The following describes how you can generate an access token to connect Spring Application Advisor to the Tanzu Platform Self-Managed.

When you install Tanzu Platform Self-Managed, a private key, public key, and org ID are generated for service to service authentication.

To generate an access token for Spring Application Advisor,

1. Copy the following contents into a file named generate-access-token.sh.

   #!/bin/bash
   
   KEY_FILE=""
   TOKEN_GENERATOR_JAR=""
   ACCESS_KEY_NAME="sm-test-key-$((1 + $RANDOM % 100))"
   ORGID=""
   
   if [ -z "TOKEN_GENERATOR_JAR" ]
   then
         echo -n "[ERROR] \$TOKEN_GENERATOR_JAR is empty. Please edit the script and set a valid path"
         exit
   else
       echo "\$TOKEN_GENERATOR_JAR is configured [OK]"
   
       command -v -- "jq" &> /dev/null || echo "FATAL: Please install jq or remove jq from the last line in the file"
   
       echo -n " === Getting lemans-resources pod name: "
       POD=$(kubectl get pod -l app=lemans-resources -o name | head -n1)
       echo $POD
   
       if [ -z "$ORGID" ]
       then
             echo -n " === \$ORGID is empty. Getting default org id: "
             ORGID=$(kubectl exec $POD -- grep defaultOrgId /opt/le-mans/sm/smConfigFile | cut -d "=" -f 2)
             echo $ORGID
       else
             echo "\$ORGID is NOT empty"
       fi
   
       echo " === Downloading private key from the pod"
       kubectl exec $POD -- cat /run/auth/ssl/private.pem > $KEY_FILE #| tee $KEY_FILE
   
       echo " === Generating Tanzu Platform SM service token"
       SM_TOKEN=$(java -jar $TOKEN_GENERATOR_JAR --privateKeyFilePath=$KEY_FILE --defaultOrgId=$ORGID --tokenExpiryInSec=720000)
       echo $SM_TOKEN
       echo
       echo " === Generating access token"
       CMD=$(cat <<EOF
       curl -s -X POST 'http://localhost:8000/le-mans/v2/resources/access-keys' \
       -H 'Authorization: Bearer $SM_TOKEN' \
       -H 'Content-Type: application/json' \
       -d '{
           "name": "$ACCESS_KEY_NAME",
           "orgId": "$ORGID",
           "createdBy": "testuser@acme.com"
       }'
       EOF
       )
       kubectl exec $POD -- bash -c "$CMD" | jq
   fi
   done
   

2. Edit the script file and set the value for the TOKEN_GENERATOR_JAR using the file location of the smTokenGenerator.jar of your Tanzu Platform distribution.

   The script uses the default organization that is configured for the Tanzu Platform. However, if you require to send information of a different organization, set a value for $ORGID with the identifier of your preferred organization.

3. Run the following commands in the Kubernetes environment where you have deployed Tanzu Platform.

   chmod u+x generate-access-token.sh
   ./generate-access-token.sh
   

   Copy and reference the printed access token from the Spring Application Advisor server component.