Configuring Env

Generating an Env File

Almost all om commands require an env file to describe how to communicate (and authenticate) with a given Ops Manager.

There are two ways to provide auth information. If your configuration choices allow you to use username and password directly, you can do so:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
---
target: https://pcf.example.com
connect-timeout: 30            # default 5
request-timeout: 1800          # default 1800
skip-ssl-validation: false     # default false
username: username
password: password
# decryption-passphrase is optional,
# except for use with `import-installation`.
# OpsMan depends on the passphrase
# to decrypt the imported installation.
# For other commands, providing this key allows
# decryption of the OpsMan VM after reboot,
# which would otherwise need to be done manually.
decryption-passphrase: passphrase

However, if you're using an external identity provider via SAML or LDAP integration, you'll need to use a UAA client via client-id and client-secret:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
---
target: https://pcf.example.com
connect-timeout: 30          # default 5
request-timeout: 1800        # default 1800
skip-ssl-validation: false   # default false
client-id: client_id
client-secret: client_secret
# decryption-passphrase is optional,
# except for use with `import-installation`.
# OpsMan depends on the passphrase
# to decrypt the imported installation.
# For other commands, providing this key allows
# decryption of the OpsMan VM after reboot,
# which would otherwise need to be done manually.
decryption-passphrase: passphrase

While decryption-passphrase is nominally optional, if you intend to use a single env.yml for an entire pipeline, it will be necessary to include for use with the import-installation step.