├── .gitignore ├── README.md ├── Signup Sheet.pdf ├── application ├── 5-application.md ├── workload-dotnet.yaml └── workload.yaml ├── cartographer └── 4-cartographer.md ├── choco-nonadmin-install.ps1 ├── config-REDACTED.yaml ├── dependencies ├── 0-dependencies.md └── config-reference.md ├── download-dependencies.ps1 ├── download-dependencies.sh ├── images ├── dessert.png ├── port-forward.png ├── step-cartographer.png ├── step-knative.png ├── step-kpack.png ├── step-tce.png ├── supplychain.png └── togo.png ├── install-cartographer.ps1 ├── install-cartographer.sh ├── install-knative.ps1 ├── install-knative.sh ├── install-kpack.ps1 ├── install-kpack.sh ├── knative ├── 3-knative.md ├── values-contour.yaml └── values-knative.yaml ├── kpack ├── .gitignore ├── 2-kpack.md ├── TanzuToGo Buildpacks.pptx ├── kpack-config.yaml └── yaml │ ├── builder.yaml │ ├── cluster-stack.yaml │ ├── cluster-store.yaml │ └── sa.yaml ├── overview.md ├── prereqs.md ├── set-env.ps1 ├── setup ├── access-control │ ├── supplychain-access.yaml │ ├── values.yaml │ └── workload-access.yaml ├── overlays │ ├── cartographer │ │ ├── default-crb.yaml │ │ ├── gitops-toolkit-crb.yaml │ │ └── namespace.yaml │ └── kpack │ │ ├── builder.yaml │ │ ├── cluster-stack.yaml │ │ ├── cluster-store.yaml │ │ └── sa.yaml └── vendir.yml ├── source-to-knative-service-env ├── .gitignore ├── Readme.md └── app-operator │ ├── README.md │ ├── supply-chain-templates.yaml │ └── supply-chain.yaml ├── source-to-knative-service ├── .gitignore └── app-operator │ ├── README.md │ ├── supply-chain-templates.yaml │ └── supply-chain.yaml ├── tce ├── 1-tce.md ├── TanzuToGo TCE.pptx └── tce-prereq-linux.sh └── wintools └── tanzu-to-go-wintools-amd64.zip /.gitignore: -------------------------------------------------------------------------------- 1 | config.yaml 2 | bin/ 3 | setup/vendir/ 4 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # Tanzu To Go Workshop 2 | 3 | #### Workshop content for creating a standalone Kubernetes development environment built entirely on open source 4 | 5 | ![img.png](images/togo.png) 6 | 7 | ## Table of Contents 8 | 9 | [Overview](overview.md)
10 | 11 | **[Prerequisites](prereqs.md)** 12 | 13 | [0. Download Dependencies](dependencies/0-dependencies.md)
14 | [1. Install Tanzu Community Edition](tce/1-tce.md)
15 | [2. Install kpack](kpack/2-kpack.md)
16 | [3. Install Knative](knative/3-knative.md)
17 | [4. Install Cartographer](cartographer/4-cartographer.md)
18 | [5. Onboard your application](application/5-application.md) 19 | -------------------------------------------------------------------------------- /Signup Sheet.pdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Tanzu-Solutions-Engineering/tanzu-to-go-workshop/ed096cd466373a9d2527dfef8c4845532a0f0a5a/Signup Sheet.pdf -------------------------------------------------------------------------------- /application/5-application.md: -------------------------------------------------------------------------------- 1 | # Onboard your application 2 | 3 | In the application subdirectory, you will find a [workload.yaml](workload.yaml) file. It describes a Workload with the name `tanzu-java-web-app`, and it references application source code located on Github at https://github.com/sample-accelerators/tanzu-java-web-app 4 | 5 | You have a few options on how to use your new environment: 6 | 7 | 1. Leave the workload.yaml as is, and submit it for build and deploy. 8 | 2. Fork the repo referenced in workload.yaml, and update the `spec.source.git.url` field in workload.yaml to point to your new forked repo. This will allow you to make subsequent updates to the code to use an iterative development process 9 | 3. Update the `spec.source.git` configuration in workload.yaml to point to an application of your choosing. This application must be in one of the languages specified in the `kpack.languages` field of the config.yaml that you used to install Tanzu. 10 | 11 | Once your workload.yaml is ready, you can submit it: 12 | 13 | `kubectl apply -f application/workload.yaml` 14 | 15 | This will kick off the build process. You can follow along by tailing the logs in kpack. For example, if your workload name is `tanzu-java-webapp`, you can see the logs at: 16 | 17 | ``` 18 | kp build logs tanzu-java-web-app 19 | ``` 20 | 21 | Once the build is complete, Knative will begin the process of deploying your application. You can track the progrss of the deployment with: 22 | 23 | ``` 24 | kn service list 25 | ``` 26 | 27 | Once the service is ready, you can access your application on port **8080** of the specified URL (Be sure your [port-forward](../knative/3-knative.md) is still running). 28 | 29 | Committing updates to the Git repo will trigger a new build and deploy of your application, allowing you to iterate. 30 | 31 | [Back to Homepage](../README.md) -------------------------------------------------------------------------------- /application/workload-dotnet.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: carto.run/v1alpha1 2 | kind: Workload 3 | metadata: 4 | name: tanzu-dotnet-web-app 5 | labels: 6 | apps.tanzu.vmware.com/workload-type: web 7 | spec: 8 | source: 9 | git: 10 | url: https://github.com/corn-pivotal/TBS-Demo-App 11 | ref: 12 | branch: main -------------------------------------------------------------------------------- /application/workload.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: carto.run/v1alpha1 2 | kind: Workload 3 | metadata: 4 | name: tanzu-java-web-app 5 | labels: 6 | apps.tanzu.vmware.com/workload-type: web 7 | spec: 8 | source: 9 | git: 10 | url: https://github.com/sample-accelerators/tanzu-java-web-app 11 | ref: 12 | branch: main -------------------------------------------------------------------------------- /cartographer/4-cartographer.md: -------------------------------------------------------------------------------- 1 | # Install Cartographer 2 | 3 | Run the installer script from the root directory of this repo: 4 | 5 | Mac/Linux: 6 | ``` 7 | ./install-cartographer.sh 8 | ``` 9 | 10 | Windows: 11 | ``` 12 | .\install-cartographer.ps1 13 | ``` 14 | 15 | For this workshop, we set up a simple supply chain for your application. Cartographer will monitor the git repo that you specify. Commits to the repo will trigger a container build of your source code using kpack. When kpack has built and published the container image, knative will pick up create a running deployment of your application inside your Kubernetes cluster, and provide a URL for you to access the application. 16 | 17 | ![img.png](../images/supplychain.png) 18 | 19 | [Back to Homepage](../README.md) -------------------------------------------------------------------------------- /choco-nonadmin-install.ps1: -------------------------------------------------------------------------------- 1 | # Set directory for installation - Chocolatey does not lock 2 | # down the directory if not the default 3 | $InstallDir='C:\ProgramData\chocoportable' 4 | $env:ChocolateyInstall="$InstallDir" 5 | 6 | # If your PowerShell Execution policy is restrictive, you may 7 | # not be able to get around that. Try setting your session to 8 | # Bypass. 