Cloud
January 20, 2022 By Kazuki Nobutani 4 min read

Step-by-step instructions on how to allow Code Engine to access repositories in IBM Git.

IBM Cloud® Code Engine is a fully managed, serverless platform that runs your containerized workloads, including web apps, microservices, event-driven functions or batch jobs. Code Engine even builds container images for you from your source code. 

One of the best features of Code Engine is application scaling. It can scale down to zero instances when there is no access, and this will help reduce the running cost.

Right now, a number of users have their applications running in Cloud Foundry (CF), and its source code is often stored in IBM Git, which sets its repositories private by default. In this article, I will introduce how to allow Code Engine to access repositories in IBM Git. There are three sections of actions you need to perform.

Prerequisites

  • An IBM Cloud account and access to deploy apps in IBM Cloud Code Engine
  • A basic understanding of Code Engine and how to write a Dockerfile

Step 1: Prepare an SSH key pair

In order to let Code Engine to access repositories in IBM Git, you need to use an SSH key pair. Since Code Engine does not accept passphrased keys, let’s create a new set of key pairs. Please note I used MacOS in this example.

  1. Create a new SSH key pair in RSA format. Run the following command in your terminal window. Please specify a new key name: 
    $ ssh-keygen -t rsa
Enter file in which to save the key (/Users/knobutan/.ssh/id_rsa): /Users/knobutan/.ssh/ce-rsa
Enter passphrase (empty for no passphrase): 
Enter same passphrase again: 

    Do not passphrase your SSH key. The SSH key must be unencrypted when you use it in Code Engine.

  2. Check that the keys are correctly created. The above command will create two files. One is a private key and the other is a public key. You need to place the public key on your IBM Git — then you will be able to connect from your local machine using the private key. Go to /Users/<Username>/.ssh directory and check there are two files. The file with the .pub extension is the public key, and the one without is the private key: 
    config        known_hosts    ce-rsa        ce-rsa.pub

Step 2: Register the public key in IBM Git

In this example, IBM Git in US-South is used. Please change the URL if necessary.

  1. Go to https://us-south.git.cloud.ibm.com/-/profile/keys and paste what’s in the .pub file in the Key section. Fill in the title and expiry if necessary, and click on Add Key:
  2. Once the public key is added, go back to your terminal and test the connection. By default, your terminal uses id_rsa, so we need to add extra lines in the config file to use the newly created private key. Please specify an appropriate Git server endpoint and the private key: 
    Host ibmusgit
  HostName us-south.git.cloud.ibm.com
  IdentityFile ~/.ssh/ce-rsa
  User git
  3. Run SSH and check the connection works correctly. Use the Host name defined in the above step: 
    $ ssh ibmusgit
Welcome to GitLab, @knobutan!

Step 3: Create a Code repo access

Now we need to add the private key to your Code Engine project so that it can connect to your IBM Git repositories.

  1. Open your Code Engine project. If you do not have one yet, create one.
  2. Click Create and enter these details:
    • Code repo server: us-south.git.cloud.ibm.com
    • SSH private key: Open your private key in terminal. Copy everything, including the first and the last line, and paste in the field:
  3. Click Create.

Let’s deploy an application

Your Code Engine project should be able to pull code from your IBM Git repositories now, so let’s test it out. 

For this blog post, I am deploying an application from my IBM Git repository. I will post another blog with a set of code to test it out.

  1. Go to your project and open Applications from the left menu. Click Create.
  2. Select Source Code.
  3. Click Specify build details and enter these details. Be careful with format for thr Code repo URL.
    • Code repo URL: git@us-south.git.cloud.ibm.com:<Username>/<Repository name>.git (For example: git@us-south.git.cloud.ibm.com:knobutan/CFtoCE.git)
    • Code repo access: Select what you created in Step 2:
  4. Specify the rest and click Create.

The outcome should show that the build was successful:

The application should be successfully deployed:

What’s next?

For more details of Code repo access, please refer to this page.

For any questions about Code Engine or other information about the platform, please contact IBM Cloud support.

Was this article helpful?
YesNo
Kazuki Nobutani
Staff Software Engineer - IBM Cloud Support

More from Cloud
July 2, 2024

New 4th Gen Intel Xeon profiles and dynamic network bandwidth shake up the IBM Cloud Bare Metal Servers for VPC portfolio

3 min read - We’re pleased to announce that 4th Gen Intel® Xeon® processors on IBM Cloud Bare Metal Servers for VPC are available on IBM Cloud. Our customers can now provision Intel’s newest microarchitecture inside their own virtual private cloud and gain access to a host of performance enhancements, including more core-to-memory ratios (21 new server profiles/) and dynamic network bandwidth exclusive to IBM Cloud VPC. For anyone keeping track, that’s 3x as many provisioning options than our current 2nd Gen Intel Xeon…

July 2, 2024

IBM and AWS: Driving the next-gen SAP transformation  

5 min read - SAP is the epicenter of business operations for companies around the world. In fact, 77% of the world’s transactional revenue touches an SAP system, and 92% of the Forbes Global 2000 companies use SAP, according to Frost & Sullivan.   Global challenges related to profitability, supply chains and sustainability are creating economic uncertainty for many companies. Modernizing SAP systems and embracing cloud environments like AWS can provide these companies with a real-time view of their business operations, fueling growth and increasing…

July 2, 2024

Experience unmatched data resilience with IBM Storage Defender and IBM Storage FlashSystem

3 min read - IBM Storage Defender is a purpose-built end-to-end data resilience solution designed to help businesses rapidly restart essential operations in the event of a cyberattack or other unforeseen events. It simplifies and orchestrates business recovery processes by providing a comprehensive view of data resilience and recoverability across primary and  auxiliary storage in a single interface. IBM Storage Defender deploys AI-powered sensors to quickly detect threats and anomalies. Signals from all available sensors are aggregated by IBM Storage Defender, whether they come…

IBM Newsletters

 Get our newsletters and topic updates that deliver the latest thought leadership and insights on emerging trends.
Subscribe now More newsletters