Configuring Cloud Object Storage
IBM Cloud® Object Storage is used to securely store large volumes of data, ensuring compliance and optimizing cost. You can integrate IBM Cloud Object Storage Bucket to store evidence. You can also use this tool integration for specific storage requirements of your toolchains.
Prerequisites
You must make sure that you complete the following steps before you integrate your toolchain with a Cloud Object Storage Bucket.
-
You must have an instance of Cloud Object Storage, a bucket instance to add the Cloud Object Storage Bucket tool to your toolchain.
-
To authenticate your Cloud Object Storage Bucket, you can use an API Key or an HMAC Key. You must choose the suitable authentication method, depending on your requirement.
-
You can choose to create service credentials for the Cloud Secrets Manager instance under the Service credentials tab.
-
You can create Secrets Manager instance to store service credentials created earlier. Integrate the Secret Manager tool with your toolchain and point the Secrets Manager instance and the secrets that are created before to this integration.
To store and access evidence or other artifacts securely for your toolchain, configure Cloud Object Storage Bucket:
-
If you are configuring this tool integration as you are creating the toolchain, and a Cloud Object Storage Bucket exists, within the template that you are configuring, click the Cloud Object Storage Bucket tab. Alternatively, in the More tools section, click Cloud Object Storage Bucket.
-
If you have a toolchain and are adding this tool integration to it, from the IBM Cloud console, clicks the
> Platform Automation > Toolchains. On the Toolchains page, click the toolchain to open its Overview page. Alternatively, on your app's Overview page, on the Continuous delivery card, click View toolchain. Then, click Overview.
a. Click Add.
b. In the Tool Integrations section, click Cloud Object Storage Bucket.
-
Type a Name to identify the Cloud Object Storage Bucket integration.
-
Select the Authentication type according to your requirements. If you are using API Key for authentication, provide Cloud Object Storage API Key and the Cloud Object Storage instance. If you are using an HMAC for authentication, provide an Access Key ID and Secret Access Key for the HMAC. You can create service credentials for both of these authentication methods for your Cloud Object Storage instance. You can refer to these values directly as literals. However it is recommended to use Secrets Manager integration that has these secrets that are stored. You can then select these secrets from a secret store for authentication.
-
Type Bucket name and Endpoint that is defined for the corresponding Cloud Object Storage instance.
-
Click Create Integration.
Configuring Cloud Object Storage Bucket by using the API
The IBM Cloud Object Storage Bucket tool integration supports the following configuration parameters that you can use with the Toolchain HTTP API and SDKs when you create, read, and update tool integrations.
You must specify the tool_type_id
property in the request body with the cloudobjectstorage
value.
Parameter | Usage | Type | Description |
---|---|---|---|
name |
required, updatable | String | The name used to identify this tool integration. |
auth_type |
required, updatable | String | The authentication type. Pass apikey for IBM Cloud API Key or hmac for HMAC (Hash Message Authentication Code). |
cos_api_key |
required, updatable | String | For auth_type as apikey , pass cos_api_key to authenticate access to the Cloud Object Storage instance or instance_crn . |
instance_crn |
required, updatable | String | A reference to the existing Cloud Object Storage instance. |
bucket_name |
required, updatable | String | The name of your Cloud Object Storage bucket. |
hmac_access_key_id |
required, updatable | Password | HMAC Access Key defined for an HMAC Key. HMAC is identified by a combination of Access Key ID and Secret Access Key. It is associated with the Cloud Object Storage instance. |
hmac_secret_access_key |
required, updatable | Password | Secret Access Key defined for an HMAC Key. HMAC is identified by a combination of Access Key ID and Secret Access Key. It is associated with the Cloud Object Storage instance. |
endpoint |
required, updatable | String | Endpoint defined for Cloud Object Storage instance. Options are public , direct , private |