vrabbi

Tanzu Application Platform AzureAD authentication

• ref: https://docs.vmware.com/en/VMware-Tanzu-Application-Platform/1.4/tap/tap-gui-auth.html

1. AzureAD Authentication Provider

In order to allow GUI authentication to Tanzu Application Platform via AzureAD, we will implement AzureAD Authentication Provider for Backstage.

• ref: https://backstage.io/docs/auth/microsoft/provider

vrabbi

apiVersion: tekton.dev/v1beta1
kind: ClusterTask
metadata:
  name: git-writer
spec:
  description: |-
    A task that writes a given set of files (provided as a json base64-encoded)
    to git repository under a specified directory.
  params:
  - description: The repository path

vrabbi

apiVersion: v1
kind: Secret
metadata:
  name: git-private-ca-overlay
  namespace: tap-install
type: Opaque
stringData:
  git-private-ca-overlay.yaml: |
    #@ load("@ytt:data", "data")
    #@ load("@ytt:overlay","overlay")

vrabbi

Step 1 - create the secret

kubectl apply -f PRISMA_OVERLAY_FIX.yaml

Step 2 - Add the following annotation to the package install resource in the prisma doc in gitlab

annotations:
  ext.packaging.carvel.dev/ytt-paths-from-secret-name.0: grype-prisma-sec-context-overlay

vrabbi

apiVersion: v1
stringData:
  password: 
  username: tap
kind: Secret
metadata:
  annotations:
    tekton.dev/git-0: https://REPLACE_ME
  name: git-creds
  namespace: tap-install

vrabbi

namespace_provisioner:
  additional_sources:
  - git:
      ref: origin/main
      subPath: overlays
      url: https://
      secretRef:
        name: git-creds-overlays
    path: _ytt_lib/customize
  - git:

vrabbi

apiVersion: carto.run/v1alpha1
kind: Workload
metadata:
  annotations:
    kubectl.kubernetes.io/last-applied-configuration: |
      {"apiVersion":"carto.run/v1alpha1","kind":"Workload","metadata":{"annotations":{},"labels":{"app.kubernetes.io/part-of":"demo-01","apps.tanzu.vmware.com/auto-configure-actuators":"true","apps.tanzu.vmware.com/has-tests":"true","apps.tanzu.vmware.com/workload-type":"web"},"name":"demo-01","namespace":"workloads"},"spec":{"build":{"env":[{"name":"BP_JVM_VERSION","value":"11"}]},"env":[{"name":"JAVA_TOOL_OPTIONS","value":"-Dmanagement.server.port=8081 -Dserver.port=8081 -Dmanagement.health.probes.enabled=\"false\""}],"params":[{"name":"annotations","value":{"autoscaling.knative.dev/minScale":"1"}},{"name":"debug","value":"true"},{"name":"live-update","value":"true"},{"name":"testing_pipeline_matching_labels","value":{"apps.tanzu.vmware.com/pipeline":"acme-fitness-generic-test"}}],"source":{"git":{"ref":{"branch":"main"},"url":"https://github.com/vrabbi/java-web-app"}}}}
  creationT

vrabbi

profile: full
ceip_policy_disclosed: true

shared:
  ingress_domain: "INGRESS-DOMAIN"
  ca_cert_data: |
    -----BEGIN CERTIFICATE-----
    MIIFXzCCA0egAwIBAgIJAJYm37SFocjlMA0GCSqGSIb3DQEBDQUAMEY...
    -----END CERTIFICATE-----
  image_registry:

vrabbi

With the following base ytt file

#@ load("@ytt:data", "data")

#@ def labels():
app: echo
org: test
#@ end

#@ def name(echo):

vrabbi

Setup Developer Machine for working with TAP

Steps

1. Install Tanzu CLI

• download the following file: https://github.com/vmware-tanzu/tanzu-cli/releases/download/v0.90.1/tanzu-cli-windows-amd64.zip
• unzip the file
• move the tanzu cli exe file from the extracted zip to a place on your path and rename it to tanzu.exe

2. Install TAP Plugins for Tanzu CLI

• run the command: