Ops Manager's authentication system can be configured several ways.
The format of the configuration file varies
according to the authentication method to be used.
---username:usernamepassword:passworddecryption-passphrase:decryption-passphrase# Optional# http-proxy-url: # proxy for outbound HTTP network traffic# https-proxy-url: # proxy for outbound HTTPS network traffic# no-proxy: # comma-separated list of hosts that do not go# through the proxy# precreated-client-secret: # create a UAA client on the Ops Manager VM.# this will be client-secret in env.yml# client ID is precreated-client
decryption-passphrase:some-passphraseserver-url:ldap://example.comldap-username:cn=admin,dc=opsmanager,dc=comldap-password:some-passworduser-search-base:ou=users,dc=opsmanager,dc=comuser-search-filter:cn={0}group-search-base:ou=groups,dc=opsmanager,dc=comgroup-search-filter:member={0}ldap-rbac-admin-group-name:cn=opsmgradmins,ou=groups,dc=opsmanager,dc=comemail-attribute:mailldap-referrals:follow# Optional# http-proxy-url: # proxy for outbound HTTP network traffic# https-proxy-url: # proxy for outbound HTTPS network traffic# no-proxy: # comma-separated list of hosts that do not go# through the proxy# precreated-client-secret: # create a UAA client on the Ops Manager VM.# this will be client-secret in env.yml# client ID is precreated-client# server-ssl-cert: # the server certificate when using ldaps://# skip-create-bosh-admin-client: # do not create a UAA client on the BOSH# director. The client is required to execute# BOSH commands from the BOSH CLI
---decryption-passphrase:decryption-passphrasesaml-idp-metadata:https://saml.example.com:8080saml-bosh-idp-metadata:https://bosh-saml.example.com:8080saml-rbac-admin-group:opsman.full_controlsaml-rbac-groups-attribute:myenterprise# Optional# http-proxy-url: # proxy for outbound HTTP network traffic# https-proxy-url: # proxy for outbound HTTPS network traffic# no-proxy: # comma-separated list of hosts that do not go# through the proxy# precreated-client-secret: # create a UAA client on the Ops Manager VM.# this will be client-secret in env.yml# client ID is precreated-client # server-ssl-cert: # the server certificate when using ldaps://# skip-create-bosh-admin-client: # do not create a UAA client on the BOSH# director. The client is required to execute# BOSH commands from the BOSH CLI
Managing Configuration, Auth, and State Files
To use all these files with the Concourse tasks that require them,
you need to make them available as Concourse Resources.
They’re all text files.
There are many resource types that can work for this.
In our examples, we use a git repository.
As with the tasks and image,
you’ll need to declare a resource in your pipeline for each repo you need.