From 8d488f36d377cba2a6b27d0a90266d1421e29374 Mon Sep 17 00:00:00 2001 From: CI Bot Date: Thu, 18 Jun 2026 23:11:15 +0000 Subject: [PATCH 01/19] Bump os-image tgz --- image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 index f04bc3f6d..b2662889f 100644 --- a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 +++ b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 @@ -1,12 +1,12 @@ - 31dea7af0f628a67ab91ebbe4005d0b89873b9aa7560a722b5665dc418a30dc0220241782b826ac0d5c45d369c7e9401e5f90afb6a2cd54d2300e86be1c77812 - 480707f5a3eff94e8668fdffceccc3d135b6999ff9f14e21cd8b5dfd2d7d63c2 - 84a9075825fce098b1fba916c4862556a16588d0 - ab7f1a3bea00723d2522362d6931a003 - 435213458 + 14b18ca1b3f535fecfd7277b6d1494791f3b16d3ca63582663de30f84ad0ffcada3a24047d27e36684e25c44a92b00ae3bb83a7619bd981eb6c08c9188907582 + 434fdfe5d6f2e6c7749b6e7315396c0d151581c01afef77548301f9d4517a694 + 648cf2cb51c0bce617defcbeb198a5f3ee6dea42 + 05645335fd9ba310509c2e90861806b9 + 435210228 https://storage.googleapis.com/bosh-os-images/ubuntu-jammy/ubuntu-jammy.tgz - 1105.0.0 + 1106.0.0 be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09 @@ -15,8 +15,8 @@ 68b329da9893e34099c7d8ad5cb9c940 1 https://storage.googleapis.com/bosh-os-images/ubuntu-jammy/usn-log.json - 1105.0.0 + 1106.0.0 metalink-repository-resource/0.0.0 - 2026-06-18T22:29:21.024149406Z + 2026-06-18T23:11:05.321280268Z From 5d296642586984379edffa78fe863adbd45e1494 Mon Sep 17 00:00:00 2001 From: CI Bot Date: Thu, 18 Jun 2026 23:38:18 +0000 Subject: [PATCH 02/19] bump bosh-agent/2.860.0 --- .../bosh_go_agent/assets/bosh-agent-version | 2 +- .../bosh_go_agent/assets/metalink.meta4 | 66 +++++++++---------- 2 files changed, 34 insertions(+), 34 deletions(-) diff --git a/stemcell_builder/stages/bosh_go_agent/assets/bosh-agent-version b/stemcell_builder/stages/bosh_go_agent/assets/bosh-agent-version index d66399cea..b5084a445 100644 --- a/stemcell_builder/stages/bosh_go_agent/assets/bosh-agent-version +++ b/stemcell_builder/stages/bosh_go_agent/assets/bosh-agent-version @@ -1 +1 @@ -2.859.0 \ No newline at end of file +2.860.0 \ No newline at end of file diff --git a/stemcell_builder/stages/bosh_go_agent/assets/metalink.meta4 b/stemcell_builder/stages/bosh_go_agent/assets/metalink.meta4 index 1cc0b5c13..1bc38f37c 100644 --- a/stemcell_builder/stages/bosh_go_agent/assets/metalink.meta4 +++ b/stemcell_builder/stages/bosh_go_agent/assets/metalink.meta4 @@ -1,49 +1,49 @@ - - 9039c8e1b89cbdf0000b60da9dcb0e27ec3d87fcb7820fd78b492bc6037006300d06f131648993c5720e2e1ff176b4f08ba8463842d441ee628dc28f4565945e - 7686ee43917d67c7014a85e9caf2f17ce3dcdd1a81f1c7a1569f09e16a780bc8 - 0ada42ae024fd3a100fe7789b32c0bfa8571d62e - 8e10cb22e8c9943f4d7f841f9bd6d63c - 22114657 - https://s3-external-1.amazonaws.com/bosh-agent-binaries/bosh-agent-2.859.0-linux-amd64 - 2.859.0 + + ebfee126026bc312172d2e9109c3dffcb208e3d2027cd58716210fa9cd3e049fedc03bbe511b89541a88b56d66c6707c8717ff729f29e91f04326bbf7db484c5 + c2501f94e4aeecb1e42d46c92603d4f5fff1fa17a8ad221bc83ed2c8f13a0d30 + d78572247df7beaef81015a7b1e9eb9a02ad2649 + 1acab0c3082f133fa34cced131725be8 + 22114609 + https://s3-external-1.amazonaws.com/bosh-agent-binaries/bosh-agent-2.860.0-linux-amd64 + 2.860.0 - - a7c3f3e109b931d99c52ff19ce6f07fb8912a3596373cc63cd84ab946d4f779f3f788a672acd61747972bb4895f7891a048254a4ade64427b0cb9f878b49e374 - 0973dde0228e87b2f47d90df02e330290dd915cd3c054c646c689bc3828d920f - a768eec34975559281177e231c4c38f2d027cdd4 - c60c66d8cb16899345c9243dd108aa92 + + 7bf81f4f5524f4ab728d95e92fd2b35ee35870e32b4d2c9ef002fd1dcf14ea74a56b34e14ccd03b291621561ac69f9e9973af5e81620978a1721972b090cfbcd + ab9d3348b8f183b76b7abb8ebd1e960d38ddb16eada214c8672da8c0389d0e38 + 884a2f290daf1d2f78652ce0a742d6060b4e12b4 + e66aca4509b88fc19f697d3e63c5bb3e 21964800 - https://s3-external-1.amazonaws.com/bosh-agent-binaries/bosh-agent-2.859.0-windows-amd64.exe - 2.859.0 + https://s3-external-1.amazonaws.com/bosh-agent-binaries/bosh-agent-2.860.0-windows-amd64.exe + 2.860.0 - - 2fa99c1eac61cbc3ff006aa058305fb2e462d03e2c11d0270ffaedc5278c6c16355d7f852c6d598bc73c4a717776d6c7b57bcd8d10ca51936a45d54d02f073cc - ed1b6f0ff9b6a6558a40231346b73b1482560baf5ebfe78abbcea782b7b403f7 - d13ceb7bd498aaffd60984ae949fa846cd7f1637 - 8f067c48d218768def0315436064a2c6 + + 306912464cb69ffd19dd9791099ccf9f8ea522a9aebb2c1ab857f1a1ce54957192da3f0b62e504df09814eccf13b461705509c5912a8246379d9fccfab675606 + c1b01315de24f1cc12d1b3ea1ffef7188c749d214387a7103bffd6e26cb1382a + 4ffb68095bd2f8430a0d07e9947b4f1f2a9ce501 + e5d9ba4e63011f8e35b314acfc409b63 9023488 - https://s3-external-1.amazonaws.com/bosh-agent-binaries/bosh-agent-pipe-2.859.0-windows-amd64.exe - 2.859.0 + https://s3-external-1.amazonaws.com/bosh-agent-binaries/bosh-agent-pipe-2.860.0-windows-amd64.exe + 2.860.0 - - 00c6b25f84e149ec00bf4dd7a46a4b81e3a423640b31bf609c54d5d9eb767adf7a9abfaf47719a451a24a47c5c719f6990a0ded6f3129fc2e0ff10f53c03c71e - d77a3d39b882846d20339b5efccd60e7c9b9e5a3b9e359e41527aabbbcb123b7 - bcfd97fc08d6df9be02072b9b84512e297a73e2b - 7f2cda484f2aee1e95f94a96e9267759 + + 5d8782b6047c190287a94a72bd89d4a850b02663aee913123c42c888918723894248c7d35c3c464b0c855a97cd7d739ec1c2fdaa86261917197c3db0fdf6c5cf + ed53926d0dd1076beebc945055df8a94b33bbcdfd0cab372f7e6be52d94055c8 + 865fc532ad5ac5d0f9350dc73d64658dc9ba85eb + c1986601ef4d514ddfc326567b077323 9 - https://s3-external-1.amazonaws.com/bosh-agent-binaries/git-sha-2.859.0 - 2.859.0 + https://s3-external-1.amazonaws.com/bosh-agent-binaries/git-sha-2.860.0 + 2.860.0 - + fe22cd6fd90ded459b08385497032f2de4022f712dc753dc026ffbc024d3cdd5007f68886f0d4dd8a7832ece138455c3320ce65b72eec054ed3717f6212a7567 a1f4729600504b0cc026ff5e826bb403b43a564780e091d01e0ab7bacb15906a a5a1e59f6bfaa23bffb85a6647bfbc3df1dbf594 c0e9e8c1a9510c750742534ba431530b 708 - https://s3-external-1.amazonaws.com/bosh-agent-binaries/service_wrapper-2.859.0.xml - 2.859.0 + https://s3-external-1.amazonaws.com/bosh-agent-binaries/service_wrapper-2.860.0.xml + 2.860.0 metalink-repository-resource/0.0.0 - 2026-06-18T03:37:15.441338729Z + 2026-06-18T17:06:56.427249414Z From b0348438521076700b4bed153f03c9127a25e555 Mon Sep 17 00:00:00 2001 From: CI Bot Date: Thu, 18 Jun 2026 23:59:49 +0000 Subject: [PATCH 03/19] Bump os-image tgz --- image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 index b2662889f..8cf810eee 100644 --- a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 +++ b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 @@ -1,12 +1,12 @@ - 14b18ca1b3f535fecfd7277b6d1494791f3b16d3ca63582663de30f84ad0ffcada3a24047d27e36684e25c44a92b00ae3bb83a7619bd981eb6c08c9188907582 - 434fdfe5d6f2e6c7749b6e7315396c0d151581c01afef77548301f9d4517a694 - 648cf2cb51c0bce617defcbeb198a5f3ee6dea42 - 05645335fd9ba310509c2e90861806b9 - 435210228 + bee9129e1c6fe149434b49fb63d6ff8ee6de177c3553561fcc35da3be42baf27f4d3bdd39d6c050d4a0fdbc899fe93b17ecc25e1e8176226a66771696aeb8033 + 9d8b512bfc32237ed564fa9322097baea64c1eb5b3e57aa64bcc659e7d6b39b8 + 8c8856965a201cba0434a6f029c88901a63bbb7a + 804633697de05253a91144e9b2293707 + 435218591 https://storage.googleapis.com/bosh-os-images/ubuntu-jammy/ubuntu-jammy.tgz - 1106.0.0 + 1107.0.0 be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09 @@ -15,8 +15,8 @@ 68b329da9893e34099c7d8ad5cb9c940 1 https://storage.googleapis.com/bosh-os-images/ubuntu-jammy/usn-log.json - 1106.0.0 + 1107.0.0 metalink-repository-resource/0.0.0 - 2026-06-18T23:11:05.321280268Z + 2026-06-18T23:59:39.844503202Z From a7aa9f5da9eb3de5890f622218bac5fe0be82e42 Mon Sep 17 00:00:00 2001 From: CI Bot Date: Fri, 19 Jun 2026 20:49:17 +0000 Subject: [PATCH 04/19] bump bosh-blobstore-gcs/0.0.391 --- .../stages/blobstore_clis/assets/bosh-blobstore-gcs.sha256sum | 2 +- .../stages/blobstore_clis/assets/bosh-blobstore-gcs.url | 2 +- .../stages/blobstore_clis/assets/bosh-blobstore-gcs.version | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-gcs.sha256sum b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-gcs.sha256sum index 4f5c99676..81890a912 100644 --- a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-gcs.sha256sum +++ b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-gcs.sha256sum @@ -1 +1 @@ -cba5be282ed1ef960d8fb88dcbdbe3de0614ea05e0c02cdb0f3208ba4ff02fed +493e7fa48248f78f5e8f7520b8574d20f18cb54a87846b2a85fbefeb47821242 diff --git a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-gcs.url b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-gcs.url index d0186340e..67baeea82 100644 --- a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-gcs.url +++ b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-gcs.url @@ -1 +1 @@ -https://bosh-gcscli-artifacts.s3.us-east-1.amazonaws.com/bosh-gcscli-0.0.390-linux-amd64 +https://bosh-gcscli-artifacts.s3.us-east-1.amazonaws.com/bosh-gcscli-0.0.391-linux-amd64 diff --git a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-gcs.version b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-gcs.version index fb6efbf0b..055254bff 100644 --- a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-gcs.version +++ b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-gcs.version @@ -1 +1 @@ -0.0.390 +0.0.391 From 1a31225f43e76d052af42d0e52a549e5128ef422 Mon Sep 17 00:00:00 2001 From: CI Bot Date: Fri, 19 Jun 2026 20:54:17 +0000 Subject: [PATCH 05/19] bump bosh-blobstore-azure-storage/0.0.240 --- .../assets/bosh-blobstore-azure-storage.sha256sum | 2 +- .../blobstore_clis/assets/bosh-blobstore-azure-storage.url | 2 +- .../blobstore_clis/assets/bosh-blobstore-azure-storage.version | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-azure-storage.sha256sum b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-azure-storage.sha256sum index c7cbffd6c..c1cb8332f 100644 --- a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-azure-storage.sha256sum +++ b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-azure-storage.sha256sum @@ -1 +1 @@ -e8dd4c8da1a3e8498efec927539c356b71fab6439c1315eb04a364b96df27da8 +9477c6a0aa2578d3d7f4f61d7dbdd98ffc52fd5721fc627b5fc0a98120ad84bb diff --git a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-azure-storage.url b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-azure-storage.url index 334b8e965..2313d1e15 100644 --- a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-azure-storage.url +++ b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-azure-storage.url @@ -1 +1 @@ -https://bosh-azure-storage-cli-artifacts.s3.us-east-1.amazonaws.com/azure-storage-cli-0.0.239-linux-amd64 +https://bosh-azure-storage-cli-artifacts.s3.us-east-1.amazonaws.com/azure-storage-cli-0.0.240-linux-amd64 diff --git a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-azure-storage.version b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-azure-storage.version index 13b9bcfac..11be9708f 100644 --- a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-azure-storage.version +++ b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-azure-storage.version @@ -1 +1 @@ -0.0.239 +0.0.240 From 707668c890a4d2486b5585801e7f50928c6e4deb Mon Sep 17 00:00:00 2001 From: CI Bot Date: Fri, 19 Jun 2026 21:50:57 +0000 Subject: [PATCH 06/19] Bump os-image tgz --- .../ubuntu-jammy/ubuntu-jammy.meta4 | 26 +++++++++---------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 index 8cf810eee..0e201fb8d 100644 --- a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 +++ b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 @@ -1,22 +1,22 @@ - bee9129e1c6fe149434b49fb63d6ff8ee6de177c3553561fcc35da3be42baf27f4d3bdd39d6c050d4a0fdbc899fe93b17ecc25e1e8176226a66771696aeb8033 - 9d8b512bfc32237ed564fa9322097baea64c1eb5b3e57aa64bcc659e7d6b39b8 - 8c8856965a201cba0434a6f029c88901a63bbb7a - 804633697de05253a91144e9b2293707 - 435218591 + a34915de22c75d59b597fc0e4b0ab13432e9285c1ae33b6a5bc96e9b5e6185a98c1a4c1d66ef09d2e26ec622689eca38685650a3e98cfd9a481a6fab521f512f + 428e570127556a56a3fc5c82c5e39df688be48144e9d8bcdbc192885794bcb26 + ca1edebb66c31173aa575e4f9414bc3bf8a9e4d5 + 03d6c0ed9900292047a63a0352ee5ed4 + 435224685 https://storage.googleapis.com/bosh-os-images/ubuntu-jammy/ubuntu-jammy.tgz - 1107.0.0 + 1108.0.0 - be688838ca8686e5c90689bf2ab585cef1137c999b48c70b92f67a5c34dc15697b5d11c982ed6d71be1e1e7f7b4e0733884aa97c3f7a339a8ed03577cf74be09 - 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b - adc83b19e793491b1c6ea0fd8b46cd9f32e592fc - 68b329da9893e34099c7d8ad5cb9c940 - 1 + 8fb4b6e9b9f2469249a8f20ee65a56dbdd663bf7b3eee14e49fefeaa8dc5826c553a9dc81b2af4cb56a1ff29cc18c5cc8610b2ca670ef647fedd4c9645a6db02 + 3f6e5e7d27eca945fe908f06f9ae1c9775cb9a4d57f0e3b0aa2ee01735ab5d15 + 79e5158fb4aa4e628569e5deb6f6f5343b348a4d + a1ad3da61ce7f95f9ca6a247f554a59d + 2177 https://storage.googleapis.com/bosh-os-images/ubuntu-jammy/usn-log.json - 1107.0.0 + 1108.0.0 metalink-repository-resource/0.0.0 - 2026-06-18T23:59:39.844503202Z + 2026-06-19T21:50:45.089271834Z From 0488435c2665bc066bf7739600c0270134d17ebf Mon Sep 17 00:00:00 2001 From: CI Bot Date: Fri, 19 Jun 2026 21:52:34 +0000 Subject: [PATCH 07/19] Bump os-image tgz --- image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 index 0e201fb8d..ed63a3735 100644 --- a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 +++ b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 @@ -1,10 +1,10 @@ - a34915de22c75d59b597fc0e4b0ab13432e9285c1ae33b6a5bc96e9b5e6185a98c1a4c1d66ef09d2e26ec622689eca38685650a3e98cfd9a481a6fab521f512f - 428e570127556a56a3fc5c82c5e39df688be48144e9d8bcdbc192885794bcb26 - ca1edebb66c31173aa575e4f9414bc3bf8a9e4d5 - 03d6c0ed9900292047a63a0352ee5ed4 - 435224685 + 7269de604c21c141ea526183e7b57b84211c889462ca539178c35bf13442c35ff3dba434fa1ff6eb212b38a003ad9ab2802797eda2b98e93b9963e1af2439e8e + ece574aa1c74d0012b728a640880f743507026380f5a6fe1381b480b2e31f669 + c84b2f47c500106c402f99d4e9b20d6846cf9582 + 4db35b89ec13a15147468f4000042428 + 435219040 https://storage.googleapis.com/bosh-os-images/ubuntu-jammy/ubuntu-jammy.tgz 1108.0.0 @@ -18,5 +18,5 @@ 1108.0.0 metalink-repository-resource/0.0.0 - 2026-06-19T21:50:45.089271834Z + 2026-06-19T21:52:19.443945662Z From 9b92954bbda0012c736597004c88e33ae7b3a5da Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 19 Jun 2026 07:23:30 +0000 Subject: [PATCH 08/19] Bump actions/checkout from 6 to 7 Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 7. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v6...v7) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/go.yml | 2 +- .github/workflows/ruby.