User Guide
Search
⌃K

Setting up your first project

Why are projects needed?

I just signed up. Which project am I in?

You are in a bootstrapped project titled as default

Why do I need to create a project?

Projects help you isolate Cloud Native entities such as Git Repositories, Image Registries and Applications.
Let us run through a thought experiment. An agile team has access (ideally at varying levels) to certain sections of cloud infrastructure, repositories and registries. They would like to manage it independently and provide read access to other agile teams if needed
Projects are a view into the CI/CD world. You can bring in human, K8s Infrastructure and CI/CD resources and abstract access levels.

How do I create a project?

You will only be able to access this if you are an Account Admin.
  • On the top right corner, you should see a project context
  • If you are an account admin, you should be able to create a new project by clicking on "Create new project
  • Give a name to a project
  • Add project administrators to this project
    • The initiator of the request is considered to be a project admin for the project being created
  • You can optionally invite other members to this project, or you can do so later
  • You can optionally import resources from other projects into the current project.
Flow Summary:
Creating your first Project

Adding Members and Resources to a Project

To add Members:
  • Navigate to Settings
  • Click on team management
  • Click on "Add Members" within the project members tab
  • Select members that you would like to import into the current project
  • Assign the member any one of the default roles that ozone provides, or create your own!
Flow Summary
Note: A Project Admin is a special role, much like the default Account Admin. The role has management privileges on that project. A brief summary of the permission levels is as shown below:
Resource
Project Scoped ?
Can be moved out to another Project ?
Who can create it
Who can edit it
Who can list it
Who can get it
Who can move it to another project
Who can delete it
Application
YES
NO
RBAC_PERMISSION
RBAC_PERMISSION
RBAC_PERMISSION
RBAC_PERMISSION
NA
RBAC_PERMISSION
Pipeline
YES
NO
RBAC_PERMISSION
RBAC_PERMISSION
RBAC_PERMISSION
RBAC_PERMISSION
NA
RBAC_PERMISSION
Tasks
YES
NO
RBAC_PERMISSION
RBAC_PERMISSION
RBAC_PERMISSION
RBAC_PERMISSION
NA
RBAC_PERMISSION
Environments
YES
NO
RBAC_PERMISSION
RBAC_PERMISSION
RBAC_PERMISSION
RBAC_PERMISSION
NA
RBAC_PERMISSION
Variables
YES
NO
RBAC_PERMISSION
RBAC_PERMISSION
RBAC_PERMISSION
RBAC_PERMISSION
NA
RBAC_PERMISSION
Helm Catalog
NO
NO
Admin
Admin
RBAC_PERMISSION
RBAC_PERMISSION
GLOBAL
Admin
Webhooks
YES
NO
RBAC_PERMISSION
RBAC_PERMISSION
RBAC_PERMISSION
RBAC_PERMISSION
NA
RBAC_PERMISSION
Cluster
YES
YES
Admin / Project Admin
Admin / Project Admin-- (Need more k8 resource scoped permissions)
RBAC_PERMISSION
RBAC_PERMISSION
Admin
Admin
Repositories
YES
YES
Needs discussion
NA
RBAC_PERMISSION
RBAC_PERMISSION
Admin
Admin
Registries
YES
YES
Admin / Project Admin
NA
RBAC_PERMISSION
RBAC_PERMISSION
Admin
Admin
Providers
YES
YES
Admin / Project Admin
Admin / Project Admin
RBAC_PERMISSION
RBAC_PERMISSION
Admin
Admin
Members
YES
YES
Admin
Admin
RBAC_PERMISSION
RBAC_PERMISSION
Admin
Admin
Roles
YES
NO
Admin / Project Admin
Admin / Project Admin
RBAC_PERMISSION
RBAC_PERMISSION
NA
Admin / Project Admin
Projects
NO
NO
Admin
Admin
Admin
Admin
NA
Admin
LDAP Groups
YES
NO
Admin / Project Admin
Admin / Project Admin
Admin / Project Admin
Admin / Project Admin
NA
Admin / Project Admin
Audit Trails
NO
NO
NO
NO
Admin
Admin
NA
NO
Event Preferences
NO
NO
NO
Admin
Admin
Admin
NA
NO
Metric Alert Config
NO
NO
NO
Admin
Admin
Admin
NA
NO
Advance Settings
NO
NO
NO
Admin
Admin
Admin
NA
NO

Adding CI/CD Resources to a Project

Now that you have added a few members to a project, you can now go ahead creating resources that these members can access within this project. Resources that are project scoped are as follows:
  • Clusters
  • Registries
  • Repositories
  • Providers
  • Applications
  • Pipelines & Tasks
  • Environments
  • Variables
  • Webhooks
  • Members
  • Roles
For more information on which resources can be moved in and out and by whome, check the table in the previous section. If the resource can be scoped in from the global pool, there is an add to project button for each of these resources, given that you are the Account Admin.
For example, to scope a pre-linked cluster to a project, go to Resources -> Clusters and click on "Add Cluster to Project".