 index 0000000000..335644bb91 Binary files /dev/null and b/downstream/images/credential-types-listed-verify.png differ diff --git a/downstream/images/credential-types-new-listed-verify.png b/downstream/images/credential-types-new-listed-verify.png index efb133a478..81c5f45fe9 100644 Binary files a/downstream/images/credential-types-new-listed-verify.png and b/downstream/images/credential-types-new-listed-verify.png differ diff --git a/downstream/images/organizations-galaxy-credentials.png b/downstream/images/organizations-galaxy-credentials.png index 69cfdd2ec9..d407d299bc 100644 Binary files a/downstream/images/organizations-galaxy-credentials.png and b/downstream/images/organizations-galaxy-credentials.png differ diff --git a/downstream/modules/platform/con-controller-content-verification.adoc b/downstream/modules/platform/con-controller-content-verification.adoc new file mode 100644 index 0000000000..f199477ec9 --- /dev/null +++ b/downstream/modules/platform/con-controller-content-verification.adoc @@ -0,0 +1,8 @@ +[id="con-controller-content-verification"] + += Content verification + +{ControllerNameStart} uses GNU Privacy Guard (GPG) to verify content. + +For more information, see +link:https://www.gnupg.org/gph/en/manual/c14.html#:~:text=GnuPG%20uses%20public%2Dkey%20cryptography,the%20user%20wants%20to%20communicate[The GNU Privacy Handbook]. diff --git a/downstream/modules/platform/proc-controller-create-credential-type.adoc b/downstream/modules/platform/proc-controller-create-credential-type.adoc index 00eec6625b..3205320f14 100644 --- a/downstream/modules/platform/proc-controller-create-credential-type.adoc +++ b/downstream/modules/platform/proc-controller-create-credential-type.adoc @@ -208,8 +208,8 @@ If the *Delete* option is disabled, this means that the credential type is being * Verify that the newly created credential type can be selected from the *Credential Type* selection window when creating a new credential: -image:credential-types-new-listed-verify.png[Verify new credential type] +image:credential-types-listed-verify.png[Verify new credential type] .Additional resources -For information about how to create a new credential, see xref:controller-create-credential[Creating a credential]. +For information about how to create a new credential, see link:{URLControllerUserGuide}/controller-credentials#controller-create-credential[Creating a credential]. diff --git a/downstream/modules/platform/ref-get-started-credential-types.adoc b/downstream/modules/platform/proc-get-started-credential-types.adoc similarity index 79% rename from downstream/modules/platform/ref-get-started-credential-types.adoc rename to downstream/modules/platform/proc-get-started-credential-types.adoc index 5d3a3a81a9..c4fda8a5af 100644 --- a/downstream/modules/platform/ref-get-started-credential-types.adoc +++ b/downstream/modules/platform/proc-get-started-credential-types.adoc @@ -1,23 +1,25 @@ :_mod-docs-content-type: REFERENCE -[id="ref-get-started-credential-types"] +[id="proc-get-started-credential-types"] = Getting started with credential types //[ddacosta] Consider rewriting this as a procedure. .Procedure . From the navigation panel, select {MenuAECredentials}. ++ If no custom credential types have been created, the *Credential Types* page prompts you to add one. + //image:credential-types-home-empty.png[Credential Types - empty] + If credential types have been created, this page displays a list of existing and available Credential Types. -+ +//+ //image:credential-types-home-with-example-types.png[Credential Types - example credential types] -. Select the name of a credential or the Edit image:leftpencil.png[Edit, 15,15] icon to view more information about a credential type, . +. Select the name of a credential or the Edit image:leftpencil.png[Edit, 15,15] icon to view more information about a credential type. -. On the *Details* tab, each credential type displays its own unique configurations in the *Input Configuration* field and the *Injector Configuration* field, if applicable. +. On the *Details* tab, each credential type displays its own unique configurations +//Can't see these fields +// in the *Input Configuration* field and the *Injector Configuration* field, if applicable +. Both YAML and JSON formats are