9 | Set-ExecutionPolicy Bypass -Scope Process -Force; 10 | 11 | # All install options - offline, proxy, etc at 12 | # https://chocolatey.org/install 13 | iex ((New-Object System.Net.WebClient).DownloadString('https://community.chocolatey.org/install.ps1')) -------------------------------------------------------------------------------- /config-REDACTED.yaml: -------------------------------------------------------------------------------- 1 | --- 2 | registry: 3 | server: https://index.docker.io/v1/ 4 | username: 5 | password: 6 | 7 | image_prefix: myrepo/demo- 8 | 9 | kpack: 10 | # credentials for the container registry you'll be using to store images 11 | builder: 12 | # path to the container repository where kpack build artifacts are stored 13 | tag: myrepo/builder 14 | # A comma-separated list of languages e.g. [java,nodejs] that will be supported for development 15 | # Allowed values are: 16 | # - java 17 | # - nodejs 18 | # - dotnet-core 19 | # - go 20 | # - ruby 21 | # - php 22 | languages: [java] 23 | 24 | vendir: 25 | # For installation of CLI binaries 26 | host: 27 | # os: darwin, linux, windows 28 | os: "darwin" 29 | # arch: amd64, arm64 30 | arch: "amd64" 31 | # getLatest overrides declared versions (disable using getLatest: "") 32 | getLatest: "" 33 | versions: 34 | cartographer: 0.2.1 35 | cert-manager: 1.5.3 36 | kn: 1.2.0 37 | kp: 0.4.2 38 | kpack: 0.5.0 39 | kubectl: 1.23.1 40 | secretgen-controller: 0.6.0 41 | source-controller: 0.19.2 42 | tce: 0.9.1 43 | yq: 4.16.1 44 | 45 | # knative config 46 | envoy: 47 | service: 48 | type: ClusterIP 49 | domain: 50 | name: 127-0-0-1.nip.io 51 | type: real 52 | 53 | -------------------------------------------------------------------------------- /dependencies/0-dependencies.md: -------------------------------------------------------------------------------- 1 | # Download Dependencies 2 | 3 | To begin, we will configure and download the software dependencies we need. Clone this Git repo onto your local system, and navigate to the root directory of the repo: 4 | 5 | ``` 6 | git clone https://github.com/Tanzu-Solutions-Engineering/tanzu-to-go-workshop 7 | cd tanzu-to-go-workshop 8 | ``` 9 | 10 | All further installation instructions will be executed from this directory 11 | 12 | ### Customize config.yaml 13 | 14 | There is a sample configuration file titled config-REDACTED.yaml in the root directory of this repo. Make a copy of it to edit and use for your install: 15 | 16 | ``` 17 | cp config-REDACTED.yaml config.yaml 18 | ``` 19 | 20 | Edit the file to provide the path and credentials for the docker registry you'll be using, as well as the OS and architecture for your local system. Have an instructor review the config.yaml file with you to avoid having to backtrack later. 21 | 22 | [Config File Reference](config-reference.md) 23 | 24 | ### Fetch Dependencies 25 | 26 | Execute the `download-dependencies` script in the base directory to get the correct dependencies for your system. 27 | 28 | **Important.** Before you execute the script, you will need to edit it. There will be a placeholder string marked "". You will need to replace this string. You can generate your own Github API token, or use one provided by the instructor. 29 | 30 | Mac/Linux: 31 | ``` 32 | ./download-dependencies.sh 33 | ``` 34 | 35 | Windows: 36 | ``` 37 | .\download-dependencies.ps1 38 | ``` 39 | 40 | In addition to Kubernetes software deployments, this script will retrieve CLI binaries and add them to the `bin` subdirectory. The downloaded binaries are: 41 | * **kn** (Knative client) 42 | * **kp** (kpack client) 43 | * **kubectl** (Kubernetes client) 44 | * **yq** (YAML proccessor) 45 | 46 | You will need to add the ```bin``` subdirectory to your PATH to access these commands. Alternative, you can copy these CLIs into your existing path. For example, on Mac/Linux, you can run 47 | 48 | Mac/Linux: 49 | ``` 50 | sudo cp bin/* /usr/local/bin 51 | ``` 52 | 53 | For Windows users, the executables will be located in the $HOME\tce\bin and is appended to the current path for the terminal session after the `download-dependencies.ps1` script has been executed. The `set-env.ps1` script can be used in other sessions or after system restart to point to the executables downloaded in the script. The path can also be added to the system if you want to add them permanently. 54 | 55 | Windows: 56 | ``` 57 | ./set-env.ps1 58 | ``` 59 | 60 | [Back to Homepage](../README.md) 61 | -------------------------------------------------------------------------------- /dependencies/config-reference.md: -------------------------------------------------------------------------------- 1 | # Config File Reference 2 | 3 | kpack uses an OCI registry to store cloud native buildpacks, and the images it creates for your apps. You need to edit the kpack-config.yaml to customize it for your registry. You will need to fill in your registry URL, username and password for a registry that you can push images to. For the `kpack.builder.tag` field, you need to specify a repository path that kpack can use to store the image layers needed for the kpack service itself. 4 | 5 | For example, if you have a Docker Hub account with username `foo` and password `bar`, you might use the following configuration settings: 6 | ``` 7 | registry: 8 | server: https://index.docker.io/v1/ 9 | username: foo 10 | password: bar 11 | 12 | image_prefix: foo/demo- 13 | 14 | kpack: 15 | builder: 16 | tag: foo/builder 17 | languages: [java] 18 | ``` 19 | 20 | The dependencies script will retrieve the correct CLI binaries for your local system. It is important to be sure that the host and architecture are set correctly for your system: 21 | 22 | ``` 23 | vendir: 24 | # For installation of CLI binaries 25 | host: 26 | # os: darwin, linux, windows 27 | os: "darwin" 28 | # arch: amd64, arm64 29 | arch: "amd64" 30 | ``` 31 | -------------------------------------------------------------------------------- /download-dependencies.ps1: -------------------------------------------------------------------------------- 1 | $ENV:VENDIR_GITHUB_API_TOKEN = "" 2 | 3 | # Download installation files 4 | ytt -f setup/vendir.yml --data-values-file config.yaml | vendir sync --chdir setup -f- 5 | 6 | # Make binaries executable and put them in the PATH 7 | if ( -not (Test-Path -Path $HOME\tce)) 8 | { 9 | mkdir $HOME\tce 10 | mkdir $HOME\tce\bin 11 | } 12 | 13 | # Copy files to the bin directory under $HOME\tce 14 | copy setup\vendir\binaries\kn\kn*.exe $HOME\tce\bin\kn.exe 15 | copy setup\vendir\binaries\kp\kp*.exe $HOME\tce\bin\kp.exe 16 | copy setup\vendir\binaries\yq\yq*.exe $HOME\tce\bin\yq.exe 17 | copy setup\vendir\binaries\kubectl\kubectl.exe $HOME\tce\bin\ 18 | 19 | # Add location for tools to path 20 | $ENV:PATH = "$ENV:PATH;$HOME\tce\bin;" 21 | -------------------------------------------------------------------------------- /download-dependencies.sh: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | set -o errexit 3 | set -o nounset 4 | set -o pipefail 5 | 6 | # Download installation files 7 | export VENDIR_GITHUB_API_TOKEN="" 8 | 9 | ytt -f setup/vendir.yml \ 10 | --data-values-file config.yaml \ 11 | | vendir sync --chdir setup -f- 12 | 13 | # Make binaries executable and put them in the PATH 14 | mkdir -p bin 15 | cp setup/vendir/binaries/kn/kn* bin/kn 16 | cp setup/vendir/binaries/kp/kp* bin/kp 17 | cp setup/vendir/binaries/yq/yq* bin/yq 18 | cp setup/vendir/binaries/kubectl/kubectl bin/kubectl 19 | 20 | chmod +x bin/* 21 | -------------------------------------------------------------------------------- /images/dessert.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Tanzu-Solutions-Engineering/tanzu-to-go-workshop/ed096cd466373a9d2527dfef8c4845532a0f0a5a/images/dessert.png -------------------------------------------------------------------------------- /images/port-forward.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Tanzu-Solutions-Engineering/tanzu-to-go-workshop/ed096cd466373a9d2527dfef8c4845532a0f0a5a/images/port-forward.png -------------------------------------------------------------------------------- /images/step-cartographer.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Tanzu-Solutions-Engineering/tanzu-to-go-workshop/ed096cd466373a9d2527dfef8c4845532a0f0a5a/images/step-cartographer.png -------------------------------------------------------------------------------- /images/step-knative.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Tanzu-Solutions-Engineering/tanzu-to-go-workshop/ed096cd466373a9d2527dfef8c4845532a0f0a5a/images/step-knative.png -------------------------------------------------------------------------------- /images/step-kpack.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Tanzu-Solutions-Engineering/tanzu-to-go-workshop/ed096cd466373a9d2527dfef8c4845532a0f0a5a/images/step-kpack.png -------------------------------------------------------------------------------- /images/step-tce.