Chapter 1. Customizing sample software templates

Procedure

1. Navigate to the cloned tssc-sample-templates repository on your local machine.

2. Open the properties file with your preferred text editor. For example, run the following command in your terminal to open it with Visual Studio Code:

   $ code properties

   Copy to Clipboard Toggle word wrap

   # PE can replace these values with on-prem host
   export GITHUB__DEFAULT__HOST=github.com
   export GITLAB__DEFAULT__HOST=gitlab.com
   export BITBUCKET__DEFAULT__HOST=bitbucket.org
   
   export QUAY__DEFAULT__HOST=quay.io
   
   # leave empty if you don't want to set defaults for your git or quay org
   export GITHUB__DEFAULT__ORG=""
   export GITLAB__DEFAULT__ORG=""
   export BITBUCKET__DEFAULT__ORG=""
   export QUAY__DEFAULT__ORG=""
   
   # PE can replace these values with own pipeline fork
   export PIPELINE__REPO__URL=https://github.com/redhat-appstudio/tssc-sample-pipelines
   export PIPELINE__REPO__BRANCH=main
   
   export DEFAULT__DEPLOYMENT__NAMESPACE__PREFIX=tssc-app
   
   export RHTAP__DEFAULT__NAMESPACE=tssc
   export ARGOCD__DEFAULT__NAMESPACE=tssc-gitops
   export ARGOCD__DEFAULT__INSTANCE=default
   export ARGOCD__DEFAULT__PROJECT=default
   
   
   # For secret reference in Repository CRs
   # Secret will be prefixed by CI name, gitops (for github), or gitlab, or bitbucket in template
   # export GIT__SECRET__DEFAULT__NAME=auth-secret
   export GIT__SECRET__DEFAULT__KEY=password
   export WEBHOOK__SECRET__DEFAULT__NAME=pipelines-secret
   export WEBHOOK__SECRET__DEFAULT__KEY=webhook.secret
   
   # compute the template tag to set defaults, leave empty if not set
   if [ ! -z "${GITHUB__DEFAULT__ORG}" ]; then
   export DEFAULT_ORG_FOR_GITHUB="default: $GITHUB__DEFAULT__ORG"
   fi
   if [ ! -z "${GITLAB__DEFAULT__ORG}" ]; then
   export DEFAULT_ORG_FOR_GITLAB="default: $GITLAB__DEFAULT__ORG"
   fi
   if [ ! -z "${BITBUCKET__DEFAULT__ORG}" ]; then
   export DEFAULT_ORG_FOR_BITBUCKET="default: $BITBUCKET__DEFAULT__ORG"
   fi
   if [ ! -z "${QUAY__DEFAULT__ORG}" ]; then
   export DEFAULT_ORG_FOR_QUAY="default: $QUAY__DEFAULT__ORG"
   fi

   Copy to Clipboard Toggle word wrap

3. Customize the properties file by updating the following key-value pairs according to your environment:

   Expand

   Key	Description
   export GITHUB_DEFAULT_HOST	Set this to your on-premise GitHub host fully qualified domain name. That is, the URL without the HTTP protocol and without the .git extension. For example github-github.apps.cluster-ljg9z.sandbox219.opentlc.com. The default value is github.com.
   export GITLAB_DEFAULT_HOST	Set this to your on-premise GitLab host fully qualified domain name. That is, the URL without the HTTP protocol and without the .git extension. For example gitlab-gitlab.apps.cluster-ljg9z.sandbox219.opentlc.com. The default value is gitlab.com.
   export DEFAULT_DEPLOYMENT_NAMESPACE_PREFIX	The namespace prefix for deployments within RHADS - SSC. The default value is tssc-app. Note Update this if you have modified the default developerHub: namespacePrefixes during the installation process.
   export PIPELINE_REPO_URL	The URL of the forked pipeline repository. For example, https://github.com/redhat-appstudio/tssc-sample-pipelines.
   export PIPELINE_REPO_BRANCH	The target branch of the forked pipeline repository. For example, main.
   export GITHUB_DEFAULT_ORG	The name of the GitHub organization that you want to set as the default.
   export QUAY_DEFAULT_ORG	The name of the Quay organization that you want to set as the default.

   Show more

4. Adjust the software templates, replacing default host values with your specified inputs by running the following command from the top-level directory of the repository:

   $ ./generate.sh

   Copy to Clipboard Toggle word wrap

5. For Jenkins only

   If your Jenkins instance is not deployed to an on-premise OpenShift Container Platform (OCP) instance, and your Rekor and TUF services are on different clusters, update the REKOR_HOST and TUF_MIRROR environment variables. You can configure these variables in the env.sh file within the component repository or set them as environment variables or secrets in Jenkins.

   This configuration ensures that the external Jenkins server can communicate with the Rekor and TUF services installed with RHADS - SSC. Without this customization, RHADS - SSC might not sign the container images correctly in the Jenkins pipeline.

   To update the REKOR_HOST and TUF_MIRROR variables:

   1. Open the env.sh file by navigating to the skeleton > ci > gitops-template > jenkins > tssc directory.

      The second env.sh file is located at skeleton > ci > source-repo > jenkins > tssc. Update the settings to suit your needs.

      In env.sh, review the default values for REKOR_HOST and TUF_MIRROR:

      REKOR_HOST=http://rekor-server.tssc-tas.svc
      TUF_MIRROR=http://tuf.tssc-tas.svc

      Copy to Clipboard Toggle word wrap

   2. Replace .svc with your OCP cluster URL. The .svc domain refers to the local cluster, and internal services can access other services with .svc in their routes, but an external Jenkins cannot.

      The correct routes of the Rekor and TUF services are printed as part of the installation process of RHADS - SSC. If these data aren’t available to you, run this command in your CLI and select the Rekor and TUF routes in the output:

      $ oc get routes -n tssc-tas

      Copy to Clipboard Toggle word wrap

      An example of a Rekor server URL: http://rekor-server.tssc-tas.apps.rosa.j6ufg-t3htv-ts6.z797.p3.openshiftapps.com.

      Note
      • To configure environment variables or secrets in Jenkins see, Adding secrets to Jenkins for secure integration with external tools.
6. For Red Hat Advanced Cluster Security (RHACS) only: To enable RHACS scans, set the export DISABLE_ACS to false in the env.sh file.
7. Option A: Commit and push the changes to your repository. This automatically updates the template in Red Hat Developer Hub (RHDH).

8. Option B: Manually import and refresh the templates using the following steps:

   1. Go to your forked sample template repository on your Git provider.

   2. Get the appropriate URL:

      • For a single template, from the templates directory, select template.yaml. Copy its URL from the browser address bar. For example, https://github.com/username/tssc-sample-templates/blob/main/templates/devfile-sample-code-with-quarkus-dance/template.yaml.
      • For all templates, select all.yaml and copy its URL from the browser address bar. For example, https://github.com/username/tssc-sample-templates/blob/main/all.yaml.
   3. Switch back to the RHDH platform.
   4. Select Create > Register Existing Component.
   5. In the Select URL field, paste the appropriate URL that you copied in the previous step.
   6. Select Analyze and then select Import to update the templates in RHDH.