From 4a9cdb00cc8c5fc8565c16928f887b8a0d014e84 Mon Sep 17 00:00:00 2001 From: Brandon Grohmann <140200346+brandongrohmann@users.noreply.github.com> Date: Fri, 3 Nov 2023 15:24:42 -0700 Subject: [PATCH] [ci] Updates ci based on the vault changes (#77) --- ci/pipeline/jobs/prepare.yml | 6 +- ci/pipeline/jobs/upgrade.yml | 2 +- ci/repipe | 8 +- ci/scripts/build-kit | 6 +- ci/scripts/build-upstream-jobs | 32 +++++--- ci/scripts/cats | 114 ---------------------------- ci/scripts/compare-release-specs | 44 +++++++---- ci/scripts/test-addons | 4 + ci/scripts/test-deployment | 53 ++++++------- ci/settings.yml | 1 + ci/tasks/build-kit.yml | 4 +- ci/tasks/deploy-stable.yml | 4 +- ci/tasks/deploy.yml | 4 +- ci/tasks/generate-release-notes.yml | 4 +- ci/tasks/get-latest-upstream.yml | 4 +- ci/tasks/prerelease.yml | 4 +- ci/tasks/release.yml | 4 +- ci/tasks/spec-check.yml | 4 +- ci/tasks/spec-tests.yml | 4 +- ci/tasks/update-release.yml | 4 +- ci/tasks/upgrade.yml | 4 +- 21 files changed, 116 insertions(+), 198 deletions(-) delete mode 100755 ci/scripts/cats create mode 100644 ci/scripts/test-addons diff --git a/ci/pipeline/jobs/prepare.yml b/ci/pipeline/jobs/prepare.yml index 1665ddb..f1b6be1 100644 --- a/ci/pipeline/jobs/prepare.yml +++ b/ci/pipeline/jobs/prepare.yml @@ -5,9 +5,9 @@ jobs: plan: - do: - in_parallel: - - { get: version, passed: [deploy, upgrade], params: {bump: final} } - - { get: spec-check, passed: [deploy, upgrade] } - - { get: git, passed: [deploy, upgrade], trigger: true } + - { get: version, passed: [deploy,upgrade], params: {bump: final} } + - { get: spec-check, passed: [deploy,upgrade] } + - { get: git, passed: [deploy,upgrade], trigger: true } - { get: git-ci } - { get: git-latest-tag } - { get: release-notes } diff --git a/ci/pipeline/jobs/upgrade.yml b/ci/pipeline/jobs/upgrade.yml index 40e9b3e..7cd50bd 100644 --- a/ci/pipeline/jobs/upgrade.yml +++ b/ci/pipeline/jobs/upgrade.yml @@ -29,7 +29,7 @@ jobs: KIT_SHORTNAME: (( grab meta.kit )) SKIP_FRESH: true SKIP_REPLACE_SECRETS: true - SKIP_SMOKE_TESTS: true + SKIP_SMOKE_TESTS: false SKIP_CLEAN: false on_failure: put: notify diff --git a/ci/repipe b/ci/repipe index 8f5c034..777dbff 100755 --- a/ci/repipe +++ b/ci/repipe @@ -16,7 +16,7 @@ need_command() { local cmd=${1:?need_command() - no command name given} local url=${2:-} - if [[ ! -x "$(type -p "$cmd")" ]]; then + if [[ ! -x "$(type -P "$cmd")" ]]; then echo >&2 "${cmd} is not installed." if [[ -n "$url" ]]; then echo >&2 "Please download it from ${url}" @@ -96,7 +96,7 @@ OPTIONS: whatever is set in 'meta.exposed' in the settings.yml file) -o Open pipeline in browser if os supports it (mac only currently) after applying changes. Specify twice to not do anything else. - --fly Path to fly command, otherwise will use $(type -p fly) + --fly Path to fly command, otherwise will use $(type -P fly) EOF exit $rc @@ -167,7 +167,7 @@ need_command jq if [[ -z "$fly" ]] ; then need_command fly; - fly="$(type -p fly)" + fly="$(type -P fly)" fi # -- Get settings file -------------------------------------------------------- @@ -220,7 +220,7 @@ if (( DRYRUN > 0 )) ; then if [[ -n "${persistent_file}" ]] ; then if [[ "${persistent_file}" =~ '->0x' ]] ; then persistent_file='' - elif [[ -n "$(type -p realpath || true)" ]] ; then + elif [[ -n "$(type -P realpath || true)" ]] ; then persistent_file="$(realpath --relative-to="$call_dir" "$persistent_file")" fi fi diff --git a/ci/scripts/build-kit b/ci/scripts/build-kit index 626584c..be68f86 100755 --- a/ci/scripts/build-kit +++ b/ci/scripts/build-kit @@ -33,15 +33,15 @@ echo "$VAULT_TOKEN" | safe auth token safe read secret/handshake check_dirs=() -for dir in overlay manifests; do +for dir in overlay manifests spec/results; do [[ -d "$REPO_ROOT/$dir" ]] && check_dirs+=( "$REPO_ROOT/$dir/" ) done if [[ ${#check_dirs[@]} -gt 0 ]] ; then header "Checking SHA1s of specified components (not including bosh-deployment) ..." out="$(eval "spruce merge --skip-eval $( \ grep -rl '^releases:' "${check_dirs[@]}" \ - | sed -e "s/\\(.*\\)/<(spruce json \\1 | jq -r '{releases: .releases}')/" |tr "\n" " " \ - ) | spruce json | jq -r ." )" + | sed -e "s/\\(.*\\)/<(spruce json \\1 | jq -r '{releases: [ \"(( merge on sha1 ))\", .releases[] ]}')/" |tr "\n" " " \ + ) | spruce json | jq -r ." )" echo "$out" | spruce merge | spruce json | "${CI_ROOT}/ci/scripts/check-sha1s" fi diff --git a/ci/scripts/build-upstream-jobs b/ci/scripts/build-upstream-jobs index 8db61cf..b866615 100755 --- a/ci/scripts/build-upstream-jobs +++ b/ci/scripts/build-upstream-jobs @@ -14,15 +14,29 @@ upstream_details="$(spruce json "${base_dir}/settings.yml" | jq -r '.meta.upstre # For each release in upstream.yml, for release in $upstream_details ; do name="$(_lookup "$release" .name)" - type="$(_lookup "$release" '.type//"bosh-io-release"')" # Other valid value is github-release + type="$(_lookup "$release" '.type//"bosh-io-release"')" path="$(_lookup "$release" '.path//"manifests/releases/'"$name"'.yml"')" repo="$(_lookup "$release" '.repository')" - owner="" - if [[ $type == "github-release" ]] ; then - owner=$'\n'" owner: ${repo%/*}" - repo="${repo##*/}" - fi + if [[ $type == 'bosh-io-release' ]] ; then + source=$'\n'" repository: $repo"; + elif [[ $type == 'github-release' ]] ; then + owner="$(_lookup "$release" '.owner//""')" + if [[ -z "$owner" && "$repo" =~ / ]] ; then + owner="${repo%%/*}" + repo="${repo#*/}" + fi + source=$'\n'" repository: $repo"$'\n'" owner: $owner"; + token="$(_lookup "$release" '.access_token//""')" + if [[ -n "$token" ]] ; then + source="$source"$'\n access_token: "'"$token"'"' + fi + else + echo >&2 "Unknown resource type for $name upstream release: $type" + echo >&2 "Expecting one of: bosh-io-release, github-release" + echo >&2 "Update upstream.bosh-releases configuration in ci/settings.yml" + exit 1 + fi job="update-${name}-release" release="${name}-release" @@ -63,8 +77,7 @@ resources: - name: $release type: $type check_every: 24h - source: - repository: $repo$owner + source: $source EOF done @@ -72,9 +85,10 @@ group_file="$base_dir/pipeline/upstream/update_group.yml" if [[ "${#update_group[@]}" -gt 0 ]] ; then ( echo "groups:" - echo "- (( append ))" + echo "- (( merge on name ))" echo "- name: upstream" echo " jobs:" + echo " - (( append ))" for job in ${update_group[@]+"${update_group[@]}"} ; do echo " - $job" done diff --git a/ci/scripts/cats b/ci/scripts/cats deleted file mode 100755 index 8a9c5d2..0000000 --- a/ci/scripts/cats +++ /dev/null @@ -1,114 +0,0 @@ -#!