Workload Reference for Supply Chain Choreographer

This topic describes the fields you can use for Supply Chain Choreographer workloads.

Standard Fields

Cartographer workloads have standard fields leveraged by supply chains. See Cartographer’s Reference Documentation in the Cartographer documentation.

Labels

Workload labels affect which supply chain is selected. For information about which template is defined for a particular reference, see Selectors in the Cartographer documentation. Individual templates can also use workload labels.

OOTB Supply Chains use the following workload labels:

• apps.tanzu.vmware.com/has-tests by Source-Test-to-URL and Source-Test-Scan-to-URL.
• apps.tanzu.vmware.com/workload-type by all supply chains.
• apis.apps.tanzu.vmware.com/register-api by the Api-Descriptors Template.
• apps.tanzu.vmware.com/carvel-package-workflow by source-to-url-package (experimental) and basic-image-to-url-package (experimental).

Parameters

The OOTB templates are configured with parameters from the supply chain or workload. For information about Cartographer parameters, including precedence rules, see Parameters in the Cartographer documentation.

What parameters are relevant depends on the supply chain that selects the workload, for two reasons:

1. The OOTB supply chains refer to overlapping sets of templates. A workload selected by the Source-to-URL supply chain can provide a scanning_image_template parameter, but the supply chain does not refer to a template that leverages that parameter.
2. You can write Supply Chains to provide a parameter value to a template and prevent the workload from overriding the value. See Further Information in the Cartographer documentation.

The following list of parameters are respected by some OOTB supply chains. Each provides the templates that respect the parameter. The reference for the template details which supply chains include the template.

• gitImplementation: source-template
• gitops_ssh_secret: source-template, deliverable-template, external-deliverable-template
• serviceAccount: source-template, image-provider-template, kpack-template, kaniko-template, convention-template, config-writer-template, config-writer-and-pull-requester-template, deliverable-template, external-deliverable-template
• maven: source-template
• testing_pipeline_matching_labels: testing-pipeline
• testing_pipeline_params: testing-pipeline
• scanning_source_template: source-scanner-template
• scanning_source_policy: source-scanner-template
• clusterBuilder: kpack-template
• buildServiceBindings: kpack-template
• live-update: kpack-template, convention-template
• dockerfile: kaniko-template
• docker_build_context: kaniko-template
• docker_build_extra_args: kaniko-template
• scanning_image_template: image-scanner-template
• scanning_image_policy: image-scanner-template
• annotations: convention-template, service-bindings, api-descriptors
• debug: convention-template
• ports: server-template
• api-descriptors: api-descriptors
• gitops_branch: config-writer-template, config-writer-and-pull-requester-template, deliverable-template, external-deliverable-template
• gitops_user_name: config-writer-template, config-writer-and-pull-requester-template
• gitops_user_email: config-writer-template, config-writer-and-pull-requester-template
• gitops_commit_message: config-writer-template, config-writer-and-pull-requester-template
• gitops_repository: config-writer-template, deliverable-template, external-deliverable-template
• gitops_repository_prefix: config-writer-template, deliverable-template, external-deliverable-template
• gitops_server_address: config-writer-template, config-writer-and-pull-requester-template, deliverable-template, external-deliverable-template
• gitops_repository_owner: config-writer-template, config-writer-and-pull-requester-template, deliverable-template, external-deliverable-template
• gitops_repository_name: config-writer-template, config-writer-and-pull-requester-template, deliverable-template, external-deliverable-template
• gitops_commit_branch: config-writer-and-pull-requester-template
• gitops_pull_request_title: config-writer-and-pull-requester-template
• gitops_pull_request_body: config-writer-and-pull-requester-template
• gitops_server_kind: config-writer-and-pull-requester-template
• carvel_package_gitops_subpath (experimental): carvel-package, package-config-writer-template, package-config-writer-and-pull-requester-template
• carvel_package_name_suffix (experimental): carvel-package, package-config-writer-template, package-config-writer-and-pull-requester-template
• carvel_package_openapiv3_enabled (experimental): carvel-package

Service Account

To create the templated objects, Cartographer needs a reference to a service account with permissions to manage resources. This service account might be provided in the workload’s .spec.serviceAccountName field or in the supply chain’s spec.serviceAccountRef field. See Service Account and Workload and Supply Chain Custom Resources in the Cartographer documentation. When using the Tanzu CLI to create a workload, specify this service account’s name with the --service-account flag.

After the templated objects are created, they often need a service account with permissions to do work. In the OOTB Templates and Supply Chains, the parameter serviceAccount must reference the service account for these objects. When using the Tanzu CLI to create a workload, specify this service account’s name with --param serviceAccount=....