Skip to main content

Configuring the Development Stream Instance

Now, we need to configure our Stream development instance to use the new repository as its Git remote. First, though, we want to commit anything that's already in the dev environment. This is a fresh instance, but we've included some changes for the sandbox setup, and these need to be committed.

Commit the Current Changeset
  1. Click the Stream Dev top tab. (If you are logged out, the credentials are admin for the user and cribldemo for the password.)
  2. In Stream's own top nav, click the Version Control button (it looks like this: ), and from the Version Control fly-out, click Commit.
  3. In the resulting Git Changes – Global dialog, type a commit message (e.g., dev initial config) and then click the Commit button.

You've now committed all of the changes on this Stream instance to its local Git branch. (Note that the Version Control button's red indicator has cleared.) Now, let's use Stream's UI to connect this local branch to its remote repo. Stay on the Stream Dev top tab for the next few sections.

Git Configuration

  1. In Stream’s top nav, at the far right, click the AA button to open the Account menu.

  2. Click Global Settings on this menu.

  3. This opens Stream's Global Settings sidebar, with the focus on General Settings. Click Git Settings, a few links further down the same sidebar.

  4. On the Git Settings nav bar nested to the right, click the Remote tab.

  5. In the Remote URL field, enter or paste the string you earlier copied from the remote repo. If you used the default repo naming, this will be:

    git@gitops-gitea:gituser/stream-config.git
    Different Repo Name

    If you named your Gitea repo something other than stream-config, then modify the <reponame>.git substring of the above URL to match your repo's name.

  6. Stream's Authentication type drop-down defaults to SSH, which is the transport we want. Copy and paste the following key into the SSH private key field:

    -----BEGIN OPENSSH PRIVATE KEY-----
    b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAaAAAABNlY2RzYS
    1zaGEyLW5pc3RwMjU2AAAACG5pc3RwMjU2AAAAQQREL+oz/hLb4W8/TA7dQR7em4F6G1RU
    3NhujQOjHe2zVUZapKhEdOxmqO3av5ehGOVMyAYmmhosOPkpHTwGCCc0AAAAsGHLF+hhyx
    foAAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBEQv6jP+Etvhbz9M
    Dt1BHt6bgXobVFTc2G6NA6Md7bNVRlqkqER07Gao7dq/l6EY5UzIBiaaGiw4+SkdPAYIJz
    QAAAAgSo+UVX4HKkk4XZP39rDcCNEuVpz4teuEqR03dDkGFTwAAAAYc2FuZGJveCtnaXR1
    c2VyQGNyaWJsLmlv
    -----END OPENSSH PRIVATE KEY-----

  7. Set the SSH strict host key checking toggle to No. This will allow your first push to the remote repository to accept the host key information. (We're bypassing the Git CLI client, which would typically prompt for this key when you first push.)

  8. Click Save, and look for a green confirmation message.

  9. Set the SSH strict host key checking toggle back to Yes. After the first save, Stream checked the SSH key, and will now throw an error if strict key checking isn't enabled.

  10. Click Save again.

Best Practice - Git Security

SSH strict host key checking is a security feature that binds host identifiers to an RSA host key. This allows verification of the host identity prior to establishing an SSH session.

We recommend enabling SSH strict host key checking for all Cribl Stream instances, to minimize the risk of man-in-the-middle and spoofing attacks.

The host identifiers of your Git server will be recorded during your initial Git push or pull. When configuring Stream's Git Settings to communicate with a new host, admins should:

  • Disable SSH strict host key checking during initial Git configuration.
  • Immediately re-enable SSH strict host key checking, to restrict SSH connections to the newly discovered host.
  • Perform a Git push or pull, so that the host key is recorded.

Now that we have the remote set up, we need to push the current config to it. This is simple in Stream, and it builds on the commit step we've already used. Still on the Stream Dev top tab:

Push Changes to the Repo
  1. In Stream's top nav, again click the Version Control button (), and from the Version Control fly-out, click Commit.
  2. In the resulting Git Changes – Global dialog, enter a commit message (e.g., Added remote config), and click Commit and Push.
    NOTE: Look for green confirmation messages. If you instead see an error complaining about strict key checking being enabled – and you have not enabled this toggle – go back to Git Settings, enable it, and save. Then try pushing again.
  3. Once that's complete, click the Gitea top tab.
  4. Click Gitea's Code tab below the gituser/stream-config repository name.
  5. This refreshes Gitea's Code tab, exposing your repo's structure.

You should now see files in the repo, looking similar to this:

Populated Git Repository

Now that we've got a config tree in the repository, we need to create a dev branch, and configure the development instance to use it.

Create the dev branch

  1. Still on Gitea's Code tab, open the Branch drop-down at left, and type dev into the filter box.

    Git Repo Branch Menu

  2. Click the Create branch dev link – shown above – to create the branch.

While we're here, let's also create a prod branch:

  1. Again open the Branch drop-down, and type prod into the filter box.
  2. Click Create branch prod to create the branch.

Now that our dev branch is created, let's configure our Stream development instance to use it:

  1. Click the Stream Dev top tab.
  2. Under Settings > Global Settings > Git Settings, click the General tab nested to the right.
  3. From the Branch drop-down, select dev .
  4. Click Save.
  5. On the resulting confirmation dialog, Click Yes. (This will restart Stream to enable the new branch connection.)

We've now set up the dev branch, which we'll use to author configuration changes. Next, let's set up our prod branch to accept those changes.