Files

.github
docs
- data-sources
- guides
- resources
  - akscluster.md
  - cluster.md
  - cluster_group.md
  - cluster_node_pool.md
  - credential.md
  - custom_policy.md
  - ekscluster.md
  - git_repository.md
  - iam_policy.md
  - image_policy.md
  - integration.md
  - kubernetes_secret.md
  - kustomization.md
  - namespace.md
  - namespace_quota_policy.md
  - network_policy.md
  - package_install.md
  - package_repository.md
  - repository_credential.md
  - security_policy.md
  - workspace.md
- index.md
examples
internal
resource_templates
templates
.gitignore
.golangci.yml
.goreleaser.tmpl
.goreleaser.yml
CODE_OF_CONDUCT.md
CONTRIBUTING.md
LICENSE
Makefile
NOTICE
README.md
go.mod
go.sum
main.go

repository_credential.md

Title	Description
Repository Credential Resource	Creating the Repository Credential resource.

Repository Credential

The tanzu-mission-control_repository_credential resource allows you to add, update, and delete repository credential to a particular scope through Tanzu Mission Control.

Repository credentials are used to authenticate to Git repositories and must be created before adding your Git repository. To create a repository credential, you must be associated with the cluster.admin or clustergroup.admin role.

Repository Credential Scope

In the Tanzu Mission Control resource hierarchy, there are two levels at which you can specify repository credential resources:

object groups - cluster_group block under scope sub-resource
Kubernetes objects - cluster block under scope sub-resource

Note: The scope parameter is mandatory in the schema and the user needs to add one of the defined scopes to the script for the provider to function. Only one scope per resource is allowed.

Repository Credential Spec

In the Tanzu Mission Control resource hierarchy, there are two types of credential at which you can create repository credential resources:

Username/Password - username_password block under spec sub-resource
SSH Key - ssh_key block under spec sub-resource

Note: The spec parameter is mandatory in the schema and the user needs to add one of the defined credential type to the script for the provider to function. Only one credential type per resource is allowed.

Cluster group scoped Repository Credential with Username/Password type credential

Example Usage

# Create Tanzu Mission Control source secret with attached set as default value.
resource "tanzu-mission-control_repository_credential" "create_cluster_group_source_secret_username_password" {
  name = "tf-secret" # Required

  scope {
    cluster_group {
      name = "default" # Required
    }
  }

  meta {
    description = "Create namespace through terraform"
    labels      = { "key" : "value" }
  }

  spec {
    data {
      username_password {
        username = "testusername" # Required
        password = "testpassword" # Required
      }
    }
  }
}

Cluster scoped Repository Credential with Username/Password type credential

Example Usage

# Create Tanzu Mission Control source secret with attached set as default value.
resource "tanzu-mission-control_repository_credential" "create_cluster_source_secret_username_password" {
  name = "tf-secret" # Required

  scope {
    cluster {
      name                    = "testcluster" # Required
      provisioner_name        = "attached"    # Default: attached
      management_cluster_name = "attached"    # Default: attached
    }
  }

  meta {
    description = "Create namespace through terraform"
    labels      = { "key" : "value" }
  }

  spec {
    data {
      username_password {
        username = "testusername" # Required
        password = "testpassword" # Required
      }
    }
  }
}

Cluster group scoped Repository Credential with SSH Key type credential

Example Usage

# Create Tanzu Mission Control source secret with attached set as default value.
resource "tanzu-mission-control_repository_credential" "create_cluster_group_source_secret_ssh" {
  name = "tf-secret" # Required

  scope {
    cluster_group {
      name = "default" # Required
    }
  }

  meta {
    description = "Create namespace through terraform"
    labels      = { "key" : "value" }
  }

  spec {
    data {
      ssh_key {
        identity    = "testidentity"    # Required
        known_hosts = "testknown_hosts" # Required
      }
    }
  }
}

Cluster scoped Repository Credential with SSH Key type credential

Example Usage

# Create Tanzu Mission Control source secret with attached set as default value.
resource "tanzu-mission-control_repository_credential" "create_cluster_source_secret_ssh" {
  name = "tf-secret" # Required

  scope {
    cluster {
      name                    = "testcluster" # Required
      provisioner_name        = "attached"    # Default: attached
      management_cluster_name = "attached"    # Default: attached
    }
  }

  meta {
    description = "Create namespace through terraform"
    labels      = { "key" : "value" }
  }

  spec {
    data {
      ssh_key {
        identity    = "testidentity"    # Required
        known_hosts = "testknown_hosts" # Required
      }
    }
  }
}

Schema

Required

name (String) Name of the source secret.
scope (Block List, Min: 1, Max: 1) Scope for the source secret, having one of the valid scopes: cluster, cluster_group. (see below for nested schema)
spec (Block List, Min: 1, Max: 1) Spec for source secret. (see below for nested schema)

Optional

meta (Block List, Max: 1) Metadata for the resource (see below for nested schema)
org_id (String) ID of Organization.

Read-Only

id (String) The ID of this resource.

Nested Schema for `scope`

Optional:

cluster (Block List, Max: 1) The schema for cluster full name (see below for nested schema)
cluster_group (Block List, Max: 1) The schema for cluster group full name (see below for nested schema)

Nested Schema for `scope.cluster`

Required:

name (String) Name of this cluster

Optional:

management_cluster_name (String) Name of the management cluster
provisioner_name (String) Provisioner of the cluster

Nested Schema for `scope.cluster_group`

Required:

name (String) Name of the cluster group

Nested Schema for `spec`

Required:

data (Block List, Min: 1, Max: 1) The schema for spec credential type. (see below for nested schema)

Nested Schema for `spec.data`

Optional:

ssh_key (Block List, Max: 1) The schema for SSH credential type spec. (see below for nested schema)
username_password (Block List, Max: 1) The schema for Username/Password credential type spec. (see below for nested schema)

Nested Schema for `spec.data.ssh_key`

Required:

identity (String, Sensitive) SSH Identity file.
known_hosts (String) Known Hosts file path.

Nested Schema for `spec.data.username_password`

Required:

password (String, Sensitive) Password for the basic authorization.
username (String) Username for the basic authorization.

Nested Schema for `meta`

Optional:

annotations (Map of String) Annotations for the resource
description (String) Description of the resource
labels (Map of String) Labels for the resource

Read-Only:

resource_version (String) Resource version of the resource
uid (String) UID of the resource