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 4bc21bdb8..7763981d1 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -6,7 +6,7 @@ jobs: dry-run-acceptance-tests: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 - uses: actions/setup-go@v6 with: go-version-file: acceptance-tests/go.mod diff --git a/.github/workflows/ruby.yml b/.github/workflows/ruby.yml index 93003ceb2..4a2853fb2 100644 --- a/.github/workflows/ruby.yml +++ b/.github/workflows/ruby.yml @@ -5,7 +5,7 @@ jobs: unit_specs: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@v7 with: { lfs: true } - uses: ruby/setup-ruby@v1 - name: test-bosh-stemcell From f0b89c3f880ea34f7d197db310498ff1d64fd46d Mon Sep 17 00:00:00 2001 From: CI Bot Date: Sat, 20 Jun 2026 00:21:39 +0000 Subject: [PATCH 09/19] Bump os-image tgz --- image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 index ed63a3735..68fe7033b 100644 --- a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 +++ b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 @@ -1,12 +1,12 @@ - 7269de604c21c141ea526183e7b57b84211c889462ca539178c35bf13442c35ff3dba434fa1ff6eb212b38a003ad9ab2802797eda2b98e93b9963e1af2439e8e - ece574aa1c74d0012b728a640880f743507026380f5a6fe1381b480b2e31f669 - c84b2f47c500106c402f99d4e9b20d6846cf9582 - 4db35b89ec13a15147468f4000042428 - 435219040 + d7aafc1c39f40462b1d46fc13270ce4e991fffc89651a2f84b544e377210d8e5621f64c5079c66220c09ab0220ebb6a61212c3cd43079a9649eced7da9c55858 + b173968993360eefca4678c3103f7e3b0675a3cbb7aa9f4461521543a4c89771 + 54d3c365f1c19cfe825387184227891cf003abac + 7121fafbcbbcfc632f18fdd3c94f9a0e + 435222755 https://storage.googleapis.com/bosh-os-images/ubuntu-jammy/ubuntu-jammy.tgz - 1108.0.0 + 1109.0.0 8fb4b6e9b9f2469249a8f20ee65a56dbdd663bf7b3eee14e49fefeaa8dc5826c553a9dc81b2af4cb56a1ff29cc18c5cc8610b2ca670ef647fedd4c9645a6db02 @@ -15,8 +15,8 @@ a1ad3da61ce7f95f9ca6a247f554a59d 2177 https://storage.googleapis.com/bosh-os-images/ubuntu-jammy/usn-log.json - 1108.0.0 + 1109.0.0 metalink-repository-resource/0.0.0 - 2026-06-19T21:52:19.443945662Z + 2026-06-20T00:21:29.694525229Z From 0b99964f5654bcd40ad9b19946850d0fed698edc Mon Sep 17 00:00:00 2001 From: CI Bot Date: Sat, 20 Jun 2026 10:03:07 +0000 Subject: [PATCH 10/19] Update vendored dependencies --- acceptance-tests/go.mod | 10 +++---- acceptance-tests/go.sum | 20 ++++++------- .../github.com/onsi/ginkgo/v2/CHANGELOG.md | 11 ++++++++ .../github.com/onsi/ginkgo/v2/core_dsl.go | 5 ++-- .../onsi/ginkgo/v2/internal/global/init.go | 7 +++++ .../ginkgo/v2/reporters/default_reporter.go | 3 +- .../onsi/ginkgo/v2/types/version.go | 2 +- .../github.com/onsi/gomega/CHANGELOG.md | 4 +++ .../vendor/github.com/onsi/gomega/README.md | 13 +++++++++ .../github.com/onsi/gomega/gomega_dsl.go | 2 +- .../x/tools/go/packages/packages.go | 14 ++++++++++ .../x/tools/internal/gcimporter/iexport.go | 3 ++ .../x/tools/internal/gcimporter/iimport.go | 26 +++++++++-------- .../x/tools/internal/typesinternal/element.go | 8 ++++-- .../x/tools/internal/typesinternal/types.go | 28 +++++++++++++++++++ acceptance-tests/vendor/modules.txt | 10 +++---- 16 files changed, 127 insertions(+), 39 deletions(-) diff --git a/acceptance-tests/go.mod b/acceptance-tests/go.mod index fba23ce6c..5ed844fa6 100644 --- a/acceptance-tests/go.mod +++ b/acceptance-tests/go.mod @@ -3,9 +3,9 @@ module github.com/cloudfoundry/bosh-linux-stemcell-builder/acceptance-tests go 1.25.0 require ( - github.com/cloudfoundry/bosh-utils v0.0.616 - github.com/onsi/ginkgo/v2 v2.29.0 - github.com/onsi/gomega v1.41.0 + github.com/cloudfoundry/bosh-utils v0.0.622 + github.com/onsi/ginkgo/v2 v2.30.0 + github.com/onsi/gomega v1.42.0 gopkg.in/yaml.v2 v2.4.0 ) @@ -17,10 +17,10 @@ require ( github.com/google/go-cmp v0.7.0 // indirect github.com/google/pprof v0.0.0-20260604005048-7023385849c0 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect - golang.org/x/mod v0.36.0 // indirect + golang.org/x/mod v0.37.0 // indirect golang.org/x/net v0.56.0 // indirect golang.org/x/sync v0.21.0 // indirect golang.org/x/sys v0.46.0 // indirect golang.org/x/text v0.38.0 // indirect - golang.org/x/tools v0.45.0 // indirect + golang.org/x/tools v0.46.0 // indirect ) diff --git a/acceptance-tests/go.sum b/acceptance-tests/go.sum index d34c52adc..6ca3aacb7 100644 --- a/acceptance-tests/go.sum +++ b/acceptance-tests/go.sum @@ -2,8 +2,8 @@ github.com/Masterminds/semver/v3 v3.5.0 h1:kQceYJfbupGfZOKZQg0kou0DgAKhzDg2NZPAw github.com/Masterminds/semver/v3 v3.5.0/go.mod h1:4V+yj/TJE1HU9XfppCwVMZq3I84lprf4nC11bSS5beM= github.com/bmatcuk/doublestar v1.3.4 h1:gPypJ5xD31uhX6Tf54sDPUOBXTqKH4c9aPY66CyQrS0= github.com/bmatcuk/doublestar v1.3.4/go.mod h1:wiQtGV+rzVYxB7WIlirSN++5HPtPlXEo9MEoZQC/PmE= -github.com/cloudfoundry/bosh-utils v0.0.616 h1:+qyDltkMmUJ4WUQ9c0U55vwlPd9YtzpWapvdZ+Ov1V8= -github.com/cloudfoundry/bosh-utils v0.0.616/go.mod h1:+MBxSdFuhglWydWKltt9UsxhGh0HjHwuLRRE2UYE3ro= +github.com/cloudfoundry/bosh-utils v0.0.622 h1:bNlURpKNiUOj+oaDdLekKfj15vHDA65tAdI9FRxX3H0= +github.com/cloudfoundry/bosh-utils v0.0.622/go.mod h1:XIgOJw+fCd+6fJd2yGbw/+I7DmHGeSbuOMZtV5ny+ZI= github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/gkampitakis/ciinfo v0.3.2 h1:JcuOPk8ZU7nZQjdUhctuhQofk7BGHuIy0c9Ez8BNhXs= @@ -34,10 +34,10 @@ github.com/mfridman/tparse v0.18.0 h1:wh6dzOKaIwkUGyKgOntDW4liXSo37qg5AXbIhkMV3v github.com/mfridman/tparse v0.18.0/go.mod h1:gEvqZTuCgEhPbYk/2lS3Kcxg1GmTxxU7kTC8DvP0i/A= github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d h1:VhgPp6v9qf9Agr/56bj7Y/xa04UccTW04VP0Qed4vnQ= github.com/nu7hatch/gouuid v0.0.0-20131221200532-179d4d0c4d8d/go.mod h1:YUTz3bUH2ZwIWBy3CJBeOBEugqcmXREj14T+iG/4k4U= -github.com/onsi/ginkgo/v2 v2.29.0 h1:rfh+ZFjgJhYWRoIqVf3Uwx/W20yLrcrE2h2GmYVRaag= -github.com/onsi/ginkgo/v2 v2.29.0/go.mod h1:+aXOY+vzZ5mu2iI2HpTZUPmM//oQfsNFX6gU9kNcA44= -github.com/onsi/gomega v1.41.0 h1:OwKp4pXNgVxf6sCplzYo794OFNuoL2q2SBMU5NSWOjA= -github.com/onsi/gomega v1.41.0/go.mod h1:M/Uqpu/8qTjtzCLUA2zJHX9Iilrau25x1PdoSRbWh5A= +github.com/onsi/ginkgo/v2 v2.30.0 h1:zxM/9XneXFIy64j6/wAmBIX4zRC7Hu6U8XFNZvDnCQc= +github.com/onsi/ginkgo/v2 v2.30.0/go.mod h1:+aXOY+vzZ5mu2iI2HpTZUPmM//oQfsNFX6gU9kNcA44= +github.com/onsi/gomega v1.42.0 h1:CJby8u36xb7v34W78F8WKvqTQP7PCMIPB78IVDB73l4= +github.com/onsi/gomega v1.42.0/go.mod h1:M/Uqpu/8qTjtzCLUA2zJHX9Iilrau25x1PdoSRbWh5A= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= @@ -54,8 +54,8 @@ github.com/tidwall/sjson v1.2.5 h1:kLy8mja+1c9jlljvWTlSazM7cKDRfJuR/bOJhcY5NcY= github.com/tidwall/sjson v1.2.5/go.mod h1:Fvgq9kS/6ociJEDnK0Fk1cpYF4FIW6ZF7LAe+6jwd28= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= -golang.org/x/mod v0.36.0 h1:JJjpVx6myfUsUdAzZuOSTTmRE0PfZeNWzzvKrP7amb4= -golang.org/x/mod v0.36.0/go.mod h1:moc6ELqsWcOw5Ef3xVprK5ul/MvtVvkIXLziUOICjUQ= +golang.org/x/mod v0.37.0 h1:vF1DjpVEshcIqoEaauuHebaLk1O1forxjxBaVn884JQ= +golang.org/x/mod v0.37.0/go.mod h1:m8S8VeM9r4dzDwjrKO0a1sZP3YjeMamRRlD+fmR2Q/0= golang.org/x/net v0.56.0 h1:Rw8j/hFzGvJUZwNBXnAtf5sVDVt+65SK2C7IxCxZt5o= golang.org/x/net v0.56.0/go.mod h1:D3Ku6r+V6JROoZK144D2XfMHFcMq/0zSfLelVTCFKec= golang.org/x/sync v0.21.0 h1:HLII4xRRTtCRkxYp4HNFF0Js/Og6q2i++KXbg0gHCwM= @@ -64,8 +64,8 @@ golang.org/x/sys v0.46.0 h1:noSf2Fq6F8DBgS+LysIkx7rIExoNHJsxOAtPp4rthXw= golang.org/x/sys v0.46.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= golang.org/x/text v0.38.0 h1:sXmwo9DwP3OK9EZ7PqAdaooSGozfl/3a6/xJcbzPRhE= golang.org/x/text v0.38.0/go.mod h1:YXZt3QhHUKYT53r2lLKFIVi6Ao1jdzrTR/KQ09qyxF4= -golang.org/x/tools v0.45.0 h1:18qN3FAooORvApf5XjCXgsuayZOEtXf6JK18I3+ONa8= -golang.org/x/tools v0.45.0/go.mod h1:LuUGqqaXcXMEFEruIVJVm5mgDD8vww/z/SR1gQ4uE/0= +golang.org/x/tools v0.46.0 h1:7jTurBkPZu4moS/Uy4OQT1M+QBlsj3wejyZwsT8Z7rk= +golang.org/x/tools v0.46.0/go.mod h1:FrD85F8l+NWL+9XWBSyVSHO6Ne4jutsfIFba7AWQ5Ys= google.golang.org/protobuf v1.36.7 h1:IgrO7UwFQGJdRNXH/sQux4R1Dj1WAKcLElzeeRaXV2A= google.golang.org/protobuf v1.36.7/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff --git a/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md b/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md index 224e8db5f..689c03cfc 100644 --- a/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md +++ b/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md @@ -1,3 +1,14 @@ +## 2.30.0 + +### Features +Ginkgo now allows `extentions/global.Reset` to support running multiple suites from within a single process. This may take some massaging on your part (see [1672](https://github.com/onsi/ginkgo/issues/1672)) but can dramatically speed up codebases with O(hundreds) of test suites. + +Thanks @lawrencejones ! + +### Fixes + +- Fix nested --github-output group for progress report nested inside timeline [4f62d7a] + ## 2.29.0 `GinkgoHelperGo` makes it easier to write test helpers that need to run in goroutines. Specifically, it makes managing the failure state and capturing failure panics correctly straightforward. diff --git a/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/core_dsl.go b/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/core_dsl.go index 1c5a39a1f..fb5761c1f 100644 --- a/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/core_dsl.go +++ b/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/core_dsl.go @@ -39,7 +39,6 @@ var flagSet types.GinkgoFlagSet var deprecationTracker = types.NewDeprecationTracker() var suiteConfig = types.NewDefaultSuiteConfig() var reporterConfig = types.NewDefaultReporterConfig() -var suiteDidRun = false var outputInterceptor internal.OutputInterceptor var client parallel_support.Client @@ -259,10 +258,10 @@ for more on how specs are parallelized in Ginkgo. You can also pass suite-level Label() decorators to RunSpecs. The passed-in labels will apply to all specs in the suite. */ func RunSpecs(t GinkgoTestingT, description string, args ...any) bool { - if suiteDidRun { + if global.SuiteDidRun { exitIfErr(types.GinkgoErrors.RerunningSuite()) } - suiteDidRun = true + global.SuiteDidRun = true err := global.PushClone() if err != nil { exitIfErr(err) diff --git a/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/internal/global/init.go b/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/internal/global/init.go index 464e3c97f..14d2552b7 100644 --- a/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/internal/global/init.go +++ b/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/internal/global/init.go @@ -8,6 +8,12 @@ var Suite *internal.Suite var Failer *internal.Failer var backupSuite *internal.Suite +// SuiteDidRun tracks whether RunSpecs has already been invoked for the current global +// suite. It lives here (rather than in package ginkgo) so that InitializeGlobals can +// clear it, allowing extensions/globals.Reset to support running multiple suites +// sequentially in a single process. +var SuiteDidRun bool + func init() { InitializeGlobals() } @@ -15,6 +21,7 @@ func init() { func InitializeGlobals() { Failer = internal.NewFailer() Suite = internal.NewSuite() + SuiteDidRun = false } func PushClone() error { diff --git a/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/reporters/default_reporter.go b/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/reporters/default_reporter.go index ef66b2289..be5719a8e 100644 --- a/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/reporters/default_reporter.go +++ b/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/reporters/default_reporter.go @@ -423,7 +423,7 @@ func (r *DefaultReporter) emitTimeline(indent uint, report types.SpecReport, tim case types.ReportEntry: r.emitReportEntry(indent, x) case types.ProgressReport: - r.emitProgressReport(indent, false, isVeryVerbose, x) + r.emitProgressReport(indent, isVeryVerbose, false, x) case types.SpecEvent: if isVeryVerbose || !x.IsOnlyVisibleAtVeryVerbose() || r.conf.ShowNodeEvents { r.emitSpecEvent(indent, x, isVeryVerbose) @@ -533,6 +533,7 @@ func (r *DefaultReporter) emitProgressReport(indent uint, emitGinkgoWriterOutput indent -= 1 } + // Emit only top-level groups because github logging cannot handle nested groups correctly. if r.conf.GithubOutput && emitGroup { r.emitBlock(r.fi(indent, "::group::Progress Report")) } diff --git a/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/types/version.go b/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/types/version.go index 003604bd8..52e99f1ed 100644 --- a/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/types/version.go +++ b/acceptance-tests/vendor/github.com/onsi/ginkgo/v2/types/version.go @@ -1,3 +1,3 @@ package types -const VERSION = "2.29.0" +const VERSION = "2.30.0" diff --git a/acceptance-tests/vendor/github.com/onsi/gomega/CHANGELOG.md b/acceptance-tests/vendor/github.com/onsi/gomega/CHANGELOG.md index 5f9966fbe..e7601cfde 100644 --- a/acceptance-tests/vendor/github.com/onsi/gomega/CHANGELOG.md +++ b/acceptance-tests/vendor/github.com/onsi/gomega/CHANGELOG.md @@ -1,3 +1,7 @@ +## 1.42.0 + +Add a set of Claude skill as a marketplace plugin + ## 1.41.0 ### Features diff --git a/acceptance-tests/vendor/github.com/onsi/gomega/README.md b/acceptance-tests/vendor/github.com/onsi/gomega/README.md index d45a8c4e5..6eb36fdf8 100644 --- a/acceptance-tests/vendor/github.com/onsi/gomega/README.md +++ b/acceptance-tests/vendor/github.com/onsi/gomega/README.md @@ -6,6 +6,19 @@ Jump straight to the [docs](http://onsi.github.io/gomega/) to learn about Gomega If you have a question, comment, bug report, feature request, etc. please open a GitHub issue. +## Using Gomega with Claude Code + +Gomega ships a set of [Claude Code](https://claude.com/claude-code) skills as a **plugin**, so an agent writing assertions in *your* suite has Gomega's idioms — the full matcher catalog, `Eventually`/`Consistently`, and the `gstruct`/`ghttp`/`gexec`/`gbytes`/`gleak`/`gmeasure` sub-libraries — on hand. The Gomega repo doubles as the plugin marketplace, so installation is two commands. From inside Claude Code: + +``` +/plugin marketplace add onsi/gomega +/plugin install gomega@gomega +``` + +(or non-interactively: `claude plugin marketplace add onsi/gomega` then `claude plugin install gomega@gomega`) + +This installs a family of `gomega:*` skills that activate automatically while you write tests. See the [docs](http://onsi.github.io/gomega/#using-gomega-with-claude-code) for the full list. + ## [Ginkgo](http://github.com/onsi/ginkgo): a BDD Testing Framework for Golang Learn more about Ginkgo [here](http://onsi.github.io/ginkgo/) diff --git a/acceptance-tests/vendor/github.com/onsi/gomega/gomega_dsl.go b/acceptance-tests/vendor/github.com/onsi/gomega/gomega_dsl.go index df16ede11..967d90d0d 100644 --- a/acceptance-tests/vendor/github.com/onsi/gomega/gomega_dsl.go +++ b/acceptance-tests/vendor/github.com/onsi/gomega/gomega_dsl.go @@ -22,7 +22,7 @@ import ( "github.com/onsi/gomega/types" ) -const GOMEGA_VERSION = "1.41.0" +const GOMEGA_VERSION = "1.42.0" const nilGomegaPanic = `You are trying to make an assertion, but haven't registered Gomega's fail handler. If you're using Ginkgo then you probably forgot to put your assertion in an It(). diff --git a/acceptance-tests/vendor/golang.org/x/tools/go/packages/packages.go b/acceptance-tests/vendor/golang.org/x/tools/go/packages/packages.go index de683684a..1e5549abe 100644 --- a/acceptance-tests/vendor/golang.org/x/tools/go/packages/packages.go +++ b/acceptance-tests/vendor/golang.org/x/tools/go/packages/packages.go @@ -815,6 +815,12 @@ func (ld *loader) refine(response *DriverResponse) ([]*Package, error) { needsrc: needsrc, goVersion: response.GoVersion, } + // Don't trust the driver to respond with duplicate-free + // package names (go.dev/issue/63822). + if _, ok := ld.pkgs[lpkg.ID]; ok { + return nil, fmt.Errorf("%s response contained duplicate packages for ID %q", + cond(ld.externalDriver, "go/packages driver", "go list"), lpkg.ID) + } ld.pkgs[lpkg.ID] = lpkg if rootIndex >= 0 { initial[rootIndex] = lpkg @@ -1589,3 +1595,11 @@ func usesExportData(cfg *Config) bool { } type unit struct{} + +func cond[T any](cond bool, t, f T) T { + if cond { + return t + } else { + return f + } +} diff --git a/acceptance-tests/vendor/golang.org/x/tools/internal/gcimporter/iexport.go b/acceptance-tests/vendor/golang.org/x/tools/internal/gcimporter/iexport.go index 4c9450f4e..686f171d3 100644 --- a/acceptance-tests/vendor/golang.org/x/tools/internal/gcimporter/iexport.go +++ b/acceptance-tests/vendor/golang.org/x/tools/internal/gcimporter/iexport.go @@ -823,6 +823,9 @@ func (p *iexporter) doDecl(obj types.Object) { w.pos(m.Pos()) w.string(m.Name()) sig, _ := m.Type().(*types.Signature) + if w.p.version >= iexportVersionGenericMethods && w.bool(sig.TypeParams().Len() > 0) { + w.tparamList(obj.Name()+"."+m.Name(), sig.TypeParams(), obj.Pkg()) + } // Receiver type parameters are type arguments of the receiver type, so // their name must be qualified before exporting recv. diff --git a/acceptance-tests/vendor/golang.org/x/tools/internal/gcimporter/iimport.go b/acceptance-tests/vendor/golang.org/x/tools/internal/gcimporter/iimport.go index 1ee4e9354..7b1723e0f 100644 --- a/acceptance-tests/vendor/golang.org/x/tools/internal/gcimporter/iimport.go +++ b/acceptance-tests/vendor/golang.org/x/tools/internal/gcimporter/iimport.go @@ -48,13 +48,14 @@ func (r *intReader) uint64() uint64 { // Keep this in sync with constants in iexport.go. const ( - iexportVersionGo1_11 = 0 - iexportVersionPosCol = 1 - iexportVersionGo1_18 = 2 - iexportVersionGenerics = 2 - iexportVersion = iexportVersionGenerics - - iexportVersionCurrent = 2 + iexportVersionGo1_11 = 0 + iexportVersionPosCol = 1 + iexportVersionGo1_18 = 2 + iexportVersionGenerics = 2 + iexportVersionGenericMethods = 3 + iexportVersion = iexportVersionGenericMethods + + iexportVersionCurrent = 3 ) type ident struct { @@ -179,9 +180,9 @@ func iimportCommon(fset *token.FileSet, getPackages GetPackagesFunc, data []byte version = int64(r.uint64()) switch version { - case iexportVersionGo1_18, iexportVersionPosCol, iexportVersionGo1_11: + case iexportVersionGenericMethods, iexportVersionGo1_18, iexportVersionPosCol, iexportVersionGo1_11: default: - if version > iexportVersionGo1_18 { + if version > iexportVersionGenericMethods { errorf("unstable iexport format version %d, just rebuild compiler and std library", version) } else { errorf("unknown iexport format version %d", version) @@ -614,6 +615,10 @@ func (r *importReader) obj(pkg *types.Package, name string) { for n := r.uint64(); n > 0; n-- { mpos := r.pos() mname := r.ident() + var tpars []*types.TypeParam + if r.p.version >= iexportVersionGenericMethods && r.bool() { + tpars = r.tparamList() + } recv := r.param(pkg) // If the receiver has any targs, set those as the @@ -628,8 +633,7 @@ func (r *importReader) obj(pkg *types.Package, name string) { rparams[i] = types.Unalias(targs.At(i)).