Set Up Default User for Rok Registry

Rok Registry authenticates users using Dex as the default OIDC Provider. This guide will walk you through setting up a default Dex user for Rok Registry.

Note

If you have already configured a default user in Dex, you can skip this section.

Note

You will be able to log in to your Rok Registry instance with the username user@example.com and the password you will set up in this guide.

Choose one of the following options in order to set up a default user in Dex for authenticating with Rok Registry:

Option 1: Set Up Default User Automatically (preferred)

Rok Registry does not currently support setting up the default user automatically. Please follow Option 2: Set Up Default User Manually to set up the default user for Rok Registry.

Option 2: Set Up Default User Manually

If you want to set the default user for Rok Registry manually, follow the instructions below.

Procedure

  1. Go to your GitOps repository, inside your rok-tools management environment:

    root@rok-tools:~# cd ~/ops/deployments
  2. Pick a password for the default user in Dex and hash it using bcrypt:

    root@rok-tools:~/ops/deployments# export DEX_DEFAULT_USER_PWHASH=$(python3 -c \ > 'from passlib.hash import bcrypt; import getpass; \ > print(bcrypt.using(rounds=12, ident="2y").hash(getpass.getpass()))') \ > && echo ${DEX_DEFAULT_USER_PWHASH?} $2y$12$JBTJLFpg8w12TfVW6tl1y.It67wVqyuXelrD/7Uo885emt7.R0OjO
  3. Edit kubeflow/manifests/common/dex/overlays/deploy/patches/config-map.yaml and fill the relevant field with the hash of the password you chose:

    ... staticPasswords: - email: user@example.com hash: $2y$12$JBTJLFpg8w12TfVW6tl1y.It67wVqyuXelrD/7Uo885emt7.R0OjO # <-- Update this line with your DEX_DEFAULT_USER_PWHASH
  4. Commit your changes:

    root@rok-tools:~/ops/deployments# git commit -am "Set Up Default User for Rok Registry"

Verify

  1. Go to your GitOps repository, inside your rok-tools management environment:

    root@rok-tools:~# cd ~/ops/deployments
  2. Verify you have properly configured the password for the default user in Dex:

    root@rok-tools:~/ops/deployments# kustomize build \ > kubeflow/manifests/common/dex/overlays/deploy | \ > grep -q "hash: ${DEX_DEFAULT_USER_PWHASH?}" && echo OK OK

Summary

You have successfully set up the default user for Rok Registry.

What’s Next

The next step is to configure Rok Registry to use Dex for authentication.