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Tanzu-Solutions-Engineering/tanzu-to-go-workshop/ed096cd466373a9d2527dfef8c4845532a0f0a5a/images/step-tce.png -------------------------------------------------------------------------------- /images/supplychain.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Tanzu-Solutions-Engineering/tanzu-to-go-workshop/ed096cd466373a9d2527dfef8c4845532a0f0a5a/images/supplychain.png -------------------------------------------------------------------------------- /images/togo.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Tanzu-Solutions-Engineering/tanzu-to-go-workshop/ed096cd466373a9d2527dfef8c4845532a0f0a5a/images/togo.png -------------------------------------------------------------------------------- /install-cartographer.ps1: -------------------------------------------------------------------------------- 1 | # Install SecretGen Controller 2 | kapp deploy --yes -a secretgen-controller -f setup/vendir/secretgen-controller 3 | 4 | # Install Cert Manager 5 | kapp deploy --yes -a cert-manager -f setup/vendir/cert-manager 6 | 7 | # Install Cartographer 8 | kapp deploy --yes -a cartographer -f setup/overlays/cartographer -f setup/vendir/cartographer 9 | 10 | # Install source controller, the source part of the supply chain 11 | kubectl create namespace gitops-toolkit --dry-run=client -o yaml | kubectl apply -f - 12 | kapp deploy --yes -a gitops-toolkit --into-ns gitops-toolkit -f setup/vendir/source-controller 13 | 14 | ## install sample supply chain 15 | ytt --data-values-file config.yaml --ignore-unknown-comments -f source-to-knative-service | kapp deploy -y -a source-to-knative-service -f- 16 | 17 | -------------------------------------------------------------------------------- /install-cartographer.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -x 2 | 3 | # Install SecretGen Controller 4 | kapp deploy --yes -a secretgen-controller -f setup/vendir/secretgen-controller 5 | 6 | # Install Cert Manager 7 | kapp deploy --yes -a cert-manager -f setup/vendir/cert-manager 8 | 9 | # Install Cartographer 10 | kapp deploy --yes -a cartographer -f setup/overlays/cartographer -f setup/vendir/cartographer 11 | 12 | # Install source controller, the source part of the supply chain 13 | kubectl create namespace gitops-toolkit --dry-run=client -o yaml | kubectl apply -f - 14 | kapp deploy --yes -a gitops-toolkit --into-ns gitops-toolkit -f setup/vendir/source-controller 15 | 16 | ## install sample supply chain 17 | ytt --data-values-file config.yaml --ignore-unknown-comments -f source-to-knative-service | kapp deploy -y -a source-to-knative-service -f- 18 | 19 | -------------------------------------------------------------------------------- /install-knative.ps1: -------------------------------------------------------------------------------- 1 | tanzu package install contour --package-name contour.community.tanzu.vmware.com --version 1.18.1 -f config.yaml 2 | tanzu package install knative-serving --package-name knative-serving.community.tanzu.vmware.com --version 0.22.0 -f config.yaml 3 | -------------------------------------------------------------------------------- /install-knative.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -ex 2 | 3 | tanzu package install contour --package-name contour.community.tanzu.vmware.com --version 1.18.1 -f config.yaml 4 | tanzu package install knative-serving --package-name knative-serving.community.tanzu.vmware.com --version 0.22.0 -f config.yaml 5 | -------------------------------------------------------------------------------- /install-kpack.ps1: -------------------------------------------------------------------------------- 1 | $ENV:REGISTRY_USERNAME=$(yq eval '.registry.username' config.yaml) 2 | $ENV:REGISTRY_PASSWORD=$(yq eval '.registry.password' config.yaml) 3 | $ENV:REGISTRY_URL=$(yq eval '.registry.server' config.yaml) 4 | 5 | kubectl create secret docker-registry registry-credentials --docker-username=$ENV:REGISTRY_USERNAME --docker-password=$ENV:REGISTRY_PASSWORD --docker-server=$ENV:REGISTRY_URL --namespace default 6 | 7 | ytt -f setup/vendir/kpack -f setup/overlays/kpack --data-values-file config.yaml | kapp deploy -a kpack -f- --yes 8 | -------------------------------------------------------------------------------- /install-kpack.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash -ex 2 | REGISTRY_USERNAME=$(yq eval '.registry.username' config.yaml) 3 | REGISTRY_PASSWORD=$(yq eval '.registry.password' config.yaml) 4 | REGISTRY_URL=$(yq eval '.registry.server' config.yaml) 5 | 6 | kubectl create secret docker-registry registry-credentials \ 7 | --docker-username=${REGISTRY_USERNAME} \ 8 | --docker-password=${REGISTRY_PASSWORD} \ 9 | --docker-server=${REGISTRY_URL} \ 10 | --namespace default 11 | 12 | ytt -f setup/vendir/kpack \ 13 | -f setup/overlays/kpack \ 14 | --data-values-file config.yaml \ 15 | | kapp deploy -a kpack -f- --yes 16 | -------------------------------------------------------------------------------- /knative/3-knative.md: -------------------------------------------------------------------------------- 1 | # Install Knative 2 | 3 | Run the installer script from the root directory of this repo: 4 | 5 | Mac/Linux: 6 | ``` 7 | ./install-knative.sh 8 | ``` 9 | 10 | Windows: 11 | ``` 12 | .\install-knative.ps1 13 | ``` 14 | 15 | This script will install Contour as our ingress controller, and Knative as a serverless runtime. 16 | 17 | For a personal computer install, we set Contour to use a ClusterIP endpoint because there will not be a LoadBalancer available. Whenever you want to access applications using Contour ingress, you will need a port forward to send localhost traffic to envoy. 18 | 19 | Execute the following command in a separate terminal session or tab, and leave it running: 20 | 21 | ``` 22 | kubectl port-forward svc/envoy 8080:80 -n projectcontour 23 | ``` 24 | 25 | To simplify DNS, we set our Knative DNS Domain to 127-0-0-1.nip.io. This will automatically route requests to localhost, where your port forward will send them to Contour: 26 | 27 | ### Validating the install 28 | 29 | You can verify everything works so far by creating a Knative service: 30 | 31 | ``` 32 | kn service create helloworld-go --image gcr.io/knative-samples/helloworld-go 33 | ``` 34 | 35 | When the service is available, you should be able to access it in your browser through the port-forward: http://helloworld-go.default.127-0-0-1.nip.io:8080 36 | 37 | ![Ingress Traffic](../images/port-forward.png) 38 | 39 | As long as the port-forward is running, requests to your browser will find their way to the ingress controller on your cluster, which in turn will forward them to your application. 40 | 41 | [Back to Homepage](../README.md) -------------------------------------------------------------------------------- /knative/values-contour.yaml: -------------------------------------------------------------------------------- 1 | envoy: 2 | service: 3 | type: ClusterIP 4 | -------------------------------------------------------------------------------- /knative/values-knative.yaml: -------------------------------------------------------------------------------- 1 | domain: 2 | name: 127-0-0-1.nip.io 3 | type: real 4 | -------------------------------------------------------------------------------- /kpack/.gitignore: -------------------------------------------------------------------------------- 1 | kpack-config.yaml 2 | -------------------------------------------------------------------------------- /kpack/2-kpack.md: -------------------------------------------------------------------------------- 1 | # Install kpack 2 | 3 | Run the installer script from the root directory of this repo: 4 | 5 | Mac/Linux: 6 | ``` 7 | ./install-kpack.sh 8 | ``` 9 | 10 | Windows: 11 | ``` 12 | .\install-kpack.ps1 13 | ``` 14 | 15 | After the install, kpack will need a couple of minutes to publish some images to your registry before it is ready. You will know this process is complete when the ClusterStore and the Builder are in `Ready` status. 