(*types.TypeParam) } } - msig := r.signature(pkg, recv, rparams, nil) - + msig := r.signature(pkg, recv, rparams, tpars) named.AddMethod(types.NewFunc(mpos, pkg, mname, msig)) } } diff --git a/acceptance-tests/vendor/golang.org/x/tools/internal/typesinternal/element.go b/acceptance-tests/vendor/golang.org/x/tools/internal/typesinternal/element.go index 5fe4d8abc..89eeea165 100644 --- a/acceptance-tests/vendor/golang.org/x/tools/internal/typesinternal/element.go +++ b/acceptance-tests/vendor/golang.org/x/tools/internal/typesinternal/element.go @@ -37,6 +37,10 @@ func ForEachElement(rtypes *typeutil.Map, msets *typeutil.MethodSetCache, T type tmset := msets.MethodSet(T) for method := range tmset.Methods() { sig := method.Type().(*types.Signature) + if sig.TypeParams() != nil { + continue // skip type-parameterized methods + } + // It is tempting to call visit(sig, false) // but, as noted in golang.org/cl/65450043, // the Signature.Recv field is ignored by @@ -123,10 +127,10 @@ func ForEachElement(rtypes *typeutil.Map, msets *typeutil.MethodSetCache, T type case *types.TypeParam, *types.Union: // forEachReachable must not be called on parameterized types. - panic(T) + panic(fmt.Sprintf("ForEachElement called on type containing %T", T)) default: - panic(T) + panic(fmt.Sprintf("ForEachElement called on unexpected type %T", T)) } } visit(T, false) diff --git a/acceptance-tests/vendor/golang.org/x/tools/internal/typesinternal/types.go b/acceptance-tests/vendor/golang.org/x/tools/internal/typesinternal/types.go index 6582cc81f..d2c0b4c5f 100644 --- a/acceptance-tests/vendor/golang.org/x/tools/internal/typesinternal/types.go +++ b/acceptance-tests/vendor/golang.org/x/tools/internal/typesinternal/types.go @@ -22,6 +22,7 @@ import ( "go/ast" "go/token" "go/types" + "iter" "reflect" "golang.org/x/tools/go/ast/inspector" @@ -242,3 +243,30 @@ func ObjectKind(obj types.Object) string { } return "unknown symbol" } + +// ImplicitFieldSelections returns the sequence of implicit embedded fields +// traversed by the given selection. It skips the final leaf field or method. +// The boolean component indicates whether the traversal traversed a pointer. +func ImplicitFieldSelections(seln types.Selection) iter.Seq2[*types.Var, bool] { + return func(yield func(*types.Var, bool) bool) { + var ( + t = seln.Recv() + indices = seln.Index() + ) + for _, idx := range indices[:len(indices)-1] { + ptr, isPtr := t.Underlying().(*types.Pointer) + if isPtr { + t = ptr.Elem() + } + structType, ok := t.Underlying().(*types.Struct) + if !ok { + break + } + field := structType.Field(idx) + if !yield(field, isPtr) { + break + } + t = field.Type() + } + } +} diff --git a/acceptance-tests/vendor/modules.txt b/acceptance-tests/vendor/modules.txt index 3fb248298..bd4ea0487 100644 --- a/acceptance-tests/vendor/modules.txt +++ b/acceptance-tests/vendor/modules.txt @@ -4,7 +4,7 @@ github.com/Masterminds/semver/v3 # github.com/bmatcuk/doublestar v1.3.4 ## explicit; go 1.12 github.com/bmatcuk/doublestar -# github.com/cloudfoundry/bosh-utils v0.0.616 +# github.com/cloudfoundry/bosh-utils v0.0.622 ## explicit; go 1.25.0 github.com/cloudfoundry/bosh-utils/errors github.com/cloudfoundry/bosh-utils/logger @@ -26,7 +26,7 @@ github.com/google/go-cmp/cmp/internal/value # github.com/google/pprof v0.0.0-20260604005048-7023385849c0 ## explicit; go 1.24.0 github.com/google/pprof/profile -# github.com/onsi/ginkgo/v2 v2.29.0 +# github.com/onsi/ginkgo/v2 v2.30.0 ## explicit; go 1.25.0 github.com/onsi/ginkgo/v2 github.com/onsi/ginkgo/v2/config @@ -50,7 +50,7 @@ github.com/onsi/ginkgo/v2/internal/reporters github.com/onsi/ginkgo/v2/internal/testingtproxy github.com/onsi/ginkgo/v2/reporters github.com/onsi/ginkgo/v2/types -# github.com/onsi/gomega v1.41.0 +# github.com/onsi/gomega v1.42.0 ## explicit; go 1.24.0 github.com/onsi/gomega github.com/onsi/gomega/format @@ -66,7 +66,7 @@ github.com/onsi/gomega/types # go.yaml.in/yaml/v3 v3.0.4 ## explicit; go 1.16 go.yaml.in/yaml/v3 -# golang.org/x/mod v0.36.0 +# golang.org/x/mod v0.37.0 ## explicit; go 1.25.0 golang.org/x/mod/semver # golang.org/x/net v0.56.0 @@ -100,7 +100,7 @@ golang.org/x/text/internal/utf8internal golang.org/x/text/language golang.org/x/text/runes golang.org/x/text/transform -# golang.org/x/tools v0.45.0 +# golang.org/x/tools v0.46.0 ## explicit; go 1.25.0 golang.org/x/tools/cover golang.org/x/tools/go/ast/edge From 2cb832b435ab0ebd3037cdb94357b29ee83f5abe Mon Sep 17 00:00:00 2001 From: CI Bot Date: Sat, 20 Jun 2026 10:20:36 +0000 Subject: [PATCH 11/19] bump bosh-blobstore-dav/0.0.484 --- .../stages/blobstore_clis/assets/bosh-blobstore-dav.sha256sum | 2 +- .../stages/blobstore_clis/assets/bosh-blobstore-dav.url | 2 +- .../stages/blobstore_clis/assets/bosh-blobstore-dav.version | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-dav.sha256sum b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-dav.sha256sum index 2202b5950..a7d11b40a 100644 --- a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-dav.sha256sum +++ b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-dav.sha256sum @@ -1 +1 @@ -cd967651d623517c76674c4c5669c849bddbf6054d99467dd1ba5c9d9855adc7 +707d2f94846d4d8974c506779a7436fd09711e268911956c5153fbd397c05999 diff --git a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-dav.url b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-dav.url index 53a5c11e8..0af16f0ee 100644 --- a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-dav.url +++ b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-dav.url @@ -1 +1 @@ -https://bosh-davcli-artifacts.s3.us-east-1.amazonaws.com/davcli-0.0.483-linux-amd64 +https://bosh-davcli-artifacts.s3.us-east-1.amazonaws.com/davcli-0.0.484-linux-amd64 diff --git a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-dav.version b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-dav.version index a0de320e3..05711ac2a 100644 --- a/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-dav.version +++ b/stemcell_builder/stages/blobstore_clis/assets/bosh-blobstore-dav.version @@ -1 +1 @@ -0.0.483 +0.0.484 From c15927386f6f7021ee6b4f6d89253aa9eeba6d33 Mon Sep 17 00:00:00 2001 From: CI Bot Date: Sat, 20 Jun 2026 10:52:29 +0000 Subject: [PATCH 12/19] Bump os-image tgz --- image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 index 68fe7033b..f1b64ce8a 100644 --- a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 +++ b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 @@ -1,12 +1,12 @@ - d7aafc1c39f40462b1d46fc13270ce4e991fffc89651a2f84b544e377210d8e5621f64c5079c66220c09ab0220ebb6a61212c3cd43079a9649eced7da9c55858 - b173968993360eefca4678c3103f7e3b0675a3cbb7aa9f4461521543a4c89771 - 54d3c365f1c19cfe825387184227891cf003abac - 7121fafbcbbcfc632f18fdd3c94f9a0e - 435222755 + 7e25513feb282049af84046874e8439b9554a13654f7fec3c44e747a3d19e53e4a1268ef56661956d5e8aa43425aebe2297bd0d69750f5d17f1bf709c4631028 + 01e51346ca3dc73d8e1a4fee26cb963c887f0c89b7d9cacb0a211cf79826d5b9 + 4e7d684377756bac1f5aedae7d76a95fc5942373 + 0e7e71c2e87a97d2bcb052f4d40b66b2 + 435204321 https://storage.googleapis.com/bosh-os-images/ubuntu-jammy/ubuntu-jammy.tgz - 1109.0.0 + 1110.0.0 8fb4b6e9b9f2469249a8f20ee65a56dbdd663bf7b3eee14e49fefeaa8dc5826c553a9dc81b2af4cb56a1ff29cc18c5cc8610b2ca670ef647fedd4c9645a6db02 @@ -15,8 +15,8 @@ a1ad3da61ce7f95f9ca6a247f554a59d 2177 https://storage.googleapis.com/bosh-os-images/ubuntu-jammy/usn-log.json - 1109.0.0 + 1110.0.0 metalink-repository-resource/0.0.0 - 2026-06-20T00:21:29.694525229Z + 2026-06-20T10:52:16.698930305Z From 8ae8c52a80892e2e5205a684cb3a73c5952942f2 Mon Sep 17 00:00:00 2001 From: CI Bot Date: Sat, 20 Jun 2026 11:03:29 +0000 Subject: [PATCH 13/19] Bump os-image tgz --- image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 index f1b64ce8a..919958118 100644 --- a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 +++ b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 @@ -1,10 +1,10 @@ - 7e25513feb282049af84046874e8439b9554a13654f7fec3c44e747a3d19e53e4a1268ef56661956d5e8aa43425aebe2297bd0d69750f5d17f1bf709c4631028 - 01e51346ca3dc73d8e1a4fee26cb963c887f0c89b7d9cacb0a211cf79826d5b9 - 4e7d684377756bac1f5aedae7d76a95fc5942373 - 0e7e71c2e87a97d2bcb052f4d40b66b2 - 435204321 + 40a6a01d0852c8c94423280af1b7088051c18d41ee0f9302c8cc49f77f5a6c7bf36ab579f74fbf0031b6f1151ca87df0c46fa91bec7a12e9de84719dddc73bd3 + fdd6f570ba0fc1ebc4fa84a0a5acb4ad27f58a3ead5616f70374c75ed8aa4175 + d6ec090293b75593e13f78ccdfd2b84bd66ef66c + ead176010d05c55b7a99fd04bf835079 + 435214582 https://storage.googleapis.com/bosh-os-images/ubuntu-jammy/ubuntu-jammy.tgz 1110.0.0 @@ -18,5 +18,5 @@ 1110.0.0 metalink-repository-resource/0.0.0 - 2026-06-20T10:52:16.698930305Z + 2026-06-20T11:03:14.826865874Z From 063d8d806a857b5758cd0a4a47a4ebe469468dcc Mon Sep 17 00:00:00 2001 From: CI Bot Date: Sun, 21 Jun 2026 00:00:32 +0000 Subject: [PATCH 14/19] bump bosh-agent/2.861.0 --- .../bosh_go_agent/assets/bosh-agent-version | 2 +- .../bosh_go_agent/assets/metalink.meta4 | 64 +++++++++---------- 2 files changed, 33 insertions(+), 33 deletions(-) diff --git a/stemcell_builder/stages/bosh_go_agent/assets/bosh-agent-version b/stemcell_builder/stages/bosh_go_agent/assets/bosh-agent-version index b5084a445..26ca87eb2 100644 --- a/stemcell_builder/stages/bosh_go_agent/assets/bosh-agent-version +++ b/stemcell_builder/stages/bosh_go_agent/assets/bosh-agent-version @@ -1 +1 @@ -2.860.0 \ No newline at end of file +2.861.0 \ No newline at end of file diff --git a/stemcell_builder/stages/bosh_go_agent/assets/metalink.meta4 b/stemcell_builder/stages/bosh_go_agent/assets/metalink.meta4 index 1bc38f37c..ec28cf48a 100644 --- a/stemcell_builder/stages/bosh_go_agent/assets/metalink.meta4 +++ b/stemcell_builder/stages/bosh_go_agent/assets/metalink.meta4 @@ -1,49 +1,49 @@ - - ebfee126026bc312172d2e9109c3dffcb208e3d2027cd58716210fa9cd3e049fedc03bbe511b89541a88b56d66c6707c8717ff729f29e91f04326bbf7db484c5 - c2501f94e4aeecb1e42d46c92603d4f5fff1fa17a8ad221bc83ed2c8f13a0d30 - d78572247df7beaef81015a7b1e9eb9a02ad2649 - 1acab0c3082f133fa34cced131725be8 + + 019cd191acea773189e8c6a44d6de2418b1db8d067ce459a992a0d243a501b0b8659e15f2689875e9fc1ac2ed9e49bd8369e97ebfb0fccd3991ad6a1afbcd0ed + 4154e65ac312796dc87f0248d8f8cbc2b2874a9cc76b11e853f721168016a131 + 1de91bd4605c1a0dff3588adc9168bc9249cba3f + a236c2fb5d60d3460d7ac951df84e0ca 22114609 - https://s3-external-1.amazonaws.com/bosh-agent-binaries/bosh-agent-2.860.0-linux-amd64 - 2.860.0 + https://s3-external-1.amazonaws.com/bosh-agent-binaries/bosh-agent-2.861.0-linux-amd64 + 2.861.0 - - 7bf81f4f5524f4ab728d95e92fd2b35ee35870e32b4d2c9ef002fd1dcf14ea74a56b34e14ccd03b291621561ac69f9e9973af5e81620978a1721972b090cfbcd - ab9d3348b8f183b76b7abb8ebd1e960d38ddb16eada214c8672da8c0389d0e38 - 884a2f290daf1d2f78652ce0a742d6060b4e12b4 - e66aca4509b88fc19f697d3e63c5bb3e + + 37bd242a79743ce4e8f8bf4d90a14642825941ada4ee062a25265e24a3ec20d57a4f7f15edb70678f4ef5aec828bc442d0dfa202172ceac58bc7e8666e86364f + 931429de9458ea9faf6af37d58a75482e5404e4818b9239220a713af9dbd49a0 + 52fd8630cbb2b1b7a82016c6acf97f26c495736d + 1bc058d59f066f8175dd627a7dbbb6cc 21964800 - https://s3-external-1.amazonaws.com/bosh-agent-binaries/bosh-agent-2.860.0-windows-amd64.exe - 2.860.0 + https://s3-external-1.amazonaws.com/bosh-agent-binaries/bosh-agent-2.861.0-windows-amd64.exe + 2.861.0 - - 306912464cb69ffd19dd9791099ccf9f8ea522a9aebb2c1ab857f1a1ce54957192da3f0b62e504df09814eccf13b461705509c5912a8246379d9fccfab675606 - c1b01315de24f1cc12d1b3ea1ffef7188c749d214387a7103bffd6e26cb1382a - 4ffb68095bd2f8430a0d07e9947b4f1f2a9ce501 - e5d9ba4e63011f8e35b314acfc409b63 + + 078693e3f4ec4daadf6e91c1e1961f31785a3e2b5d837a2d1d14e0fed1f91b4542cbebc20a32c3cf12a4f6d358a31c4100483e352aaa0a5d85889406cfb5ec49 + 228e0d1088afacbd66f0917a31f79e3386ef466eb46963313033b5d1b6bc7bbf + 96d4684a42a35c37e35f62e4274d885482ee0516 + a903b9bb13af685fce05dcfdd42e8b97 9023488 - https://s3-external-1.amazonaws.com/bosh-agent-binaries/bosh-agent-pipe-2.860.0-windows-amd64.exe - 2.860.0 + https://s3-external-1.amazonaws.com/bosh-agent-binaries/bosh-agent-pipe-2.861.0-windows-amd64.exe + 2.861.0 - - 5d8782b6047c190287a94a72bd89d4a850b02663aee913123c42c888918723894248c7d35c3c464b0c855a97cd7d739ec1c2fdaa86261917197c3db0fdf6c5cf - ed53926d0dd1076beebc945055df8a94b33bbcdfd0cab372f7e6be52d94055c8 - 865fc532ad5ac5d0f9350dc73d64658dc9ba85eb - c1986601ef4d514ddfc326567b077323 + + 86bc7367e6f4ed41c0aca4846fc8b9e28eb6a70a6ec727762ed8e673af829d735af77ff93c795b935567a98689e6ba5fc5b754a1969f03ca9bbdcafdd35ab0a9 + c3c9059d7e862e2ab479bbdae308b0d3cc7c66f5c622e2b69a303e4d15c0d615 + 826f9d613d428f899527eee24a9d6bc998e27222 + 61b2947747060990a74cf598c54c261a 9 - https://s3-external-1.amazonaws.com/bosh-agent-binaries/git-sha-2.860.0 - 2.860.0 + https://s3-external-1.amazonaws.com/bosh-agent-binaries/git-sha-2.861.0 + 2.861.0 - + fe22cd6fd90ded459b08385497032f2de4022f712dc753dc026ffbc024d3cdd5007f68886f0d4dd8a7832ece138455c3320ce65b72eec054ed3717f6212a7567 a1f4729600504b0cc026ff5e826bb403b43a564780e091d01e0ab7bacb15906a a5a1e59f6bfaa23bffb85a6647bfbc3df1dbf594 c0e9e8c1a9510c750742534ba431530b 708 - https://s3-external-1.amazonaws.com/bosh-agent-binaries/service_wrapper-2.860.0.xml - 2.860.0 + https://s3-external-1.amazonaws.com/bosh-agent-binaries/service_wrapper-2.861.0.xml + 2.861.0 metalink-repository-resource/0.0.0 - 2026-06-18T17:06:56.427249414Z + 2026-06-18T23:35:07.124633705Z From bf3cb30d3b4a0a01f1284eff74a6886ea328dafb Mon Sep 17 00:00:00 2001 From: CI Bot Date: Sun, 21 Jun 2026 00:16:28 +0000 Subject: [PATCH 15/19] Bump os-image tgz --- image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 index 919958118..28fa87f9b 100644 --- a/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 +++ b/image-metalinks/ubuntu-jammy/ubuntu-jammy.meta4 @@ -1,12 +1,12 @@ - 40a6a01d0852c8c94423280af1b7088051c18d41ee0f9302c8cc49f77f5a6c7bf36ab579f74fbf0031b6f1151ca87df0c46fa91bec7a12e9de84719dddc73bd3 - fdd6f570ba0fc1ebc4fa84a0a5acb4ad27f58a3ead5616f70374c75ed8aa4175 - d6ec090293b75593e13f78ccdfd2b84bd66ef66c - ead176010d05c55b7a99fd04bf835079 - 435214582 + f5aa668b4001073ae7cc4470f02993798756ecf51f5cb2c75efdded48fb1979ac702709e45ed01ca4d0361f2175095458d5fdec59e64792169799eeed3fdc795 + bb01b17347b77f28de2758794d9b9c6cfcbd1ce8f9fc4bf855ec013e945240b1 + 7d1b9139bcde2a4cc5bd49d566ef4d00c185fcd4 + bc82513c38a4d4074ee7d5eb93fb2c31 + 435226218 https://storage.googleapis.com/bosh-os-images/ubuntu-jammy/ubuntu-jammy.tgz - 1110.0.0 + 1111.0.0 8fb4b6e9b9f2469249a8f20ee65a56dbdd663bf7b3eee14e49fefeaa8dc5826c553a9dc81b2af4cb56a1ff29cc18c5cc8610b2ca670ef647fedd4c9645a6db02 @@ -15,8 +15,8 @@ a1ad3da61ce7f95f9ca6a247f554a59d 2177 https://storage.googleapis.com/bosh-os-images/ubuntu-jammy/usn-log.json - 1110.0.0 + 1111.0.0 metalink-repository-resource/0.0.0 - 2026-06-20T11:03:14.826865874Z + 2026-06-21T00:16:18.604878649Z From c2e1e3c02026b7fab1a6e94935041e8007acb931 Mon Sep 17 00:00:00 2001 From: aram price Date: Fri, 19 Jun 2026 17:02:11 -0700 Subject: [PATCH 16/19] CI: remove light-aws-builder specs, use binary from image. These specs moved to that pipeline, and the docker image now contains the `light-aws-builder` binary. Also contains: - shellcheck cleanup - removes aws-light-stemcell-builder src --- ci/pipelines/publisher.yml | 158 ++---------------- ci/tasks/light-aws/build.sh | 94 +++++------ ci/tasks/light-aws/build.yml | 1 - ci/tasks/light-aws/cleanup-ami.sh | 124 +++++++------- ci/tasks/light-aws/cleanup-ami.yml | 19 +-- ci/tasks/light-aws/run-upload-test.sh | 2 +- ci/tasks/light-aws/run-upload-test.yml | 3 +- ci/tasks/light-aws/test-drivers.sh | 63 ------- ci/tasks/light-aws/test-drivers.yml | 23 --- ci/tasks/light-aws/test-integration.sh | 48 ------ ci/tasks/light-aws/test-integration.yml | 18 -- ci/tasks/light-aws/test-unit.sh | 18 -- ci/tasks/light-aws/test-unit.yml | 8 - ci/tasks/light-aws/us-gov-merge-builds.yml | 1 - ci/tasks/light-google/create-public-image.sh | 18 +- ci/tasks/light-google/deploy-skeletal.sh | 4 +- .../make-raw-from-heavy-stemcell.sh | 29 ++-- 17 files changed, 164 insertions(+), 467 deletions(-) mode change 100755 => 100644 ci/tasks/light-aws/cleanup-ami.sh delete mode 100755 ci/tasks/light-aws/test-drivers.sh delete mode 100644 ci/tasks/light-aws/test-drivers.yml delete mode 100755 ci/tasks/light-aws/test-integration.sh delete mode 100644 ci/tasks/light-aws/test-integration.yml delete mode 100755 ci/tasks/light-aws/test-unit.sh delete mode 100644 ci/tasks/light-aws/test-unit.yml diff --git a/ci/pipelines/publisher.yml b/ci/pipelines/publisher.yml index 83c1dca19..a1736370f 100644 --- a/ci/pipelines/publisher.yml +++ b/ci/pipelines/publisher.yml @@ -3,44 +3,29 @@ #@yaml/text-templated-strings --- -#@ def build_light_aws_stemcell_new(stemcell_os, stemcell_version, builder_src, input_stemcell, output_stemcell, prefix, region, bucket_prefix, tag, ami_destinations, efi, ami_excluded_destinations): +#@ def