VMware Tanzu Application Platform 1.3 Improves Developer Productivity and Simplifies DevSecOps

October 11, 2022 Denise Martinez

At VMware Explore 2022, we pre-announced new capabilities in VMware Tanzu Application Platform 1.3. Today, we’re excited to announce general availability of these capabilities to further enhance developer and application operator experiences on any Kubernetes environment, increase supply chain security, and offer additional ecosystem integrations.

As customers realize the opportunities and complexities of building, configuring, connecting, and deploying new apps, Tanzu Application Platform provides the value streams they need for a secure path to production. 

"Tanzu Application Platform gives us the flexibility to leverage new tools from a broad ecosystem of native cloud services, while still allowing us to gain value from our existing investments—all within a single, secure, modular platform," says Ganesh Venkataraman, chief technology officer of digital transformation at Fiserv. "It enables us to focus on delivering customer value without worrying about application dependencies or changing code to deliver on our multi-cloud strategy and application portability requirements. This keeps our teams agile and lets us quickly adapt to customer needs. We're just scratching the surface with Tanzu Application Platform and look forward to adopting Application Accelerator and customizing our secure software supply chain as our needs evolve."

Designed to unlock developer productivity, Tanzu Application Platform provides development teams with the tools and services they need: preconfigured templates and access to components to build and deploy software quickly and securely. Access to their libraries, APIs, templates, and golden container images means that developers don’t have to spend time connecting everything they need to get their code to production.

Enabling a consistent app developer experience across multi-cloud 

  • Availability on Red Hat OpenShift – To give increased flexibility to our customers regarding their Kubernetes platform choice, Tanzu Application Platform 1.3 is available on Red Hat OpenShift, either running in vSphere or on bare metal. Leverage your existing investment in Red Hat OpenShift to realize the value of Tanzu Application Platform.

  • Air-gap support – Tanzu Application Platform 1.3 is now available for highly regulated and disconnected environments with the addition of air-gapped installation. This feature helps ensure that components, upgrades, and patches are made available to the system and that they operate consistently and correctly in the controlled environment—in addition to keeping the organization’s data more secure at all times.

Embracing security and compliance

  • Secure software supply chain enhancements seamlessly shift security left with three new capabilities that increase efficiency across dev and ops, and accelerate the path to production: 
    • Tanzu Application Platform expands the ecosystem of supported vulnerability scanners, adding a beta integration with VMware Carbon Black Container vulnerability scanning, in addition to Snyk (beta) and Grype. Scanning early in the CI/CD pipeline will allow customers to gain context in runtime and secure their supply chain. Development teams can address vulnerabilities and misconfigurations at build, quickly and more efficiently. This increase of visibility and risk prioritization will allow them to deliver faster, without compromising security.
    • A new, centralized vulnerability monitoring dashboard will aid app teams with their pre-deployment security checks and secure app deployments.

    • Software bill of materials (SBoM) support for SPDX (in addition to CycloneDX) to give teams choices on how they import and export SBoMs via the Tanzu insight CLI plug-in.
  • Tanzu Application Platform on Amazon Web Services (AWS) is now enhanced with scanning and builds upon the AWS integrations in the previous release, adding support for Amazon Elastic Container Registry (ECR) within the Snyk and Grype scanner plug-ins. This update allows scanning container images hosted in ECR, using IAM roles bound to Kubernetes service accounts rather than traditional credentials stored in secret. With this enhancement, the Tanzu Application Platform on AWS Cloud Quick Start defaults to using the test and scan supply chain.

Scaling and optimizing developer productivity

  • Dynamic API specification registration – You can now automate the experience in publishing, consuming, and collaborating on APIs for application development. Integration of the Backstage API Docs plug-in into the Tanzu Application Platform GUI auto-registers and publishes the workload specification through a secure supply chain to the API catalog, with role-based access control settings. 

  • Jenkins CI/CD integration – Extend the ability for users to leverage existing Jenkins pipelines in Tanzu Application Platform with deeper Jenkins integrations. The integration allows the Jenkins CI component to be used as part of an out-of-the-box supply chain ​to manage specific steps in the overall CI/CD pipeline​, and to automate triggering of Jenkins jobs from Tanzu Application Platform supply chains.

  • Introducing custom certificate authority (CA) – This customer-requested capability built for app operators has been added for private registry authorization in all Tanzu Application Platform components. Many users, including both air-gapped and non-air-gapped users, require custom CA for any enterprise product deployed in their environment(s).
  • Microservices and multi-module support in IDE extensions – To help with real application development use cases, we have added support for multi-module applications built with microservices. This enhancement captures use cases for common application patterns where each microservice either has its own code repository, or is following a monorepo-based code repository. Developers can perform debugging and live updates on multiple microservices in their workspace for both types of configurations. They can also iterate quickly during the development cycle in their preferred IDE (e.g., Visual Studio Code or IntelliJ IDEA).

  • IDE extensions running on Windows machines – Tanzu Developer Tools for Visual Studio Code and IntelliJ IDEA is now supported on the Windows Operating System, allowing developers to rapidly iterate in their preferred environment.
  • Runtime Resources Visibility (RRV) plug-in – This feature enables customers to visualize the Kubernetes resources associated with their workloads. Tanzu Application Platform 1.3 includes the following additions:
    • More capabilities added to the pod log viewer, including real-time streaming and the ability to export logs
    • Ability to view additional Kubernetes resources on the index table
    • Pod/container metrics that display actual usage data
    • Integrated filter improvements
  • Tanzu Application Platform Functions (beta) – Tanzu Application Platform 1.3 introduces beta support for function workloads in Java and Python. Function accelerators make it easy to create and build HTTP or event-driven applications that are portable across cloud providers and on-premises Kubernetes environments. Function workloads can quickly scale horizontally based on burst traffic, and minimize the application code needed to perform common tasks. Learn more about Tanzu Application Platform Functions.

Supercharge app development while providing the best DevSecOps experience

For more information, check out this video of the General Session announcement for Tanzu Application Platform 1.3 from VMware Explore 2022 in San Francisco.

You can also register for our live webinar, “What’s New with Tanzu Application Platform 1.3?” on November 15, 2022.

Lastly, please join us in person at our upcoming events: VMware Explore in Barcelona, AWS re:Invent, and SpringOne, and check out our new Tanzu Tech Zone page.

About the Author

Denise Martinez

Denise Martinez is a product marketing manager for Tanzu Application Platform at VMware, and is based in San Francisco.

More Content by Denise Martinez
Secure Software Supply Chains and Developer Experience Charge VMware’s KubeCon Presence
Secure Software Supply Chains and Developer Experience Charge VMware’s KubeCon Presence

Inspired by a thriving open source community, VMware is committed to a great developer experience on Kubern...

Common Kubernetes Challenges in 2022 and How to Solve Them
Common Kubernetes Challenges in 2022 and How to Solve Them

In this blog, we’ll recap where the Kubernetes industry stands today, the direction it’s heading in, and ho...