Countly's Enterprise Edition Docker images with Authentication Plugin packages are hosted on Google Artifact Registry. Users will require a Google-managed Service Account key in order to authenticate with Artifact Registry's private repository and get access to Docker images.
In order to generate a Service Account key, please create a support ticket requesting Docker access and our Support Team will assist with its creation.
Please refer to the Images with Auth Plugin Packages guide to get more details regarding the Docker images provided by Countly.
Authenticating and Pulling Images from Artifact Registry
For Kubernetes
Kubernetes uses Secrets to authenticate or store the credentials to access a Docker registry for images.
Use the steps below to create a Kubernetes Secret.
1. Fetch service account email from service account key:
cat serviceaccount.json | grep client_email # Value used in docker-email key
2. Create a Kubernetes Secret:
kubectl create secret docker-registry artifact-registry \
--docker-server=https://us-docker.pkg.dev \
--docker-email=<service account email address> \
--docker-username=_json_key \
--docker-password="$(cat serviceaccount.json)"
3. Verify the creation of Kubernetes Secret:
kubectl get secrets | grep artifact-registry
After generating the Docker config Secret, you can use the Secret in the Kubernetes Pod deployment file under the spec section to pull the required image, as in the example configuration below:
spec:
imagePullSecrets:
- name: artifact-registry
containers:
- name: countly-frontend
image: us-docker.pkg.dev/countly-01/auth-plugins/ad-frontend:latest
imagePullPolicy: Always
The above configuration needs to be applied to both of the deployment files, i.e., API and Frontend.