Use these instructions to describe your product template for your tile, and learn how to edit it to include different properties.

The metadata subdirectory of a tile contains a product template file in YAML file format. The product template file specifies how the tile interface collects configurable properties from the user, and how Tanzu Operations Manager incorporates these properties into the deployment manifest.

Product template contents

The product template, a YAML file in the tile’s metadata subdirectory, includes or points to:

• Metadata: High-level information about your tile

• Dependencies: Tile dependencies

• Property blueprints: Templates to represent values

• Form types: Property blueprints to generated forms

• Job types: Configuration properties for jobs defined in the BOSH release

• Runtime configs: The manifest for any number of global deployment configurations

Use the product template in the Tanzu Operations Manager example tile. This is a functional tile provided by the Tanzu Operations Manager engineering team; it deploys the NGINX web server.

For more information about product template configuration, see Top-level properties.

To learn how to configure your tile’s forms, see Form properties.

Editing the product template

You can edit the product template to designate property values.

The product template contains two sections with manifest snippets:

• form_types: Defines the tile interface, or how users of your tile view and interact with different tile features

• job_types: Defines the jobs that the manifest deploys, or what the tile does in response to user input, developer input, or at set intervals

You can use special expressions in these snippets to include property values that the tile might otherwise not use; for example, user-provided configurable properties or dynamically-generated system properties.

These special expressions take the following forms:

• Double parentheses expressions
• Triple parentheses expressions

Double parentheses expressions

Double parentheses expressions, such as (( PROPERTY-VALUE )), designate property values that Tanzu Operations Manager uses when it generates the deployment manifest. These are used after you click Apply Changes.

These values include configurable properties and properties supplied by Tanzu Operations Manager.

To include these properties in a manifest snippet, use “double-parens” syntax, which consists of a variable name surrounded by two sets of parentheses, as shown in the following example:

manifest: |
  pizza_toppings:
    peppers: (( .properties.example_selector.pizza_option.peppers.value ))

Triple parentheses expressions

Triple-parentheses expressions, such as ((( PROPERTY-VALUE ))), designate property values that BOSH supplies when it deploys instances of the tile service; for example, CredHub credentials are specified in triple parentheses.

To include these BOSH deploy-time properties in a manifest snippet, use “triple-parens” notation, as shown in the following example:

manifest: |
  credhub:
    concatenated_password: prefix-((( credhub-password )))-suffix
    password: ((( credhub-password )))

More Double / Triple parentheses rules

When Tanzu Operations Manager parses a product template and BOSH parses a manifest, they both use properties designated by double-parens syntax.

Some property values in a product template, such as CredHub credentials, must be filled in by BOSH on the BOSH Director VM, rather than by Tanzu Operations Manager.

Tanzu Operations Manager removes the outer parentheses from these expressions and includes the resulting double-parens expressions in the manifest it generates, for BOSH to evaluate at deploy time.

Referencing properties

Each property is represented by two segments:

• The location of the property
• The information from the property you want to access, commonly known as “accessors”

When you use these two segments, you can write an expression like this:

(( PROPERTY-LOCATION.ACCESSOR ))

Where:

• PROPERTY-LOCATION is the location of the property.
• ACCESSOR is the accessor.

Referencing a location

The following table describes the different methods of referencing a property:

Referencing an accessor

Accessors may be different from one property blueprint types to another. The following example uses the property blueprint type string with its one accessor, value:

(( .properties.example-string.value ))

Tanzu Operations Manager allows empty arrays in double-parentheses expressions.

For example:

(( .properties.example-string.value || [] ))

For more information about the available properties and their accessors, see the Property Blueprint reference section.

Product context

Product context is useful for accessing information about a tile. It can be used in a manifest using this syntax:

(( ..TILE-NAME.accessor ))

Where TILE-NAME is the name of the tile.

These are the allowed accessors:

Dollar contexts

Outside of properties, you can also retrieve information about various configuration details of your tile and Tanzu Operations Manager.

• $ops_manager: Any tile uses this to obtain information about specific Tanzu Operations Manager deployments.

• $director: Any tile uses this to obtain information about the BOSH Director.

• $runtime: Any tile uses this to obtain information about the VMware Tanzu Application Service for VMs tile.

• $self: Your own tile uses this to obtain information about its configuration.

$ops_manager

The following table describes the accessors you can use to retrieve information about an Tanzu Operations Manager deployment:

$director

The following table describes the accessors you can use to retrieve information about your BOSH Director:

$runtime

The following table describes the accessors you can use to retrieve information about your TAS for VMs tile:

$self

The following table describes the accessors you can use to retrieve information about your own tile:

Complex properties: selectors and collections

Most properties are simple values, for example, strings, integers, URL addresses, or IP addresses. Others are complex, like selectors or collections.

• Selectors: Give you a choice of a set of inputs
• Collections: Give you the ability to enter an array of values to create a hash

The selector and collections inputs are referenced by their selector and collection property blueprints.

Most properties are simple values such as strings, integers, URL addresses, or IP addresses. Selectors and collections are more complicated than simple properties, because they contain manifest snippets, which are further referenced in other manifest snippets. Selector and collection properties can only exist as top-level properties.

You cannot nest:

• selector properties inside of collection properties
• collection properties inside of selector properties
• these properties inside themselves (for example, nesting a selector inside of a selector)

Non-configurable certificates are invalid within a selector

The rsa_cert_credentials property with configurable: false is invalid inside a selector property.

The tile does not raise any validation errors, but the following error appears during the pre-deploy check:

{
  "pre_deploy_check": {
    ...
    "properties": [
      {
        "name": ".properties.EXAMPLE-CERT-PROPERTY",
        "type": "rsa_cert_credentials",
        "errors": [
          "can't be blank",
          "can't be blank"
        ]
      }
    ],
    ...
  }
}

Where EXAMPLE-CERT-PROPERTY is the property you specify.

Top-level properties

The following example shows the properties that appear at the top of a product template. The definitions of each property follow this example:

---
name: example-tile
product_version: "1.0-build.0"
minimum_version_for_upgrade: "1.7.0"
pivnet_filename_regex: "tile-*.pivotal"
metadata_version: "1.11"
opsmanager_syslog: true
label: 'Ops Manager: Example Tile'
description: An example tile to demonstrate Ops Manager tile author features
rank: 1
service_broker: false # Default value
stemcell_criteria:
  os: ubuntu-xenial
  version: "97.0"

  enable_patch_security_updates: true

requires_product_versions:
  - name: p-mysql
    version: '~> 2.4'

releases:
  - name: example-release
    file: "example-release.tgz"
    version: "15"

variables:
  - name: credhub-password
    type: password

post_deploy_errands:
  - name: example-errand

pre_delete_errands:
  - name: example-errand

runtime_configs:
  - name: example-runtime-config
  runtime_config: |
    releases:
    - name: os-conf
      version: 15
    addons:
    - name: login
      jobs:
      - name: login-banner
        release: os-conf
      properties:
        login_banner:
          text: |
            (( .properties.example_string.value )).

name

• Format: String
• Type: Required

The internal name of the tile.

You must keep the name of your tile consistent for migrations to function properly. Changing the name indicates the installation of a different finished tile.

product_version

• Format: String
• Type: Required

The version of the tile.

You can import this version into Tanzu Operations Manager only once. If you want to import the same tile or version, you must delete the existing one from the /metadata folder and delete the installation files from the Tanzu Operations Manager disk.

The version number is important for migrations.

For more information, see Upgrading Tiles.

minimum_version_for_upgrade

• Format: String
• Type: Required

You must set a minimum version for upgrading to your current tile version. The following example shows a current tile version of v1.7 that upgrades only from a v1.6.x version of the same tile:

- product_version:  1.7.0.0
  minimum_version_for_upgrade:  1.6.0.0

metadata_version

• Format: String
• Type: Required

The version of the schema of the product template (the file that this topic describes).

If you bump the version number, it activates new properties that are not present in an older metadata_version. It can also require you to restructure the product template to conform to the new metadata_version.

The metadata_version corresponds to a major or minor release of Tanzu Operations Manager. Tanzu Operations Manager can accept a tile with a metadata_version that is older than the Tanzu Operations Manager version, but not a tile with a metadata_version that is newer than the Tanzu Operations Manager version. A best practice is to set the metadata_version to be the same as the oldest version of Tanzu Operations Manager that the tile version supports.

label

• Format: String
• Type: Optional

The label that is used in the tile when it appears in the Tanzu Operations Manager Dashboard.

description

• Format: String
• Type: Optional

A description of the tile.

rank

• Format: Integer
• Type: Optional

The order in which a tile appears on the dashboard. The BOSH Director always appears at rank 100.

For your tile to appear to the right of BOSH Director, you must set this value to an integer less than 100.

If all tiles have the same rank, Tanzu Operations Manager sorts them alphabetically.

pivnet_filename_regex

• Format: String
• Type: Optional

This regular expression allows the Tanzu Operations Manager / Broadcom Support portal integration to pull a specific tile file. You must do this when there are multiple tiles with the same product slug.

service_broker

• Format: Boolean
• Type: Optional, default false

Set service_broker to true for on-demand service brokers. This has the following results:

• Activates the service network selector property type.

• Requires you to select a service network during tile configuration. You can reference the selected service network with (( $self.service_network )).

• Includes a UAA client for the service to use. Tile authors can reference the UAA client credentials with (( $self.uaa_client_name )) and (( $self.uaa_client_secret )).

bosh_read_creds

• Format: Boolean
• Type: Optional, default false

Set bosh_read_creds to true for tiles that need read-only access to the BOSH director. Tile authors can reference these read-only UAA client credentials with (( $self.bosh_read_creds_name )) and (( $self.bosh_read_creds_secret )).

stemcell_criteria

• Format: Hash
• Type: Required

This feature increases security by automatically using the latest patched version of a stemcell. Note that, with this feature enabled, you might experience longer than expected upgrade times.

With the enable_patch_security_updates property, you can automatically use the latest patched version of a stemcell. This key is set to true by default. For tiles using static compilations, you can deactivate this feature.

For example:

stemcell_criteria
  os: ubuntu-xenial
  version: "97.0"
  enable_patch_security_updates: false

You must set the enable_patch_security_updates property to true. If you set the property to false, your tile does not receive security patches through automatic stemcell updates.

Do not specify which IaaS the stemcell targets. This keeps your product template IaaS-agnostic so that one product template can be deployed on any IaaS.

For a list of stemcells, including OS and version, see the BOSH website.

For more information, see Floating Stemcells.

additional_stemcells_criteria

• Format: Array of hashes
• Type: Optional

Stemcell criteria can be selected using the stemcell_selector property type. These stemcells are listed, in addition to the configured stemcell, with stemcell_criteria. After you select a stemcell, it becomes required.

For more information about the stemcell_selector property type, see stemcell_selector.

For example:

additional_stemcells_criteria:
  - os: ubuntu-xenial
    version: 97.0
    enable_patch_security_updates: false
  - os: windows2016
    version: 1709.1

requires_product_versions

• Format: Array of hashes
• Type: Optional

A list of tile dependencies. If the required tile is not present in the Tanzu Operations Manager installation, Tanzu Operations Manager lists the required dependencies and does not install your tile until the dependencies are satisfied.

Supported restriction operators are =, !=, >, <, >=, <=, and ~>.

The following keys are supported:

• name: The name of the tile required by your tile. This is a required key.
• version: The version range required by your tile. This is a required key.
• optional: This is an optional key that defaults to false.

For example:

 requires_product_versions:
  - name: tile-one
    version: '> 1.2'
  - name: tile-two
    version: '~> 2.3.4'
    optional: true

For more information about required and optional dependencies, see Dependencies in How Tiles Work.

releases

• Format: Array of hashes
• Type: Required

The list of releases contained in your tile’s releases directory.

The version of the release must be exactly the same as the version contained in the release.

Each release requires the following keys:

• name
• file
• version

variables

• Format: Array of hashes
• Type: Optional

A list of variables that are generated after a deploy succeeds.

You can reference variables in a manifest snippet using triple-parentheses expressions.

Each release requires the following keys:

• name
• type

post_deploy_errands

• Format: Array of hashes
• Type: Optional

A list of errands that run after a deploy succeeds.

Set the run_post_deploy_errand_default: property to on or off to set the default for the errand’s run rule selector in Tanzu Operations Manager. If you do not specify this property, the selector defaults to On.

For more information, see Errands.

pre_delete_errands

• Format: Array of hashes
• Type: Optional

A list of errands that run before a deployment is deleted.

Set the run_pre_delete_errand_default: property to on or off to set the default for the errand’s run rule selector in Tanzu Operations Manager. If you do not specify this property, the selector defaults to On.

For more information, see Errands.

runtime_configs

• Format: Array of hashes
• Type: Optional

These are keys that define global deployment configurations. For more information, see Managing Runtime Configs.

install_time_verifiers

• Format: Array of hashes
• Type: Optional

Install-time verifiers confirm that properties for external services are set correctly. Install-time verifiers run in Tanzu Operations Manager before the changes are applied. You can correct invalid properties before you deploy.

For example, Verifiers::MysqlDatabaseVerifier checks that MySQL database properties are valid by using the properties to connect to the MySQL database. If the properties are invalid, the install-time verifier provides a message.

Each install_time_verifier supports the following keys:

• name: The type of verifier. The value must be one of the verifiers listed in the following table.

• properties: A mapping of verifier inputs to either property references or static values. The required properties for each verifier are listed in the following table.

• ignorable: If this key is set to false, you cannot click Apply Changes until the verification errors are resolved. If this key is set to true, you can ignore the warning message and click Apply Changes. This key is set to false by default.

• run_on: Determines when to run the verifier. Valid values include 'always' and 'major_or_minor_upgrades'. This key defaults to 'always'.

For information about how you can manage and view verifiers, see Managing Tanzu Operations Manager Verifiers.

The following table lists the available install-time verifiers:

The following is an example of a install_time_verifiers section:

install_time_verifiers:
- ignorable: true
  name: Verifiers::WildcardDomainVerifier
  properties:
    domain: .cloud_controller.system_domain
- name: Verifiers::SsoUrlVerifier
  properties:
    url: .properties.uaa.saml.sso_url
- ignorable: true
  name: Verifiers::BlobstoreVerifier
  properties:
    access_key_id: .properties.system_blobstore.external.access_key
    bucket_name: .properties.system_blobstore.external.buildpacks_bucket
    endpoint: .properties.system_blobstore.external.endpoint # Optional. Defaults to AWS
    region: .properties.system_blobstore.external.region # Optional. Defaults to default IaaS setting
    secret_access_key: .properties.system_blobstore.external.secret_key
    signature_version: .properties.system_blobstore.external.signature_version
    use_path_style: .properties.system_blobstore.external.use_path_style # Optional. Defaults to false
- ignorable: true
  name: Verifiers::MysqlDatabaseVerifier
  properties:
    database: "static-database-name"
    host: .properties.system_database.external.host
    password: .properties.system_database.external.account_password
    port: 1234
    user name: example-dbuser
- ignorable: true
  name: Verifiers::HttpSuccessVerifier
  run_on: major_or_minor_upgrades
  properties:
    host: .properties.external_host
    scheme: https
    port: 443
    path: /verify

icon_image

• Format: Base64 Image
• Type: Required

This is the icon that appears on the tile in the Tanzu Operations Manager Installation Dashboard.

base_releases_url

• Format: String
• Type: Optional

A publicly available URL that is passed to BOSH to download your releases during installation. If you use this text box, BOSH Director must have internet connectivity. This allows you to package your tile without releases, decreasing the tile size.

opsmanager_syslog

• Format: Boolean
• Type: Optional, default false

Set opsmanager_syslog to true to opt in to the Tanzu Operations Manager provided syslog form. If you opt in, you do not need provide the Syslog BOSH release for your tile.