build_light_aws_stemcell_new(stemcell_os, stemcell_version, prefix, efi, ami_destinations, ami_excluded_destinations): do: - in_parallel: - - get: (@= input_stemcell @) + - get: (@= prefix @)-input-stemcell params: include_files: - bosh-stemcell-*-aws-xen-hvm-(@= stemcell_os @)*.tgz resource: candidate-(@= stemcell_os @)-stemcell-(@= stemcell_version @) trigger: true version: every - #@ if tag != "": - tags: - - (@= tag @) - #@ end - - get: (@= builder_src @) - passed: - - test-aws-unit - - test-aws-integration - - test-aws-drivers - resource: light-aws-builder-src - #@ if tag != "": - tags: - - (@= tag @) - #@ end - - task: build-(@= region @)-stemcell + - task: build-(@= prefix @)-stemcell file: bosh-stemcells-ci/ci/tasks/light-aws/build.yml - image: light-stemcell-builder-registry-image + image: aws-light-stemcell-builder-registry-image input_mapping: - builder-src: (@= builder_src @) - input-stemcell: (@= input_stemcell @) + input-stemcell: (@= prefix @)-input-stemcell output_mapping: - light-stemcell: (@= output_stemcell @) + light-stemcell: (@= prefix @)-light-stemcell params: AWS_PAGER: ami_access_key: ((aws_publish_(@= prefix @)_access_key)) ami_secret_key: ((aws_publish_(@= prefix @)_secret_key)) - ami_region: ((aws_publish_(@= region @)_region)) - ami_bucket_name: ((aws_publish_(@= bucket_prefix @)_bucket)) + ami_region: ((aws_publish_(@= prefix @)_region)) + ami_bucket_name: ((aws_publish_(@= prefix @)_bucket)) ami_description: Light Stemcell Builder Prod AMI #@ if ami_destinations != "": ami_destinations: (@= ami_destinations @) @@ -55,10 +40,6 @@ do: ami_visibility: public S3_API_ENDPOINT: storage.googleapis.com efi: (@= str(efi).lower() @) - #@ if tag != "": - tags: - - (@= tag @) - #@ end #@ end #@yaml/text-templated-strings @@ -94,17 +75,9 @@ params: #@yaml/text-templated-strings --- -anchors: - ci_bot: - email: &ci_bot_email bots@cloudfoundry.org - name: &ci_bot_name CI Bot - groups: - name: all jobs: - - test-aws-unit - - test-aws-drivers - - test-aws-integration - build-light-aws-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - build-light-google-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - publish-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) @@ -120,7 +93,6 @@ groups: - publish-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - name: cleanup-aws-light-stemcells jobs: - - cleanup-light-aws-builder-test-amis - cleanup-published-aws-light-stemcells-older-than-three-years - cleanup-unpublished-(@= data.values.stemcell_details.os_name @)-aws-light-stemcells @@ -145,104 +117,18 @@ jobs: - #@ cleanup_unpublished_light_stemcells("us-gov", "us-gov") #!- #@ cleanup_unpublished_light_stemcells("cn", "cn_north") -- name: test-aws-unit - plan: - - get: bosh-stemcells-ci - - get: bosh-integration-registry-image - - get: builder-src - resource: light-aws-builder-src - trigger: true - - file: bosh-stemcells-ci/ci/tasks/light-aws/test-unit.yml - image: bosh-integration-registry-image - task: test - serial: true - -- name: test-aws-drivers - plan: - - get: bosh-stemcells-ci - - get: bosh-integration-registry-image - - get: builder-src - resource: light-aws-builder-src - trigger: true - - file: bosh-stemcells-ci/ci/tasks/light-aws/test-drivers.yml - image: bosh-integration-registry-image - params: - AWS_PAGER: - aws_account_id: ((aws_test_account_id)) - access_key: ((aws_test_access_key)) - secret_key: ((aws_test_secret_key)) - bucket_name: ((aws_test_bucket_name)) - copy_region: ((aws_test_copy_region)) - region: ((aws_test_region)) - ami_fixture_id: ((aws_test_ami_fixture_id)) - private_ami_fixture_id: ((aws_test_private_ami_fixture_id)) - existing_snapshot_id: ((aws_test_snapshot_fixture_id)) - existing_volume_id: ((aws_test_volume_fixture_id)) - #! kms key id should be the one created in the region of "copy_region" - kms_key_id: ((aws_test_kms_key_id)) - kms_multi_region_key: ((aws_test_kms_multi_region_key_id)) - kms_multi_region_key_replication_test: ((aws_test_kms_multi_region_replication_test_key_id)) - uploaded_machine_image_url: https://stemcell-test-publish.s3.eu-central-1.amazonaws.com/fixtures/root.img - task: test - attempts: 3 - serial: true - -- name: test-aws-integration - plan: - - get: bosh-stemcells-ci - - get: bosh-integration-registry-image - - get: builder-src - resource: light-aws-builder-src - trigger: true - - file: bosh-stemcells-ci/ci/tasks/light-aws/test-integration.yml - image: bosh-integration-registry-image - params: - AWS_PAGER: - access_key: ((aws_test_access_key)) - secret_key: ((aws_test_secret_key)) - bucket_name: ((aws_test_bucket_name)) - #! cn_access_key: ((test__cn_access_key)) - #! cn_bucket_name: ((test__cn_bucket_name)) - #! cn_region: ((test__cn_region)) - #! cn_secret_key: ((test__cn_secret_key)) - copy_region: ((aws_test_copy_region)) - region: ((aws_test_region)) - - task: test - serial: true - -- name: cleanup-light-aws-builder-test-amis - plan: - - get: every-week-on-monday - trigger: true - - get: bosh-stemcells-ci - - get: bosh-integration-registry-image - - task: cleanup-aws-test-amis - file: bosh-stemcells-ci/ci/tasks/light-aws/cleanup-ami.yml - image: bosh-integration-registry-image - params: - AWS_PAGER: - ami_access_key: ((aws_test_access_key)) - ami_secret_key: ((aws_test_secret_key)) - ami_region: ((aws_test_region)) - ami_older_than_days: 1 - ami_keep_latest: 0 - snapshot_id: ((aws_test_snapshot_fixture_id)) - - name: build-light-aws-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) plan: - get: bosh-stemcells-ci - - get: light-stemcell-builder-registry-image + - get: aws-light-stemcell-builder-registry-image - get: bosh-integration-registry-image - in_parallel: - do: - - #@ build_light_aws_stemcell_new(data.values.stemcell_details.os_name, str(data.values.stemcell_details.major_version), "us-gov-builder-src", "us-gov-input-stemcell", "us-gov-light-stemcell", "us-gov", "us-gov", "us-gov", "", "", data.values.stemcell_details.use_efi, "") - - #@ build_light_aws_stemcell_new(data.values.stemcell_details.os_name, str(data.values.stemcell_details.major_version), "us-builder-src", "us-input-stemcell", "us-light-stemcell", "us", "us", "us", "", "", data.values.stemcell_details.use_efi, '["me-central-1"]') - - file: bosh-stemcells-ci/ci/tasks/light-aws/us-gov-merge-builds.yml - image: light-stemcell-builder-registry-image - input_mapping: - builder-src: us-builder-src - task: merge-builds + - #@ build_light_aws_stemcell_new(data.values.stemcell_details.os_name, str(data.values.stemcell_details.major_version), "us-gov", data.values.stemcell_details.use_efi, "", "") + - #@ build_light_aws_stemcell_new(data.values.stemcell_details.os_name, str(data.values.stemcell_details.major_version), "us", data.values.stemcell_details.use_efi, "", '["me-central-1"]') + - task: merge-builds + file: bosh-stemcells-ci/ci/tasks/light-aws/us-gov-merge-builds.yml + image: aws-light-stemcell-builder-registry-image - do: - in_parallel: - get: bosh-cpi-src @@ -285,7 +171,6 @@ jobs: file: bosh-stemcells-ci/ci/tasks/light-aws/run-upload-test.yml image: bosh-integration-registry-image input_mapping: - builder-src: us-builder-src stemcell: light-stemcell ensure: do: @@ -315,8 +200,8 @@ jobs: files: - light-stemcell/*.tgz options: - author_email: *ci_bot_email - author_name: *ci_bot_name + author_email: &ci_bot_email bots@cloudfoundry.org + author_name: &ci_bot_name CI Bot message: 'candidate (light aws): (@= data.values.stemcell_details.os_name @)/(@= str(data.values.stemcell_details.major_version) @).x' version: us-input-stemcell/.resource/version serial: true @@ -334,12 +219,11 @@ jobs: - get: bosh-stemcells-ci - get: bosh-cpi-release resource: bosh-google-cpi-release - - get: light-stemcell-builder-registry-image - get: gce-cpi-release-registry-image - get: bosh-integration-registry-image - task: make-raw-from-heavy-stemcell file: bosh-stemcells-ci/ci/tasks/light-google/make-raw-from-heavy-stemcell.yml - image: light-stemcell-builder-registry-image + image: gce-cpi-release-registry-image params: BUCKET_NAME: bosh-gce-raw-stemcells-new STEMCELL_BUCKET_PATH: bosh-gce-light-stemcells @@ -623,12 +507,6 @@ resources: - ci uri: https://github.com/cloudfoundry/bosh-linux-stemcell-builder.git -- name: light-aws-builder-src - type: git - source: - branch: master - uri: https://github.com/cloudfoundry/bosh-aws-light-stemcell-builder - - name: bosh-aws-cpi-release type: git source: @@ -854,7 +732,7 @@ resources: username: ((github_read_write_packages.username)) password: ((github_read_write_packages.password)) -- name: light-stemcell-builder-registry-image +- name: aws-light-stemcell-builder-registry-image type: registry-image source: repository: bosh/light-stemcell-builder diff --git a/ci/tasks/light-aws/build.sh b/ci/tasks/light-aws/build.sh index aff06ce41..7383e3e06 100755 --- a/ci/tasks/light-aws/build.sh +++ b/ci/tasks/light-aws/build.sh @@ -14,20 +14,20 @@ ami_kms_key_id=${ami_kms_key_id:-} ami_server_side_encryption=${ami_server_side_encryption:-} ami_excluded_destinations=${ami_excluded_destinations:-} -: ${bosh_io_bucket_name:?} -: ${ami_description:?} -: ${ami_virtualization_type:?} -: ${ami_visibility:?} -: ${ami_region:?} -: ${ami_access_key:?} -: ${ami_secret_key:?} -: ${ami_bucket_name:?} -: ${ami_encrypted:?} -: ${efi:?} - -export AWS_ACCESS_KEY_ID=$ami_access_key -export AWS_SECRET_ACCESS_KEY=$ami_secret_key -export AWS_DEFAULT_REGION=$ami_region +: "${bosh_io_bucket_name:?}" +: "${ami_description:?}" +: "${ami_virtualization_type:?}" +: "${ami_visibility:?}" +: "${ami_region:?}" +: "${ami_access_key:?}" +: "${ami_secret_key:?}" +: "${ami_bucket_name:?}" +: "${ami_encrypted:?}" +: "${efi:?}" + +export AWS_ACCESS_KEY_ID=${ami_access_key} +export AWS_SECRET_ACCESS_KEY=${ami_secret_key} +export AWS_DEFAULT_REGION=${ami_region} saved_ami_destinations="$( aws ec2 describe-regions \ --query "Regions[?RegionName != '${ami_region}'][].RegionName" \ @@ -38,7 +38,7 @@ if [[ -n "${ami_excluded_destinations}" ]]; then | jq --argjson exclude "$ami_excluded_destinations" '. - $exclude' -c )" fi -: ${ami_destinations:=$saved_ami_destinations} +: "${ami_destinations:=$saved_ami_destinations}" stemcell_path=$(ls "${REPO_PARENT}"/input-stemcell/*.tgz) version=$(cat "${REPO_PARENT}/input-stemcell/.resource/version") @@ -55,14 +55,11 @@ if [ "${ami_virtualization_type}" = "hvm" ]; then fi bosh_io_light_stemcell_url="https://$S3_API_ENDPOINT/$bosh_io_bucket_name/$version/$light_stemcell_name" -set +e -wget --spider "$bosh_io_light_stemcell_url" -if [[ "$?" == "0" ]]; then +if wget --spider "$bosh_io_light_stemcell_url"; then echo "AWS light stemcell '$light_stemcell_name' already exists!" echo "You can download here: $bosh_io_light_stemcell_url" exit 1 fi -set -e echo "Building light stemcell..." echo " Starting region: ${ami_region}" @@ -70,40 +67,40 @@ echo " Copy regions: ${ami_destinations}" export CONFIG_PATH="${REPO_PARENT}/config.json" -cat > $CONFIG_PATH << EOF +cat > "${CONFIG_PATH}" << EOF { "ami_configuration": { - "description": "$ami_description", - "virtualization_type": "$ami_virtualization_type", - "encrypted": $ami_encrypted, - "kms_key_id": "$ami_kms_key_id", - "visibility": "$ami_visibility", + "description": "${ami_description}", + "virtualization_type": "${ami_virtualization_type}", + "encrypted": ${ami_encrypted}, + "kms_key_id": "${ami_kms_key_id}", + "visibility": "${ami_visibility}", "efi": ${efi} }, "ami_regions": [ { - "name": "$ami_region", + "name": "${ami_region}", "credentials": { - "access_key": "$ami_access_key", - "secret_key": "$ami_secret_key" + "access_key": "${ami_access_key}", + "secret_key": "${ami_secret_key}" }, - "bucket_name": "$ami_bucket_name", - "server_side_encryption": "$ami_server_side_encryption", - "destinations": $ami_destinations + "bucket_name": "${ami_bucket_name}", + "server_side_encryption": "${ami_server_side_encryption}", + "destinations": ${ami_destinations} } ] } EOF extracted_stemcell_dir="${REPO_PARENT}/extracted-stemcell" -mkdir -p ${extracted_stemcell_dir} -tar -C ${extracted_stemcell_dir} -xf ${stemcell_path} -tar -xf ${extracted_stemcell_dir}/image +mkdir -p "${extracted_stemcell_dir}" +tar -C "${extracted_stemcell_dir}" -xf "${stemcell_path}" +tar -xf "${extracted_stemcell_dir}"/image # image format can be raw or stream optimized vmdk stemcell_image="$(echo "${REPO_PARENT}"/root.*)" stemcell_manifest=${extracted_stemcell_dir}/stemcell.MF -manifest_contents="$(cat ${stemcell_manifest})" +manifest_contents="$(cat "${stemcell_manifest}")" disk_regex="disk: ([0-9]+)" format_regex="disk_format: ([a-z]+)" @@ -120,23 +117,22 @@ disk_size_gb=$(mb_to_gb "${BASH_REMATCH[1]}") [[ "${manifest_contents}" =~ ${format_regex} ]] disk_format="${BASH_REMATCH[1]}" -pushd "${REPO_PARENT}/builder-src" > /dev/null - # Make sure we've closed the manifest file before writing to it - go run main.go \ - -c $CONFIG_PATH \ - --image ${stemcell_image} \ - --format ${disk_format} \ - --volume-size ${disk_size_gb} \ - --manifest ${stemcell_manifest} \ - | tee tmp-manifest +# Make sure we've closed the manifest file before writing to it +# see https://github.com/cloudfoundry/bosh-aws-light-stemcell-builder/blob/master/ci/docker/Dockerfile#L30 +light-stemcell-builder \ + -c "${CONFIG_PATH}" \ + --image "${stemcell_image}" \ + --format "${disk_format}" \ + --volume-size "${disk_size_gb}" \ + --manifest "${stemcell_manifest}" \ + | tee tmp-manifest - mv tmp-manifest ${stemcell_manifest} +mv tmp-manifest "${stemcell_manifest}" -popd - -pushd ${extracted_stemcell_dir} - > image +pushd "${extracted_stemcell_dir}" + : > image # the bosh cli sees the stemcell as invalid if tar contents have leading ./ + # shellcheck disable=SC2035 tar -czf "${REPO_PARENT}/light-stemcell/${light_stemcell_name}" * popd diff --git a/ci/tasks/light-aws/build.yml b/ci/tasks/light-aws/build.yml index 5d553e7a9..19e321c91 100644 --- a/ci/tasks/light-aws/build.yml +++ b/ci/tasks/light-aws/build.yml @@ -2,7 +2,6 @@ platform: linux inputs: -- name: builder-src - name: bosh-stemcells-ci - name: input-stemcell diff --git a/ci/tasks/light-aws/cleanup-ami.sh b/ci/tasks/light-aws/cleanup-ami.sh old mode 100755 new mode 100644 index c1a24a3d9..9d21e2f04 --- a/ci/tasks/light-aws/cleanup-ami.sh +++ b/ci/tasks/light-aws/cleanup-ami.sh @@ -6,16 +6,17 @@ REPO_PARENT="$( cd "${REPO_ROOT}/.." && pwd )" if [[ -n "${DEBUG:-}" ]]; then set -x - export BOSH_LOG_LEVEL=debug - export BOSH_LOG_PATH="${BOSH_LOG_PATH:-${REPO_PARENT}/bosh-debug.log}" fi -: ${ami_older_than_days:?} -: ${ami_keep_latest:?} +: "${ami_older_than_days:?}" +: "${ami_keep_latest:?}" +: "${ami_access_key:?}" +: "${ami_secret_key:?}" +: "${ami_region:?}" -export AWS_ACCESS_KEY_ID=${ami_access_key} -export AWS_SECRET_ACCESS_KEY=${ami_secret_key} -export AWS_DEFAULT_REGION=${ami_region} +export AWS_ACCESS_KEY_ID="${ami_access_key}" +export AWS_SECRET_ACCESS_KEY="${ami_secret_key}" +export AWS_DEFAULT_REGION="${ami_region}" if [ -n "${ami_role_arn:-}" ]; then export AWS_ROLE_ARN=${ami_role_arn} @@ -29,66 +30,67 @@ if [ -n "${ami_role_arn:-}" ]; then export AWS_PROFILE=resource_account fi -__PASTDUE=$(date --date="$ami_older_than_days days ago" +"%Y-%m-%d") - +past_due=$(date --date="${ami_older_than_days} days ago" +"%Y-%m-%d") +# shellcheck disable=SC2016 +past_due_query='sort_by(Images,&CreationDate)[?CreationDate<`'"${past_due}"'`].{ImageId: ImageId, date:CreationDate, SnapshotId: BlockDeviceMappings[0].Ebs.SnapshotId,Version: Tags[?Key==`name`]|[0].Value}' ami_destinations="$(aws ec2 describe-regions --output text --query "Regions[?RegionName][].RegionName")" -for region in $ami_destinations; do - ami_list="[]" +for region in ${ami_destinations}; do + ami_list="[]" - if [ "${remove_public_images:-}" == "true" ]; then - results=$(aws ec2 describe-images \ - --owners self \ - --output json \ - --region ${region} \ - --filters "Name=name,Values=BOSH*" "Name=is-public,Values=true" \ - --query 'sort_by(Images,&CreationDate)[?CreationDate<`'"$__PASTDUE"'`].{ImageId: ImageId, date:CreationDate, SnapshotId: BlockDeviceMappings[0].Ebs.SnapshotId,Version: Tags[?Key==`name`]|[0].Value}') - ami_list=$(jq -s '.[0] + .[1]' <(echo "${ami_list}") <(echo "${results}")) - fi + if [ "${remove_public_images:-}" == "true" ]; then + results=$(aws ec2 describe-images \ + --owners self \ + --output json \ + --region "${region}" \ + --filters "Name=name,Values=BOSH*" "Name=is-public,Values=true" \ + --query "${past_due_query}") + ami_list=$(jq -s '.[0] + .[1]' <(echo "${ami_list}") <(echo "${results}")) + fi - if [ -n "${os_name:-}" ]; then - # 'ami_ids' array should be orderered by creation date - results=$(aws ec2 describe-images \ - --owners self \ - --output json \ - --region ${region} \ - --filters "Name=name,Values=BOSH*" "Name=tag:published,Values=false" "Name=tag:distro,Values=${os_name}" \ - --query 'sort_by(Images,&CreationDate)[?CreationDate<`'"$__PASTDUE"'`].