Below you will find a reference pipeline that illustrates the tasks and provides an example of a basic pipeline design. You know your environment and constraints and we don't - we recommend you look at the tasks that make up the pipeline, and see how they can be arranged for your specific automation needs. For a deeper dive into each task see the Task Reference.
These Concourse pipelines are examples on how to use the tasks. If you use a different CI/CD platform, you can use these Concourse files as examples of the inputs, outputs, and arguments used in each step in the workflow.
Pivotal Platform Automation is based on Concourse CI.
We recommend that you have some familiarity with Concourse before getting started.
If you are new to Concourse, Concourse CI Tutorials would be a good place to start.
Persisted datastore that can be accessed by Concourse resource (e.g. s3, gcs, minio)
A valid generating-env-file: this file will contain credentials necessary to login to Ops Manager using the om CLI.
It is used by every task within Pivotal Platform Automation
A valid auth-file: this file will contain the credentials necessary to create the Ops Manager login the first time
the VM is created. The choices for this file are simple or saml authentication.
There will be some crossover between the auth file and the env file due to how om is setup and how the system works. It is highly recommended to parameterize these values, and let a credential management system (such as Credhub) fill in these values for you in order to maintain consistency across files.
An opsman-configuration file: This file is required to connect to an IAAS, and control the lifecycle management
of the Ops Manager VM
A director-configuration file: Each Ops Manager needs its own configuration, but it is retrieved differently from
a product configuration. This config is used to deploy a new Ops Manager director, or update an existing one.
A set of valid product-configuration files: Each product configuration is a yaml file that contains the properties
necessary to configure an Ops Manager product using the om tool. This can be used during install or update.
(Optional) A working credhub setup with its own UAA client and secret.
The pipeline shows how to compose the tasks
to install Ops Manager and the Pivotal Platform and Healthwatch products.
Its dependencies are coming from a trusted git repository,
which can be retrieved using this pipeline.
If retrieving pas-windows and pas-windows-stemcell from an S3 bucket,
you must use the built in S3 concourse resource.
This is done in the example above.
The download-product-s3 task does not persist meta information
about necessary stemcell for pas-windows
because Pivotal does not distribute the Window's file system.
Alternatively, products may be downloaded using the download-product-s3 task.
In a job, specify the following task:
It is recommended to persist the zip file exported from export-installation
to an external file store (eg S3) on a regular basis.
The exported installation can restore the Ops Manager
to a working state if it is non-functional.
These contain values for
opsman vm creation, director, product, foundation-specific vars, auth, and env files.
For more details, see the Inputs and Outputs section.
Platform Automation will not create these resources for you.
1 2 3 4 5 6 7 8 910111213141516
# VM state and foundation configuration-name:statetype:s3source:access_key_id:((s3_access_key_id))bucket:((s3_foundation_state_bucket))region_name:((s3_region_name))secret_access_key:((s3_secret_access_key))versioned_file:state.yml-name:configurationtype:gitsource:private_key:((docs-ref-pipeline-repo-key.private_key))uri:((docs-ref-pipeline-repo-uri))branch:master
1 2 3 4 5 6 7 8 910
# triggers used to have jobs do something in a timely manner-name:one-time-triggertype:timesource:interval:999999h-name:daily-triggertype:timesource:interval:24h
Credhub Interpolate Job
((foundation)) is a value
intended to be replaced by the filepath
of your foundation directory structure in github
(if you are not using multi-foundation, this value can be removed).
((credhub-*)) are values for accessing your Concourse Credhub.
These are set when fly-ing your pipeline.
For more information on how to fly your pipeline
and use ((foundation)),
please reference our How To Guides for your specific workflow.
Platform Automation will not create your Credhub or store values into your Credhub for you.
1 2 3 4 5 6 7 8 910111213141516
# This task is used in multiple jobs# The yaml anchor "*interpolate-creds" is used in its placeinterpolate-creds:&interpolate-credsimage:platform-automation-imagefile:platform-automation-tasks/tasks/credhub-interpolate.ymlparams:CREDHUB_CLIENT:((credhub-client))CREDHUB_SECRET:((credhub-secret))CREDHUB_SERVER:((credhub-server))PREFIX:'/concourse/main/reference-pipeline'INTERPOLATION_PATHS:.# SKIP_MISSING: trueinput_mapping:files:configurationoutput_mapping:interpolated-files:interpolated-creds
Each job corresponds to a "box"
on the visual representation of your Concourse pipeline.
These jobs consume resources defined above.