For more information about the Syslog BOSH release, see the Syslog BOSH Release repository on GitHub.

For more information about migrating an existing form to the syslog form provided, see Migrating existing Syslog configuration to Tanzu Operations Manager.

Form properties

Each form type you write is composed of form properties. Form properties dictate the structure of the form fields that appear in the Tanzu Operations Manager UI. The names (name)of the forms appear on the left-hand side as navigational tabs.

Form properties reference property_blueprints. Property blueprints define each text box’s data type.

For an example property blueprint that corresponds to the form_types example that follows, see property_blueprints.

form_types:
  - name: example-form
    label: Configurable Properties
    description: All the properties that you can configure!
    markdown: |
      ## I am markdown, hear me _roar_.

      Things to do:

      1. Learn [markdown](https://daringfireball.net/projects/markdown/).
      1. ...
      1. Profit!
    property_inputs:
      - reference: .web_server.example_string
        label: Example string
        description: 'Configure a property of type string'
      - reference: .web_server.example_string_with_placeholder
        label: Example string containing Placeholder text
        description: 'Optional text box. Configuration not necessary'
        placeholder: 'Ghost text. Spooky!'
      - reference: .web_server.example_migrated_integer
        label: Example integer
        description: 'Configure a property of type integer'
      - reference: .web_server.example_boolean
        label: Example boolean
        description: 'Configure a property of type boolean'
      - reference: .web_server.example_dropdown
        label: Example dropdown
        description: 'Configure a property of type dropdown'
      - reference: .web_server.example_domain
        label: Example domain
        description: 'Configure a property of type domain'
      - reference: .web_server.example_wildcard_domain
        label: Example wildcard_domain
        description: 'Configure a property of type wildcard_domain'
      - reference: .web_server.example_string_list
        label: Example string_list
        description: 'Configure a property of type string_list'
      - reference: .web_server.example_text
        label: Example text
        description: 'Configure a property of type text (setting to "magic value" causes the web server job instance count to go to 0)'
      - reference: .web_server.example_ldap_url
        label: Example ldap_url
        description: 'Configure a property of type ldap_url'
      - reference: .web_server.example_email
        label: Example email
        description: 'Configure a property of type email'
      - reference: .web_server.example_http_url
        label: Example http_url
        description: 'Configure a property of type http_url'
      - reference: .web_server.example_ip_address
        label: Example ip_address
        description: 'Configure a property of type ip_address'
      - reference: .web_server.example_ip_ranges
        label: Example ip_ranges
        description: 'Configure a property of type ip_ranges'
      - reference: .web_server.example_multi_select_options
        label: Example multi_select_options
        description: 'Configure a property of type multi_select_options'
      - reference: .web_server.example_network_address_list
        label: Example network_address_list
        description: 'Configure a property of type network_address_list (this property was marked with freeze_on_deploy, and so cannot be edited after changes are first applied)'
      - reference: .web_server.example_network_address
        label: Example network_address
        description: 'Configure a property of type network_address'
      - reference: .web_server.example_port
        label: Example port
        description: 'Configure a property of type port'
      - reference: .web_server.example_smtp_authentication
        label: Example smtp_authentication
        description: 'Configure a property of type smtp_authentication'
      - reference: .web_server.client_certificate
        label: Example certificate
        description: 'Configure a certificate'
    verifiers:
      - name: Verifiers::WildcardDomainVerifier
        properties:
          domain: .web_server.example_wildcard_domain
      - name: Verifiers::StaticIpsVerifier
        properties:
          domain: .web_server.example_ip_address

name

• Format: String
• Type: Required

The internal name of the form.

label

• Format: String
• Type: Required

The label of the form. Appears as a link on the left hand side of each form.

description

• Format: String
• Type: Optional

The description of the form. Appears at the top of the form as a header.

markdown

• Format: Markdown
• Type: Optional

Provide a block of markdown to display at the top of the form. Use this property to document the tile and provide explanations or references. External images are not supported.

property_inputs

• Format: Array of hashes
• Type: Required

References to properties defined in the property_blueprints section of the product template.

verifiers

Verifiers confirm that properties are set correctly in forms. If a verifier displays a warning, the form can still be saved and the warning can be ignored.

Verifiers are similar to install-time verifiers except that they run after a form is saved and not before you click Apply Changes. Verifiers do not block deployments and only inform you that the properties you set are invalid.

To have a verifier run when a form is saved and before you click Apply Changes, add the verifier to both the verifiers and install_time_verifiers sections.

For information about:

• how you can manage and view verifiers, see Managing Tanzu Operations Manager Verifiers.

• how verifiers are configured, see install_time_verifiers.

The following is an example verifiers section:

form_types:
  - name: example-form
    label: Configurable Properties
    description: All the properties that you can configure!
    property_inputs:
      - reference: .web_server.example_wildcard_domain
        label: Example wildcard_domain
        description: 'Configure a property of type wildcard_domain'
      - reference: .web_server.static_ips
        label: Example ip_address
        description: 'Configure a property of type ip_address'
    verifiers:
      - name: Verifiers::WildcardDomainVerifier
        properties:
          domain: .web_server.example_wildcard_domain
      - name: Verifiers::StaticIpsVerifier
      - name: Verifiers::MysqlDatabaseVerifier
        properties:
          database: "static-database-name"
          host: .properties.example-database-host
          port: 1234
          user name: example-dbuser

You can specify either a tile property reference or a static value for a form verifier. In the preceding example, Verifiers::MysqlDatabaseVerifier uses a tile property reference for the database host and static values for the database name, port number, and user name.

placeholder

• Format: String
• Type: Optional

Specify placeholder text for a text box. Appears in light gray to show an example value for the user. The text disappears when you type in the text box and reappears if the text box is empty.

The placeholder attribute displays for the following form types:

• string
• integer
• domain
• wildcard_domain
• string_list
• text
• ldap_url
• email
• http_url
• ip_address
• ip_ranges
• network_address_list
• network_address
• port

Job types

The following is an example of the job_types section that appears in a product template.

This section defines the jobs that end up in a BOSH manifest. Those jobs are defined in your BOSH release.

Jobs require many different settings to function properly. That is the core of what Tanzu Operations Manager does for you: Tanzu Operations Manager asks you to designate values for those settings and generates a manifest based on what you specify.

Tanzu Operations Manager does not require tile authors to provide vm_credentials in the property_blueprints for each job_type. This is because vm_credentials are generated automatically. You can find them in the release manifest.

