Almost all om
commands require an env file to describe how to communicate (and authenticate) with a given VMware Tanzu Operations Manager.
There are two ways to provide auth information.
If your configuration choices allow you to use username
and password
directly, you can do so:
---
target: https://pcf.example.com
connect-timeout: 30 # default 5
request-timeout: 1800 # default 1800
skip-ssl-validation: false # default false
username: username
password: password
# decryption-passphrase is optional,
# except for use with `import-installation`.
# OpsMan depends on the passphrase
# to decrypt the imported installation.
# For other commands, providing this key allows
# decryption of the OpsMan VM after reboot,
# which would otherwise need to be done manually.
decryption-passphrase: passphrase
However, if you're using an external identity provider via SAML or LDAP integration, you'll need to use a UAA client via client-id
and client-secret
:
---
target: https://pcf.example.com
connect-timeout: 30 # default 5
request-timeout: 1800 # default 1800
skip-ssl-validation: false # default false
client-id: client_id
client-secret: client_secret
# decryption-passphrase is optional,
# except for use with `import-installation`.
# OpsMan depends on the passphrase
# to decrypt the imported installation.
# For other commands, providing this key allows
# decryption of the OpsMan VM after reboot,
# which would otherwise need to be done manually.
decryption-passphrase: passphrase
While decryption-passphrase
is nominally optional, if you intend to use a single env.yml
for an entire pipeline, it will be necessary to include for use with the import-installation
step.