NiFi Registry in Docker with Git auto-cloning on startup

Published March 28, 2019 in   nifi-registry, git, docker, kerberos, ldap, debug

tl;dr

Running NiFi Registry with Git and auto-cloning on startup is possible with three authentication options:

  1. HTTPS user and password
  2. git+ssh (~/.ssh bind mount)
  3. git+ssh (SSH keys as environment variables)
  1. HTTPS user and password
    docker run --name nifi-registry \
       -p 18080:18080 \
       -e 'FLOW_PROVIDER=git' \
       -e 'GIT_REMOTE_URL=https://github.com/michalklempa/docker-nifi-registry-example-flow.git' \
       -e 'GIT_CHECKOUT_BRANCH=example' \
       -e 'FLOW_PROVIDER_GIT_FLOW_STORAGE_DIRECTORY=/opt/nifi-registry/flow-storage-git' \
       -e 'FLOW_PROVIDER_GIT_REMOTE_TO_PUSH=origin' \
       -e 'FLOW_PROVIDER_GIT_REMOTE_ACCESS_USER=michalklempa' \
       -e 'FLOW_PROVIDER_GIT_REMOTE_ACCESS_PASSWORD=thisisnotmypassword:)' \
       -e 'GIT_CONFIG_USER_NAME=Michal Klempa' \
       -e 'GIT_CONFIG_USER_EMAIL=michalklempa@gmail.com' \
       -d \
       michalklempa/nifi-registry:latest
    
  2. git+ssh (~/.ssh bind mount):
     docker run --name nifi-registry \
       -p 18080:18080 \
       -v ~/.ssh:/home/nifi/.ssh \
       -e 'FLOW_PROVIDER=git' \
       -e 'GIT_REMOTE_URL=git@github.com:michalklempa/docker-nifi-registry-example-flow.git' \
       -e 'GIT_CHECKOUT_BRANCH=example' \
       -e 'FLOW_PROVIDER_GIT_FLOW_STORAGE_DIRECTORY=/opt/nifi-registry/flow-storage-git' \
       -e 'FLOW_PROVIDER_GIT_REMOTE_TO_PUSH=origin' \
       -e 'GIT_CONFIG_USER_NAME=Michal Klempa' \
       -e 'GIT_CONFIG_USER_EMAIL=michal.klempa@gmail.com' \
       -d \
       michalklempa/nifi-registry:latest
    
  3. git+ssh (SSH keys as environment variables):
     docker run --name nifi-registry \
       -p 18080:18080 \
       -e 'FLOW_PROVIDER=git' \
       -e 'GIT_REMOTE_URL=git@github.com:michalklempa/docker-nifi-registry-example-flow.git' \
       -e 'GIT_CHECKOUT_BRANCH=example' \
       -e 'FLOW_PROVIDER_GIT_FLOW_STORAGE_DIRECTORY=/opt/nifi-registry/flow-storage-git' \
       -e 'FLOW_PROVIDER_GIT_REMOTE_TO_PUSH=origin' \
       -e 'GIT_CONFIG_USER_NAME=Michal Klempa' \
       -e 'GIT_CONFIG_USER_EMAIL=michal.klempa@gmail.com' \
       -e 'SSH_PRIVATE_KEY='$(base64 -w 0 < ~/.ssh/id_rsa) \
       -e 'SSH_KNOWN_HOSTS='$(base64 -w 0 < ~/.ssh/known_hosts) \
       -e 'SSH_PRIVATE_KEY_PASSPHRASE=' \
       -d \
       michalklempa/nifi-registry:latest
    

Docker image for NiFi Registry

Let me introduce my Docker image for NiFi Registry:

Setting up NiFi Registry was described in post by Bryan Bende: Apache NiFi Registry 0.2.0. And there is a JIRA issue for clone git repository at startup as a feature. Until this feature is contributed into the Java codebase, we may live with my Docker image, which I decided to publish as my part of contribution to open-source:

Feel free to test it and feedback is welcome.

Posted by Michal Klempa on 28 March 2019
debug, docker, git, kerberos, ldap, nifi-registry