Awesome
Red Hat OpenShift Service on AWS (ROSA) Command Line Tool
This project contains the rosa
command line tool that simplifies the use of Red Hat OpenShift Service on AWS, also known as ROSA.
Quickstart guide
Refer to the official ROSA documentation: https://access.redhat.com/products/red-hat-openshift-service-aws
- Follow the AWS Command Line Interface documentation to install and configure the AWS CLI for your operating system.
- Download the latest release of rosa and add it to your path.
- Initialize your AWS account by running
rosa init
and following the instructions. - Create your first ROSA cluster by running
rosa create cluster --interactive
Build from source
If you'd like to build this project from source use the following steps:
- Clone the repository
git clone https://github.com/openshift/rosa.git
cd
to the checkout out source directory
cd rosa
- Install the binary
make install
NOTE: If you don't have $GOPATH/bin
in your $PATH
you need to add it or move rosa
to a standard system directory eg. for Linux/OSX:
sudo mv $GOPATH/bin/rosa /usr/local/bin
Try the ROSA cli from binary
If you don't want to build from sources you can retrieve the rosa
binary from the latest image.
You can copy it to your local with this command:
podman run --pull=always --rm registry.ci.openshift.org/ci/rosa-aws-cli:latest cat /usr/bin/rosa > ~/rosa && chmod +x ~/rosa
Also you can test a binary created after a specific merged commit just using the commit hash as image tag:
podman run --pull=always --rm registry.ci.openshift.org/ci/rosa-aws-cli:f7925249718111e3e9b61e2df608a6ea9cf5b6ce cat /usr/bin/rosa > ~/rosa && chmod +x ~/rosa
NOTE: There is a side-effect of container image registry authentication which results in an auth error when your token is expired even when the image requires no authentication. In that case all you need to do is authenticate again:
$ oc registry login
info: Using registry public hostname registry.ci.openshift.org
Saved credentials for registry.ci.openshift.org
$ cat ~/.docker/config.json | jq '.auths["registry.ci.openshift.org"]'
{
"auth": "token"
}
Secure Credentials Storage
The OCM_KEYRING
environment variable provides the ability to store the ROSA
configuration containing your authentication tokens in your OS keyring. This is provided
as an alternative to storing the configuration in plain-text on your system.
OCM_KEYRING
will override all other token or configuration related flags.
OCM_KEYRING
supports the following keyrings:
- Windows Credential Manager -
wincred
- macOS Keychain -
keychain
- Secret Service (Gnome Keyring, KWallet, etc.) -
secret-service
- Pass -
pass
To ensure OCM_KEYRING
is provided to all rosa
commands, it is recommended to set it in your ~/.bashrc
file or equivalent.
wincred | keychain | secret-service | pass | |
---|---|---|---|---|
Windows | :heavy_check_mark: | :x: | :x: | :x: |
macOS | :x: | :heavy_check_mark: | :x: | :heavy_check_mark: |
Linux | :x: | :x: | :heavy_check_mark: | :heavy_check_mark: |
Have you got feedback?
We want to hear it. Open an issue against the repo and someone from the team will be in touch.