This repository has been archived by the owner on Oct 9, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 4
/
.env.sample
84 lines (72 loc) · 5.02 KB
/
.env.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
# Environment variables used with gitops/tanzu/application-platform
## Target IaaS
### Valid values are: [ aws, azure, google, oracle, tkg-on-aws, tkg-on-azure ]
export IAAS=aws
## Cluster provider
### Valid values are: [ aks, eks, gke, oke, tkg-on-aws, tkg-on-azure ]
export CLUSTER_PROVIDER=eks
## .init/tap-install-config*.tpl
### A namespace that will be created to host workloads and/or deliverables
export DEV_NAMESPACE=workloads
export DOMAIN=your.domain
### Does not necessarily need to be github.com; but some Git SCM provider like Github, Gitlab, Atlassian Bitbucket, or Azure Devops
export BACKSTAGE_CATALOG=https://github.com/me/tap-gui-catalog/blob/main/catalog-info.yaml
export GITOPS_PROVIDER=github.com
export GITOPS_USERNAME=me
export GITOPS_REPO_NAME=tap-gitops-depot
export GITOPS_REPO_BRANCH=main
## Container image registry repository names
### (e.g., if Harbor, then this would be [ tanzu/build-service ])
### (e.g., if Azure (ACR), then this would be [ build-service ] )
### (e.g., if Google Cloud (GCR), then this would be [ {google-project id}/build-service ])
### (e.g., if Google Cloud (GAR), then this would be [ {google-project id}/tanzu/build-service ])
### (e.g., if Oracle Cloud (OCIR), then this would be [ {tenancy-namespace}/build-service ])
### (e.g., if AWS (ECR), then this would be [ tap-build-service ])
export BUILD_SERVICE_REPO_NAME=tanzu/build-service
### Only required when employing AWS ECR - set the value to [ arn:aws:iam::{aws_account_id}:role/tap-build-service ])
export BUILD_SERVICE_REPO_AWS_IAM_ROLE_ARN=""
### (e.g., if Harbor, then this would be [ tanzu/supply-chain ])
### (e.g., if Azure (ACR), then this would be [ supply-chain ] )
### (e.g. if Google Cloud (GCR), then this would be [ {google-project id}/supply-chain ])
### (e.g. if Google Cloud (GAR), then this would be [ {google-project id}/tanzu/supply-chain ])
### (e.g., if Oracle Cloud (OCIR), then this would be [ {tenancy-namespace}/supply-chain ])
## (e.g., if AWS (ECR), then this would be [ tanzu-application-service ])
export OOTB_SUPPLY_CHAIN_REPO_NAME=tanzu/supply-chain
## .init/tap-install-secrets.tpl
export EMAIL_ADDRESS=you@your.domain
### OIDC authentication provider and credentials
export OIDC_AUTH_PROVIDER=github
export OIDC_AUTH_CLIENT_ID=""
export OIDC_AUTH_CLIENT_SECRET=""
### These are the credentials for a valid account on the Tanzu Network (https://network.pivotal.io)
export TANZU_NETWORK_USERNAME=you@your.domain
export TANZU_NETWORK_PASSWORD=xxx
### These are the credentials to a private container image registry
### For AWS (ECR) the URL would take the form [ {aws_account_id}.dkr.ecr.{region}.amazonaws.com ]
### For Microsoft Azure (ACR) the URL would take the form [ {container-registry-name}.azurecr.io ]
### For Google Cloud (GCR) the URL would take the form [ {country-code}.gcr.io ]
### For Google Cloud (GAR) the URL would take the form [ {google-region}-docker.pkg.dev ]
### For Oracle Cloud (OCIR) the URL would take the form [ {oracle-region-code}.ocir.io ]
export CONTAINER_IMAGE_REGISTRY_URL=harbor.dev.your.domain
### Assuming you employ one of the following cloud managed container image registry services
### For AWS (ECR) the username value below would be [ AWS ]
### For Microsoft Azure (ACR) consult this guide https://learn.microsoft.com/en-us/azure/container-registry/container-registry-auth-service-principal#create-a-service-principal to obtain the username. < Note this is the service principal USERNAME.
### For Google Cloud (GCR or GAR) the username value below would be [ _json_key_base64 ]
### For Oracle Cloud (OCIR) the username value below would be [ {tenancy-namespace}/oracleidentitycloudservice/{email-address-for-oracle-cloud-account} ]
export CONTAINER_IMAGE_REGISTRY_USERNAME=admin
### For Microsoft Azure (ACR) consult this guide https://learn.microsoft.com/en-us/azure/container-registry/container-registry-auth-service-principal#create-a-service-principal to obtain the password. < Note this is the service principal PASSWORD.
### For AWS (ECR) the password value may be retrieved w/ [ aws ecr get-login-password --region {region} ]
### For Google Cloud (GCR or GAR) the password value must be the base64-encoded value of the service account token, @see https://cloud.google.com/container-registry/docs/advanced-authentication#json-key
### For Oracle Cloud (OCIR) the password value must be a valid auth token, @see https://docs.oracle.com/en-us/iaas/Content/Functions/Tasks/functionsgenerateauthtokens.htm#Generate_an_Auth_Token_to_Enable_Login_to_Oracle_Cloud_Infrastructure_Registry
export CONTAINER_IMAGE_REGISTRY_PASSWORD='p@ssw0rd!'
### This is the Git SCM provider (e.g., github.com, gitlab.com)
export GIT_HOST=github.com
### These are your credentials to the Git SCM provider (i.e., username and personal access token)
export GIT_USERNAME=you
export GIT_PERSONAL_ACCESS_TOKEN=xxx
# .tpl files in .install and .post-install
### A valid Tanzu Application Platform profile (e.g., full, build, iterate, view, run)
export ACTIVE_PROFILE=full
export APP_NAME=tap-$ACTIVE_PROFILE
### A valid branch (typically "main")
export GIT_REF_NAME=main