Do not input private or sensitive data. View Qlik Privacy & Cookie Policy.
Skip to main content

Qlik

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements
Qlik Connect 2025! Join us in Orlando join us for 3 days of immersive learning: REGISTER TODAY

Qlik Talend Product: How to setup Eclipse Keyring/Master Password for CICD

No ratings
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
rpooya
Support
Support

Qlik Talend Product: How to setup Eclipse Keyring/Master Password for CICD

Last Update:

Apr 11, 2025 3:04:49 AM

Updated By:

Xiaodi_Shi

Created date:

Apr 11, 2025 3:04:49 AM

When using the CICD process, you may point the P2 to patch from your Artifact Repository instead of the Studio update site. Whether using a remote/proxy repository or have uploaded the patch contents to a local repository, you will encounter some error when attempting to deploy, redeploy, or patch your existing P2 deployment.

If you have setup basic authentication for your studio, Eclipse (within Studio) will require the keyring (secure storage) file and master password generated by Studio to gather the authentication credentials for the Artifact Repository and the P2. However, since the defined "secure_storage" file has references to Windows Security, if you attempt to use it on a Linux-based instance for CICD, it will fail due to the missing items. The root reason is the current existing keyring(secure storage) of Talend studio can not be used on another computer. By default, master key is generated by OS related API.

So if basic authentication is required for the P2 to reach out for patch items and there is a Linux-based CICD instance, you can try to re-generate keyring with provided master key in this way the newly generated keyring (secure storage) and master key can be shared to another computer.

Please note even this will not delete your existing secure_storage, though it is recommended to back them up for in case.

How To

  1. Create a new secure storage and masterpassword file where the Windows-based Studio instance will be able to access it. Add the same or a new master password inside of your masterpassword file, this will be used on the Linux-based CICD instance later.
  2. Generate secure storage file
    • Create a new master key file, for example. C:\Users\xxx\Downloads\mymaster.key and input your secret in the file. 
      cat mymaster.key
      mysecretmasterkey
    • Update the Studio's .ini file via mapping the keyring and password flags to the newly created masterpassword file. Ensure that any references to the old keypair and password files are commented out. Once validated, save the changes.

  3. Open Studio, and upon launching to the Project Selection Page, a prompt will appear asking for the credentials. Provide your username and password (or access token), and Studio will save/use those to pull from the Artifact Repository of choice, via the feature manager.

  4. After choosing the project and it opens up, click the "Feature Manager" to confirm if the supplied credentials are working. If it does, the status window should show the prompt to upgrade to the (specified) patch, or the window to install features/components on the Studio instance. If the window doesn't show up or there is an authentication issue, please consult with your Artifact Repository team and validate the repo location and credentials in the "Windows/Preferences/Talend/Update Settings" area.
  5. If successful, navigate to the " Window/Preferences/Eclipse/Security/"Secure Storage" area and uncheck the "Windows Integration (64 bit)" which will disable any Windows specific authentication requirements. Validate that the encryption type is desired for the environment; if different, please choose a specific version. Once confirmed, save the changes via the "Apply and Close" button. This will require a restart of the Studio.
  6. The studio should restart and after logging back in, check the new keyring file specified. If there's no mentions to "Windows" reference, then the new keyring creation has been successful, and can be used on a Linux instance.
  7. Copy the new files to a location where the P2 can access those files and the files are extracted to a location on the CICD instance where the P2 can access them as well.
  8. Add the "-Declipse.keyring" and "-Declipse.password" flags to either the beginning of your Maven_Opts section or the first command that is deploying/updating the P2, and set the values to the files that were copied over. In the example below, the flags point to those files that were copied and extracted in the previous step. 
    -Declipse.keyring=/opt/talend-801/keyring/keyring.txt 
    -Declipse.password=/opt/talend-801/keyring/masterpassword.txt
    Additionally, those files can be stored on the scheduler or an external location, and the eclipse flags can point there.
  9. Run a build with the new flags, ideally with the 
    -Dinstaller.clean=true
    or the specified p2 install directory cleared out.
    • If successful, the P2 should be noted in the build logs of the transfer of files from the repository set, to the P2's defined .installation files. 
    • If the authentication is not successful or the secure_storage files cannot be read by either Studio or the P2, please reach out to Qlik Support for further assistance.

 

Related Content 

basic-authentication-for-update-repositories-in-studio

 

Environment

Talend Data Integration 

 

Talend Data Integration
Talend Data Integration
Labels (1)
Labels:
50 Views
Was this article helpful? Yes No
Contributors
Version history
Last update:
a week ago
Updated by:
Support