/bin/bash -set -e - -header() { - echo - echo "================================================================================" - echo "$1" - echo "--------------------------------------------------------------------------------" - echo -} - -bail() { - echo >&2 "$* Did you misconfigure Concourse?" - exit 2 -} - -lookup() { - genesis -C "$WORK_DIR" lookup "$DEPLOY_ENV" "$@" 2>/dev/null -} - -run_cats() { - echo "Running CATS from deployment dir $2" - - base=$(lookup params.base_domain) - system_domain="$(lookup params.system_domain "system.$base")" - ADMIN_PASSWORD="$(credhub get -q -n "$credhub_path/cf_admin_password")" - export API_URL=api.$system_domain - export ADMIN_PASSWORD - export APP_DOMAINS_0=run.$base - case $RUN_CATS in - "include_container_networking") - sed -i "s#include_security_groups:.*#include_security_groups: true#g" "$CI_DIR/cats.yml" - ;; - "include_deployments") - sed -i "s#include_v3:.*#include_v3: true#g" "$CI_DIR/cats.yml" - ;; - "include_service_instance_sharing") - sed -i "s#include_services:.*#include_services: true#g" "$CI_DIR/cats.yml" - ;; - "include_sso") - sed -i "s#include_services:.*#include_services: true#g" "$CI_DIR/cats.yml" - ;; - "include_tasks") - sed -i "s#include_v3:.*#include_v3: true#g" "$CI_DIR/cats.yml" - ;; - "include_zipkin") - sed -i "s#include_routing:.*#include_routing: true#g" "$CI_DIR/cats.yml" - ;; - esac - - sed -i "s#${RUN_CATS}:.*#${RUN_CATS}: true#g" "$CI_DIR/cats.yml" - tmpdir="$ROOT_DIR/cats" - export CONFIG=${tmpdir}/config.json - spruce merge "$CI_DIR/cats.yml" | spruce json | jq '.' > "${CONFIG}" - pushd "${tmpdir}" &>/dev/null - FAILFAST_FLAG="" - VERBOSE_FLAG="" - if [[ ${FAILFAST} == "true" ]] ; then - FAILFAST_FLAG="--failFast" - fi - if [[ ${VERBOSE} == "true" ]] ; then - VERBOSE_FLAG="-v" - fi - echo "RUNNING CATS WITH NODES: ${CATS_NODES:-4} ${VERBOSE_FLAG} ${FAILFAST_FLAG}" - ./bin/test -nodes="${CATS_NODES:-4}" ${VERBOSE_FLAG} ${FAILFAST_FLAG} - popd &>/dev/null -} - -ROOT_DIR="$(pwd)" -WORK_DIR="${ROOT_DIR}/work/cf-deployments" -CI_DIR="${ROOT_DIR}/git-ci/ci" - -test -n "${DEPLOY_ENV:-}" || bail "DEPLOY_ENV must be set to the deployment environment name." -test -n "${KIT_SHORTNAME:-}" || bail "KIT_SHORTNAME must be set to the short name of this kit." - -# Attach to Vault -test -n "${VAULT_URI:-}" || bail "VAULT_URI must be set to the Vault connection address - suggest using ((vault.url))" -test -n "${VAULT_TOKEN:-}" || bail "VAULT_TOKEN must be set to a valid token to connect to the Vault - suggest using ((vault.token))" -safe target da-vault "$VAULT_URI" -k -echo "$VAULT_TOKEN" | safe auth token - -# Get BOSH/CREDHUB envs -bosh_env="$(lookup genesis 2>/dev/null | jq -r '.bosh_env // .env')" -[[ "$bosh_env" =~ / ]] || bosh_env="${bosh_env}/bosh" - -bosh_exodus="$(lookup --exodus-for "$bosh_env" . "{}" 2>/dev/null)" -BOSH_ENVIRONMENT="$( jq -r '.url // ""' <<<"$bosh_exodus")" -BOSH_CLIENT="$( jq -r '.admin_username // ""' <<<"$bosh_exodus")" -BOSH_CLIENT_SECRET="$(jq -r '.admin_password // ""' <<<"$bosh_exodus")" -BOSH_CA_CERT="$( jq -r '.ca_cert // ""' <<<"$bosh_exodus")" -export BOSH_ENVIRONMENT BOSH_CLIENT BOSH_CLIENT_SECRET BOSH_CA_CERT - -CREDHUB_SERVER="$( jq -r '.credhub_url // ""' <<<"$bosh_exodus")" -if [[ -n "$CREDHUB_SERVER" ]] ; then - echo - CREDHUB_CLIENT="$( jq -r '.credhub_username // ""' <<<"$bosh_exodus")" - CREDHUB_SECRET="$( jq -r '.credhub_password // ""' <<<"$bosh_exodus")" - CREDHUB_CA_CERT="$(jq -r '"\(.credhub_ca_cert)\(.ca_cert)"' <<<"$bosh_exodus")" - export CREDHUB_SERVER CREDHUB_CLIENT CREDHUB_SECRET CREDHUB_CA_CERT - credhub_path="/${bosh_env/\//-}/${DEPLOY_ENV}-${KIT_SHORTNAME}" - echo -fi - -test -n "${BOSH_ENVIRONMENT:-}" || bail "BOSH_ENVIRONMENT must be set to BOSH directory URL - missing from $bosh_env deployment exodus data" -test -n "${BOSH_CA_CERT:-}" || bail "BOSH_CA_CERT must be set to the BOSH CA Cert - missing from $bosh_env deployment exodus data" -test -n "${BOSH_CLIENT:-}" || bail "BOSH_CLIENT must be set to BOSH Client user - missing from $bosh_env deployment exodus data" -test -n "${BOSH_CLIENT_SECRET:-}" || bail "BOSH_CLIENT_SECRET must be set to BOSH Client secret - missing from $bosh_env deployment exodus data" -test -n "${CREDHUB_SERVER:-}" || bail "CREDHUB_SERVER must be set to Credhub URL - missing from $bosh_env deployment exodus data" -test -n "${CREDHUB_CLIENT:-}" || bail "CREDHUB_CLIENT must be set to Credhub username - missing from $bosh_env deployment exodus data" -test -n "${CREDHUB_SECRET:-}" || bail "CREDHUB_SECRET must be set to Credhub password - missing from $bosh_env deployment exodus data" -test -n "${CREDHUB_CA_CERT:-}" || bail "CREDHUB_CA_CERT must be set to Credhub ca_cert and UAA ca_cert password - missing from $bosh_env deployment exodus data" - -cd git -run_cats --deployment-dir "$ROOT_DIR" diff --git a/ci/scripts/compare-release-specs b/ci/scripts/compare-release-specs index 0c1ed19..b897651 100755 --- a/ci/scripts/compare-release-specs +++ b/ci/scripts/compare-release-specs @@ -3,7 +3,7 @@ set -ue # What branch is the comparison of the current working branch being compared against compare_branch="${1:-origin/}" -check_dirs="spec manifests manifests/releases" +check_dirs="spec/results manifests" orig_dir="$(pwd)" # needed because of when running locally or in ci @@ -23,7 +23,7 @@ release_files() { releases() { eval "spruce merge --skip-eval $( \ release_files \ - | sed -e "s/\\(.*\\)/\<(spruce json \\1 | jq -r '{releases: .releases}')/" |tr "\n" " " \ + | sed -e "s/\\(.*\\)/\<(spruce json \\1 | jq -r '{releases: [ \"(( merge on sha1 ))\", .releases[] ]}')/" |tr "\n" " " \ ) | spruce merge | spruce json | jq -r ." } @@ -31,6 +31,11 @@ workdir="$(mktemp -d)" mkdir "$workdir/compare" cp -R "$(pwd)/.git" "$workdir/compare/" pushd "$workdir/compare" > /dev/null +if ! git show -q "$compare_branch" &>/dev/null ; then + echo "The latest release ($compare_branch) is NOT an ancestor to this commit." + echo "This should never happen -- Cannot continue!" + exit 1 +fi git checkout -qf --detach "$compare_branch" prev_releases="$(releases)" popd > /dev/null @@ -38,9 +43,8 @@ rm -rf "$workdir/compare" curr_releases="$(releases)" - -prev_rel_names="$(echo "$prev_releases"| jq -r '.releases[] | .name' | sort)" -curr_rel_names="$(echo "$curr_releases"| jq -r '.releases[] | .name' | sort)" +prev_rel_names="$(echo "$prev_releases"| jq -r '.releases[] | .name' | sort | uniq)" +curr_rel_names="$(echo "$curr_releases"| jq -r '.releases[] | .name' | sort | uniq)" removed=() while IFS='' read -r rel ; do @@ -54,9 +58,11 @@ done <<<"$(diff -p <(echo "$prev_rel_names") <(echo "$curr_rel_names") | grep '^ unchanged=() changed=() while IFS='' read -r rel; do - prev_ver="$(echo "$prev_releases" | jq -r --arg r "$rel" '(.releases[] | select(.name == $r) | .version ) // "--none--" ' )" + prev_ver="$(echo "$prev_releases" | jq -r --arg r "$rel" \ + '.releases | map(select(.name == $r) | .version) | sort | unique | if(.|length>0) then .|join(",") else "--none--" end' )" if [[ "$prev_ver" == "--none--" ]] ; then continue ; fi - curr_ver="$(echo "$curr_releases" | jq -r --arg r "$rel" '.releases[] | select(.name == $r) | .version' )" + curr_ver="$(echo "$curr_releases" | jq -r --arg r "$rel" \ + '.releases | map(select(.name == $r) | .version) | sort | unique | join(",")' )" if [[ "$prev_ver" == "$curr_ver" ]] ; then unchanged+=( "$rel $curr_ver" ) else @@ -102,28 +108,38 @@ if [[ "${#changed[@]}" -gt 0 && -n "${changed[0]}" ]] ; then if [ -f "${ci_dir}/ci/upstreamrepo.yml" ]; then upstreamrepo=$(spruce json "${ci_dir}/ci/upstreamrepo.yml") else - upstreamrepo="[]" + upstreamrepo='{"repos": []}' fi + # TODO: do this in two phases -- first phase pull out all the non-compiled + # versions, then run through with the compiled versions, picking up the + # non-compiled version's git repo. Also indicate if they are compiled + # or not, and if so, what os is the target. (because that may change) repos="$( echo "$curr_releases" \ | jq --argjson gitrepos "$upstreamrepo" -r 'reduce .releases[] as {$name, $url, $sha1, $version} ({repos: []}; ($url - | if ($url | test("https?://s3.amazonaws.com")) then + | if ($url | test("https?://s3(-.*)?.amazonaws.com")) then ($gitrepos.repos | map(select(.name == $name))[0].repo) - elif ($url | test("https?://bosh.io")) then + elif ($url | test("https?://storage.googleapis.com")) then + ($gitrepos.repos | map(select(.name == $name))[0].repo) + elif ($url | test("https?://bosh.io")) then ($url | sub("^.*/d/";"https://") | sub("\\?v=.*$";"")) - elif ($url | test("https?://github.com")) then + elif ($url | test("https?://github.com")) then ($url | sub("^.*http";"http") | sub("/releases/download/.*$";"")) - else + else $url - end + end ) as $repo | (.repos += [{$name,$repo}]) )')" for info in "${changed[@]}" ; do read -r rel prev_ver curr_ver <<<"$info" - repo="$(echo "$repos" | jq -r --arg r "$rel" '.repos[] | select(.name == $r) | .repo' )" + + #TODO: handle multiple versions (comma separated) -- right now we're just taking the first one with a repo. + #TODO: handle compiled releases better -- right now just skipping. + repo="$(echo "$repos" | jq -r --arg r "$rel" '.repos | map(select(.name == $r and .repo != null)) | .[0].repo//""' )" + [[ -n "$repo" ]] || continue rel_dir="$workdir/releases/$rel" mkdir -p "$rel_dir" git -C "$rel_dir" init >/dev/null 2>&1 && \ diff --git a/ci/scripts/test-addons b/ci/scripts/test-addons new file mode 100644 index 0000000..5795750 --- /dev/null +++ b/ci/scripts/test-addons @@ -0,0 +1,4 @@ +genesis "do" "${DEPLOY_ENV}" -- download-fly +genesis "do" "${DEPLOY_ENV}" -- login +genesis "do" "${DEPLOY_ENV}" -- fly teams -d +genesis "do" "${DEPLOY_ENV}" -- logout diff --git a/ci/scripts/test-deployment b/ci/scripts/test-deployment index ea6f5df..413e5a3 100755 --- a/ci/scripts/test-deployment +++ b/ci/scripts/test-deployment @@ -17,7 +17,7 @@ header() { } has_feature() { - genesis lookup "$1" kit.features 2>/dev/null | jq -e --arg feature "$2" '. | index($feature)' >/dev/null + genesis "$1" lookup kit.features 2>/dev/null | jq -e --arg feature "$2" '. | index($feature)' >/dev/null } is_proto() { @@ -29,9 +29,9 @@ cleanup_environment() { if [[ -f .genesis/manifests/$env-state.yml ]] ; then header "Preparing to delete proto environment $env" echo "Generating reference manifest..." - genesis manifest "$env" --no-redact > manifest.yml 2>/dev/null + genesis "$env" manifest --no-redact > manifest.yml 2>/dev/null echo $'\n'"Building BOSH variables file..." - genesis lookup --merged "${env}" bosh-variables > vars.yml 2>/dev/null + genesis "${env}" lookup --merged bosh-variables > vars.yml 2>/dev/null echo $'\n'"$env state file:" echo "----------------->8------------------" cat ".genesis/manifests/$env-state.yml" @@ -68,16 +68,8 @@ cleanup() { done } -# Replace this with genesis lookup --env once its available (2.8.5) -cat <<'EOF' > get-env.pl -#!/usr/bin/env perl -use lib "$ENV{HOME}/.geese/lib"; -use JSON::PP qw/encode_json/; -print encode_json(\%ENV); -EOF -chmod +x "get-env.pl" -vault_path="$(genesis sh "${DEPLOY_ENV}" -s "$(pwd)/get-env.pl" 2>/dev/null | grep '^{' | jq -r '.GENESIS_SECRETS_BASE')" -exodus_path="$(genesis sh "${DEPLOY_ENV}" -s "$(pwd)/get-env.pl" 2>/dev/null | grep '^{' | jq -r '.GENESIS_EXODUS_BASE')" +vault_path="$(genesis "$DEPLOY_ENV" lookup --env GENESIS_SECRETS_BASE)" +exodus_path="$(genesis "$DEPLOY_ENV" lookup --env GENESIS_EXODUS_BASE)" vault_path="${vault_path%/}" # trim any trailing slash # ----- @@ -105,10 +97,10 @@ if [[ "$SKIP_REPLACE_SECRETS" == "false" ]] ; then # Remove credhub values if ! is_proto "$DEPLOY_ENV" ; then ( - bosh_env="$(genesis lookup "$DEPLOY_ENV" genesis 2>/dev/null | jq -r '.bosh_env // .env')" + bosh_env="$(genesis "$DEPLOY_ENV" lookup genesis 2>/dev/null | jq -r '.bosh_env // .env')" [[ "$bosh_env" =~ / ]] || bosh_env="${bosh_env}/bosh" - bosh_exodus="$(genesis lookup --exodus-for "$bosh_env" "$DEPLOY_ENV" . "{}" 2>/dev/null)" + bosh_exodus="$(genesis "$DEPLOY_ENV" lookup --exodus-for "$bosh_env" . "{}" 2>/dev/null)" CREDHUB_SERVER="$(jq -r '.credhub_url // ""' <<<"$bosh_exodus")" if [[ -n "$CREDHUB_SERVER" ]] ; then echo @@ -157,8 +149,8 @@ fi if [[ "$SKIP_DEPLOY" == "false" ]]; then header "Deploying ${DEPLOY_ENV} environment to verify functionality..." - genesis "do" "${DEPLOY_ENV}" -- list - genesis add-secrets "${DEPLOY_ENV}" + genesis "${DEPLOY_ENV}" "do" -- list + genesis "${DEPLOY_ENV}" add-secrets # get and upload stemcell version if needed (handled by bosh cli if version and name are supplied) stemcell_iaas= @@ -173,7 +165,7 @@ if [[ "$SKIP_DEPLOY" == "false" ]]; then esac if [[ -n "$stemcell_iaas" ]] ; then - stemcell_data="$(genesis lookup --merged "${DEPLOY_ENV}" stemcells)" + stemcell_data="$(genesis "${DEPLOY_ENV}" lookup --merged stemcells)" stemcell_os="$(jq -r '.[0].os' <<<"$stemcell_data")" stemcell_version="$(jq -r '.[0].version' <<<"$stemcell_data")" stemcell_name="bosh-${stemcell_iaas}-${stemcell_os}-go_agent" @@ -184,15 +176,15 @@ if [[ "$SKIP_DEPLOY" == "false" ]]; then upload_options=() upload_params="" fi - if ! genesis bosh "$DEPLOY_ENV" stemcells 2>/dev/null \ + if ! genesis "${DEPLOY_ENV}" bosh stemcells 2>/dev/null \ | grep "^${stemcell_name}" \ | awk '{print $2}' | sed -e 's/\*//' \ | grep "^${stemcell_version}\$" ; then - genesis bosh "$DEPLOY_ENV" upload-stemcell "https://bosh.io/d/stemcells/$stemcell_name${upload_params}" ${upload_options[@]+"${upload_options[@]}"} + genesis "${DEPLOY_ENV}" bosh upload-stemcell "https://bosh.io/d/stemcells/$stemcell_name${upload_params}" ${upload_options[@]+"${upload_options[@]}"} fi fi - genesis deploy -y "${DEPLOY_ENV}" + genesis "${DEPLOY_ENV}" deploy -y if [[ -f .genesis/manifests/${DEPLOY_ENV}-state.yml ]] ; then echo $'\n'"${DEPLOY_ENV} state file:" @@ -201,20 +193,25 @@ if [[ "$SKIP_DEPLOY" == "false" ]]; then echo "----------------->8------------------" fi - genesis info "${DEPLOY_ENV}" + genesis "${DEPLOY_ENV}" info if ! is_proto "$DEPLOY_ENV" ; then - genesis bosh "${DEPLOY_ENV}" instances --ps + genesis "${DEPLOY_ENV}" bosh instances --ps fi fi if [[ "$SKIP_SMOKE_TESTS" == "false" ]]; then - header "Validating addons..." - genesis "do" "${DEPLOY_ENV}" -- download-fly - genesis "do" "${DEPLOY_ENV}" -- login - genesis "do" "${DEPLOY_ENV}" -- fly teams -d - genesis "do" "${DEPLOY_ENV}" -- logout + if [[ -f "$0/test-addons" ]] ; then + header "Validating addons..." + # shellcheck source=/dev/null + source "$0/test-addons" + fi + if [[ -f "$0/smoketests" ]] ; then + header "Running smoke tests..." + # shellcheck source=/dev/null + source "$0/smoketests" + fi else echo "Skipping smoke_tests" fi diff --git a/ci/settings.yml b/ci/settings.yml index 79893d4..bf2a252 100644 --- a/ci/settings.yml +++ b/ci/settings.yml @@ -54,3 +54,4 @@ meta: - name: locker type: github-release repository: cloudfoundry-community/locker-boshrelease + access_token: ((github.access_token)) diff --git a/ci/tasks/build-kit.yml b/ci/tasks/build-kit.yml index f889b69..a9e1531 100644 --- a/ci/tasks/build-kit.yml +++ b/ci/tasks/build-kit.yml @@ -4,8 +4,8 @@ platform: linux image_resource: type: registry-image source: - repository: registry.ops.scalecf.net/genesis-community/genesis - tag: latest + repository: ((image/genesis.url)) + tag: ((image/genesis.tag)) inputs: - name: version diff --git a/ci/tasks/deploy-stable.yml b/ci/tasks/deploy-stable.yml index bed1809..4854157 100644 --- a/ci/tasks/deploy-stable.yml +++ b/ci/tasks/deploy-stable.yml @@ -4,8 +4,8 @@ platform: linux image_resource: type: registry-image source: - repository: registry.ops.scalecf.net/genesis-community/genesis - tag: latest + repository: ((image/genesis.url)) + tag: ((image/genesis.tag)) inputs: - name: git-latest-tag diff --git a/ci/tasks/deploy.yml b/ci/tasks/deploy.yml index 39a6fb0..24bff72 100644 --- a/ci/tasks/deploy.yml +++ b/ci/tasks/deploy.yml @@ -4,8 +4,8 @@ platform: linux image_resource: type: registry-image source: - repository: registry.ops.scalecf.net/genesis-community/genesis - tag: latest + repository: ((image/genesis.url)) + tag: ((image/genesis.tag)) inputs: - name: git diff --git a/ci/tasks/generate-release-notes.yml b/ci/tasks/generate-release-notes.yml index 6374c56..073a893 100644 --- a/ci/tasks/generate-release-notes.yml +++ b/ci/tasks/generate-release-notes.yml @@ -4,8 +4,8 @@ platform: linux image_resource: type: registry-image source: - repository: registry.ops.scalecf.net/genesis-community/genesis - tag: latest + repository: ((image/genesis.url)) + tag: ((image/genesis.tag)) inputs: - name: git diff --git a/ci/tasks/get-latest-upstream.yml b/ci/tasks/get-latest-upstream.yml index fa67f9a..955bad7 100644 --- a/ci/tasks/get-latest-upstream.yml +++ b/ci/tasks/get-latest-upstream.yml @@ -4,8 +4,8 @@ platform: linux image_resource: type: registry-image source: - repository: registry.ops.scalecf.net/genesis-community/concourse-go - tag: '1.18' + repository: ((image/concourse_go.url)) + tag: ((image/concourse_go.tag)) inputs: - name: git-ci diff --git a/ci/tasks/prerelease.yml b/ci/tasks/prerelease.yml index 8bb1900..059011a 100644 --- a/ci/tasks/prerelease.yml +++ b/ci/tasks/prerelease.yml @@ -4,8 +4,8 @@ platform: linux image_resource: type: registry-image source: - repository: registry.ops.scalecf.net/genesis-community/genesis - tag: latest + repository: ((image/genesis.url)) + tag: ((image/genesis.tag)) inputs: - name: version diff --git a/ci/tasks/release.yml b/ci/tasks/release.yml index b844921..1f9f361 100644 --- a/ci/tasks/release.yml +++ b/ci/tasks/release.yml @@ -4,8 +4,8 @@ platform: linux image_resource: type: registry-image source: - repository: registry.ops.scalecf.net/genesis-community/genesis - tag: latest + repository: ((image/genesis.url)) + tag: ((image/genesis.tag)) inputs: - name: version diff --git a/ci/tasks/spec-check.yml b/ci/tasks/spec-check.yml index c2e9ea1..246095b 100644 --- a/ci/tasks/spec-check.yml +++ b/ci/tasks/spec-check.yml @@ -4,8 +4,8 @@ platform: linux image_resource: type: registry-image source: - repository: registry.ops.scalecf.net/genesis-community/genesis - tag: latest + repository: ((image/genesis.url)) + tag: ((image/genesis.tag)) inputs: - name: git diff --git a/ci/tasks/spec-tests.yml b/ci/tasks/spec-tests.yml index 6273bbe..8204b3e 100644 --- a/ci/tasks/spec-tests.yml +++ b/ci/tasks/spec-tests.yml @@ -4,8 +4,8 @@ platform: linux image_resource: type: registry-image source: - repository: registry.ops.scalecf.net/genesis-community/concourse-go - tag: '1.18' + repository: ((image/concourse_go.url)) + tag: ((image/concourse_go.tag)) inputs: - name: git diff --git a/ci/tasks/update-release.yml b/ci/tasks/update-release.yml index 129885f..31c09d9 100644 --- a/ci/tasks/update-release.yml +++ b/ci/tasks/update-release.yml @@ -4,8 +4,8 @@ platform: linux image_resource: type: registry-image source: - repository: registry.ops.scalecf.net/genesis-community/concourse-go - tag: '1.18' + repository: ((image/concourse_go.url)) + tag: ((image/concourse_go.tag)) inputs: - name: git diff --git a/ci/tasks/upgrade.yml b/ci/tasks/upgrade.yml index 397cc28..0e31979 100644 --- a/ci/tasks/upgrade.yml +++ b/ci/tasks/upgrade.yml @@ -4,8 +4,8 @@ platform: linux image_resource: type: registry-image source: - repository: registry.ops.scalecf.net/genesis-community/genesis - tag: latest + repository: ((image/genesis.url)) + tag: ((image/genesis.tag)) inputs: - name: git