Create a Supply Chain that uses SCST - Scan 2.0 with a Component This topic tels you how to create a Tanzu Supply Chain with SCST - Scan 2.0, which replaces the previous solution for Supply Chain Choreographer for Tanzu.
Tanzu Supply Chain packages
Tanzu Supply Chain packages
Managed Resource Controller
For more information, see Packages .
Tanzu Supply Chain components
Tanzu Application Platform packages
Tanzu CLI plug-ins
This section tells you how to create a supply chain with SCST - Scan 2.0 by using either a Trivy Supply Chain Component or a Custom Scanning Component .
Using Trivy Supply Chain Component
: Complete the following steps:
1. Initialize Tanzu Supply Chain by running:
```console
tanzu supplychain init --group example.com
```
Example output:
```console
$ tanzu supplychain init --group example.com
Initializing group example.com
Creating directory structure
├─ supplychains/
├─ components/
├─ pipelines/
├─ tasks/
└─ config.yaml
Writing group configuration to config.yaml
```
2. Generate a Supply Chain by running:
```console
tanzu supplychain generate --kind TrivySC \
--description Trivy \
--component source-git-provider-1.0.0 \
--component buildpack-build-1.0.0 \
--component trivy-image-scan-1.0.0
```
Example output:
```console
$ tanzu supplychain generate --kind TrivySC \
--description Trivy \
--component source-git-provider-1.0.0 \
--component buildpack-build-1.0.0 \
--component trivy-image-scan-1.0.0
✓ Successfully fetched all component dependencies
Created file supplychains/trivysc.yaml
Created file components/buildpack-build-1.0.0.yaml
Created file components/source-git-provider-1.0.0.yaml
Created file components/trivy-image-scan-1.0.0.yaml
Created file pipelines/buildpack-build.yaml
Created file pipelines/source-git-provider.yaml
Created file pipelines/trivy-image-scan-v2.yaml
Created file tasks/calculate-digest.yaml
Created file tasks/check-builders.yaml
Created file tasks/prepare-build.yaml
Created file tasks/source-git-check.yaml
Created file tasks/source-git-clone.yaml
Created file tasks/store-content-oci.yaml
``` Using Custom Scanning Component
: Complete the following steps:
1. Initialize Tanzu Supply Chain by running:
```console
tanzu supplychain init --group example.com
```
Example output:
```console
$ tanzu supplychain init --group example.com
Initializing group example.com
Creating directory structure
├─ supplychains/
├─ components/
├─ pipelines/
├─ tasks/
└─ config.yaml
Writing group configuration to config.yaml
```
2. Generate a Supply Chain by running:
```console
tanzu supplychain generate --kind CUSTOM-KIND-WORKLOAD \
--description DESCRIPTION-OF-SCANNER \
--component source-git-provider-1.0.0 \
--component buildpack-build-1.0.0 \
--component SCANNING-COMPONENT-NAME
```
Where `SCANNING-COMPONENT-NAME` is the name of the [Custom Scanning Component](./setup-supply-chain-component.hbs.md#customize-scan-component). For more information about how to construct a Supply Chain by using the Tanzu CLI, see Construct a Supply Chain using the CLI .
For more details about how to create a Supply Chain, see Build your first Supply Chain .
Generating the supply chain created the following directory structure:
├─ supplychains/
├─ components/
├─ pipelines/
├─ tasks/ Apply these directories to the namespace where the workload will run by running.
kubectl apply -R -f components -f supplychains -f tasks -f pipelines -n DEV-NAMESPACE Where DEV-NAMESPACE is the same namespace where the intended workload will be.