16 | 17 | ``` 18 | $ kubectl get clusterstore 19 | NAME READY 20 | default True 21 | 22 | $ kubectl get builder -n default 23 | NAME LATESTIMAGE READY 24 | builder harbor.example.com/kpack/build@sha256:0475e1c63ee5a96e33f1892541dc7ad4786f304c0 True 25 | ``` 26 | 27 | [Back to Homepage](../README.md) -------------------------------------------------------------------------------- /kpack/TanzuToGo Buildpacks.pptx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Tanzu-Solutions-Engineering/tanzu-to-go-workshop/ed096cd466373a9d2527dfef8c4845532a0f0a5a/kpack/TanzuToGo Buildpacks.pptx -------------------------------------------------------------------------------- /kpack/kpack-config.yaml: -------------------------------------------------------------------------------- 1 | #@data/values 2 | --- 3 | kpack: 4 | version: 0.4.3 5 | # credentials for the container registry you'll be using to store images 6 | registry: 7 | username: 8 | password: 9 | url: https://index.docker.io/v1/ 10 | builder: 11 | # path to the container repository where kpack build artifacts are stored 12 | tag: 13 | # A comma-separated list of languages e.g. [java,nodejs] that will be supported for development 14 | # Allowed values are: 15 | # - java 16 | # - nodejs 17 | # - dotnet-core 18 | # - go 19 | # - ruby 20 | # - php 21 | languages: [java] 22 | -------------------------------------------------------------------------------- /kpack/yaml/builder.yaml: -------------------------------------------------------------------------------- 1 | #@ load("@ytt:data", "data") 2 | 3 | apiVersion: kpack.io/v1alpha2 4 | kind: Builder 5 | metadata: 6 | name: builder 7 | namespace: default 8 | spec: 9 | serviceAccountName: kpack-service-account 10 | tag: #@ data.values.kpack.builder.tag 11 | stack: 12 | name: base 13 | kind: ClusterStack 14 | store: 15 | name: default 16 | kind: ClusterStore 17 | order: 18 | #@ for language in data.values.kpack.languages: 19 | - group: 20 | - id: #@ "paketo-buildpacks/{}".format(language) 21 | #@ end 22 | -------------------------------------------------------------------------------- /kpack/yaml/cluster-stack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kpack.io/v1alpha2 2 | kind: ClusterStack 3 | metadata: 4 | name: base 5 | spec: 6 | id: "io.buildpacks.stacks.bionic" 7 | buildImage: 8 | image: "paketobuildpacks/build:base-cnb" 9 | runImage: 10 | image: "paketobuildpacks/run:base-cnb" 11 | -------------------------------------------------------------------------------- /kpack/yaml/cluster-store.yaml: -------------------------------------------------------------------------------- 1 | #@ load("@ytt:data", "data") 2 | 3 | #@ buildpack_versions = { 4 | #@ "dotnet-core": "latest", 5 | #@ "go": "latest", 6 | #@ "java": "latest", 7 | #@ "nodejs": "latest", 8 | #@ "php": "latest", 9 | #@ "ruby": "latest", 10 | #@ } 11 | 12 | apiVersion: kpack.io/v1alpha2 13 | kind: ClusterStore 14 | metadata: 15 | name: default 16 | spec: 17 | sources: 18 | #@ for language in data.values.kpack.languages: 19 | - image: #@ "gcr.io/paketo-buildpacks/{}:{}".format(language,buildpack_versions[language]) 20 | #@ end 21 | 22 | -------------------------------------------------------------------------------- /kpack/yaml/sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: kpack-service-account 5 | namespace: default 6 | secrets: 7 | - name: registry-credentials 8 | imagePullSecrets: 9 | - name: registry-credentials 10 | -------------------------------------------------------------------------------- /overview.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | 3 | Here's the recipe for a delicious, free, 100% open-source, all-natural development workstation: 4 | 5 | * We'll start with a foundation of Tanzu Community Edition, which gives us a composable Kubernetes cluster 6 | 7 | ![img.png](images/step-tce.png) 8 | 9 | * Next, we'll sprinkle in a dash of [kpack](https://buildpacks.io/docs/tools/kpack/), which automates the process of turning your source code into a running container. 10 | 11 | ![img.png](images/step-kpack.png) 12 | 13 | * Time to add bold flavor with [Knative](https://knative.dev), which makes it easy to run, access, version, and scale our application 14 | 15 | ![img.png](images/step-knative.png) 16 | 17 | * We'll blend in [Cartographer](https://cartographer.sh/), which ties it all together and keeps your software supply chain running! 18 | 19 | ![img.png](images/step-cartographer.png) 20 | 21 | * For dessert, we'll take the source code for your favorite application, and onboard it to our new development platform! 22 | 23 | ![img.png](images/dessert.png) 24 | 25 | [Back to Homepage](README.md) -------------------------------------------------------------------------------- /prereqs.md: -------------------------------------------------------------------------------- 1 | # Prerequisites 2 | 3 | The following software needs to be available in the environment where you will be installing your Tanzu To Go development workstation 4 | 5 | ### Docker 6 | 7 | You will need Docker running on your system. If you need to install it, the following software is recommended: 8 | * **Mac/Windows**: [Docker Desktop](https://www.docker.com/products/docker-desktop) 9 | * **Linux**: [Distro-Specific Install](https://docs.docker.com/engine/install/#server) 10 | 11 | If you are using Docker Desktop, it is recommended that you configure Docker to allocate at least 8 GB of memory and 6 CPUs for your Tanzu environment 12 | 13 | You will also need a container registry where you are able to publish images. You can use a public registry like DockerHub or gcr.io, or use your own instance of a registry like Harbor or Artifactory. 14 | 15 | ### Package Manager 16 | 17 | You will need one of the following package managers to perform the install: 18 | 19 | * **Mac/Linux**: [Homebrew](https://brew.sh/) 20 | * **Windows**: [Chocolatey](https://chocolatey.org/install) 21 | 22 | * Note: The standard installation of Chocolatey requires elevated permissions to install and run. A script `choco-nonadmin-install.ps1` has been included to provide a way to install and run the choco commands without admin priviledges. 23 | 24 | 25 | ### Carvel 26 | 27 | Carvel (https://carvel.dev/) is a set of open-source tools that greatly simplifies the task of configuring and deploying software to your Kubernetes cluster. We will be using the CLI tools **kapp**, **ytt**, and **vendir** for this workshop. 28 | 29 | #### Mac/Linux 30 | 31 | Install the Carvel tools with Homebrew: 32 | ``` 33 | brew tap vmware-tanzu/carvel 34 | brew install kapp ytt vendir 35 | ``` 36 | 37 | #### Windows 38 | 39 | Install the Carvel tools with Chocolatey: 40 | 41 | ``` 42 | choco install kapp 43 | choco install ytt 44 | choco install vendir 45 | ``` 46 | 47 | Install the Carvel tools manually: 48 | 49 | You will need to download the Carvel CLI tools and rename them as well as add them to your PATH: 50 | 51 | **kapp.exe**: https://github.com/vmware-tanzu/carvel-kapp/releases/download/v0.43.0/kapp-windows-amd64.exe
52 | **ytt.exe**: https://github.com/vmware-tanzu/carvel-ytt/releases/download/v0.38.0/ytt-windows-amd64.exe