{ImageId: ImageId, date:CreationDate, SnapshotId: BlockDeviceMappings[0].Ebs.SnapshotId,Version: Tags[?Key==`name`]|[0].Value}' | jq 'reverse | del(.[range(env.ami_keep_latest|tonumber)])') - ami_list=$(jq -s '.[0] + .[1]' <(echo "${ami_list}") <(echo "${results}")) - fi + if [ -n "${os_name:-}" ]; then + # 'ami_ids' array should be ordered by creation date + results=$(aws ec2 describe-images \ + --owners self \ + --output json \ + --region "${region}" \ + --filters "Name=name,Values=BOSH*" "Name=tag:published,Values=false" "Name=tag:distro,Values=${os_name}" \ + --query "${past_due_query}" | jq 'reverse | del(.[range(env.ami_keep_latest|tonumber)])') + ami_list=$(jq -s '.[0] + .[1]' <(echo "${ami_list}") <(echo "${results}")) + fi - if [ -n "${snapshot_id:-}" ]; then - results=$(aws ec2 describe-images \ - --owners self \ - --output json \ - --region ${region} \ - --filters "Name=block-device-mapping.snapshot-id,Values=${snapshot_id}" \ - --query 'sort_by(Images,&CreationDate)[?CreationDate<`'"$__PASTDUE"'`].{ImageId: ImageId, date:CreationDate, SnapshotId: BlockDeviceMappings[0].Ebs.SnapshotId,Version: Tags[?Key==`name`]|[0].Value}' | jq 'reverse | del(.[range(env.ami_keep_latest|tonumber)])') - ami_list=$(jq -s '.[0] + .[1]' <(echo "${ami_list}") <(echo "${results}")) - fi + if [ -n "${snapshot_id:-}" ]; then + results=$(aws ec2 describe-images \ + --owners self \ + --output json \ + --region "${region}" \ + --filters "Name=block-device-mapping.snapshot-id,Values=${snapshot_id}" \ + --query "${past_due_query}" | jq 'reverse | del(.[range(env.ami_keep_latest|tonumber)])') + ami_list=$(jq -s '.[0] + .[1]' <(echo "${ami_list}") <(echo "${results}")) + fi - # 'ami_list' is a json array of objects, each object is an ami and its snapshot - for row in $(echo "${ami_list}" | jq -r '.[] | @base64'); do - _jq() { - echo ${row} | base64 --decode | jq -r ${1} - } - echo " - =============================================== - Cleaning up Ami and its snashots in $region - Ami id: $(_jq '.ImageId') - Version: $(_jq '.Version') - Creation data: $(_jq '.date') - Snapshot id: $(_jq '.SnapshotId') - " + # 'ami_list' is a json array of objects, each object is an ami and its snapshot + for row in $(echo "${ami_list}" | jq -r '.[] | @base64'); do + _jq() { + echo "${row}" | base64 --decode | jq -r "${1}" + } + echo " + =============================================== + Cleaning up Ami and its snashots in ${region} + Ami id: $(_jq '.ImageId') + Version: $(_jq '.Version') + Creation data: $(_jq '.date') + Snapshot id: $(_jq '.SnapshotId') + " - aws ec2 deregister-image \ - --image-id $(_jq '.ImageId') \ - --region $region + aws ec2 deregister-image \ + --image-id "$(_jq '.ImageId')" \ + --region "${region}" - if [ "${snapshot_id:-}" != "$(_jq '.SnapshotId')" ]; then - aws ec2 delete-snapshot \ - --snapshot-id $(_jq '.SnapshotId') \ - --region $region - fi - done + if [ "${snapshot_id:-}" != "$(_jq '.SnapshotId')" ]; then + aws ec2 delete-snapshot \ + --snapshot-id "$(_jq '.SnapshotId')" \ + --region "${region}" + fi + done done diff --git a/ci/tasks/light-aws/cleanup-ami.yml b/ci/tasks/light-aws/cleanup-ami.yml index feae8d0c4..e30236167 100644 --- a/ci/tasks/light-aws/cleanup-ami.yml +++ b/ci/tasks/light-aws/cleanup-ami.yml @@ -1,19 +1,18 @@ --- platform: linux - inputs: - name: bosh-stemcells-ci run: path: bosh-stemcells-ci/ci/tasks/light-aws/cleanup-ami.sh params: - ami_region: "eu-central-1" # AWS default region - ami_access_key: "" - ami_secret_key: "" - ami_role_arn: "" - ami_older_than_days: "60" # Number of days AMI to keep excluding those currently being running - ami_keep_latest: "5" # Number of previous AMI to keep excluding those currently being running - os_name: "" # e.g ubuntu-jammy - snapshot_id: "" # Snapshot id to delete - remove_public_images: "false" + ami_region: "eu-central-1" # AWS default region + ami_access_key: "" + ami_secret_key: "" + ami_role_arn: "" + ami_older_than_days: "60" # Number of days AMI to keep excluding those currently being running + ami_keep_latest: "5" # Number of previous AMI to keep excluding those currently being running + os_name: "" # e.g ubuntu-jammy + snapshot_id: "" # Snapshot id to delete + remove_public_images: "false" diff --git a/ci/tasks/light-aws/run-upload-test.sh b/ci/tasks/light-aws/run-upload-test.sh index d9c11e1b3..7826e164c 100755 --- a/ci/tasks/light-aws/run-upload-test.sh +++ b/ci/tasks/light-aws/run-upload-test.sh @@ -13,6 +13,6 @@ fi source "${REPO_PARENT}/director-state/director.env" pushd "${REPO_PARENT}/stemcell" - time bosh -n upload-stemcell *.tgz + time bosh -n upload-stemcell ./*.tgz popd diff --git a/ci/tasks/light-aws/run-upload-test.yml b/ci/tasks/light-aws/run-upload-test.yml index 2f56f6ec8..978fb5bd8 100644 --- a/ci/tasks/light-aws/run-upload-test.yml +++ b/ci/tasks/light-aws/run-upload-test.yml @@ -8,10 +8,9 @@ inputs: - name: environment - name: stemcell - name: director-state - - name: builder-src run: path: bosh-stemcells-ci/ci/tasks/light-aws/run-upload-test.sh params: - BOSH_DEBUG_LEVEL: info + BOSH_DEBUG_LEVEL: info diff --git a/ci/tasks/light-aws/test-drivers.sh b/ci/tasks/light-aws/test-drivers.sh deleted file mode 100755 index 685f092fb..000000000 --- a/ci/tasks/light-aws/test-drivers.sh +++ /dev/null @@ -1,63 +0,0 @@ -#!/usr/bin/env bash -set -eu -o pipefail - -REPO_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/../../.." && pwd )" -REPO_PARENT="$( cd "${REPO_ROOT}/.." && pwd )" - -if [[ -n "${DEBUG:-}" ]]; then - set -x - export BOSH_LOG_LEVEL=debug - export BOSH_LOG_PATH="${BOSH_LOG_PATH:-${REPO_PARENT}/bosh-debug.log}" -fi - -tmp_dir="$(mktemp -d /tmp/stemcell_builder.XXXXXXX)" -trap '{ rm -rf ${tmp_dir}; }' EXIT - -: ${aws_account_id:?must be set} -: ${access_key:?must be set} -: ${secret_key:?must be set} -: ${bucket_name:?must be set} -: ${region:?must be set} -: ${copy_region:?must be set} -: ${ami_fixture_id:?must be set} -: ${private_ami_fixture_id:?must be set} -: ${existing_volume_id:?must be set} -: ${existing_snapshot_id:?must be set} -: ${uploaded_machine_image_url:?must be set} -: ${kms_key_id:?must be set} -: ${kms_multi_region_key:?must be set} -: ${kms_multi_region_key_replication_test:?must be set} - -: ${uploaded_machine_image_format:=RAW} - -# US Regions -export AWS_ACCOUNT=$aws_account_id -export AWS_ACCESS_KEY_ID=$access_key -export AWS_SECRET_ACCESS_KEY=$secret_key -export AWS_BUCKET_NAME=$bucket_name -export AWS_REGION=$region -export AWS_DESTINATION_REGION=${copy_region} -export AWS_KMS_KEY_ID=${kms_key_id} -export MULTI_REGION_KEY=${kms_multi_region_key} -export MULTI_REGION_KEY_REPLICATION_TEST=${kms_multi_region_key_replication_test} - -# Fixtures -export S3_MACHINE_IMAGE_URL=${uploaded_machine_image_url} -export S3_MACHINE_IMAGE_FORMAT=${uploaded_machine_image_format} -export EBS_VOLUME_ID=${existing_volume_id} -export EBS_SNAPSHOT_ID=${existing_snapshot_id} -export AMI_FIXTURE_ID=${ami_fixture_id} -export PRIVATE_AMI_FIXTURE_ID=${private_ami_fixture_id} - -echo "Downloading machine image" -export MACHINE_IMAGE_PATH=${tmp_dir}/image.iso -export MACHINE_IMAGE_FORMAT="RAW" -wget -O ${MACHINE_IMAGE_PATH} http://tinycorelinux.net/7.x/x86_64/archive/7.1/TinyCorePure64-7.1.iso - -echo "Running driver tests" - -pushd "${REPO_PARENT}/builder-src" > /dev/null - # Run all driver specs in parallel to reduce test time - spec_count="$(grep "It(" -r driver | wc -l)" - go run github.com/onsi/ginkgo/v2/ginkgo -nodes ${spec_count} -r driver -popd diff --git a/ci/tasks/light-aws/test-drivers.yml b/ci/tasks/light-aws/test-drivers.yml deleted file mode 100644 index d6ca5d227..000000000 --- a/ci/tasks/light-aws/test-drivers.yml +++ /dev/null @@ -1,23 +0,0 @@ ---- -platform: linux - -inputs: -- name: builder-src -- name: bosh-stemcells-ci -run: - path: bosh-stemcells-ci/ci/tasks/light-aws/test-drivers.sh -params: - aws_account_id: "" - access_key: "" - secret_key: "" - bucket_name: "" - region: "" - copy_region: "" - ami_fixture_id: "" - private_ami_fixture_id: "" - kms_key_id: "" - kms_multi_region_key: "" - kms_multi_region_key_replication_test: "" - existing_volume_id: "" - existing_snapshot_id: "" - uploaded_machine_image_url: "" diff --git a/ci/tasks/light-aws/test-integration.sh b/ci/tasks/light-aws/test-integration.sh deleted file mode 100755 index 47224938b..000000000 --- a/ci/tasks/light-aws/test-integration.sh +++ /dev/null @@ -1,48 +0,0 @@ -#!/usr/bin/env bash -set -eu -o pipefail - -REPO_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/../../.." && pwd )" -REPO_PARENT="$( cd "${REPO_ROOT}/.." && pwd )" - -if [[ -n "${DEBUG:-}" ]]; then - set -x - export BOSH_LOG_LEVEL=debug - export BOSH_LOG_PATH="${BOSH_LOG_PATH:-${REPO_PARENT}/bosh-debug.log}" -fi - -tmp_dir="$(mktemp -d /tmp/stemcell_builder.XXXXXXX)" -trap '{ rm -rf ${tmp_dir}; }' EXIT - -: ${access_key:?must be set} -: ${secret_key:?must be set} -: ${bucket_name:?must be set} -: ${region:?must be set} -: ${copy_region:?must be set} -# : ${cn_access_key:?must be set} -# : ${cn_secret_key:?must be set} -# : ${cn_bucket_name:?must be set} -# : ${cn_region:?must be set} - -# US Regions -export AWS_ACCESS_KEY_ID=$access_key -export AWS_SECRET_ACCESS_KEY=$secret_key -export AWS_BUCKET_NAME=$bucket_name -export AWS_REGION=$region -export AWS_DESTINATION_REGION=${copy_region} - -# # China Region -# export AWS_CN_ACCESS_KEY_ID=$cn_access_key -# export AWS_CN_SECRET_ACCESS_KEY=$cn_secret_key -# export AWS_CN_BUCKET_NAME=$cn_bucket_name -# export AWS_CN_REGION=$cn_region - -echo "Downloading machine image" -export MACHINE_IMAGE_PATH=${tmp_dir}/image.iso -export MACHINE_IMAGE_FORMAT="RAW" -wget -O ${MACHINE_IMAGE_PATH} http://tinycorelinux.net/7.x/x86_64/archive/7.1/TinyCorePure64-7.1.iso - -echo "Running integration tests" - -pushd "${REPO_PARENT}/builder-src" > /dev/null - go run github.com/onsi/ginkgo/v2/ginkgo -v -r integration -popd diff --git a/ci/tasks/light-aws/test-integration.yml b/ci/tasks/light-aws/test-integration.yml deleted file mode 100644 index f92f66431..000000000 --- a/ci/tasks/light-aws/test-integration.yml +++ /dev/null @@ -1,18 +0,0 @@ ---- -platform: linux - -inputs: -- name: builder-src -- name: bosh-stemcells-ci -run: - path: bosh-stemcells-ci/ci/tasks/light-aws/test-integration.sh -params: - access_key: "" - secret_key: "" - bucket_name: "" - region: "" - copy_region: "" - # cn_access_key: "" - # cn_secret_key: "" - # cn_bucket_name: "" - # cn_region: "" diff --git a/ci/tasks/light-aws/test-unit.sh b/ci/tasks/light-aws/test-unit.sh deleted file mode 100755 index f8bbd52a9..000000000 --- a/ci/tasks/light-aws/test-unit.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/usr/bin/env bash -set -eu -o pipefail - -REPO_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/../../.." && pwd )" -REPO_PARENT="$( cd "${REPO_ROOT}/.." && pwd )" - -if [[ -n "${DEBUG:-}" ]]; then - set -x - export BOSH_LOG_LEVEL=debug - export BOSH_LOG_PATH="${BOSH_LOG_PATH:-${REPO_PARENT}/bosh-debug.log}" -fi - -echo "Running unit tests" - -pushd "${REPO_PARENT}/builder-src" > /dev/null - go run github.com/onsi/ginkgo/v2/ginkgo -p -r --skip-package "driver,integration" - go run github.com/onsi/ginkgo/v2/ginkgo -p -r driverset # driverset is skipped by previous command -popd diff --git a/ci/tasks/light-aws/test-unit.yml b/ci/tasks/light-aws/test-unit.yml deleted file mode 100644 index 72017042b..000000000 --- a/ci/tasks/light-aws/test-unit.yml +++ /dev/null @@ -1,8 +0,0 @@ ---- -platform: linux - -inputs: -- name: builder-src -- name: bosh-stemcells-ci -run: - path: bosh-stemcells-ci/ci/tasks/light-aws/test-unit.sh diff --git a/ci/tasks/light-aws/us-gov-merge-builds.yml b/ci/tasks/light-aws/us-gov-merge-builds.yml index 68b41ba34..4dfcd106e 100644 --- a/ci/tasks/light-aws/us-gov-merge-builds.yml +++ b/ci/tasks/light-aws/us-gov-merge-builds.yml @@ -3,7 +3,6 @@ platform: linux inputs: -- name: builder-src - name: bosh-stemcells-ci - name: us-light-stemcell - name: cn-north-light-stemcell diff --git a/ci/tasks/light-google/create-public-image.sh b/ci/tasks/light-google/create-public-image.sh index 81dc90058..453900d30 100755 --- a/ci/tasks/light-google/create-public-image.sh +++ b/ci/tasks/light-google/create-public-image.sh @@ -10,8 +10,8 @@ if [[ -n "${DEBUG:-}" ]]; then export BOSH_LOG_PATH="${BOSH_LOG_PATH:-${REPO_PARENT}/bosh-debug.log}" fi -: ${PROJECT_NAME:?} -: ${GCP_SERVICE_ACCOUNT_KEY:?} +: "${PROJECT_NAME:?}" +: "${GCP_SERVICE_ACCOUNT_KEY:?}" echo "Creating light stemcell..." @@ -25,10 +25,12 @@ raw_stemcell_filename="$(basename "${raw_stemcell}")" raw_stemcell_uri="$(cat "${REPO_PARENT}/base-oss-google-ubuntu-stemcell/url")" -image_name=$(echo "$raw_stemcell_filename" | sed -e 's/[^0-9a-zA-Z]/-/g' -e 's/-tar-gz$//' -e 's/-go-agent-raw//' -e 's/^bosh-//') +image_name=$(echo "$raw_stemcell_filename" \ + | sed -e 's/[^0-9a-zA-Z]/-/g' -e 's/-tar-gz$//' -e 's/-go-agent-raw//' -e 's/^bosh-//') # authenticate with service account -echo ${GCP_SERVICE_ACCOUNT_KEY} | gcloud auth activate-service-account --key-file - --project ${PROJECT_NAME} +echo "${GCP_SERVICE_ACCOUNT_KEY}" \ + | gcloud auth activate-service-account --key-file - --project "${PROJECT_NAME}" guest_os_features=() if [[ "${EFI:-false}" == "true" ]]; then @@ -45,14 +47,14 @@ if (( ${#guest_os_features[@]} > 0 )); then fi # create image +# shellcheck disable=SC2086 gcloud compute images create "${image_name}" \ --project="${PROJECT_NAME}" \ --source-uri="${raw_stemcell_uri}" \ ${guest_os_features_flag} \ --storage-location=eu - -gcloud compute images add-iam-policy-binding ${image_name} \ +gcloud compute images add-iam-policy-binding "${image_name}" \ --member='allAuthenticatedUsers' \ --role='roles/compute.imageUser' @@ -61,14 +63,14 @@ pushd "${REPO_PARENT}/working_dir" # create final light stemcell tar xvf "${original_stemcell}" - > image + : > image packaged_image_stemcell_sha1=$(sha1sum image | awk '{print $1}') cp stemcell.MF /tmp/stemcell.MF.tmp bosh int \ -o "${REPO_ROOT}/ci/tasks/light-google/assets/public-image-stemcell-ops.yml" \ - -v "packaged_image_stemcell_sha1=$packaged_image_stemcell_sha1" \ + -v "packaged_image_stemcell_sha1=${packaged_image_stemcell_sha1}" \ -v 'stemcell_formats=["google-light"]' \ -v "image_url=https://www.googleapis.com/compute/v1/projects/${PROJECT_NAME}/global/images/${image_name}" \ /tmp/stemcell.MF.tmp > stemcell.MF diff --git a/ci/tasks/light-google/deploy-skeletal.sh b/ci/tasks/light-google/deploy-skeletal.sh index d0bee28e1..a5e57c4df 100755 --- a/ci/tasks/light-google/deploy-skeletal.sh +++ b/ci/tasks/light-google/deploy-skeletal.sh @@ -11,8 +11,8 @@ if [[ -n "${DEBUG:-}" ]]; then fi # env -: ${SSH_PRIVATE_KEY:?} -: ${GCE_CREDENTIALS_JSON:?} +: "${SSH_PRIVATE_KEY:?}" +: "${GCE_CREDENTIALS_JSON:?}" mkdir -p "${REPO_PARENT}/deployment-state/assets/" diff --git a/ci/tasks/light-google/make-raw-from-heavy-stemcell.sh b/ci/tasks/light-google/make-raw-from-heavy-stemcell.sh index ca39e402b..0603fc587 100755 --- a/ci/tasks/light-google/make-raw-from-heavy-stemcell.sh +++ b/ci/tasks/light-google/make-raw-from-heavy-stemcell.sh @@ -10,18 +10,21 @@ if [[ -n "${DEBUG:-}" ]]; then export BOSH_LOG_PATH="${BOSH_LOG_PATH:-${REPO_PARENT}/bosh-debug.log}" fi -: ${BUCKET_NAME:?} -: ${STEMCELL_BUCKET_PATH:?} # used to check if current stemcell already exists +: "${BUCKET_NAME:?}" +: "${STEMCELL_BUCKET_PATH:?