Using Red Hat entitlement subscription
Entitlement subscription allows users to install RPMs that are not accessible without it. In order to use it in your builds, you must have access to an entitlement subscription and possess the neccessary entitlement certificate files. To obtain them, review Subscription benefits for secure deployments guide.
Once you have the <entitlement-id>.pem and <entitlement-id>-key.pem files, you will need to create a secret in your Konflux namespace. You can do it in two ways:
Create entitlement secret through the UI
-
Access the Secrets section in the konflux UI and click on Add secret.
-
Set the secret name to etc-pki-entitlement.
-
Add the first key with the name <entitlement-id>-key.pem and and set the value to the contents of the key file.
-
Add a second key with the name <entitlement-id>.pem and set the value to the contents of the certificate file.
-
Save the secret by clicking Add secret
Create entitlement secret through console
Alternatively, you can create the secret through the CLI. After logging into your cluster and navigating to your namespace, run the following command:
kubectl create secret generic etc-pki-entitlement -n <your-tenant> --from-file <entitlement-id>-key.pem --from-file <entitlement-id>.pem