Important Tanzu Operations Manager ignores static_ip and dynamic_ip keys. To configure the static IPs of a job_type, create a property blueprint with name: static_ips and type: ip_ranges.
static_ips is a special keyword that Tanzu Operations Manager uses to find static IPs and pass them to the BOSH manifest. For more information about ip_ranges, see ip_ranges.

job_types:
  - name: web_server
    resource_label: Web Server
    templates:
      - name: web_server
        release: example-release
      - name: time_logger
        release: example-release
    release: example-release
    static_ip: 1
    dynamic_ip: 0
    single_az_only: true
    use_stemcell: ubuntu-xenial
    max_in_flight: 1
    resource_definitions:
      - name: ram
        type: integer
        configurable: true
        default: 1024
      - name: ephemeral_disk
        type: integer
        configurable: true
        default: 2048
      - name: persistent_disk
        type: integer
        configurable: true
        default: 1024
        constraints:
          min: 1024
      - name: cpu
        type: integer
        configurable: true
        default: 1
    instance_definition:
      name: instances
      type: integer
      configurable: true
      default: 1
      constraints:
        max: 1
      zero_if:
        property_reference: '.web_server.example_text'
        property_value: 'magic value'
        allow_manual_selection_of_zero: false
    manifest: |
      generated:
        root_rsa_certificate: (( $ops_manager.ca_certificate ))
        rsa_cert_credentials:
          public_key_pem: (( generated_rsa_cert_credentials.public_key_pem ))
          cert_and_private_key_pems: (( generated_rsa_cert_credentials.cert_and_private_key_pems ))
        rsa_pkey_credentials:
          public_key_pem: (( generated_rsa_pkey_credentials.public_key_pem ))
          private_key_pem: (( generated_rsa_pkey_credentials.private_key_pem ))
          public_key_openssh: (( generated_rsa_pkey_credentials.public_key_openssh ))
          public_key_fingerprint: (( generated_rsa_pkey_credentials.public_key_fingerprint ))
        salted_credentials:
          sha512_hashed_password: (( generated_salted_credentials.sha512_hashed_password ))
          identity: (( generated_salted_credentials.identity ))
          salt: (( generated_salted_credentials.salt ))
          password: (( generated_salted_credentials.password ))
        simple_credentials:
          identity: (( generated_simple_credentials.identity ))
          password: (( generated_simple_credentials.password ))
        secret: (( generated_secret.value ))
        uuid: (( generated_uuid.value ))
      configured:
        string: (( example_string.value ))
        integer: (( example_migrated_integer.value ))
        ...
        record_collection: (( .properties.example_collection.value || [] ))
        selector: (( .properties.example_selector.selected_option.parsed_manifest(my_snippet) ))
      ops_manager_provided_accessors:
        name: (( name ))
        cpu: (( cpu ))
        ram: (( ram ))
        ephemeral_disk: (( ephemeral_disk ))
        persistent_disk: (( persistent_disk ))
        instances: (( instances ))
        any_instances: (( any_instances ))
        subnet_cidrs: (( subnet_cidrs ))
    property_blueprints:
    - name: static_ips
      type: ip_ranges
      configurable: true
      optional: true
    - name: generated_rsa_cert_credentials
      type: rsa_cert_credentials
    - name: generated_rsa_pkey_credentials
      type: rsa_pkey_credentials
    - name: generated_salted_credentials
      type: salted_credentials
    - name: generated_simple_credentials
      type: simple_credentials
    - name: generated_secret
      type: secret
    - name: generated_uuid
      type: uuid
    - name: example_string_with_placeholder
      type: string
      configurable: true
      optional: true
      placeholder: 'Configure me!'
    - name: example_string
      type: string
      configurable: true
      default: 'Hello world'
      constraints:
      - must_match_regex: '^[^!@#$%^&*()]*$'
        error_message: 'This name cannot contain capital digits.'
      - must_match_regex: '^[^0-9]*$'
        error_message: 'This name cannot contain digits.'
    - name: example_migrated_integer
      type: integer
      configurable: true
      default: 1
    - name: example_boolean
      type: boolean
      configurable: true
      default: true
    - name: example_dropdown
      type: dropdown_select
      configurable: true
      default: kiwi
      options:
        - name: kiwi
          label: 'label for kiwi'
        - name: lime
          label: 'label for lime'
        - name: avocado
          label: 'label for avocado'
    - name: example_domain
      type: domain
      configurable: true
      default: www.example.com
    - name: example_wildcard_domain
      type: wildcard_domain
      configurable: true
      default: 'example.com'
    - name: example_string_list
      type: string_list
      configurable: true
      default: 'a,list,of,strings'
    - name: example_text
      type: text
      configurable: true
      default: 'some_text'
    - name: example_ldap_url
      type: ldap_url
      configurable: true
      default: 'ldap://example.com'
    - name: example_email
      type: email
      configurable: true
      default: [email protected]
    - name: example_http_url
      type: http_url
      configurable: true
      default: 'http://www.example.com'
    - name: example_ip_address
      type: ip_address
      configurable: true
      default: '192.168.0.1'
    - name: example_ip_ranges
      type: ip_ranges
      configurable: true
      default: '1.1.1.1-1.1.1.4,2.2.2.1-2.2.2.4'
    - name: example_multi_select_options
      type: multi_select_options
      configurable: true
      default: ['earth', 'jupiter']
      options:
        - name: mercury
          label: 'label for mercury'
        - name: venus
          label: 'label for venus'
        - name: earth
          label: 'label for earth'
        - name: mars
          label: 'label for mars'
        - name: jupiter
          label: 'label for jupiter'
        - name: saturn
          label: 'label for saturn'
        - name: uranus
          label: 'label for uranus'
        - name: neptune
          label: 'label for neptune'
    - name: example_network_address_list
      type: network_address_list
      configurable: true
      default: '1.1.1.1,example.com,foo.bar.example.com'
    - name: example_network_address
      type: network_address
      configurable: true
      default: '1.1.1.1'
    - name: example_port
      type: port
      configurable: true
      default: 1111
    - name: example_smtp_authentication
      type: smtp_authentication
      configurable: true
      default: plain
    - name: client_certificate
      type: ca_certificate
      configurable: true
      optional: true

name

• Format: String
• Type: Required

The name of the job as it is to be created in the BOSH manifest generated by Tanzu Operations Manager.

resource_label

• Format: String
• Type: Required

The label of the job as it is to appear in the resources page of the tile.

migrated_from

• Format: Array of hashes
• Type: Optional

Each element has the following attributes:

• name

  • Format: The previous name of the job, as it was created in the BOSH manifest generated by Tanzu Operations Manager.
  • Type: Required

templates

• Format: Array of hashes
• Type: Required

Each element has the following text boxes:

• name
  • Format: Name of the job template to use
  • Type: Required
• release
  • Format: Name of the release the template is from.
  • Type: Required
• consumes
  • Format: YAML string defining BOSH links that this job consumes.
  • Type: Optional
• provides
  • Format: YAML string that defines BOSH links that this job provides.
  • Type: Optional

For more information about BOSH links, see the BOSH documentation.

release

• Format: String
• Type: Required

The name of the BOSH release contained in your tile archive, which is the .pivotal file.

single_az_only

• Format: Boolean
• Type: Required

You can give control of balancing jobs across availability zones (AZs) by setting single_az_only to false.

To limit a job to a single AZ, set single_az_only to true.

Caution If you change the single_az_only setting, your VMs can switch AZs. This change can cause an orphaned disk.

max_in_flight

• Format: Integer
• Type: Required

This is a BOSH setting that controls the number of instances of this job that BOSH deploys in parallel.

use_stemcell

• Format: String
• Type: Optional

The stemcell operating system for this job. You must set use_stemcell to the value of an os key configured in stemcell_criteria or additional_stemcell_criteria.

You can configure use_stemcell to activate jobs to run on different operating systems. For example, you can configure one job to run on Linux and a different job to run on Windows. If the instance count of a job is 0, the configured stemcell operating system is not required to deploy the tile.

If a job does not have a use_stemcell property, the job uses the stemcell operating system configured in stemcell_criteria. For more information, see stemcell_criteria and additional_stemcell_criteria.

resource_definitions

• Format: Array of hashes
• Type: Required

A set of resource settings for the job with maximum and minimum constraints, defaults, and configuration options.

The resources you can set are:

• ram
• ephemeral_disk
• persistent_disk
• cpu

For examples of supported constraint types, see integer.

Important If you set the default property for persistent_disk to 0, users cannot edit this value and the Resource Config pane in the Tanzu Operations Manager tile displays None under the persistent disk text box.

instance_definition

• Format: Hash
• Type: Required

The number of default instances for a job, including maximum, minimum, odd, and the ability to decrease sizing after deploy.

If your tile uses an external service that performs the same job as a service in TAS for VMs, you can reduce resource usage by setting the instance count of a job to 0 with the zero_if property.