53 | **vendir.exe**: https://github.com/vmware-tanzu/carvel-vendir/releases/download/v0.24.0/vendir-windows-amd64.exe 54 | 55 | [Back to Homepage](README.md) -------------------------------------------------------------------------------- /set-env.ps1: -------------------------------------------------------------------------------- 1 | # Add the tools path to the session 2 | # * Path can be added to the environment variables or via the Powershell profile 3 | 4 | $ENV:PATH += ";$HOME\tce\bin" 5 | 6 | -------------------------------------------------------------------------------- /setup/access-control/supplychain-access.yaml: -------------------------------------------------------------------------------- 1 | #@ load("@ytt:data", "data") 2 | #@ load("@ytt:json", "json") 3 | 4 | --- 5 | apiVersion: v1 6 | kind: Secret 7 | metadata: 8 | name: registry-credentials 9 | type: kubernetes.io/dockerconfigjson 10 | stringData: 11 | #@ registry_creds = {"username": data.values.registry.username, "password": data.values.registry.password} 12 | .dockerconfigjson: #@ json.encode({"auths": {data.values.registry.server: registry_creds}}) 13 | --- 14 | apiVersion: v1 15 | kind: ServiceAccount 16 | metadata: 17 | name: service-account 18 | #@ if data.values.registry.password != "": 19 | secrets: 20 | - name: registry-credentials 21 | imagePullSecrets: 22 | - name: registry-credentials 23 | #@ end -------------------------------------------------------------------------------- /setup/access-control/values.yaml: -------------------------------------------------------------------------------- 1 | #@data/values 2 | 3 | #! This file is intended to specify default values. To override, use 4 | #! a separate values file (ytt ---data-values-file my-values.yaml ...) 5 | 6 | --- 7 | registry: 8 | server: https://index.docker.io/v1/ 9 | username: 10 | password: 11 | 12 | workload: 13 | namespace: default -------------------------------------------------------------------------------- /setup/access-control/workload-access.yaml: -------------------------------------------------------------------------------- 1 | #@ load("@ytt:data", "data") 2 | 3 | --- 4 | apiVersion: v1 5 | kind: ServiceAccount 6 | metadata: 7 | name: workload-service-account 8 | namespace: #@ data.values.workload.namespace 9 | --- 10 | apiVersion: rbac.authorization.k8s.io/v1 11 | kind: RoleBinding 12 | metadata: 13 | name: workload-role-binding 14 | namespace: #@ data.values.workload.namespace 15 | roleRef: 16 | kind: ClusterRole 17 | name: workload-cluster-role-namespaced-resources 18 | apiGroup: rbac.authorization.k8s.io 19 | subjects: 20 | - kind: ServiceAccount 21 | name: workload-service-account 22 | apiGroup: "" 23 | --- 24 | apiVersion: rbac.authorization.k8s.io/v1 25 | kind: ClusterRole 26 | metadata: 27 | name: workload-cluster-role-namespaced-resources 28 | rules: 29 | - apiGroups: 30 | - source.toolkit.fluxcd.io 31 | - image.toolkit.fluxcd.io 32 | - kpack.io 33 | - kapp.k14s.io/v1alpha1 34 | - kappctrl.k14s.io 35 | - serving.knative.dev/v1 36 | - carto.run 37 | - tekton.dev 38 | - apps 39 | - "" 40 | - networking.k8s.io 41 | resources: 42 | - gitrepositories 43 | - imagerepositories 44 | - imagepolicies 45 | - images 46 | - configs 47 | - apps 48 | - services 49 | - runnables 50 | - tasks 51 | - taskruns 52 | - deployments 53 | - services 54 | - configmaps 55 | - ingresses 56 | verbs: 57 | - get 58 | - list 59 | - create 60 | - update 61 | - delete 62 | - patch 63 | - watch 64 | --- 65 | apiVersion: rbac.authorization.k8s.io/v1 66 | kind: ClusterRole 67 | metadata: 68 | name: workload-cluster-role-cluster-resources 69 | rules: 70 | - apiGroups: 71 | - tekton.dev 72 | resources: 73 | - clustertasks 74 | verbs: 75 | - list 76 | - create 77 | - update 78 | - delete 79 | - patch 80 | - watch 81 | --- 82 | apiVersion: rbac.authorization.k8s.io/v1 83 | kind: ClusterRoleBinding 84 | metadata: 85 | name: workload-cluster-role-binding 86 | roleRef: 87 | kind: ClusterRole 88 | name: workload-cluster-role-cluster-resources 89 | apiGroup: rbac.authorization.k8s.io 90 | subjects: 91 | - kind: ServiceAccount 92 | name: workload-service-account 93 | apiGroup: "" 94 | namespace: #@ data.values.workload.namespace 95 | -------------------------------------------------------------------------------- /setup/overlays/cartographer/default-crb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: default-admin 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: default 13 | -------------------------------------------------------------------------------- /setup/overlays/cartographer/gitops-toolkit-crb.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: rbac.authorization.k8s.io/v1 2 | kind: ClusterRoleBinding 3 | metadata: 4 | name: gitops-toolkit-admin 5 | roleRef: 6 | apiGroup: rbac.authorization.k8s.io 7 | kind: ClusterRole 8 | name: cluster-admin 9 | subjects: 10 | - kind: ServiceAccount 11 | name: default 12 | namespace: gitops-toolkit 13 | -------------------------------------------------------------------------------- /setup/overlays/cartographer/namespace.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: Namespace 3 | metadata: 4 | name: cartographer-system -------------------------------------------------------------------------------- /setup/overlays/kpack/builder.yaml: -------------------------------------------------------------------------------- 1 | #@ load("@ytt:data", "data") 2 | 3 | apiVersion: kpack.io/v1alpha2 4 | kind: Builder 5 | metadata: 6 | name: builder 7 | namespace: default 8 | spec: 9 | serviceAccountName: kpack-service-account 10 | tag: #@ data.values.kpack.builder.tag 11 | stack: 12 | name: base 13 | kind: ClusterStack 14 | store: 15 | name: default 16 | kind: ClusterStore 17 | order: 18 | #@ for language in data.values.kpack.languages: 19 | - group: 20 | - id: #@ "paketo-buildpacks/{}".format(language) 21 | #@ end 22 | -------------------------------------------------------------------------------- /setup/overlays/kpack/cluster-stack.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: kpack.io/v1alpha2 2 | kind: ClusterStack 3 | metadata: 4 | name: base 5 | spec: 6 | id: "io.buildpacks.stacks.bionic" 7 | buildImage: 8 | image: "paketobuildpacks/build:base-cnb" 9 | runImage: 10 | image: "paketobuildpacks/run:base-cnb" 11 | -------------------------------------------------------------------------------- /setup/overlays/kpack/cluster-store.yaml: -------------------------------------------------------------------------------- 1 | #@ load("@ytt:data", "data") 2 | 3 | #@ buildpack_versions = { 4 | #@ "dotnet-core": "latest", 5 | #@ "go": "latest", 6 | #@ "java": "latest", 7 | #@ "nodejs": "latest", 8 | #@ "php": "latest", 9 | #@ "ruby": "latest", 10 | #@ } 11 | 12 | apiVersion: kpack.io/v1alpha2 13 | kind: ClusterStore 14 | metadata: 15 | name: default 16 | spec: 17 | sources: 18 | #@ for language in data.values.kpack.languages: 19 | - image: #@ "gcr.io/paketo-buildpacks/{}:{}".format(language,buildpack_versions[language]) 20 | #@ end 21 | 22 | -------------------------------------------------------------------------------- /setup/overlays/kpack/sa.yaml: -------------------------------------------------------------------------------- 1 | apiVersion: v1 2 | kind: ServiceAccount 3 | metadata: 4 | name: kpack-service-account 5 | namespace: default 6 | secrets: 7 | - name: registry-credentials 8 | imagePullSecrets: 9 | - name: registry-credentials 10 | -------------------------------------------------------------------------------- /setup/vendir.yml: -------------------------------------------------------------------------------- 1 | #@ load("@ytt:data", "data") 2 | #@ load("@ytt:struct", "struct") 3 | 4 | #@ def getFixedVersion(key): 5 | #@ versions = struct.decode(data.values.vendir.versions) 6 | #@ return versions[key] 7 | #@ end 8 | 9 | #! For more info on setting semver constraints, see: 10 | #! https://carvel.dev/vendir/docs/latest/versions 11 | #! https://github.com/blang/semver#ranges 12 | #@ def getVersion(key): 13 | #@ if data.values.vendir.getLatest: 14 | #@ return ">0.0.0" 15 | #@ else: 16 | #@ return getFixedVersion(key) 17 | #@ end 18 | #@ end 19 | 20 | #@ os = data.values.vendir.host.os or "darwin" 21 | #@ arch = data.values.vendir.host.arch or "amd64" 22 | --- 23 | apiVersion: vendir.k14s.io/v1alpha1 24 | kind: Config 25 | minimumRequiredVersion: 0.8.0 26 | directories: 27 | #! Product release files 28 | - path: vendir/cert-manager 29 | contents: 30 | - path: . 31 | githubRelease: 32 | slug: jetstack/cert-manager 33 | tagSelection: 34 | semver: 35 | constraints: #@ getVersion("cert-manager") 36 | assetNames: [ "cert-manager.yaml" ] 37 | disableAutoChecksumValidation: true 38 | - path: vendir/secretgen-controller 39 | contents: 40 | - path: . 41 | githubRelease: 42 | slug: vmware-tanzu/carvel-secretgen-controller 43 | tagSelection: 44 | semver: 45 | constraints: #@ getVersion("secretgen-controller") 46 | assetNames: ["release.yml"] 47 | disableAutoChecksumValidation: true 48 | - path: vendir/cartographer 49 | contents: 50 | - path: . 