stella-ops.org/git.stella-ops.org
1
0
Fork 0
Code Issues Pull Requests Actions 2 Releases Wiki Activity

docs: integrations GitLab registry auth + sprint plans

Browse Source 
Add GitLab container registry connector docs (WWW-Authenticate Bearer
token exchange, authref config). Add sprint files for container rebuild,
regression retest, and UI no-mocks work.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
master
2026-04-10 12:28:59 +03:00
parent 36eaf5e798
commit 39111b35c2
5 changed files with 372 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
docs/integrations/LOCAL_SERVICES.md
View File

@@ -205,6 +205,9 @@ vault kv put secret/jenkins api-token="your-jenkins-token"
# Store Nexus admin password
vault kv put secret/nexus admin-password="your-nexus-password"
# Store GitLab PATs for API and registry access
vault kv put secret/gitlab access-token="glpat-your-token" registry-basic="root:glpat-your-token"
```
---
@@ -320,10 +323,16 @@ GITLAB_ENABLE_REGISTRY=true GITLAB_ENABLE_PACKAGES=true \
docker compose -f docker-compose.integrations.yml --profile heavy up -d gitlab
```
**Stella Ops integration config (SCM):**
**Stella Ops integration config (SCM / CI):**
- Endpoint: `http://gitlab.stella-ops.local:8929`
- AuthRef: `authref://vault/gitlab#access-token`
**Stella Ops integration config (Registry):**
- Endpoint: `http://gitlab.stella-ops.local:5050`
- AuthRef: `authref://vault/gitlab#registry-basic`
- Secret format: `username:personal-access-token` (local default: `root:<token>`)
- The Docker registry connector follows GitLab's `WWW-Authenticate: Bearer` challenge and exchanges this basic secret against `/jwt/auth` before retrying catalog and tag probes.
---
## Mock Fixtures
@@ -386,7 +395,7 @@ docker compose -f docker-compose.integrations.yml down -v
| **Registry** | Harbor | harbor-fixture (mock) | Ready |
| **Registry** | Docker Hub / OCI | docker-registry | Ready |
| **Registry** | Nexus | nexus | Ready |
| **Registry** | GitLab Registry | gitlab (heavy) | Ready when `GITLAB_ENABLE_REGISTRY=true` |
| **Registry** | GitLab Registry | gitlab (heavy) | Ready when `GITLAB_ENABLE_REGISTRY=true` and `authref://vault/gitlab#registry-basic` is populated |
| **SCM** | GitHub App | github-app-fixture (mock) | Ready |
| **SCM** | Gitea | gitea | Ready |
| **SCM** | GitLab Server | gitlab (heavy) | Ready with Vault-backed PAT |