This topic describes the parameters for supply chains that you can use with Supply Chain Choreographer.
Tanzu Application Platform includes a number of supply chains packages, each of which installs two ClusterSupplyChains. You can only install one supply chain package at a time.
The supply chains provide some parameters to the referenced templates. The parameters provided by the workload might override the parameters in this topic.
This section describes the templates and their parameters.
Refers to source-template.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.source_credentials_secret
from tap-value source.credentials_secret
. Overridable by workload.Refers to kaniko-template when the workload provides a parameter dockerfile
. Refers to kpack-template otherwise.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.registry
from tap-value registry
. NOT overridable by workload.clusterBuilder
from tap-value cluster_builder
. Overridable by workload.dockerfile
value ./Dockerfile
. Overridable by workload.docker_build_context
value ./
. Overridable by workload.docker_build_extra_args
value []
. Overridable by workload.maven_repository_url
from tap-value maven.repository.url
. NOT overridable by workload.maven_repository_secret_name
from tap-value maven.repository.secret_name
. NOT overridable by workload.Out of the Box Supply Chain Basic
See Install Out of the Box Supply Chain Basic for information about setting tap-values at installation time.
Refers to source-template.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.source_credentials_secret
from tap-value source.credentials_secret
. Overridable by workload.Refers to testing-pipeline.
No parameters are provided by the supply-chain.
Refers to kaniko-template when the workload provides a parameter dockerfile
. Refers to kpack-template otherwise.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.registry
from tap-value registry
. NOT overridable by workload.clusterBuilder
from tap-value cluster_builder
. Overridable by workload.dockerfile
value ./Dockerfile
. Overridable by workload.docker_build_context
value ./
. Overridable by workload.docker_build_extra_args
value []
. Overridable by workload.maven_repository_url
from tap-value maven.repository.url
. NOT overridable by workload.maven_repository_secret_name
from tap-value maven.repository.secret_name
. NOT overridable by workload.Out of the Box Supply Chain Testing
See Install Out of the Box Supply Chain with Testing for information about setting tap-values at installation time.
Refers to source-template.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.source_credentials_secret
from tap-value source.credentials_secret
. Overridable by workload.Refers to testing-pipeline.
No parameters are provided by the supply-chain.
Refers to source-scanner-template.
Parameters provided:
scanning_source_policy
from tap-value scanning.source.policy
. Overridable by workload.scanning_source_template
from tap-value scanning.source.template
. Overridable by workload.Refers to kaniko-template when the workload provides a parameter dockerfile
. Refers to kpack-template otherwise.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.registry
from tap-value registry
. NOT overridable by workload.clusterBuilder
from tap-value cluster_builder
. Overridable by workload.dockerfile
value ./Dockerfile
. Overridable by workload.docker_build_context
value ./
. Overridable by workload.docker_build_extra_args
value []
. Overridable by workload.Refers to image-scanner-template.
Parameters provided:
scanning_image_policy
from tap-value scanning.image.policy
. Overridable by workload.scanning_image_template
from tap-value scanning.image.template
. Overridable by workload.maven_repository_url
from tap-value maven.repository.url
. NOT overridable by workload.maven_repository_secret_name
from tap-value maven.repository.secret_name
. NOT overridable by workload.Out of the Box Supply Chain Testing Scanning
See Install Out of the Box Supply Chain with Testing and Scanning for information about setting tap-values at installation time.
Refers to image-provider-template.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.Out of the Box Supply Chain Basic
See Install Out of the Box Supply Chain Basic for information about setting tap-values at installation time.
Refers to image-provider-template.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.Out of the Box Supply Chain Testing
See Install Out of the Box Supply Chain with Testing for information about setting tap-values at installation time.
Refers to image-provider-template.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.Refers to image-scanner-template.
Parameters provided:
scanning_image_policy
from tap-value scanning.image.policy
. Overridable by workload.scanning_image_template
from tap-value scanning.image.template
. Overridable by workload.Out of the Box Supply Chain Testing Scanning
See Install Out of the Box Supply Chain with Testing and Scanning for information about setting tap-values at installation time.
This section describes the templates and their parameters.