When zero_if is not active for an instance group, you cannot set the instance count to 0 (zero). You can override this by setting allow_manual_selection_of_zero to true. By default, it is set to false.

For example, assume that your tile uses Amazon Relational Database Service (RDS) instead of MySQL, which is the default system database for TAS for VMs. You can remove all instance counts of MySQL by setting property reference to .properties.system.database and property value to magic value.

For examples of supported constraint types, see integer.

Important If you are using the zero_if property, you must ensure that the can_only_increase constraint is set to false.

manifest

• Format: Text snippet, prefaced by pipe symbol: |
• Type: Optional

Tanzu Operations Manager generates a BOSH manifest that defines properties for each job the manifest deploys. Some of these properties are not set until you click Apply Changes, because you configured them in the tile or because Tanzu Operations Manager had to generate them.

For more information about referencing these properties, see Referencing Properties.

Job accessors

The following table that describes the double parentheses expressions Tanzu Operations Manager provides to access information about the jobs that the manifest deploys:

Property blueprint reference

Common property blueprint attributes

All property blueprints can have the following attributes:

• name: Required. The name of the property.
  The name is used to reference a property in form_types and in double parens (( )) accessors.

• type: Required. The type of property.
  The value must be one of the property types listed in this topic.

• optional: Optional. Default: false.
  When set to true, Tanzu Operations Manager does not require this property to be set to deploy, nor does it validate that this field has a value when saving a form with this property.
  optional cannot be set to true if a default value is set. For more information about which types support default, see All Property Blueprint Types.
  optional cannot be set to true if the property also has configurable: false.

• configurable: Optional. Default: false.
  When set to true for property types that support your configuration, you are not allowed to configure this value. Do not set configurable: true for property types that do not support your configuration.
  When set to false, Tanzu Operations Manager does not render this property in any form, even if it is specified in a form_type, nor does it allow the property to be updated through the API. For property types that support auto-generation of values, when configurable is set to false, Tanzu Operations Manager generates and saves a value for this property when the tile this property belongs to is deployed for the first time.

• freeze_on_deploy: Optional. Default: false.
  When set to true, Tanzu Operations Manager does not allow this property to be changed after the tile this property belongs to is successfully deployed.

• conditional_default: Optional.
  Accepts two nested keys: dependency_present and value.
  The conditional_default key overrides the default value specified in the property blueprint only when that tile dependency is present. Otherwise, the default value is used.
  The conditional_default key is evaluated when the specified tile dependency is imported. It is re-evaluated only when that tile dependency is staged or deleted. For example:

  - name: example_selector
    type: selector
    default: Yes
    conditional_default:
      dependency_present: cf
      value: No
    option_templates:
      - name: yes_option
        select_value: Yes
        named_manifests:
          - name: my_snippet
            manifest: |
              ...
      - name: no_option
        select_value: No
        named_manifests:
          - name: my_other_snippet
            manifest: |
              ...
  

Configurable and auto-generated properties

When a property has configurable: true and is added to a form_type, you can configure the value of that property.

Alternatively, a property with configurable: false gets a value auto-generated by Tanzu Operations Manager. For the property types supported by each of these, see the sections that follow.

Properties with configurable set to false:

• Cannot be edited by you.
• Do not show up in forms, even if added under form_types.
• Get auto-generated values filled in by Tanzu Operations Manager if that specific type of property supports auto-generation of values.

named_manifest for selector and collection type properties

Specify a property for collection in the named_manifest section of the metadata. For example:

- name: certificate_collection
  type: collection
  configurable: true
  property_blueprints:
    - name: some_cert_name
      type: string
    - name: some_cert
      type: rsa_cert_credentials
  named_manifests:
  - name: for_routing
    manifest: |
      name:  (( current_record.some_cert_name.value ))
      private_key:  (( current_record.some_cert.private_key_pem ))
      public_key:  (( current_record.some_cert.public_key_pem ))
      certificate: (( current_record.some_cert.cert_pem ))

Use the current_record property within a collection record to refer to other properties in the same record.

For example, the properties in the for_routing named manifest refer to the values for name, private_key, public_key, and certificate in this record only.

Note If you are using the The current_record property is reserved. You cannot create a new property named current_record.

After you define a named manifest, you can reference it using a manifest snippet in the following format:

routing_certificates: (( .properties.certificate_collection.parsed_manifest(for_routing) ))

Tanzu Operations Manager renders the following manifest from this example:

routing_certificates:
  - name: foo_cert
    private_key: PRIVATE-KEY
    public_key: PUBLIC-KEY
    certificate: CERTIFICATE
  - name: bar_cert
    private_key: PRIVATE-KEY
    public_key: PUBLIC-KEY
    certificate: CERTIFICATE

For more information, see Selector and Collection Types.

All property blueprint Types

These sections describe every property blueprint type.

boolean

This holds a single boolean value.

Property blueprint attributes

Accessors

Example

property_blueprints:
  - name: example_boolean
    type: boolean
    configurable: true
    default: false

form_types:
  - name: example_form
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_boolean
        label: 'Example checkbox'
        description: 'This is an example check box'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
    templates:
      - name: user_add
        release: os-conf
        manifest: |
          persistent_homes: (( .properties.example_boolean.value ))

ca_certificate

This holds a string value.

Property blueprint attributes

Accessors

Example

property_blueprints:
- name: ca_cert
  type: ca_certificate
  configurable: true

form_types:
- name: example_form
  label: 'Example form'
  description: 'An example form'
  property_inputs:
    - reference: .properties.ca_cert
      label: 'Trusted CA certs'
      description: 'These certificates will be trusted by the deployed VM'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: ca_certs
      release: os-conf
      manifest: |
        certs: (( .properties.ca_cert.value ))

collection

This holds multiple records of a group of custom defined properties.

You cannot nest selector properties or other collection properties inside of a collection.

 Property blueprint attributes

default:
        - name: sam
          public_key: ssh-rsa AAAAB3NzaC1yc2EAAAAD...
          sudo: true
      

Accessors

      [
        {title: 'album-one', explicit: true},
        {title: 'album-two', explicit: false}
      ]
      

Example using .value accessor

property_blueprints:
  - name: users_to_add
    type: collection
    configurable: true
    property_blueprints:
      - name: name
        type: string
        configurable: true
        freeze_on_deploy: true
      - name: public_key
        type: string
        configurable: true
      - name: sudo
        type: boolean
        configurable: true

form_types:
  - name: example_form
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.users_to_add
        label: 'Users to add'
        description: 'will added to deployed VM'
        property_inputs:
          - reference: name
            label: Username
            description: user name of the added user
          - reference: public_key
            label: Public key
            description: RSA public key used to SSH onto the VM
          - reference: sudo
            label: make sudoer
            description: if selected, user will be able to sudo

job_types:
  - name: example-job
    resource_label: An Example Job
    <<: *job_type_boilerplate
    templates:
      - name: user_add
        release: os-conf
        manifest: |
          users: ((.properties.users_to_add.value))

Resulting manifest snippet

...
instance_groups:
- name: example-job
  jobs:
  - name: user_add
    release: os-conf
    ...
    properties:
      users:
      - name: tom
        public_key: ssh-rsa MFwwDQYJKoZIhvcNAQEBBQ...
        sudo: false
      - name: sameer
        public_key: ssh-rsa MFwwDQYJKoZIhvcNAQEBBQ...
        sudo: true
...