51 | githubRelease: 52 | slug: vmware-tanzu/cartographer 53 | tagSelection: 54 | semver: 55 | constraints: #@ getVersion("cartographer") 56 | prereleases: 57 | identifiers: [ "rc" ] 58 | assetNames: ["cartographer.yaml"] 59 | disableAutoChecksumValidation: true 60 | - path: vendir/source-controller 61 | contents: 62 | - path: . 63 | githubRelease: 64 | slug: fluxcd/source-controller 65 | tagSelection: 66 | semver: 67 | constraints: #@ getVersion("source-controller") 68 | assetNames: ["source-controller.crds.yaml","source-controller.deployment.yaml"] 69 | disableAutoChecksumValidation: true 70 | - path: vendir/kpack 71 | contents: 72 | - path: . 73 | githubRelease: 74 | slug: pivotal/kpack 75 | tagSelection: 76 | semver: 77 | constraints: #@ getVersion("kpack") 78 | assetNames: 79 | - #@ "release-*.yaml" 80 | disableAutoChecksumValidation: true 81 | #! Binaries 82 | - path: vendir/binaries 83 | contents: 84 | - path: yq 85 | githubRelease: 86 | slug: mikefarah/yq 87 | tagSelection: 88 | semver: 89 | constraints: #@ getVersion("yq") 90 | assetNames: 91 | #@ if os == "windows": 92 | - #@ "yq_" + os + "_" + arch + ".exe" 93 | #@ else: 94 | - #@ "yq_" + os + "_" + arch 95 | #@ end 96 | disableAutoChecksumValidation: true 97 | - path: kn 98 | githubRelease: 99 | slug: knative/client 100 | #@ if data.values.vendir.getLatest: 101 | latest: true 102 | #@ else: 103 | tag: #@ "knative-v" + getVersion("kn") 104 | #@ end 105 | assetNames: 106 | #@ if os == "windows": 107 | - #@ "kn-" + os + "-" + arch + ".exe" 108 | #@ else: 109 | - #@ "kn-" + os + "-" + arch 110 | #@ end 111 | disableAutoChecksumValidation: true 112 | - path: kp 113 | githubRelease: 114 | slug: vmware-tanzu/kpack-cli 115 | tagSelection: 116 | semver: 117 | constraints: #@ getVersion("kp") 118 | assetNames: 119 | - #@ "kp-" + os + "-*" 120 | disableAutoChecksumValidation: true 121 | - path: kubectl 122 | http: 123 | #@ if os == "windows": 124 | url: #@ "https://dl.k8s.io/release/v" + getFixedVersion("kubectl") + "/bin/" + os + "/" + arch + "/kubectl.exe" 125 | #@ else: 126 | url: #@ "https://dl.k8s.io/release/v" + getFixedVersion("kubectl") + "/bin/" + os + "/" + arch + "/kubectl" 127 | #@ end 128 | - path: standalone 129 | http: 130 | #@ if os == "darwin": 131 | url: #@ "https://storage.googleapis.com/tce-tanzu-cli-plugins/build-tools/standalone/mac/tanzu-standalone" 132 | #@ elif os == "linux": 133 | url: #@ "https://storage.googleapis.com/tce-tanzu-cli-plugins/build-tools/standalone/linux/tanzu-standalone" 134 | #@ else: 135 | url: #@ "https://storage.googleapis.com/tce-tanzu-cli-plugins/build-tools/standalone/windows/tanzu-standalone.exe" 136 | #@ end 137 | 138 | #! TCE 139 | #! - path: vendir/binaries-tce 140 | #! contents: 141 | #! - path: . 142 | #! githubRelease: 143 | #! slug: vmware-tanzu/community-edition 144 | #! tagSelection: 145 | #! semver: 146 | #! constraints: #@ getVersion("tce") 147 | #! assetNames: 148 | #! - #@ "tce-" + os + "-" + arch + "-v*.tar.gz" 149 | #! disableAutoChecksumValidation: true 150 | #! unpackArchive: 151 | #! path: #@ "tce-" + os + "-" + arch + "-v*.tar.gz" -------------------------------------------------------------------------------- /source-to-knative-service-env/.gitignore: -------------------------------------------------------------------------------- 1 | cartographer-config.yaml 2 | -------------------------------------------------------------------------------- /source-to-knative-service-env/Readme.md: -------------------------------------------------------------------------------- 1 | If present the environment variables from the workload will be passed to both the build and running container. 2 | 3 | ``` 4 | apiVersion: carto.run/v1alpha1 5 | kind: Workload 6 | metadata: 7 | name: tanzu-java-web-app 8 | labels: 9 | apps.tanzu.vmware.com/workload-type: web 10 | app.kubernetes.io/part-of: tanzu-java-web-app 11 | spec: 12 | env: 13 | - name: runtime 14 | value: somevalue 15 | build: 16 | env: 17 | - name: foo 18 | value: bar 19 | source: 20 | git: 21 | url: https://github.com/sample-accelerators/tanzu-java-web-app 22 | ref: 23 | branch: main 24 | ``` -------------------------------------------------------------------------------- /source-to-knative-service-env/app-operator/README.md: -------------------------------------------------------------------------------- 1 | # App Operator 2 | 3 | In this directory you'll find all the Kubernetes objects necessary for the app 4 | operators to submit to Kubernetes to power any number of development teams that 5 | wish to have their code going through the same software supply chain without 6 | necessarily needing to know about the intricacies of the resources utilized 7 | under the hood. 8 | -------------------------------------------------------------------------------- /source-to-knative-service-env/app-operator/supply-chain-templates.yaml: -------------------------------------------------------------------------------- 1 | # Copyright 2021 VMware 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | #@ load("@ytt:data", "data") 16 | --- 17 | 18 | # 19 | # 20 | # `source` instantiates a GitRepository object, responsible for keeping track 21 | # of commits made to a git repository, making them available as blobs to 22 | # further resources in the supply chain. 23 | # 24 | # 25 | apiVersion: carto.run/v1alpha1 26 | kind: ClusterSourceTemplate 27 | metadata: 28 | name: source 29 | spec: 30 | urlPath: .status.artifact.url 31 | revisionPath: .status.artifact.revision 32 | 33 | template: 34 | apiVersion: source.toolkit.fluxcd.io/v1beta1 35 | kind: GitRepository 36 | metadata: 37 | name: $(workload.metadata.name)$ 38 | spec: 39 | interval: 1m0s 40 | url: $(workload.spec.source.git.url)$ 41 | ref: $(workload.spec.source.git.ref)$ 42 | gitImplementation: libgit2 43 | ignore: "" 44 | 45 | 46 | --- 47 | # 48 | # 49 | # `test` instantiates a Runnable object, responsible for submitting to 50 | # Kubernetes "pipeline invocation objects" (tekton's PipelineRun objects) that 51 | # run tests against the source code. 52 | # 53 | # Taking a `source` as input and passing that through as `output` if 54 | # successfull makes this template a gate that will effectively block a given 55 | # commit from moving forward in the supply chain in case tests fail. 56 | # 57 | # 58 | --- 59 | apiVersion: carto.run/v1alpha1 60 | kind: ClusterSourceTemplate 61 | metadata: 62 | name: test 63 | spec: 64 | urlPath: .status.outputs.url 65 | revisionPath: .status.outputs.revision 66 | 67 | template: 68 | apiVersion: carto.run/v1alpha1 69 | kind: Runnable 70 | metadata: 71 | name: $(workload.metadata.name)$ 72 | spec: 73 | serviceAccountName: $(workload.spec.serviceAccountName)$ 74 | 75 | runTemplateRef: 76 | name: tekton-pipelinerun 77 | 78 | selector: 79 | resource: 80 | apiVersion: tekton.dev/v1beta1 81 | kind: Task 82 | matchingLabels: 83 | apps.tanzu.vmware.com/task: test 84 | 85 | inputs: 86 | source: $(source)$ 87 | params: 88 | - name: blob-url 89 | value: $(source.url)$ 90 | - name: blob-revision 91 | value: $(source.revision)$ 92 | 93 | 94 | --- 95 | # 96 | # 97 | # `image` instantiates a `kpack/Image` object, responsible for ensuring that 98 | # there's a container image built and pushed to a container image registry 99 | # whenever there's either new source code, or its image builder gets na update. 100 | # 101 | # 102 | apiVersion: carto.run/v1alpha1 103 | kind: ClusterImageTemplate 104 | metadata: 105 | name: image 106 | spec: 107 | params: 108 | - name: image_prefix 109 | default: projectcartographer/demo- 110 | 111 | imagePath: .status.latestImage 112 | ytt: | 113 | #@ load("@ytt:data", "data") 114 | apiVersion: kpack.io/v1alpha2 115 | kind: Image 116 | metadata: 117 | name: #@ data.values.workload.metadata.name 118 | spec: 119 | tag: #@ "".join([data.values.params.image_prefix,data.values.workload.metadata.name]) 120 | serviceAccountName: kpack-service-account 121 | build: 122 | #@ if hasattr(data.values.workload.spec.build, "env"): 123 | env: 124 | #@ for var in data.values.workload.spec.build.env: 125 | - name: #@ var.name 126 | value: #@ var.value 127 | #@ end 128 | #@ end 129 | builder: 130 | kind: Builder 131 | name: builder 132 | source: 133 | blob: 134 | url: #@ data.values.source.url 135 | 136 | --- 137 | # 138 | # 139 | # `app-deploy` instantiates a `kapp-ctrl/App` making use of an image that comes 140 | # as input in the form of `$(images.image.image)$`. 