}" # used to check if current stemcell already exists stemcell_url() { - resource="/${STEMCELL_BUCKET_PATH}/${light_stemcell_name}" + local name + name=${1} + + resource="/${STEMCELL_BUCKET_PATH}/${name}" if [ ! -z "$AWS_ACCESS_KEY_ID" ]; then expires=$(date +%s) expires=$((expires + 30)) string_to_sign="HEAD\n\n\n${expires}\n${resource}" - signature=$(echo -en "$string_to_sign" | openssl sha1 -hmac ${AWS_SECRET_ACCESS_KEY} -binary | base64) + signature=$(echo -en "$string_to_sign" | openssl sha1 -hmac "${AWS_SECRET_ACCESS_KEY}" -binary | base64) signature=$(python -c "import urllib; print urllib.quote_plus('${signature}')") echo -n "https://${S3_API_ENDPOINT}${resource}?AWSAccessKeyId=${AWS_ACCESS_KEY_ID}&Expires=${expires}&Signature=${signature}" else @@ -32,22 +35,20 @@ stemcell_url() { echo "Creating light stemcell..." salt=$(date +%s) -original_stemcell="$(echo ${REPO_PARENT}/stemcell/*.tgz)" +original_stemcell="$(echo "${REPO_PARENT}"/stemcell/*.tgz)" original_stemcell_name="$(basename "${original_stemcell}")" -raw_stemcell_name="$(basename "${original_stemcell}" .tgz)-raw-$salt.tar.gz" -light_stemcell_name="light-${original_stemcell_name}" +raw_stemcell_name="$(basename "${original_stemcell}" .tgz)-raw-${salt}.tar.gz" echo "Using raw stemcell name: ${raw_stemcell_name}" -light_stemcell_url="$(stemcell_url)" -set +e -wget --spider "$light_stemcell_url" -if [[ "$?" == "0" ]]; then - echo "Google light stemcell '$light_stemcell_name' already exists!" - echo "You can download here: $light_stemcell_url" +light_stemcell_name="light-${original_stemcell_name}" +light_stemcell_url="$(stemcell_url "${light_stemcell_name}")" + +if wget --spider "${light_stemcell_url}"; then + echo "Google light stemcell '${light_stemcell_name}' already exists!" + echo "You can download here: ${light_stemcell_url}" exit 1 fi -set -e mkdir "${REPO_PARENT}/working_dir" pushd "${REPO_PARENT}/working_dir" From 718a56e6b92d60cc8fe36abe5d933bd73fb0c21b Mon Sep 17 00:00:00 2001 From: aram price Date: Mon, 22 Jun 2026 12:18:39 -0700 Subject: [PATCH 17/19] ci: simplify cleanup_* functions - use prefix, not prefix, and region - out of band: update credhub entry --- ci/pipelines/publisher.yml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/ci/pipelines/publisher.yml b/ci/pipelines/publisher.yml index a1736370f..c842edf25 100644 --- a/ci/pipelines/publisher.yml +++ b/ci/pipelines/publisher.yml @@ -44,7 +44,7 @@ do: #@yaml/text-templated-strings --- -#@ def cleanup_unpublished_light_stemcells(prefix, region): +#@ def cleanup_unpublished_light_stemcells(prefix): task: cleanup-amis-in-(@= prefix @) file: bosh-stemcells-ci/ci/tasks/light-aws/cleanup-ami.yml image: bosh-integration-registry-image @@ -52,7 +52,7 @@ params: AWS_PAGER: ami_access_key: ((aws_publish_(@= prefix @)_access_key)) ami_secret_key: ((aws_publish_(@= prefix @)_secret_key)) - ami_region: ((aws_publish_(@= region @)_region)) + ami_region: ((aws_publish_(@= prefix @)_region)) ami_older_than_days: 60 ami_keep_latest: 5 os_name: (@= data.values.stemcell_details.os_name @) @@ -60,7 +60,7 @@ params: #@yaml/text-templated-strings --- -#@ def cleanup_old_published_light_stemcells(prefix, region): +#@ def cleanup_old_published_light_stemcells(prefix): task: cleanup-amis-in-(@= prefix @) file: bosh-stemcells-ci/ci/tasks/light-aws/cleanup-ami.yml image: bosh-integration-registry-image @@ -68,7 +68,7 @@ params: AWS_PAGER: ami_access_key: ((aws_publish_(@= prefix @)_access_key)) ami_secret_key: ((aws_publish_(@= prefix @)_secret_key)) - ami_region: ((aws_publish_(@= region @)_region)) + ami_region: ((aws_publish_(@= prefix @)_region)) ami_older_than_days: 1095 remove_public_images: true #@ end @@ -104,8 +104,8 @@ jobs: trigger: true - get: bosh-stemcells-ci - get: bosh-integration-registry-image - - #@ cleanup_old_published_light_stemcells("us", "us") - - #@ cleanup_old_published_light_stemcells("us-gov", "us-gov") + - #@ cleanup_old_published_light_stemcells("us") + - #@ cleanup_old_published_light_stemcells("us-gov") - name: cleanup-unpublished-(@= data.values.stemcell_details.os_name @)-aws-light-stemcells serial: true plan: @@ -113,9 +113,9 @@ jobs: trigger: true - get: bosh-stemcells-ci - get: bosh-integration-registry-image - - #@ cleanup_unpublished_light_stemcells("us", "us") - - #@ cleanup_unpublished_light_stemcells("us-gov", "us-gov") -#!- #@ cleanup_unpublished_light_stemcells("cn", "cn_north") + - #@ cleanup_unpublished_light_stemcells("us") + - #@ cleanup_unpublished_light_stemcells("us-gov") +#!- #@ cleanup_unpublished_light_stemcells("cn") - name: build-light-aws-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) plan: From 0d4f2d0dbf4c43ef284d4c005195cb17f3602a7e Mon Sep 17 00:00:00 2001 From: aram price Date: Mon, 22 Jun 2026 14:52:03 -0700 Subject: [PATCH 18/19] CI: fix script permissions --- ci/tasks/light-aws/cleanup-ami.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 ci/tasks/light-aws/cleanup-ami.sh diff --git a/ci/tasks/light-aws/cleanup-ami.sh b/ci/tasks/light-aws/cleanup-ami.sh old mode 100644 new mode 100755 From 3ea5d4474eed46eb5ee4635123ed67ac8487461c Mon Sep 17 00:00:00 2001 From: aram price Date: Mon, 22 Jun 2026 14:50:58 -0700 Subject: [PATCH 19/19] CI: collapse publisher into builder pipeline - rename `-builder` => `` - simplify ci configure script - relocate pipeline template and vars files to `ci/` --- README.md | 2 +- ci/configure.sh | 58 +- .../builder.yml => pipeline-template.yml} | 805 ++++++++++++++++-- ci/{pipelines/vars.yml => pipeline-vars.yml} | 0 ci/pipelines/publisher.yml | 759 ----------------- docs/new_stemcell_line.md | 2 +- 6 files changed, 761 insertions(+), 865 deletions(-) rename ci/{pipelines/builder.yml => pipeline-template.yml} (53%) rename ci/{pipelines/vars.yml => pipeline-vars.yml} (100%) delete mode 100644 ci/pipelines/publisher.yml diff --git a/README.md b/README.md index e17c7d8dd..0f8f00743 100644 --- a/README.md +++ b/README.md @@ -349,7 +349,7 @@ Create a `stemcell-builder-integration-${subnet_int}` subnetworks need by BATs t Each stemcell line should get its own subnet corresponding to its `subnet_int` equal to the two digit release year. For example release year 2010 would have `subnet_int="10"`. -Example per [ci/pipelines/vars.yml](ci/pipelines/vars.yml): +Example per [ci/pipeline-vars.yml](ci/pipeline-vars.yml): ```yaml --- diff --git a/ci/configure.sh b/ci/configure.sh index e0a46951e..e9269e0ac 100755 --- a/ci/configure.sh +++ b/ci/configure.sh @@ -1,61 +1,35 @@ #!/usr/bin/env bash set -eu -o pipefail -STEMCELL_LINE="ubuntu-jammy" - -REPO_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." && pwd )" - if [[ -n "${DEBUG:-}" ]]; then set -x fi -fly="${FLY_CLI:-fly}" +REPO_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." && pwd )" + +STEMCELL_LINE="ubuntu-jammy" + +pipelines_dir="${REPO_ROOT}/ci" +pipeline_name="${STEMCELL_LINE}" +pipeline_template="pipeline-template.yml" +pipeline_vars="pipeline-vars.yml" + concourse_target="${CONCOURSE_TARGET:-stemcell}" +fly="${FLY_CLI:-fly}" until "${fly}" -t "${concourse_target}" status; do "${fly}" -t "${concourse_target}" login sleep 1 done -pipelines_dir="${REPO_ROOT}/ci/pipelines" -vars_file_name="vars.yml" - -mapfile -t available_pipelines < \ - <( find "${pipelines_dir}" -maxdepth 1 -type f -name '*.yml' | grep -v "${vars_file_name}" | sort ) - -if (( ${#available_pipelines[@]} == 0 )); then - echo "No pipelines found under '${pipelines_dir}'" >&2 - exit 1 -fi - -i=1 -echo "Choose a pipeline to configure:" -for pipeline in "${available_pipelines[@]}"; do - pipeline_choice_label=$(echo "${pipeline#"${pipelines_dir}/"}" | cut -d/ -f 1) - printf "%4s. %s\n" "${i}" "${pipeline_choice_label}" - i=$((i + 1)) -done -read -rp "pipeline: " pipeline_index +echo "Rendering..." +rendered_template="$(ytt -f "${pipelines_dir}/${pipeline_template}" -f "${pipelines_dir}/${pipeline_vars}")" echo "" -if ! [[ "${pipeline_index}" =~ ^[0-9]+$ ]] || (( pipeline_index < 1 || pipeline_index > ${#available_pipelines[@]} )); then - echo "Invalid selection: '${pipeline_index}'" >&2 - exit 1 -fi - -pipeline_file=${available_pipelines[(pipeline_index-1)]} -if [ ! -f "${pipeline_file}" ]; then - echo "No pipeline found: '${pipeline_file}'" >&2 - exit 1 -fi - -pipeline_name=$(basename "${pipeline_file%".yml"}") - -echo "Configuring '${pipeline_name}' using '${pipeline_file#"${pipelines_dir}/"}'..." +echo "Validating..." +fly validate-pipeline --strict --config <(echo "${rendered_template}") echo "" -rendered_template="$(ytt -f "${pipeline_file}" -f "${pipelines_dir}/${vars_file_name}")" - -"${fly}" -t "${concourse_target}" set-pipeline \ - -p "${STEMCELL_LINE}-${pipeline_name}" \ +echo "Configuring..." +"${fly}" -t "${concourse_target}" set-pipeline -p "${pipeline_name}" \ -c <(echo "${rendered_template}") diff --git a/ci/pipelines/builder.yml b/ci/pipeline-template.yml similarity index 53% rename from ci/pipelines/builder.yml rename to ci/pipeline-template.yml index 7f7fed9f5..734711b01 100644 --- a/ci/pipelines/builder.yml +++ b/ci/pipeline-template.yml @@ -85,30 +85,99 @@ plan: #@yaml/text-templated-strings --- -anchors: - bats_director_tag: &bats-director-tag test-stemcells-(@= data.values.stemcell_details.os_short_name @) - ci_bot: - email: &ci_bot_email (@= data.values.stemcell_details.bot_email @) - name: &ci_bot_name (@= data.values.stemcell_details.bot_name @) +#@ def build_light_aws_stemcell_new(stemcell_os, stemcell_version, prefix, efi, ami_destinations, ami_excluded_destinations): +do: + - in_parallel: + - get: (@= prefix @)-input-stemcell + params: + include_files: + - bosh-stemcell-*-aws-xen-hvm-(@= stemcell_os @)*.tgz + resource: candidate-(@= stemcell_os @)-stemcell-(@= stemcell_version @) + trigger: true + version: every + - task: build-(@= prefix @)-stemcell + file: bosh-stemcells-ci/ci/tasks/light-aws/build.yml + image: aws-light-stemcell-builder-registry-image + input_mapping: + input-stemcell: (@= prefix @)-input-stemcell + output_mapping: + light-stemcell: (@= prefix @)-light-stemcell + params: + AWS_PAGER: + ami_access_key: ((aws_publish_(@= prefix @)_access_key)) + ami_secret_key: ((aws_publish_(@= prefix @)_secret_key)) + ami_region: ((aws_publish_(@= prefix @)_region)) + ami_bucket_name: ((aws_publish_(@= prefix @)_bucket)) + ami_description: Light Stemcell Builder Prod AMI + #@ if ami_destinations != "": + ami_destinations: (@= ami_destinations @) + #@ end + #@ if ami_excluded_destinations != "": + ami_excluded_destinations: (@= ami_excluded_destinations @) + #@ end + ami_encrypted: false + ami_kms_key_id: "" + ami_server_side_encryption: "" + ami_virtualization_type: hvm + ami_visibility: public + S3_API_ENDPOINT: storage.googleapis.com + efi: (@= str(efi).lower() @) +#@ end +#@yaml/text-templated-strings +--- +#@ def cleanup_unpublished_light_stemcells(prefix): +task: cleanup-amis-in-(@= prefix @) +file: bosh-stemcells-ci/ci/tasks/light-aws/cleanup-ami.yml +image: bosh-integration-registry-image +params: + AWS_PAGER: + ami_access_key: ((aws_publish_(@= prefix @)_access_key)) + ami_secret_key: ((aws_publish_(@= prefix @)_secret_key)) + ami_region: ((aws_publish_(@= prefix @)_region)) + ami_older_than_days: 60 + ami_keep_latest: 5 + os_name: (@= data.values.stemcell_details.os_name @) +#@ end + +#@yaml/text-templated-strings +--- +#@ def cleanup_old_published_light_stemcells(prefix): +task: cleanup-amis-in-(@= prefix @) +file: bosh-stemcells-ci/ci/tasks/light-aws/cleanup-ami.yml +image: bosh-integration-registry-image +params: + AWS_PAGER: + ami_access_key: ((aws_publish_(@= prefix @)_access_key)) + ami_secret_key: ((aws_publish_(@= prefix @)_secret_key)) + ami_region: ((aws_publish_(@= prefix @)_region)) + ami_older_than_days: 1095 + remove_public_images: true +#@ end + +#@yaml/text-templated-strings +--- groups: - name: build jobs: - build-stemcell - test-unit - build-os-image - #@ for iaas in data.values.stemcell_details.include_iaas: - build-(@= iaas.iaas @)-(@= iaas.hypervisor @) #@ end #@ for iaas in data.values.stemcell_details.include_fips_iaas: - build-(@= iaas.iaas @)-(@= iaas.hypervisor @)-fips #@ end - - bats - test-stemcells-ipv4 - test-stemcells-ipv6 - aggregate-candidate-stemcells +- name: publish + jobs: + - build-light-aws-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) + - build-light-google-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) + - publish-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - name: auto-bumps jobs: @@ -125,12 +194,12 @@ groups: - check-usn-packages-are-available - log-low-medium-cves - notify-of-usn -- name: docker +- name: infrastructure-tending jobs: - build-os-image-stemcell-builder -- name: infrastructure - jobs: - ensure-integration-network + - cleanup-published-aws-light-stemcells-older-than-three-years + - cleanup-unpublished-(@= data.values.stemcell_details.os_name @)-aws-light-stemcells #@yaml/text-templated-strings jobs: @@ -198,17 +267,17 @@ jobs: serial: true plan: - get: bosh-stemcells-ci - - get: bosh-integration-image + - get: bosh-integration-registry-image - task: ensure-integration-network file: bosh-stemcells-ci/ci/tasks/gcp/ensure-integration-network.yml - image: bosh-integration-image + image: bosh-integration-registry-image params: GCP_JSON_KEY: ((gcp_json_key)) GCP_PROJECT_ID: ((gcp_project_id)) GCP_REGION: europe-north2 GCP_NETWORK_NAME: bosh-concourse SUBNET_INT: (@= data.values.stemcell_details.subnet_int @) - DIRECTOR_TAG: *bats-director-tag + DIRECTOR_TAG: &bats-director-tag test-stemcells-(@= data.values.stemcell_details.os_short_name @) - name: process-high-critical-cves serial_groups: [log-cves] @@ -267,7 +336,7 @@ jobs: - in_parallel: - get: bosh-stemcells-ci - get: os-image-stemcell-builder-registry-image - - get: bosh-integration-image + - get: bosh-integration-registry-image - get: bosh-linux-stemcell-builder - get: usn-log passed: @@ -292,7 +361,7 @@ jobs: image_os_tag: (@= data.values.stemcell_details.os_short_name @) - task: write-message file: bosh-stemcells-ci/ci/tasks/write-bump-message.yml - image: bosh-integration-image + image: bosh-integration-registry-image params: MESSAGE_PREFIX: CVE Trigger - put: stemcell-trigger @@ -380,8 +449,8 @@ jobs: - usn-log/usn-log.json rename: (@= data.values.stemcell_details.branch @)/(@= data.values.stemcell_details.os_name @).meta4 options: - author_email: *ci_bot_email - author_name: *ci_bot_name + author_email: (@= data.values.stemcell_details.bot_email @) + author_name: (@= data.values.stemcell_details.bot_name @) message: 'Bump os-image tgz' version: version/version - put: os-image-version @@ -391,7 +460,7 @@ jobs: - name: test-unit plan: - get: bosh-stemcells-ci - - get: bosh-integration-image + - get: bosh-integration-registry-image - get: bosh-linux-stemcell-builder trigger: true passed: @@ -405,7 +474,7 @@ jobs: - build-os-image - task: test-unit file: bosh-stemcells-ci/ci/tasks/test-unit.yml - image: bosh-integration-image + image: bosh-integration-registry-image privileged: true serial: true @@ -446,7 +515,7 @@ jobs: resource: version trigger: true - get: bosh-stemcells-ci - - get: bosh-integration-image + - get: bosh-integration-registry-image - get: bosh-linux-stemcell-builder - get: bosh-deployment - get: syslog-release @@ -469,7 +538,7 @@ jobs: - do: - task: deploy-director file: bosh-stemcells-ci/ci/tasks/gcp/deploy-director.yml - image: bosh-integration-image + image: bosh-integration-registry-image params: GCP_PROJECT_ID: ((gcp_project_id)) GCP_ZONE: europe-north2-a @@ -486,7 +555,7 @@ jobs: - task: test-stemcell attempts: 3 file: bosh-stemcells-ci/ci/tasks/test-stemcell.yml - image: bosh-integration-image + image: bosh-integration-registry-image params: BOSH_os_name: (@= data.values.stemcell_details.os_name @) package: ipv4director @@ -494,7 +563,7 @@ jobs: do: - task: teardown file: bosh-stemcells-ci/ci/tasks/teardown.yml - image: bosh-integration-image + image: bosh-integration-registry-image attempts: 3 timeout: 15m serial: true @@ -514,7 +583,7 @@ jobs: resource: version trigger: true - get: bosh-stemcells-ci - - get: bosh-integration-image + - get: bosh-integration-registry-image - get: bosh-linux-stemcell-builder - get: bosh-deployment - get: syslog-release @@ -537,7 +606,7 @@ jobs: - do: - task: deploy-director-ipv6 file: bosh-stemcells-ci/ci/tasks/gcp/deploy-director-ipv6.yml - image: bosh-integration-image + image: bosh-integration-registry-image params: GCP_PROJECT_ID: ((gcp_project_id)) GCP_ZONE: europe-north2-a @@ -555,7 +624,7 @@ jobs: - task: test-stemcell-ipv6 attempts: 3 file: bosh-stemcells-ci/ci/tasks/test-stemcell.yml - image: bosh-integration-image + image: bosh-integration-registry-image params: BOSH_os_name: (@= data.values.stemcell_details.os_name @) package: ipv6director @@ -563,7 +632,7 @@ jobs: do: - task: teardown file: bosh-stemcells-ci/ci/tasks/teardown.yml - image: bosh-integration-image + image: bosh-integration-registry-image attempts: 3 timeout: 15m serial: true @@ -588,7 +657,7 @@ jobs: - get: bats - get: bosh-deployment - get: bosh-stemcells-ci - - get: bosh-integration-image + - get: bosh-integration-registry-image - get: bosh-linux-stemcell-builder passed: #@ for iaas in data.values.stemcell_details.include_iaas: @@ -619,7 +688,7 @@ jobs: - do: - task: cleanup-bats-vms file: bosh-stemcells-ci/ci/tasks/gcp/cleanup-bats-vms.yml - image: bosh-integration-image + image: bosh-integration-registry-image params: GCP_JSON_KEY: ((gcp_json_key)) GCP_PROJECT_ID: ((gcp_project_id)) @@ -628,7 +697,7 @@ jobs: TAG: *bats-director-tag - task: deploy-director file: bosh-stemcells-ci/ci/tasks/gcp/deploy-director.yml - image: bosh-integration-image + image: bosh-integration-registry-image params: GCP_PROJECT_ID: ((gcp_project_id)) GCP_ZONE: europe-north2-a @@ -643,7 +712,7 @@ jobs: TAG: *bats-director-tag - task: prepare-bats file: bosh-stemcells-ci/ci/tasks/bats/iaas/gcp/prepare-bats-config.yml - image: bosh-integration-image + image: bosh-integration-registry-image params: VARS_STEMCELL_NAME: bosh-google-kvm-ubuntu-(@= data.values.stemcell_details.os_short_name @)(@= data.values.stemcell_details.agent_suffix @) VARS_NETWORK_DEFAULT: bosh-concourse @@ -660,12 +729,12 @@ jobs: VARS_GATEWAY_DEFAULT: 10.100.