Example with .parsed_manifest(name)

property_blueprints:
  - name: sysctls
    type: collection
    configurable: true
    property_blueprints:
      - name: setting_name
        type: string
        configurable: true
        freeze_on_deploy: true
      - name: setting_value
        type: string
        configurable: true
    named_manifests:
      - name: name_value_format
        manifest: (( current_record.setting_name.value ))=(( current_record.setting_value.value ))

form_types:
  - name: example_form
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.sysctls
        label: 'Custom sysctls'
        description: 'sysctl configuration settings to be placed in /etc/sysctl.d'
        property_inputs:
          - reference: setting_name
            label: Setting name
            description: the sysctl setting name, e.g. net.core.somaxconn
          - reference: setting_value
            label: Setting value
            description: value for this sysctl setting

job_types:
  - name: example-job
    resource_label: An Example Job
    <<: *job_type_boilerplate
    templates:
      - name: sysctl
        release: os-conf
        manifest: |
          sysctl: (( .properties.sysctls.parsed_manifest(name_value_format) ))

Resulting manifest snippet

...
instance_groups:
- name: example-job
  jobs:
  - name: sysctl
    release: os-conf
    ...
    properties:
      sysctl:
      - foo=bar
      - fooz=baz
...

disk_type_dropdown

This holds a single string value selected from allowed disk types.

Property blueprint attributes

Accessors

Example

property_blueprints:
  - name: example_disk_type_dropdown
    type: disk_type_dropdown
    configurable: true
    resource_definitions:
      - name: persistent_disk
        default: 4096
        constraints:
          min: 2048

form_types:
  - name: example_form
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_disk_type_dropdown
        label: 'Example disk_type_dropdown'
        description: 'This is an example'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: "Hello user, I see that your favorite disk size greater than 2 Gb is: (( .properties.example_disk_type_dropdown.value ))."

domain

This holds a string value that is a valid domain (e.g. example.com or x.example.com:80/a/b).

Property blueprint attributes

Accessors

Example

property_blueprints:
  - name: example_domain
    type: domain
    configurable: true

form_types:
  - name: example_form
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_domain
        label: 'Example domain'
        description: 'This is an example'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: Hello, user. I see your favorite domain is (( .properties.example_domain.value )).

dropdown_select

This holds an array of strings selected string values.

Property blueprint attributes

Accessors

Example

property_blueprints:
- name: example_dropdown_select
  type: dropdown_select
  default: kiwi
  configurable: true
  options:
  - name: kiwi
    label: 'Kiwi'
  - name: lime
    label: 'Lime'
  - name: tomato
    label: 'Tomato'

form_types:
- name: example_dropdown
  label: 'Example form'
  description: 'An example form'
  property_inputs:
  - reference: .properties.example_dropdown_select
    label: Favorite fruit
    description: 'What is your favorite fruit?'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
  - name: login_banner
    release: os-conf
    manifest: |
      login_banner:
        text: Hello, user. I see your favorite fruit is (( .properties.example_dropdown_select.value )).

email

This ensures that the string value is formatted as an email address.

Property Blueprint Attributes

Accessors

Example

property_blueprints:
- name: example_email
  type: email
  configurable: true

form_types:
- name: example_dropdown
  label: 'Example form'
  description: 'An example form'
  property_inputs:
  - reference: .properties.example_email
    label: User email
    description: 'What is your email?'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
  - name: login_banner
    release: os-conf
    manifest: |
      login_banner:
        text: Hello, user. Your email is (( .properties.example_email.value )).

http_url

This holds an HTTP URL.

Property Blueprint Attributes

Accessors

Example

property_blueprints:
  - name: example_http_url
    type: http_url
    configurable: true
    default: 'http://example.com'

form_types:
  - name: example_form
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_http_url
        label: Example http_url
        description: 'Configure a property of type http_url'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
  - name: login_banner
    release: os-conf
    manifest: |
      login_banner:
        text: Hello, user. For fun, please visit (( .properties.example_http_url.value )).

integer

This holds a single integer value.

Property blueprint attributes

Supported Constraints

Accessors

Example

property_blueprints:
  - name: example_integer1
    type: integer
    configurable: true
    default: 9
    constraints: # the following constraints allow the values 9, 15, and 21
      min: 8
      max: 21
      may_only_increase: true
      may_only_be_odd_or_zero: true
      modulo: 3
  - name: example_integer2 # the following constraints allow the values 8 and 16
    type: integer
    configurable: true
    optional: true
    constraints:
      zero_or_min: 5
      max: 20
      power_of_two: true

form_types:
  - name: example_integer
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_integer1
        label: Example Integer 1
        description: 'Configure a property of type integer'
      - reference: .properties.example_integer2
        label: Example Integer 2
        description: 'Configure another property of type integer'

job_types:
  - name: example-job
    resource_label: An Example Job
    <<: *job_type_boilerplate
    templates:
    - name: tcp_keepalive
      release: os-conf
      manifest: |
        tcp_keepalive:
          time: (( .properties.example_integer1.value ))
          interval: (( .properties.example_integer2.value ))

ip_address

Ensures that the string value is an IP address.

Property blueprint attributes

Accessors

Example

property_blueprints:
  - name: example_ip_address
    type: ip_address
    configurable: true
    default: 192.168.0.1

form_types:
  - name: example_form
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_ip_address
        label: Example IP Address
        description: 'Configure a property of type ip_address'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: Hello, user. I see your favorite IP Address is (( .properties.example_ip_address.value )).

ip_ranges

This holds a string that is a comma-separated list of IP addresses and IP address ranges.

Property blueprint attributes

Accessors

Example

property_blueprints:
  - name: example_ip_ranges
    type: ip_ranges
    configurable: true
    default: 1.1.1.1-1.1.1.4,2.2.2.1-2.2.2.4,3.3.3.3

form_types:
  - name: example_form
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_ip_ranges
        label: Example IP Ranges
        description: 'Configure a property of type ip_ranges'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: Hello, user. I see your favorite IP ranges are (( .properties.example_ip_ranges.value )).

ldap_url

Ensures that the input string matches a URL of the LDAP protocol or a space-separated list of LDAP protocol URLs.

Property blueprint attributes

Accessors

Example

property_blueprints:
  - name: example_ldap_url
    type: ldap_url
    configurable: true
    default: 'ldap://example.com'

form_types:
  - name: example_form
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_ldap_url
        label: Example ldap_url
        description: 'Configure a property of type ldap_url'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
  - name: login_banner
    release: os-conf
    manifest: |
      login_banner:
        text: Hello, user. I see your favorite LDAP URL is (( .properties.example_ldap_url.value )).

multi_select_options

This holds an array of selected string values. Must be an array of non-blank strings.

Property blueprint attributes

Accessors

Example

property_blueprints:
  - name: example_multi_select_options
    type: multi_select_options
    configurable: true
    default: ['earth', 'mercury']
    options:
    - name: mercury
      label: 'label for mercury'
    - name: venus
      label: 'label for venus'
    - name: earth
      label: 'label for earth'

form_types:
  - name: example_multi_select_options
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_multi_select_options
        label: Example Multi-Select Options
        description: 'Configure a property of type multi_select_options'

job_types:
  - name: example-job
    resource_label: An Example Job
    <<: *job_type_boilerplate
    templates:
    - name: modprobe
      release: os-conf
      manifest: |
        # the value at the 'modules' key will render as an array of strings
        modules: (( .properties.example_multi_select_options.value ))

network_address

This holds a string: a hostname, domain name, or IP addresses.

Property blueprint attributes

Accessors

Example

property_blueprints:
  - name: example_network_address
    type: network_address
    configurable: true
    default: 'localhost'

form_types:
  - name: example_network_address
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_network_address
        label: Example Network Address
        description: 'Configure a property of type network_address'

job_types:
  - name: example-job
    resource_label: An Example Job
    <<: *job_type_boilerplate
    templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: Hello, user. I see your favorite network address is (( .properties.example_network_address.value )).

network_address_list

This holds a string that is a comma-separated list of hostnames and IP addresses.

Property blueprint attributes

Accessors

Example

property_blueprints:
  - name: example_network_address_list
    type: network_address_list
    configurable: true
    default: 'localhost,8.8.8.8'

form_types:
  - name: example_network_address_list
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_network_address_list
        label: Example Network Address List
        description: 'Configure a property of type network_address_list'

job_types:
  - name: example-job
    resource_label: An Example Job
    <<: *job_type_boilerplate
    templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: Hello, user. I see your favorite network addresses are (( .properties.example_network_address_list.value )).
          an_ignored_array_of_network_addresses: (( .properties.example_network_address_list.parsed_network_addresses ))

port

This holds a single integer value. Allowed values are 0 (zero) through 65535 and null.

Property blueprint attributes

Accessors

Example

property_blueprints:
  - name: example_port
    type: port
    configurable: true
    default: 3000

form_types:
  - name: example_port
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_port
        label: Example Port
        description: 'Configure a property of type port'

job_types:
  - name: example-job
    resource_label: An Example Job
    <<: *job_type_boilerplate
    templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: Hello, user. I see your favorite network port is (( .properties.example_port.value )).

rsa_cert_credentials

This holds SSL certificate generated from root CA.

Property Blueprint Attributes

Accessors

Example

property_blueprints:
  # This is configurable by the operator and appears in the form_types section
  - name: example_configurable_rsa_cert_credentials
    type: rsa_cert_credentials
    configurable: true
    optional: true
  # This is not configurable by the operator and is auto-generated
  - name: example_non_configurable_rsa_cert_credentials
    type: rsa_cert_credentials
    configurable: false
    default:
      domains:
        - 'cell.service.cf.internal'
        - '*cell.service.cf.internal'
form_types:
  - name: example_form
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_configurable_rsa_cert_credentials
        label: Example configurable rsa_cert_credentials
        description: 'Configure a property of type rsa_cert_credentials'

job_types:
  - name: example-job
    resource_label: An Example Job
    <<: *job_type_boilerplate
    templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: |
            Hello, user.
            Here is your public_key_pem
            (( .properties.example_non_configurable_rsa_cert_credentials.public_key_pem ))
            Here is your private_key_pem
            (( .properties.example_non_configurable_rsa_cert_credentials.private_key_pem ))
            Here is your cert_pem
            (( .properties.example_non_configurable_rsa_cert_credentials.cert_pem ))
            Here is your cert_and_private_key_pems
            (( .properties.example_non_configurable_rsa_cert_credentials.cert_and_private_key_pems ))

rsa_pkey_credentials

This holds RSA public and private keys. It is a non-configurable property.

Accessors

Example

property_blueprints:
  - name: example_rsa_pkey_credentials
    type: rsa_pkey_credentials
    configurable: false

job_types:
  - name: example-job
    resource_label: An Example Job
    <<: *job_type_boilerplate
    templates:
      - name: user_add
        release: os-conf
        manifest: |
          users:
            - name: nick
              public_key: ((.properties.example_rsa_pkey_credentials.public_key_pem))

salted_credentials

This holds credentials with salted and hashed passwords. It is a non-configurable property.

Property Blueprint Attributes

default:
        - identity: ryan
      

Accessors

Example

property_blueprints:
  # Example without defaults
  - name: example_salted_credentials
    type: salted_credentials
  # Example with default identity
  - name: example_salted_credentials_with_default
    type: salted_credentials
    default:
      identity: vcap

job_types:
  - name: example-job
    resource_label: An Example Job
    <<: *job_type_boilerplate
    templates:
      - name: user_add
        release: os-conf
        manifest: |
          users:
            - name: vcap
              crypted_password: ((.properties.example_salted_credentials.sha512_hashed_password))

secret

This holds a single string value for a secret. Adding display_type: text_area to the property inputs creates a multi-line credential.

Property blueprint attributes

Accessors

Example

property_blueprints:
  - name: example_secret
    type: secret
    configurable: true
    constraints:
      - must_match_regex: '^[a-zA-Z]{20,}$'
        error_message: 'This password must be at least 20 alphabetic characters '

form_types:
  - name: example_secret
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_secret
        label: Example Secret
        description: 'Configure a property of type secret'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: Shh, today's secret is (( .properties.example_secret.value )).

Example of a multi-line credential

form_types:
  - name: example_secret
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_secret
        label: Example Secret
        description: 'Configure a property of type secret'
        display_type: text_area

selector

Provides the ability to switch between groups of properties. It is displayed in the UI as a radio button group, potentially with additional options nested under each radio button.

Selectors are unique in the way that property information is accessed. Tanzu Operations Manager provides accessors available at the top-level selector property, accessors for retrieving a specific property in an option group, and the ability to provide manifest snippets for a selector option group.

Each selector group can provide manifest snippets. This is because Tanzu Operations Manager does not support conditionally adding manifest snippets. A manifest snippet should be present in all option groups, and can be used to create a simple kind of branching logic in manifest generation. Only one of these sets is evaluated and inserted into the job’s manifest.

You cannot nest collection properties or other selector properties inside of a selector.

Property Blueprint Attributes

Accessors

Example

property_blueprints:
  - name: example_selector
    type: selector
    configurable: true
    default: Pizza
    freeze_on_deploy: true
    option_templates:
      - name: pizza_option
        select_value: Pizza
        named_manifests:
          - name: my_snippet
            manifest: |
              pizza_toppings:
                pepperoni: (( .properties.example_selector.pizza_option.pepperoni.value ))
                other: (( .properties.example_selector.pizza_option.other_toppings.value ))
        property_blueprints:
          - name: pepperoni
            type: boolean
            configurable: true
            freeze_on_deploy: true
          - name: other_toppings
            type: string
            configurable: true
            optional: true
      - name: filet_mignon_option
        select_value: Filet Mignon
        named_manifests:
          - name: my_snippet
            manifest: |
              rarity: (( .properties.example_selector.filet_mignon_option.rarity_dropdown.value ))
              review: (( .properties.example_selector.filet_mignon_option.review.value ))
        property_blueprints:
          - name: rarity_dropdown
            type: dropdown_select
            configurable: true
            default: rare
            options:
              - name: rare
                label: 'Rare'
              - name: medium
                label: 'Medium'
              - name: well-done
                label: 'Well done'
          - name: review
            type: string
            configurable: true
            default: A+ power seller of mail order steak
            optional: false

form_types:
  - name: example_selector_form
    label: 'Selector Example'
    description: 'A selector example form'
    property_inputs:
      - reference: .properties.example_selector
        label: 'Food Choices'
        selector_property_inputs:
          - reference: .properties.example_selector.pizza_option
            label: 'Pizza'
            property_inputs:
              - reference: .properties.example_selector.pizza_option.pepperoni
                label: 'Add Pepperoni'
                description: 'Yum!'
              - reference: .properties.example_selector.pizza_option.other_toppings
                label: 'Other toppings'
          - reference: .properties.example_selector.filet_mignon_option
            label: 'Filet Mignon'
            property_inputs:
              - reference: .properties.example_selector.filet_mignon_option.rarity_dropdown
                label: 'How rare?'
                description: 'Extinct.'
              - reference: .properties.example_selector.filet_mignon_option.review
                label: 'Write your review'
                description: '"E.g. Would not buy again"'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: |
            Would you like some (( .properties.example_selector.value ))?
            I'm asking because you mentioned (( .properties.example_selector.pizza_option.other_toppings.value ))
          more_manifest_ignored_by_os_conf: (( .properties.example_selector.selected_option.parsed_manifest(my_snippet) ))

service_network_az_multi_select

This holds an arrays of string value selected from allowed availability zones (AZs).

Accessors

Example

service_broker: true

property_blueprints:
  - name: service_instance_azs
    type: service_network_az_multi_select
    configurable: true
    optional: false

form_types:
  - name: example_service_network_az_multi_select
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.service_instance_azs
        label: Example Service Network AZ Multi-Select
        description: 'Configure a property of type service_network_az_multi_select'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: "Hello, user. Here is an array of AZ names: (( .properties.service_instance_azs.value ))"

service_network_az_single_select

This holds a single string value selected from allowed AZs. It appears as a radio button group in the UI.

Accessors

Example

service_broker: true

property_blueprints:
  - name: example_service_network_az_single_select
    type: service_network_az_single_select
    configurable: true
    optional: false

form_types:
  - name: example_service_network_az_single_select
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_service_network_az_single_select
        label: Example Service Network AZ Single-Select
        description: 'Configure a property of type service_network_az_single_select'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: "Hello, user. Here is a single AZ name: (( .properties.example_service_network_az_single_select.value ))"

simple_credentials

This holds an identity and password.

Property blueprint attributes

default:
        - identity: ryan
      

Accessors

Example

property_blueprints:
  - name: example_configurable_simple_credentials
    type: simple_credentials
    configurable: true
  - name: example_non_configurable_simple_credentials
    type: simple_credentials
    configurable: false
    default:
      identity: vcap
form_types:
  - name: example_form
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_configurable_simple_credentials
        label: Example configurable simple_credentials
        description: 'Configure a property of type simple_credentials'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: |
            Shh, today's secret password is (( .properties.example_non_configurable_simple_credentials.password ))
            And the username is (( .properties.example_non_configurable_simple_credentials.identity ))

smtp_authentication

This holds string with a possible value of plain, login, or cram_md5.

Property blueprint attributes

Accessors

Example

property_blueprints:
  - name: example_smtp_authentication
    type: smtp_authentication
    configurable: true
    default: plain

form_types:
  - name: example_text
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_smtp_authentication
        label: Example SMTP Authentication
        description: 'Configure a property of type smtp_authentication'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: Hello. The SMTP auth type is (( .properties.example_smtp_authentication.value ))

stemcell_selector

Provides the ability to select among all available stemcell criteria. The stemcell selector is automatically populated with a list of all stemcell operating systems that are listed in the stemcell_criteria and additional_stemcells_criteria top-level properties.

After you select a stemcell listed in stemcell_selector, that stemcell is required to deploy the product.

For more information about the stemcell_criteria top-level property, see stemcell_criteria.

For more information about the additional_stemcells_criteria top-level property, see additional_stemcells_criteria.

Property Blueprint Attributes

Accessors

Example

stemcell_criteria:
  os: ubuntu-xenial
  version: 1.0.0
additional_stemcells_criteria:
  - os: windows2019
    version: 2019.73

property_blueprints:
  - name: example_stemcell_selector
    type: stemcell_selector
    configurable: true
    optional: true
form_types:
  - name: example_stemcell_selector_form
    label: 'Stemcell Selector Example'
    description: 'A stemcell selector example form'
    property_inputs:
      - reference: .properties.example_stemcell_selector
        label: 'Example stemcell selector'
        description: 'Select which stemcell you want to use'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: |
            Stemcell Assigned?: (( .properties.example_stemcell_selector.assigned? ))
            Assigned stemcell OS: (( .properties.example_stemcell_selector.os ))
            Assigned stemcell version: (( .properties.example_stemcell_selector.version ))
            Selected stemcell?: (( .properties.example_stemcell_selector.value_present? ))
            Selected stemcell OS: (( .properties.example_stemcell_selector.value ))

string_list

This holds an array of strings.

Property Blueprint Attributes

Accessors

Example

property_blueprints:
  - name: example_string_list
    type: string_list
    configurable: true
    default: foo,bar,baz

form_types:
  - name: example_string_list
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_string_list
        label: Example String List
        description: 'Configure a property of type string_list'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: Hello. Your array of strings is (( .properties.example_string_list.value ))

string

This holds a single string value.

Property Blueprint Attributes

Accessors

Example

property_blueprints:
  - name: example_string
    type: string
    configurable: true
    default: 'Karl'
    constraints:
    - must_match_regex: 'A[^!@#$%^&*()]*z'
      error_message: 'This name cannot contain special characters.'
    - must_match_regex: 'A[^0-9]*z'
      error_message: 'This name cannot contain digits.'
    - must_be_cron_schedule: true
      error_message: 'This must be a valid cron schedule expression.'

form_types:
  - name: example_form
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_string
        label: 'Example string'
        description: 'This is an example'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: Hello, (( .properties.example_string.value ))! Welcome.

text

This holds a string value. For configurable properties of this type, the UI uses multi-line strings to be entered.

Property Blueprint Attributes

Accessors

Example

property_blueprints:
  - name: example_text
    type: text
    configurable: true
    default: |
      Example
      Text

form_types:
  - name: example_text
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_text
        label: Example Text
        description: 'Configure a property of type text'

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: |
            Hello. Check out all this text!
            (( .properties.example_text.value ))

uuid

This holds a string uuid value.

Accessors

Example

property_blueprints:
  - name: example_uuid
    type: uuid
    configurable: false

job_types:
- name: example-job
  resource_label: An Example Job
  <<: *job_type_boilerplate
  templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: Hello. Your UUID is (( .properties.example_uuid.value ))

vm_type_dropdown

This holds single string value selected from allowed vm_types.

Property blueprint attributes

Accessors

Example

property_blueprints:
  - name: example_vm_type_dropdown
    type: vm_type_dropdown
    configurable: true
    resource_definitions:
    - name: ram
      default: 4096
    - name: cpu
      default: 1
    - name: ephemeral_disk
      default: 4096
      constraints:
        min: 2048

form_types:
  - name: example_vm_type_dropdown
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_vm_type_dropdown
        label: Example VM Type Dropdown
        description: 'Configure a property of type vm_type_dropdown'

job_types:
  - name: example-job
    resource_label: An Example Job
    <<: *job_type_boilerplate
    templates:
      - name: login_banner
        release: os-conf
        manifest: |
          login_banner:
            text: Hello. Your chosen VM Type is (( .properties.example_vm_type_dropdown.value )).

wildcard_domain

Ensures that the string value is a domain prefixed with *..

Property blueprint attributes

Accessors

Example

property_blueprints:
  - name: example_wildcard_domain
    type: wildcard_domain
    configurable: true
    default: 'example.com'

form_types:
  - name: example_form
    label: 'Example form'
    description: 'An example form'
    property_inputs:
      - reference: .properties.example_wildcard_domain
        label: Example Wildcard Domain
        description: 'Configure a property of type wildcard_domain'

job_types:
  - name: example-job
    resource_label: An Example Job
    <<: *job_type_boilerplate
    templates:
    - name: login_banner
      release: os-conf
      manifest: |
        login_banner:
          text: Hello. Your wildcard domain is (( .properties.example_wildcard_domain.value )).

Use the examples provided

You can copy each example into the metadata.yml template that follows and package it together with the os-conf release as a .pivotal file to make a working tile.

---
name: p-example
label: Example Tile
description: An example tile
product_version: '1.1'
minimum_version_for_upgrade: '1.0'
metadata_version: '2.2'
rank: 1
 stemcell_criteria:
  os: ubuntu-xenial
  version: '97.3'
 releases:
  - name: os-conf
    file: os-conf
    version: '15'
 # a base 64 encoded PNG with a teal square
icon_image: iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAIAAACQd1PeAAAADElEQVQI12NgaC8BAAGGAPwUz8ygAAAAAElFTkSuQmCC

 includes: # This top-level key is ignored by Tanzu Operations Manager.
  # This anchor is only to make the examples below more terse and is not required.
  job_type_boilerplate: &job_type_boilerplate
    max_in_flight: 1
    single_az_only: true
    resource_definitions:
      - name: ram
        configurable: true
        default: 1024
       - name: ephemeral_disk
         configurable: true
         default: 1024
       - name: persistent_disk
         configurable: true
         default: 1024
         constraints:
           min: 1024
       - name: cpu
         configurable: true
         default: 1
     instance_definition:
      name: instances
      configurable: true
      default: 1