141 | # 142 | # the use of `App` here is important because of how `knative` updates the 143 | # knative service under the hood to include some extra annotations that _can't_ 144 | # be mutated once applied by knative's controller. As `kapp` is able to be 145 | # configured to not patch certain features (something `cartographer` can't 146 | # yet), we're able to bridge that gap with the use of `kapp-ctrl/App`. 147 | # 148 | # 149 | apiVersion: carto.run/v1alpha1 150 | kind: ClusterTemplate 151 | metadata: 152 | name: app-deploy 153 | spec: 154 | ytt: | 155 | #@ load("@ytt:data", "data") 156 | #@ load("@ytt:yaml", "yaml") 157 | 158 | #@ def service(): 159 | apiVersion: serving.knative.dev/v1 160 | kind: Service 161 | metadata: 162 | name: #@ data.values.workload.metadata.name 163 | spec: 164 | template: 165 | metadata: 166 | annotations: 167 | autoscaling.knative.dev/minScale: "1" 168 | spec: 169 | serviceAccountName: cartographer-example-registry-creds-sa 170 | containers: 171 | - name: workload 172 | #@ if hasattr(data.values.workload.spec.build, "env"): 173 | env: 174 | #@ for var in data.values.workload.spec.env: 175 | - name: #@ var.name 176 | value: #@ var.value 177 | #@ end 178 | #@ end 179 | image: #@ data.values.images.image.image 180 | securityContext: 181 | runAsUser: 1000 182 | 183 | #@ end 184 | #@ def config(): 185 | apiVersion: kapp.k14s.io/v1alpha1 186 | kind: Config 187 | rebaseRules: 188 | - path: 189 | - metadata 190 | - annotations 191 | - serving.knative.dev/creator 192 | type: copy 193 | sources: [new, existing] 194 | resourceMatchers: &matchers 195 | - apiVersionKindMatcher: 196 | apiVersion: serving.knative.dev/v1 197 | kind: Service 198 | - path: 199 | - metadata 200 | - annotations 201 | - serving.knative.dev/lastModifier 202 | type: copy 203 | sources: [new, existing] 204 | resourceMatchers: *matchers 205 | 206 | #@ end 207 | apiVersion: kappctrl.k14s.io/v1alpha1 208 | kind: App 209 | metadata: 210 | name: #@ data.values.workload.metadata.name 211 | spec: 212 | serviceAccountName: default 213 | fetch: 214 | - inline: 215 | paths: 216 | manifest.yml: #@ yaml.encode(service()) + "---\n" + yaml.encode(config()) 217 | template: 218 | - ytt: {} 219 | deploy: 220 | - kapp: {} -------------------------------------------------------------------------------- /source-to-knative-service-env/app-operator/supply-chain.yaml: -------------------------------------------------------------------------------- 1 | # Copyright 2021 VMware 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | #@ load("@ytt:data", "data") 16 | --- 17 | apiVersion: carto.run/v1alpha1 18 | kind: ClusterSupplyChain 19 | metadata: 20 | name: supply-chain 21 | spec: 22 | selector: 23 | apps.tanzu.vmware.com/workload-type: web 24 | 25 | # 26 | # source-provider fluxcd/GitRepository 27 | # <--[src]-- source-tester carto.run/Runnable --> tekton/TaskRun 28 | # <--[src]-- image-builder kpack/Image 29 | # <--[img]-- deployer kapp-ctrl/App 30 | # 31 | resources: 32 | - name: source-provider 33 | templateRef: 34 | kind: ClusterSourceTemplate 35 | name: source 36 | - name: image-builder 37 | templateRef: 38 | kind: ClusterImageTemplate 39 | name: image 40 | params: 41 | - name: image_prefix 42 | value: #@ data.values.image_prefix 43 | sources: 44 | - resource: source-provider 45 | name: source 46 | - name: deployer 47 | templateRef: 48 | kind: ClusterTemplate 49 | name: app-deploy 50 | images: 51 | - resource: image-builder 52 | name: image 53 | -------------------------------------------------------------------------------- /source-to-knative-service/.gitignore: -------------------------------------------------------------------------------- 1 | cartographer-config.yaml 2 | -------------------------------------------------------------------------------- /source-to-knative-service/app-operator/README.md: -------------------------------------------------------------------------------- 1 | # App Operator 2 | 3 | In this directory you'll find all the Kubernetes objects necessary for the app 4 | operators to submit to Kubernetes to power any number of development teams that 5 | wish to have their code going through the same software supply chain without 6 | necessarily needing to know about the intricacies of the resources utilized 7 | under the hood. 8 | -------------------------------------------------------------------------------- /source-to-knative-service/app-operator/supply-chain-templates.yaml: -------------------------------------------------------------------------------- 1 | # Copyright 2021 VMware 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | #@ load("@ytt:data", "data") 16 | --- 17 | 18 | # 19 | # 20 | # `source` instantiates a GitRepository object, responsible for keeping track 21 | # of commits made to a git repository, making them available as blobs to 22 | # further resources in the supply chain. 23 | # 24 | # 25 | apiVersion: carto.run/v1alpha1 26 | kind: ClusterSourceTemplate 27 | metadata: 28 | name: source 29 | spec: 30 | urlPath: .status.artifact.url 31 | revisionPath: .status.artifact.revision 32 | 33 | template: 34 | apiVersion: source.toolkit.fluxcd.io/v1beta1 35 | kind: GitRepository 36 | metadata: 37 | name: $(workload.metadata.name)$ 38 | spec: 39 | interval: 1m0s 40 | url: $(workload.spec.source.git.url)$ 41 | ref: $(workload.spec.source.git.ref)$ 42 | gitImplementation: libgit2 43 | ignore: "" 44 | 45 | 46 | --- 47 | # 48 | # 49 | # `test` instantiates a Runnable object, responsible for submitting to 50 | # Kubernetes "pipeline invocation objects" (tekton's PipelineRun objects) that 51 | # run tests against the source code. 52 | # 53 | # Taking a `source` as input and passing that through as `output` if 54 | # successfull makes this template a gate that will effectively block a given 55 | # commit from moving forward in the supply chain in case tests fail. 56 | # 57 | # 58 | --- 59 | apiVersion: carto.run/v1alpha1 60 | kind: ClusterSourceTemplate 61 | metadata: 62 | name: test 63 | spec: 64 | urlPath: .status.outputs.url 65 | revisionPath: .status.outputs.revision 66 | 67 | template: 68 | apiVersion: carto.run/v1alpha1 69 | kind: Runnable 70 | metadata: 71 | name: $(workload.metadata.name)$ 72 | spec: 73 | serviceAccountName: $(workload.spec.serviceAccountName)$ 74 | 75 | runTemplateRef: 76 | name: tekton-pipelinerun 77 | 78 | selector: 79 | resource: 80 | apiVersion: tekton.dev/v1beta1 81 | kind: Task 82 | matchingLabels: 83 | apps.tanzu.vmware.com/task: test 84 | 85 | inputs: 86 | source: $(source)$ 87 | params: 88 | - name: blob-url 89 | value: $(source.url)$ 90 | - name: blob-revision 91 | value: $(source.revision)$ 92 | 93 | 94 | --- 95 | # 96 | # 97 | # `image` instantiates a `kpack/Image` object, responsible for ensuring that 98 | # there's a container image built and pushed to a container image registry 99 | # whenever there's either new source code, or its image builder gets na update. 100 | # 101 | # 102 | apiVersion: carto.run/v1alpha1 103 | kind: ClusterImageTemplate 104 | metadata: 105 | name: image 106 | spec: 107 | params: 108 | - name: image_prefix 109 | default: projectcartographer/demo- 110 | 111 | imagePath: .status.latestImage 112 | 113 | template: 114 | apiVersion: kpack.io/v1alpha2 115 | kind: Image 116 | metadata: 117 | name: $(workload.metadata.name)$ 118 | spec: 119 | tag: $(params.image_prefix)$$(workload.metadata.name)$ 120 | serviceAccountName: kpack-service-account 121 | builder: 122 | kind: Builder 123 | name: builder 124 | source: 125 | blob: 126 | url: $(sources.source.url)$ 127 | 128 | --- 129 | # 130 | # 131 | # `app-deploy` instantiates a `kapp-ctrl/App` making use of an image that comes 132 | # as input in the form of `$(images.image.image)$`. 