Almost all om commands require an env file to describe how to communicate (and authenticate) with a given VMware Tanzu Operations Manager.

There are two ways to provide auth information.

Username and password

If your configuration choices allow you to use username and password directly, you can do so:

    ---
    target: https://pcf.example.com
    connect-timeout: 30            # default 5
    request-timeout: 1800          # default 1800
    skip-ssl-validation: false     # default false
    username: username
    password: password
    # decryption-passphrase is optional,
    # except for use with `import-installation`.
    # OpsMan depends on the passphrase
    # to decrypt the imported installation.
    # For other commands, providing this key allows
    # decryption of the OpsMan VM after reboot,
    # which would otherwise need to be done manually.
    decryption-passphrase: passphrase

UAA client

However, if you’re using an external identity provider via SAML or LDAP integration, you’ll need to use a UAA client via client-id and client-secret:

    ---
    target: https://pcf.example.com
    connect-timeout: 30          # default 5
    request-timeout: 1800        # default 1800
    skip-ssl-validation: false   # default false
    client-id: client_id
    client-secret: client_secret
    # decryption-passphrase is optional,
    # except for use with `import-installation`.
    # OpsMan depends on the passphrase
    # to decrypt the imported installation.
    # For other commands, providing this key allows
    # decryption of the OpsMan VM after reboot,
    # which would otherwise need to be done manually.
    decryption-passphrase: passphrase

While decryption-passphrase is nominally optional, if you intend to use a single env.yml for an entire pipeline, it will be necessary to include for use with the import-installation step.