Refers to source-template.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.source_credentials_secret
from tap-value source.credentials_secret
. Overridable by workload.Refers to kaniko-template when the workload provides a parameter dockerfile
. Refers to kpack-template otherwise.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.registry
from tap-value registry
. NOT overridable by workload.clusterBuilder
from tap-value cluster_builder
. Overridable by workload.dockerfile
value ./Dockerfile
. Overridable by workload.docker_build_context
value ./
. Overridable by workload.docker_build_extra_args
value []
. Overridable by workload.Refers to carvel-package.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.registry
from tap-value registry
. NOT overridable by workload.Refers to the package-config-writer-and-pull-requester-template when the tap-value gitops.commit_strategy
is pull_request
. Otherwise, this resource refers to the package-config-writer-template.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.registry
from tap-value registry
. NOT overridable by workload.maven_repository_url
from tap-value maven.repository.url
. NOT overridable by workload.maven_repository_secret_name
from tap-value maven.repository.secret_name
. NOT overridable by workload.carvel_package_gitops_subpath
from tap-value carvel_package.gitops_subpath
. Overridable by workload.carvel_package_name_suffix
from tap-value carvel_package.name_suffix
. Overridable by workload.Out of the Box Supply Chain Basic
See Install Out of the Box Supply Chain Basic for information about setting tap-values at installation time.
Refers to image-provider-template.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.Refers to carvel-package.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.registry
from tap-value registry
. NOT overridable by workload.Refers to the package-config-writer-and-pull-requester-template when the tap-value gitops.commit_strategy
is pull_request
. Otherwise, this resource refers to the package-config-writer-template
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.registry
from tap-value registry
. NOT overridable by workload.carvel_package_gitops_subpath
from tap-value carvel_package.gitops_subpath
. Overridable by workload.carvel_package_name_suffix
from tap-value carvel_package.name_suffix
. Overridable by workload.Out of the Box Supply Chain Basic
See Install Out of the Box Supply Chain Basic for information about setting tap-values at installation time.
Refers to convention-template.
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.The tap-values field supported_workloads
defines which templates are referred to by this resource. Default configuration is:
supported_workloads:
- type: web
cluster_config_template_name: config-template
- type: server
cluster_config_template_name: server-template
- type: worker
cluster_config_template_name: worker-template
The workload’s apps.tanzu.vmware.com/workload-type
label determines which template is used at this step. For example, when the workload has a label apps.tanzu.vmware.com/workload-type:web
, the supply chain references config-template
.
No parameters are provided by the supply-chain.
Refers to the service-binding template.
No parameters are provided by the supply-chain.
Refers to the api-descriptors template.
No parameters are provided by the supply-chain.
Refers to the config-writer-and-pull-requester-template when the tap-value gitops.commit_strategy
is pull_request
. Otherwise, this resource refers to the config-writer-template
Parameters provided:
serviceAccount
from tap-value service_account
. Overridable by workload.registry
from tap-value registry
. NOT overridable by workload.Refers to the external-deliverable-template when the tap-value external_delivery
evaluates to true
. Otherwise the resource refers to the deliverable-template.
Parameters provided:
registry
from tap-value registry
. NOT overridable by workload.All of the following parameters are overridable by the workload.
gitops_branch
from tap-value gitops.branch
gitops_user_name
from tap-value gitops.username
gitops_user_email
from tap-value gitops.email
gitops_commit_message
from tap-value gitops.commit_message
gitops_ssh_secret
from tap-value gitops.ssh_secret
gitops_credentials_secret
from tap-value gitops.credentials_secret
gitops_repository_prefix
from tap-value gitops.repository_prefix
when present.gitops_server_address
from tap-value gitops.server_address
when present.gitops_repository_owner
from tap-value gitops.repository_owner
when present.gitops_repository_name
from tap-value gitops.repository_name
when present.gitops_server_kind
from tap-value gitops.pull_request.server_kind
when present.gitops_commit_branch
from tap-value gitops.pull_request.commit_branch
when present.gitops_pull_request_title
from tap-value gitops.pull_request.pull_request_title
when present.gitops_pull_request_body
from tap-value gitops.pull_request.pull_request_body
when present.