133 | # 134 | # the use of `App` here is important because of how `knative` updates the 135 | # knative service under the hood to include some extra annotations that _can't_ 136 | # be mutated once applied by knative's controller. As `kapp` is able to be 137 | # configured to not patch certain features (something `cartographer` can't 138 | # yet), we're able to bridge that gap with the use of `kapp-ctrl/App`. 139 | # 140 | # 141 | apiVersion: carto.run/v1alpha1 142 | kind: ClusterTemplate 143 | metadata: 144 | name: app-deploy 145 | spec: 146 | template: 147 | apiVersion: kappctrl.k14s.io/v1alpha1 148 | kind: App 149 | metadata: 150 | name: $(workload.metadata.name)$ 151 | spec: 152 | serviceAccountName: default 153 | fetch: 154 | - inline: 155 | paths: 156 | manifest.yml: | 157 | --- 158 | apiVersion: kapp.k14s.io/v1alpha1 159 | kind: Config 160 | rebaseRules: 161 | - path: 162 | - metadata 163 | - annotations 164 | - serving.knative.dev/creator 165 | type: copy 166 | sources: [new, existing] 167 | resourceMatchers: &matchers 168 | - apiVersionKindMatcher: 169 | apiVersion: serving.knative.dev/v1 170 | kind: Service 171 | - path: 172 | - metadata 173 | - annotations 174 | - serving.knative.dev/lastModifier 175 | type: copy 176 | sources: [new, existing] 177 | resourceMatchers: *matchers 178 | 179 | --- 180 | apiVersion: serving.knative.dev/v1 181 | kind: Service 182 | metadata: 183 | name: $(workload.metadata.name)$ 184 | spec: 185 | template: 186 | metadata: 187 | annotations: 188 | autoscaling.knative.dev/minScale: "1" 189 | spec: 190 | serviceAccountName: default 191 | containers: 192 | - name: workload 193 | image: $(images.image.image)$ 194 | securityContext: 195 | runAsUser: 1000 196 | template: 197 | - ytt: {} 198 | deploy: 199 | - kapp: {} 200 | -------------------------------------------------------------------------------- /source-to-knative-service/app-operator/supply-chain.yaml: -------------------------------------------------------------------------------- 1 | # Copyright 2021 VMware 2 | # 3 | # Licensed under the Apache License, Version 2.0 (the "License"); 4 | # you may not use this file except in compliance with the License. 5 | # You may obtain a copy of the License at 6 | # 7 | # http://www.apache.org/licenses/LICENSE-2.0 8 | # 9 | # Unless required by applicable law or agreed to in writing, software 10 | # distributed under the License is distributed on an "AS IS" BASIS, 11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 12 | # See the License for the specific language governing permissions and 13 | # limitations under the License. 14 | 15 | #@ load("@ytt:data", "data") 16 | --- 17 | apiVersion: carto.run/v1alpha1 18 | kind: ClusterSupplyChain 19 | metadata: 20 | name: supply-chain 21 | spec: 22 | selector: 23 | apps.tanzu.vmware.com/workload-type: web 24 | 25 | # 26 | # source-provider fluxcd/GitRepository 27 | # <--[src]-- source-tester carto.run/Runnable --> tekton/TaskRun 28 | # <--[src]-- image-builder kpack/Image 29 | # <--[img]-- deployer kapp-ctrl/App 30 | # 31 | resources: 32 | - name: source-provider 33 | templateRef: 34 | kind: ClusterSourceTemplate 35 | name: source 36 | - name: image-builder 37 | templateRef: 38 | kind: ClusterImageTemplate 39 | name: image 40 | params: 41 | - name: image_prefix 42 | value: #@ data.values.image_prefix 43 | sources: 44 | - resource: source-provider 45 | name: source 46 | - name: deployer 47 | templateRef: 48 | kind: ClusterTemplate 49 | name: app-deploy 50 | images: 51 | - resource: image-builder 52 | name: image 53 | -------------------------------------------------------------------------------- /tce/1-tce.md: -------------------------------------------------------------------------------- 1 | # Install Tanzu Community Edition 2 | 3 | Use your system's package manager to install Tanzu Community Edition: 4 | 5 | **Mac/Linux:** 6 | ``` 7 | brew install vmware-tanzu/tanzu/tanzu-community-edition 8 | {HOMEBREW-INSTALL-LOCATION}/configure-tce.sh 9 | ``` 10 | 11 | When the brew install completes, it will give you the location of a post-install script to run: `{HOMEBREW-INSTALL-LOCATION}/configure-tce.sh`. Execute that script to complete the install 12 | 13 | **Windows:** 14 | 15 | ``` 16 | choco install tanzu-community-edition 17 | ``` 18 | 19 | The `tanzu` command will be added to your `$PATH` variable automatically by Chocolatey. 20 | 21 | --- 22 | 23 | ### Create your Kubernetes Cluster 24 | 25 | Tanzu Community Edition allows you to create a local Kubernetes cluster that runs inside Docker, and supports easy installation of third-party [packages](https://tanzucommunityedition.io/packages/) to customize your environment. 26 | 27 | Let's create a cluster on your local system, and call it `tce`. 28 | 29 | ``` 30 | tanzu unmanaged-cluster create tce --cni=calico 31 | ``` 32 | 33 | You are ready to go when you see this message:
34 | ✅ Cluster created 35 | 36 | You can verify that your cluster is accessible by running the following command to view namespaces in your cluster: 37 | ``` 38 | kubectl get ns 39 | ``` 40 | 41 | [Back to Homepage](../README.md) 42 | -------------------------------------------------------------------------------- /tce/TanzuToGo TCE.pptx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Tanzu-Solutions-Engineering/tanzu-to-go-workshop/ed096cd466373a9d2527dfef8c4845532a0f0a5a/tce/TanzuToGo TCE.pptx -------------------------------------------------------------------------------- /tce/tce-prereq-linux.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | cat <>> $line" 16 | done 17 | echo "" 18 | } 19 | 20 | function usingWsl() { 21 | uname -r | grep -qi 'microsoft' 22 | } 23 | 24 | if [[ "$(uname -s)/$(uname -m)" != "Linux/x86_64" ]] 25 | then 26 | log "Sorry, this script only handles Linux x86_64 systems" 27 | exit 1 28 | fi 29 | 30 | log "Installing basic tools" 31 | 32 | sudo apt-get update -y 33 | sudo apt-get install -y \ 34 | apt-transport-https \ 35 | ca-certificates \ 36 | curl \ 37 | gnupg \ 38 | lsb-release \ 39 | jq 40 | 41 | if usingWsl 42 | then 43 | log "It looks like you are running under WSL" \ 44 | "You must install Docker Desktop if you have not done so already" \ 45 | "This script will install the docker CLI only" 46 | 47 | sudo apt-get install -y docker 48 | 49 | else 50 | log "Removing any existing docker installation" 51 | 52 | sudo apt-get remove -y docker docker-engine docker.io containerd runc 53 | 54 | log "Installing new version of docker" 55 | 56 | curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg 57 | echo \ 58 | "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \ 59 | $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null 60 | sudo apt-get update -y 61 | sudo apt-get install -y docker-ce docker-ce-cli containerd.io 62 | fi 63 | 64 | log "Adding $USER to docker group (logout/in to take effect)" 65 | sudo usermod -a -G docker $USER 66 | 67 | DOWNLOADS=/tmp/downloads 68 | mkdir -p $DOWNLOADS 69 | 70 | log "Installing kubectl" 71 | 72 | curl -Lo $DOWNLOADS/kubectl "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl" 73 | sudo install -o root -g root -m 0755 $DOWNLOADS/kubectl /usr/local/bin/kubectl 74 | 75 | log "Installing kn" 76 | 77 | curl -Lo $DOWNLOADS/kn https://github.com/knative/client/releases/latest/download/kn-linux-amd64 78 | sudo install -o root -g root -m 0755 $DOWNLOADS/kn /usr/local/bin/kn 79 | 80 | log "Installing kp" 81 | 82 | curl -Lo $DOWNLOADS/kp https://github.com/vmware-tanzu/kpack-cli/releases/download/v0.4.1/kp-linux-0.4.1 83 | sudo install -o root -g root -m 0755 $DOWNLOADS/kp /usr/local/bin/kp 84 | 85 | 86 | log "Done" 87 | -------------------------------------------------------------------------------- /wintools/tanzu-to-go-wintools-amd64.zip: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Tanzu-Solutions-Engineering/tanzu-to-go-workshop/ed096cd466373a9d2527dfef8c4845532a0f0a5a/wintools/tanzu-to-go-wintools-amd64.zip --------------------------------------------------------------------------------