supported in the configuration fields. - -//NOTE The Back to Credential Types Tab throws an error. diff --git a/downstream/modules/platform/ref-controller-api-considerations.adoc b/downstream/modules/platform/ref-controller-api-considerations.adoc index bf1b107ed7..f223ace60c 100644 --- a/downstream/modules/platform/ref-controller-api-considerations.adoc +++ b/downstream/modules/platform/ref-controller-api-considerations.adoc @@ -9,10 +9,7 @@ support). You can filter credentials the v2 API: -[literal, options="nowrap" subs="+attributes"] ----- -curl "https://controller.example.org/api/v2/credentials/?credential_type__namespace=aws" ----- +`curl "https://controller.example.org/api/v2/credentials/?credential_type__namespace=aws"` In the V2 Credential Type model, the relationships are defined as follows: @@ -27,11 +24,4 @@ In the V2 Credential Type model, the relationships are defined as follows: | Insights |Insights | Galaxy | galaxy.ansible.com, console.redhat.com | Galaxy | on-premise {HubName} -|=== - -= Content verification - -{ControllerNameStart} uses GNU Privacy Guard (GPG) to verify content. - -For more information, see -link:https://www.gnupg.org/gph/en/manual/c14.html#:~:text=GnuPG%20uses%20public%2Dkey%20cryptography,the%20user%20wants%20to%20communicate[The GNU Privacy Handbook]. +|=== \ No newline at end of file diff --git a/downstream/modules/platform/ref-controller-content-sourcing.adoc b/downstream/modules/platform/ref-controller-content-sourcing.adoc index 12b569a374..eebc9f90e8 100644 --- a/downstream/modules/platform/ref-controller-content-sourcing.adoc +++ b/downstream/modules/platform/ref-controller-content-sourcing.adoc @@ -4,26 +4,24 @@ = Content sourcing from collections -A "managed" credential type of `kind=galaxy` represents a content source for fetching collections defined in `requirements.yml` when project -updates are run. +A "managed" credential type of `kind=galaxy` represents a content source for fetching collections defined in `requirements.yml` when project updates are run. Examples of content sources are galaxy.ansible.com, {Console}, or on-premise {HubName}. + This new credential type represents a URL and (optional) authentication details necessary to construct the environment variables when a project update runs `ansible-galaxy collection install` as described in the Ansible documentation, link:https://docs.ansible.com/ansible/latest/collections_guide/collections_installing.html#configuring-the-ansible-galaxy-client[Configuring the ansible-galaxy client]. It has fields that map directly to the configuration options exposed to the {Galaxy} CLI, for example, per-server. An endpoint in the API reflects an ordered list of these credentials at the Organization level: ++ +`/api/v2/organizations/N/galaxy_credentials/` -[literal, options="nowrap" subs="+attributes"] ----- -/api/v2/organizations/N/galaxy_credentials/ ----- - -When installations of {ControllerName} migrate existing Galaxy-oriented setting values, post-upgrade proper credentials are created and -attached to every Organization. +When installations of {ControllerName} migrate existing Galaxy-oriented setting values, post-upgrade proper credentials are created and attached to every Organization. +//Check the following for 2.6 After upgrading to the latest version, every organization that existed before upgrade now has a list of one or more "Galaxy" credentials associated with it. Additionally, post-upgrade, these settings are not visible (or editable) from the `/api/v2/settings/jobs/` endpoint. -{ControllerNameStart} continues to fetch roles directly from public Galaxy even if `galaxy.ansible.com` is not the first credential in the list for the organization. The global Galaxy settings are no longer configured at the jobs level, but at the organization level in the user interface. +{ControllerNameStart} continues to fetch roles directly from public Galaxy even if `galaxy.ansible.com` is not the first credential in the list for the organization. +The global Galaxy settings are no longer configured at the jobs level, but at the organization level in the user interface. The organization's *Create organization* and *Edit organization* windows have an optional *Galaxy credentials* lookup field for credentials of `kind=galaxy`.