(@= data.values.stemcell_details.subnet_int @).1 - task: run-bats file: bats/ci/tasks/run-bats.yml - image: bosh-integration-image + image: bosh-integration-registry-image ensure: do: - task: teardown file: bosh-stemcells-ci/ci/tasks/teardown.yml - image: bosh-integration-image + image: bosh-integration-registry-image attempts: 3 timeout: 15m @@ -680,7 +749,7 @@ jobs: resource: version trigger: true - get: bosh-stemcells-ci - - get: bosh-integration-image + - get: bosh-integration-registry-image - get: bosh-linux-stemcell-builder passed: - bats @@ -696,12 +765,12 @@ jobs: file: bosh-stemcells-ci/ci/tasks/commit-build-time.yml image: os-image-stemcell-builder-registry-image params: - GIT_USER_EMAIL: *ci_bot_email - GIT_USER_NAME: *ci_bot_name + GIT_USER_EMAIL: (@= data.values.stemcell_details.bot_email @) + GIT_USER_NAME: (@= data.values.stemcell_details.bot_name @) #@ if len(data.values.stemcell_details.include_fips_iaas) > 0: - task: copy-fips-artifacts file: bosh-stemcells-ci/ci/tasks/publish.yml - image: bosh-integration-image + image: bosh-integration-registry-image params: AWS_ACCESS_KEY_ID: ((hmac_accesskey)) AWS_SECRET_ACCESS_KEY: ((hmac_secret)) @@ -718,12 +787,12 @@ jobs: TO_INDEX: candidate AWS_ENDPOINT: "https://storage.googleapis.com" S3_API_ENDPOINT: storage.googleapis.com - GIT_USER_EMAIL: *ci_bot_email - GIT_USER_NAME: *ci_bot_name + GIT_USER_EMAIL: (@= data.values.stemcell_details.bot_email @) + GIT_USER_NAME: (@= data.values.stemcell_details.bot_name @) #@ end - task: copy-artifacts file: bosh-stemcells-ci/ci/tasks/publish.yml - image: bosh-integration-image + image: bosh-integration-registry-image params: AWS_ACCESS_KEY_ID: ((hmac_accesskey)) AWS_SECRET_ACCESS_KEY: ((hmac_secret)) @@ -740,8 +809,8 @@ jobs: TO_INDEX: candidate AWS_ENDPOINT: "https://storage.googleapis.com" S3_API_ENDPOINT: storage.googleapis.com - GIT_USER_EMAIL: *ci_bot_email - GIT_USER_NAME: *ci_bot_name + GIT_USER_EMAIL: (@= data.values.stemcell_details.bot_email @) + GIT_USER_NAME: (@= data.values.stemcell_details.bot_name @) - in_parallel: - put: bosh-linux-stemcell-builder-push-tags no_get: true @@ -759,13 +828,13 @@ jobs: - get: (@= data.values.stemcell_details.os_short_name @)-usn passed: - process-high-critical-cves - - get: bosh-integration-image + - get: bosh-integration-registry-image - get: high-critical-cves-processed passed: - process-high-critical-cves trigger: true - task: build-slack-message - image: bosh-integration-image + image: bosh-integration-registry-image config: inputs: - name: (@= data.values.stemcell_details.os_short_name @)-usn @@ -813,7 +882,7 @@ jobs: - get: bosh-ruby-release-registry-image - get: weekly trigger: true - - get: bosh-integration-image + - get: bosh-integration-registry-image - get: os-image-tarball passed: - build-os-image @@ -828,13 +897,13 @@ jobs: output_mapping: output-repo: bosh-linux-stemcell-builder params: - GIT_USER_EMAIL: *ci_bot_email - GIT_USER_NAME: *ci_bot_name + GIT_USER_EMAIL: (@= data.values.stemcell_details.bot_email @) + GIT_USER_NAME: (@= data.values.stemcell_details.bot_name @) PACKAGE: ruby-((.:ruby_version)) VENDOR: true - task: test-unit file: bosh-stemcells-ci/ci/tasks/test-unit.yml - image: bosh-integration-image + image: bosh-integration-registry-image privileged: true - put: bosh-linux-stemcell-builder-push params: @@ -847,7 +916,7 @@ jobs: trigger: true - get: bosh-stemcells-ci - get: bosh-linux-stemcell-builder - - get: bosh-integration-image + - get: bosh-integration-registry-image - get: golang-release - task: bump-deps file: golang-release/ci/tasks/shared/bump-deps.yml @@ -856,11 +925,11 @@ jobs: output_mapping: output_repo: bosh-linux-stemcell-builder params: - GIT_USER_EMAIL: *ci_bot_email - GIT_USER_NAME: *ci_bot_name + GIT_USER_EMAIL: (@= data.values.stemcell_details.bot_email @) + GIT_USER_NAME: (@= data.values.stemcell_details.bot_name @) SOURCE_PATH: acceptance-tests/ - task: acceptance-tests-dry-run - image: bosh-integration-image + image: bosh-integration-registry-image config: platform: linux inputs: @@ -888,14 +957,14 @@ jobs: resource: bosh-agent trigger: true - get: bosh-stemcells-ci - - get: bosh-integration-image + - get: bosh-integration-registry-image - get: bosh-linux-stemcell-builder - task: bump file: bosh-stemcells-ci/ci/tasks/bump-bosh-agent.yml - image: bosh-integration-image + image: bosh-integration-registry-image params: - GIT_USER_EMAIL: *ci_bot_email - GIT_USER_NAME: *ci_bot_name + GIT_USER_EMAIL: (@= data.values.stemcell_details.bot_email @) + GIT_USER_NAME: (@= data.values.stemcell_details.bot_name @) - put: bosh-linux-stemcell-builder-push params: rebase: true @@ -908,15 +977,15 @@ jobs: resource: bosh-blobstore-(@= blobstore_type @) trigger: true - get: bosh-stemcells-ci - - get: bosh-integration-image + - get: bosh-integration-registry-image - get: bosh-linux-stemcell-builder - task: bump-bosh-blobstore-cli file: bosh-stemcells-ci/ci/tasks/bump-bosh-blobstore-cli.yml - image: bosh-integration-image + image: bosh-integration-registry-image params: BLOBSTORE_TYPE: (@= blobstore_type @) - GIT_USER_EMAIL: *ci_bot_email - GIT_USER_NAME: *ci_bot_name + GIT_USER_EMAIL: (@= data.values.stemcell_details.bot_email @) + GIT_USER_NAME: (@= data.values.stemcell_details.bot_name @) - put: bosh-linux-stemcell-builder-push params: rebase: true @@ -924,6 +993,356 @@ jobs: serial: true #@ end +- name: cleanup-published-aws-light-stemcells-older-than-three-years + serial: true + plan: + - get: every-week-on-monday + trigger: true + - get: bosh-stemcells-ci + - get: bosh-integration-registry-image + - #@ cleanup_old_published_light_stemcells("us") + - #@ cleanup_old_published_light_stemcells("us-gov") +- name: cleanup-unpublished-(@= data.values.stemcell_details.os_name @)-aws-light-stemcells + serial: true + plan: + - get: every-week-on-monday + trigger: true + - get: bosh-stemcells-ci + - get: bosh-integration-registry-image + - #@ cleanup_unpublished_light_stemcells("us") + - #@ cleanup_unpublished_light_stemcells("us-gov") + #!- #@ cleanup_unpublished_light_stemcells("cn") + +- name: build-light-aws-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) + plan: + - get: bosh-stemcells-ci + - get: aws-light-stemcell-builder-registry-image + - get: bosh-integration-registry-image + - in_parallel: + - do: + - #@ build_light_aws_stemcell_new(data.values.stemcell_details.os_name, str(data.values.stemcell_details.major_version), "us-gov", data.values.stemcell_details.use_efi, "", "") + - #@ build_light_aws_stemcell_new(data.values.stemcell_details.os_name, str(data.values.stemcell_details.major_version), "us", data.values.stemcell_details.use_efi, "", '["me-central-1"]') + - task: merge-builds + file: bosh-stemcells-ci/ci/tasks/light-aws/us-gov-merge-builds.yml + image: aws-light-stemcell-builder-registry-image + - do: + - in_parallel: + - get: bosh-cpi-src + resource: bosh-aws-cpi-release + trigger: false + - get: cpi-release + resource: bosh-aws-cpi-dev-artifacts + trigger: false + - get: bosh-release + trigger: false + - get: bosh-deployment + trigger: false + - get: pipelines + resource: bosh-cpi-certification-concourse-tasks + - get: bosh-cpi-certification-concourse-tasks + - put: environment + resource: light-aws-environment + params: + delete_on_failure: true + generate_random_name: true + terraform_source: bosh-cpi-src/ci/assets/terraform + - task: prepare-director + file: bosh-cpi-certification-concourse-tasks/shared/tasks/prepare-director.yml + image: bosh-integration-registry-image + input_mapping: + stemcell: light-stemcell + params: + DIRECTOR_VARS_FILE: ((aws_test_director_vars_file)) + INFRASTRUCTURE: aws + OPTIONAL_OPS_FILE: | + -o pipelines/shared/assets/ops/remove-hm.yml + -o bosh-deployment/external-ip-with-registry-not-recommended.yml + -o bosh-deployment/misc/source-releases/bosh.yml + - task: deploy-director + file: bosh-cpi-certification-concourse-tasks/shared/tasks/deploy-director.yml + image: bosh-integration-registry-image + input_mapping: + stemcell: light-stemcell + - task: run-stemcell-upload-tests + file: bosh-stemcells-ci/ci/tasks/light-aws/run-upload-test.yml + image: bosh-integration-registry-image + input_mapping: + stemcell: light-stemcell + ensure: + do: + - task: teardown + file: bosh-cpi-certification-concourse-tasks/shared/tasks/teardown.yml + image: bosh-integration-registry-image + - task: ensure-terminated + file: bosh-cpi-src/ci/tasks/ensure-terminated.yml + image: bosh-integration-registry-image + input_mapping: + bosh-aws-cpi-release: bosh-cpi-src + params: + AWS_PAGER: + AWS_ACCESS_KEY_ID: ((aws_publish_us_access_key)) + AWS_SECRET_ACCESS_KEY: ((aws_publish_us_secret_key)) + AWS_DEFAULT_REGION: ((aws_publish_us_region)) + - put: environment + resource: light-aws-environment + get_params: + action: destroy + params: + action: destroy + env_name_file: environment/name + terraform_source: bosh-cpi-src/ci/assets/terraform + - put: candidate-aws-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + params: + files: + - light-stemcell/*.tgz + options: + author_email: (@= data.values.stemcell_details.bot_email @) + author_name: (@= data.values.stemcell_details.bot_name @) + message: 'candidate (light aws): (@= data.values.stemcell_details.os_name @)/(@= str(data.values.stemcell_details.major_version) @).x' + version: us-input-stemcell/.resource/version + serial: true + +- name: build-light-google-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) + plan: + - in_parallel: + - get: stemcell + params: + include_files: + - bosh-stemcell-*-google-kvm-(@= data.values.stemcell_details.os_name @)*.tgz + resource: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + trigger: true + version: every + - get: bosh-stemcells-ci + - get: bosh-cpi-release + resource: bosh-google-cpi-release + - get: gce-cpi-release-registry-image + - get: bosh-integration-registry-image + - task: make-raw-from-heavy-stemcell + file: bosh-stemcells-ci/ci/tasks/light-google/make-raw-from-heavy-stemcell.yml + image: gce-cpi-release-registry-image + params: + BUCKET_NAME: bosh-gce-raw-stemcells-new + STEMCELL_BUCKET_PATH: bosh-gce-light-stemcells + S3_API_ENDPOINT: storage.googleapis.com + - params: + file: raw-stemcell/bosh-stemcell-*-google-kvm-ubuntu-*.tar.gz + predefined_acl: publicRead + put: base-oss-google-ubuntu-stemcell + - task: create-public-image + file: bosh-stemcells-ci/ci/tasks/light-google/create-public-image.yml + image: gce-cpi-release-registry-image + params: + GCP_SERVICE_ACCOUNT_KEY: ((gcp_json_key)) + PROJECT_NAME: ((gcp_project_id)) + EFI: #@ data.values.stemcell_details.use_efi + - do: + - put: terraform + resource: light-google-environment-oss + params: + generate_random_name: true + terraform_source: bosh-stemcells-ci/ci/tasks/light-google/terraform/ + - task: deploy-skeletal + file: bosh-stemcells-ci/ci/tasks/light-google/deploy-skeletal.yml + image: bosh-integration-registry-image + params: + GCE_CREDENTIALS_JSON: ((gcp_json_key)) + SSH_PRIVATE_KEY: ((ssh.private_key)) + ensure: + ensure: + get_params: + action: destroy + params: + action: destroy + env_name_file: terraform/name + terraform_source: bosh-stemcells-ci/ci/tasks/light-google/terraform/ + put: terraform + resource: light-google-environment-oss + file: bosh-stemcells-ci/ci/tasks/light-google/destroy-skeletal.yml + image: bosh-integration-registry-image + task: destroy-skeletal + on_failure: + image: bosh-integration-registry-image + config: + platform: linux + run: + args: + - | + * remove artifacts of failed jobs: + ```bash + gcloud auth revoke --all # start with clean slate + gcloud auth activate-service-account concourse@((gcp_project_id)).iam.gserviceaccount.com --key-file <( ((gcp_json_key)) ) + gsutil rm gs://bosh-gce-raw-stemcells-new/STEMCELL_TO_BE_DELETED_raw.tar.gz + gsutil rm gs://bosh-gce-raw-stemcells-new/STEMCELL_TO_BE_DELETED_raw.tar.gz.sha1 + gcloud auth revoke --all + ``` + * re-fly pipeline after commenting-out `disable_manual_trigger: true` + * trigger failed jobs + * re-fly pipeline after uncommenting `disable_manual_trigger: true` + path: echo + task: cleanup-failed-run-instructions + - params: + files: + - light-stemcell/*.tgz + options: + author_email: (@= data.values.stemcell_details.bot_email @) + author_name: (@= data.values.stemcell_details.bot_name @) + message: 'candidate (light google): (@= data.values.stemcell_details.os_name @)/(@= str(data.values.stemcell_details.major_version) @).x' + version: stemcell/.resource/version + put: candidate-google-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + serial: true + +- name: publish-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) + plan: + - in_parallel: + - get: bosh-stemcells-ci + - get: bosh-linux-stemcell-builder + resource: bosh-linux-stemcell-builder-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @).x + - get: bosh-integration-registry-image + - get: os-image-stemcell-builder-registry-image + - get: stemcell-metalink + params: + skip_download: true + passed: + - build-light-aws-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) + - build-light-google-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) + resource: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + - get: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + passed: + - build-light-aws-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) + - build-light-google-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) + #@ if len(data.values.stemcell_details.include_fips_iaas) > 0: + - get: candidate-(@= data.values.stemcell_details.os_name @)-fips-stemcell-(@= str(data.values.stemcell_details.major_version) @) + #@ end + - get: candidate-google-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + passed: + - build-light-google-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) + - get: candidate-aws-light-stemcell + resource: candidate-aws-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + passed: + - build-light-aws-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) + - file: bosh-stemcells-ci/ci/tasks/build-release-metadata.yml + image: os-image-stemcell-builder-registry-image + task: build-release-metadata + params: + OS_NAME: ubuntu + OS_VERSION: (@= str(data.values.stemcell_details.os_short_name) @) + BRANCH: (@= data.values.stemcell_details.branch @) + KERNEL_PACKAGE: linux-generic + input_mapping: + candidate-stemcell: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + - task: extract-warden-image + image: bosh-integration-registry-image + config: + inputs: + - name: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + outputs: + - name: stemcell-image + platform: linux + run: + dir: stemcell-image + path: /bin/bash + args: + - -ce + - | + tar xvf ../candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @)/bosh-stemcell-*-warden-boshlite-(@= data.values.stemcell_details.os_name @)*.tgz image + printf 'FROM scratch\nADD image /\n' > Dockerfile + - task: build-stemcell-oci-image + privileged: true + config: + platform: linux + image_resource: + type: registry-image + source: + repository: concourse/oci-build-task + inputs: + - name: stemcell-image + outputs: + - name: image + params: + CONTEXT: stemcell-image + run: + path: build + - put: github-container-registry-(@= data.values.stemcell_details.os_name @)-stemcell + params: + image: image/image.tar + additional_tags: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @)/.resource/version + - put: published-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + params: + files: + - candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @)/*.tgz + options: + author_email: (@= data.values.stemcell_details.bot_email @) + author_name: (@= data.values.stemcell_details.bot_name @) + message: 'publish (heavy): (@= data.values.stemcell_details.os_name @)/(@= str(data.values.stemcell_details.major_version) @).x' + rename: '{{.Version}}/stemcells.meta4' + version: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @)/.resource/version + #@ if len(data.values.stemcell_details.include_fips_iaas) > 0 : + - put: published-(@= data.values.stemcell_details.os_name @)-fips-stemcell-(@= str(data.values.stemcell_details.major_version) @) + params: + files: + - candidate-(@= data.values.stemcell_details.os_name @)-fips-stemcell-(@= str(data.values.stemcell_details.major_version) @)/*.tgz + options: + author_email: (@= data.values.stemcell_details.bot_email @) + author_name: (@= data.values.stemcell_details.bot_name @) + message: 'publish (heavy): (@= data.values.stemcell_details.os_name @)-fips/(@= str(data.values.stemcell_details.major_version) @).x' + rename: '{{.Version}}/stemcells.meta4' + version: candidate-(@= data.values.stemcell_details.os_name @)-fips-stemcell-(@= str(data.values.stemcell_details.major_version) @)/.resource/version + #@ end + - params: + files: + - candidate-aws-light-stemcell/*.tgz + options: + author_email: (@= data.values.stemcell_details.bot_email @) + author_name: (@= data.values.stemcell_details.bot_name @) + message: 'publish (light aws): (@= data.values.stemcell_details.os_name @)/(@= str(data.values.stemcell_details.major_version) @).x' + rename: '{{.Version}}/stemcells.aws.meta4' + version: candidate-aws-light-stemcell/.resource/version + put: published-aws-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + + #! once we release all regions with the same account, we can unify these again + - file: bosh-stemcells-ci/ci/tasks/light-aws/tag-aws-ami-light.yml + image: bosh-integration-registry-image + task: tag-published-aws-ami-light-stemcells + params: + AWS_PAGER: + AWS_ACCESS_KEY_ID: ((aws_publish_us_access_key)) + AWS_SECRET_ACCESS_KEY: ((aws_publish_us_secret_key)) + GREP_PATTERN: grep -v 'gov-\|cn-' + - file: bosh-stemcells-ci/ci/tasks/light-aws/tag-aws-ami-light.yml + image: bosh-integration-registry-image + task: tag-gov-published-aws-ami-light-stemcells + params: + AWS_PAGER: + AWS_ACCESS_KEY_ID: ((aws_publish_us-gov_access_key)) + AWS_SECRET_ACCESS_KEY: ((aws_publish_us-gov_secret_key)) + GREP_PATTERN: grep 'gov-' + #! - file: bosh-stemcells-ci/ci/tasks/light-aws/tag-aws-ami-light.yml + #! task: tag-china-published-aws-ami-light-stemcells + #! params: + #! AWS_ACCESS_KEY_ID: ((aws_publish_cn_access_key)) + #! AWS_SECRET_ACCESS_KEY: ((aws_publish_cn_secret_key)) + #! GREP_PATTERN: grep 'cn-' + - params: + files: + - candidate-google-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @)/*.tgz + options: + author_email: (@= data.values.stemcell_details.bot_email @) + author_name: (@= data.values.stemcell_details.bot_name @) + message: 'publish (light google): (@= data.values.stemcell_details.os_name @)/(@= str(data.values.stemcell_details.major_version) @).x' + rename: '{{.Version}}/stemcells.gcp.meta4' + version: candidate-google-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @)/.resource/version + put: published-google-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + - params: + body: release-metadata/body + name: release-metadata/name + tag: release-metadata/tag + put: gh-release-oss + - params: + acl: public-read + file: usn-log/usn-log.json + put: usn-log-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @).x + serial: true + resource_types: - name: ami-resource type: registry-image @@ -953,7 +1372,11 @@ resource_types: type: registry-image source: repository: frodenas/gcs-resource -#@yaml/text-templated-strings +- name: terraform_type + source: + repository: ljfranklin/terraform-resource + type: registry-image + resources: - name: daily type: time @@ -968,6 +1391,246 @@ resources: stop: 4:30 -0700 days: - Saturday +- name: every-week-on-monday + type: time + source: + initial_version: true + start: 6:00 -0700 + stop: 8:30 -0700 + days: + - Monday + interval: 168h +- name: gh-release-oss + type: github-release + source: + access_token: ((github_public_repo_token)) + drafts: true + owner: cloudfoundry + repository: bosh-linux-stemcell-builder + +- name: bosh-cpi-certification-concourse-tasks + type: git + source: + branch: master + uri: https://github.com/cloudfoundry/bosh-cpi-certification + +- name: bosh-aws-cpi-release + type: git + source: + branch: master + ignore_paths: + - .final_builds/**/*.yml + - releases/**/*.yml + uri: https://github.com/cloudfoundry/bosh-aws-cpi-release.git + +- name: bosh-aws-cpi-dev-artifacts + type: gcs-resource + source: + versioned_file: bosh-aws-cpi-dev-release.tgz + bucket: bosh-aws-cpi-pipeline + json_key: ((gcp_json_key)) + +- name: light-aws-environment + source: + backend_type: s3 + backend_config: + access_key: ((aws_publish_us_access_key)) + secret_key: ((aws_publish_us_secret_key)) + bucket: bosh-aws-light-terraform + key: state/terraform.tfstate + region: ((aws_publish_us_region)) + vars: + access_key: ((aws_publish_us_access_key)) + secret_key: ((aws_publish_us_secret_key)) + public_key: ((aws_test_public_key_file)) + region: ((aws_publish_us_region)) + type: terraform_type + +- name: bosh-google-cpi-release + source: + repository: cloudfoundry/bosh-google-cpi-release + type: bosh-io-release +- name: light-google-environment-oss + source: + delete_on_failure: true + backend_type: gcs + backend_config: + credentials: ((gcp_json_key)) + bucket: bosh-gce-light-stemcell-ci-terraform-state + prefix: stemcell-ci-terraform/ + vars: + gce_credentials_json: ((gcp_json_key)) + gce_project_id: ((gcp_project_id)) + type: terraform_type + +- name: base-oss-google-ubuntu-stemcell + source: + bucket: bosh-gce-raw-stemcells-new + json_key: ((gcp_json_key)) + regexp: bosh-stemcell-([0-9\.]+)-google-kvm-ubuntu-*-raw.tar.gz + type: gcs-resource + +- name: candidate-aws-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + source: + mirror_files: + - destination: s3://storage.googleapis.com/bosh-aws-light-stemcells-candidate/{{.Version}}/{{.Name}} + options: + private_key: ((github_deploy_key_bosh-io-stemcells-cpi-index.private_key)) + uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-cpi-index.git//candidate-aws-light/(@= data.values.stemcell_details.os_name @) + url_handlers: + - include: + - (s3|https)://.* + options: + access_key: ((hmac_accesskey)) + secret_key: ((hmac_secret)) + type: s3 + version: (@= str(data.values.stemcell_details.major_version) @).x + type: metalink-repository +- name: candidate-google-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + source: + mirror_files: + - destination: s3://storage.googleapis.com/bosh-gce-light-stemcells-candidate/{{.Version}}/{{.Name}} + options: + private_key: ((github_deploy_key_bosh-io-stemcells-cpi-index.private_key)) + uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-cpi-index.git//candidate-gcp-light/(@= data.values.stemcell_details.os_name @) + url_handlers: + - include: + - (s3|https)://.* + options: + access_key: ((hmac_accesskey)) + secret_key: ((hmac_secret)) + type: s3 + version: (@= str(data.values.stemcell_details.major_version) @).x + type: metalink-repository +- name: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + source: + filters: + - repositorypath: '*/stemcells.meta4' + options: + private_key: ((github_deploy_key_bosh-io-stemcells-core-index.private_key)) + uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-core-index.git//candidate/(@= data.values.stemcell_details.os_name @) + url_handlers: + - include: + - (s3|https)://.* + type: s3 + version: (@= str(data.values.stemcell_details.major_version) @).x + type: metalink-repository + #@ if len(data.values.stemcell_details.include_fips_iaas) > 0: +- name: candidate-(@= data.values.stemcell_details.os_name @)-fips-stemcell-(@= str(data.values.stemcell_details.major_version) @) + source: + filters: + - repositorypath: '*/stemcells.meta4' + options: + private_key: ((github_deploy_key_bosh-io-stemcells-core-index.private_key)) + uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-core-index.git//candidate/(@= data.values.stemcell_details.os_name @)-fips + url_handlers: + - include: + - (s3|https)://.* + type: s3 + options: + access_key: ((hmac_accesskey)) + secret_key: ((hmac_secret)) + version: (@= str(data.values.stemcell_details.major_version) @).x + type: metalink-repository + #@ end +- name: bosh-linux-stemcell-builder-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @).x + source: + branch: (@= data.values.stemcell_details.branch @) + private_key: ((bosh_src_key.private_key)) + uri: git@github.com:cloudfoundry/bosh-linux-stemcell-builder + type: git + +- name: usn-log-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @).x + type: gcs-resource + source: + bucket: bosh-stemcell-triggers + json_key: ((gcp_json_key)) + versioned_file: (@= data.values.stemcell_details.branch @)/usn-log.json + +- name: published-aws-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + source: + filters: + - repositorypath: '*/stemcells.aws.meta4' + mirror_files: + - destination: s3://storage.googleapis.com/bosh-aws-light-stemcells/{{.Version}}/{{.Name}} + options: + private_key: ((github_deploy_key_bosh-io-stemcells-cpi-index.private_key)) + uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-cpi-index.git//published/(@= data.values.stemcell_details.os_name @) + url_handlers: + - include: + - (s3|https)://.* + options: + access_key: ((hmac_accesskey)) + secret_key: ((hmac_secret)) + type: s3 + version: (@= str(data.values.stemcell_details.major_version) @).x + type: metalink-repository + +- name: published-google-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + source: + filters: + - repositorypath: '*/stemcells.gcp.meta4' + mirror_files: + - destination: s3://storage.googleapis.com/bosh-gce-light-stemcells/{{.Version}}/{{.Name}} + options: + private_key: ((github_deploy_key_bosh-io-stemcells-cpi-index.private_key)) + uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-cpi-index.git//published/(@= data.values.stemcell_details.os_name @) + url_handlers: + - include: + - (s3|https)://.* + options: + access_key: ((hmac_accesskey)) + secret_key: ((hmac_secret)) + type: s3 + version: (@= str(data.values.stemcell_details.major_version) @).x + type: metalink-repository + +- name: published-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) + source: + filters: + - repositorypath: '*/stemcells.meta4' + mirror_files: + - destination: s3://storage.googleapis.com/bosh-core-stemcells/{{.Version}}/{{.Name}} + options: + private_key: ((github_deploy_key_bosh-io-stemcells-core-index.private_key)) + uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-core-index.git//published/(@= data.values.stemcell_details.os_name @) + url_handlers: + - include: + - (s3|https)://.* + options: + access_key: ((hmac_accesskey)) + secret_key: ((hmac_secret)) + type: s3 + version: (@= str(data.values.stemcell_details.major_version) @).x + type: metalink-repository + #@ if len(data.values.stemcell_details.include_fips_iaas) > 0: +- name: published-(@= data.values.stemcell_details.os_name @)-fips-stemcell-(@= str(data.values.stemcell_details.major_version) @) + source: + filters: + - repositorypath: '*/stemcells.meta4' + mirror_files: + - destination: s3://storage.googleapis.com/bosh-core-stemcells-fips/{{.Version}}/{{.Name}} + options: + private_key: ((github_deploy_key_bosh-io-stemcells-core-index.private_key)) + uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-core-index.git//published/(@= data.values.stemcell_details.os_name @)-fips + url_handlers: + - include: + - (s3|https)://.* + options: + access_key: ((hmac_accesskey)) + secret_key: ((hmac_secret)) + type: s3 + version: (@= str(data.values.stemcell_details.major_version) @).x + type: metalink-repository + #@ end + +- name: github-container-registry-(@= data.values.stemcell_details.os_name @)-stemcell + type: registry-image + source: + repository: ghcr.io/cloudfoundry/(@= data.values.stemcell_details.os_name @)-stemcell + username: ((github_read_write_packages.username)) + password: ((github_read_write_packages.password)) + tag: latest - name: bosh-agent type: metalink-repository @@ -1112,7 +1775,7 @@ resources: branch: master uri: https://github.com/cloudfoundry/bosh-acceptance-tests.git -- name: bosh-integration-image +- name: bosh-integration-registry-image type: registry-image source: repository: ghcr.io/cloudfoundry/bosh/integration @@ -1127,6 +1790,11 @@ resources: private_key: ((github_deploy_key_bosh-io-stemcells-core-index.private_key)) uri: git@github.com:cloudfoundry/bosh-io-stemcells-core-index.git +- name: bosh-release + type: bosh-io-release + source: + repository: cloudfoundry/bosh + - name: syslog-release type: bosh-io-release source: @@ -1147,6 +1815,7 @@ resources: source: branch: master uri: https://github.com/cloudfoundry/bosh-deployment + - name: (@= data.values.stemcell_details.os_short_name @)-usn-low-medium type: usn source: @@ -1216,6 +1885,18 @@ resources: bucket: bosh-vmware-ovftool regexp: (@= data.values.stemcell_details.os_short_name @)/(.*).bundle +- name: aws-light-stemcell-builder-registry-image + type: registry-image + source: + repository: bosh/light-stemcell-builder + username: ((dockerhub_username)) + password: ((dockerhub_password)) + +- name: gce-cpi-release-registry-image + type: registry-image + source: + repository: foundationalinfrastructure/gce-cpi-release + - name: bosh-blobstore-dav type: s3 source: diff --git a/ci/pipelines/vars.yml b/ci/pipeline-vars.yml similarity index 100% rename from ci/pipelines/vars.yml rename to ci/pipeline-vars.yml diff --git a/ci/pipelines/publisher.yml b/ci/pipelines/publisher.yml deleted file mode 100644 index c842edf25..000000000 --- a/ci/pipelines/publisher.yml +++ /dev/null @@ -1,759 +0,0 @@ -#@ load("@ytt:data", "data") - -#@yaml/text-templated-strings ---- - -#@ def build_light_aws_stemcell_new(stemcell_os, stemcell_version, prefix, efi, ami_destinations, ami_excluded_destinations): -do: - - in_parallel: - - get: (@= prefix @)-input-stemcell - params: - include_files: - - bosh-stemcell-*-aws-xen-hvm-(@= stemcell_os @)*.tgz - resource: candidate-(@= stemcell_os @)-stemcell-(@= stemcell_version @) - trigger: true - version: every - - task: build-(@= prefix @)-stemcell - file: bosh-stemcells-ci/ci/tasks/light-aws/build.yml - image: aws-light-stemcell-builder-registry-image - input_mapping: - input-stemcell: (@= prefix @)-input-stemcell - output_mapping: - light-stemcell: (@= prefix @)-light-stemcell - params: - AWS_PAGER: - ami_access_key: ((aws_publish_(@= prefix @)_access_key)) - ami_secret_key: ((aws_publish_(@= prefix @)_secret_key)) - ami_region: ((aws_publish_(@= prefix @)_region)) - ami_bucket_name: ((aws_publish_(@= prefix @)_bucket)) - ami_description: Light Stemcell Builder Prod AMI - #@ if ami_destinations != "": - ami_destinations: (@= ami_destinations @) - #@ end - #@ if ami_excluded_destinations != "": - ami_excluded_destinations: (@= ami_excluded_destinations @) - #@ end - ami_encrypted: false - ami_kms_key_id: "" - ami_server_side_encryption: "" - ami_virtualization_type: hvm - ami_visibility: public - S3_API_ENDPOINT: storage.googleapis.com - efi: (@= str(efi).lower() @) -#@ end - -#@yaml/text-templated-strings ---- -#@ def cleanup_unpublished_light_stemcells(prefix): -task: cleanup-amis-in-(@= prefix @) -file: bosh-stemcells-ci/ci/tasks/light-aws/cleanup-ami.yml -image: bosh-integration-registry-image -params: - AWS_PAGER: - ami_access_key: ((aws_publish_(@= prefix @)_access_key)) - ami_secret_key: ((aws_publish_(@= prefix @)_secret_key)) - ami_region: ((aws_publish_(@= prefix @)_region)) - ami_older_than_days: 60 - ami_keep_latest: 5 - os_name: (@= data.values.stemcell_details.os_name @) -#@ end - -#@yaml/text-templated-strings ---- -#@ def cleanup_old_published_light_stemcells(prefix): -task: cleanup-amis-in-(@= prefix @) -file: bosh-stemcells-ci/ci/tasks/light-aws/cleanup-ami.yml -image: bosh-integration-registry-image -params: - AWS_PAGER: - ami_access_key: ((aws_publish_(@= prefix @)_access_key)) - ami_secret_key: ((aws_publish_(@= prefix @)_secret_key)) - ami_region: ((aws_publish_(@= prefix @)_region)) - ami_older_than_days: 1095 - remove_public_images: true -#@ end - -#@yaml/text-templated-strings ---- -groups: -- name: all - jobs: - - build-light-aws-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - - build-light-google-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - - publish-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) -- name: oss - jobs: - - build-light-aws-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - - build-light-google-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - - publish-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) -- name: (@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - jobs: - - build-light-aws-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - - build-light-google-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - - publish-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) -- name: cleanup-aws-light-stemcells - jobs: - - cleanup-published-aws-light-stemcells-older-than-three-years - - cleanup-unpublished-(@= data.values.stemcell_details.os_name @)-aws-light-stemcells - -jobs: -- name: cleanup-published-aws-light-stemcells-older-than-three-years - serial: true - plan: - - get: every-week-on-monday - trigger: true - - get: bosh-stemcells-ci - - get: bosh-integration-registry-image - - #@ cleanup_old_published_light_stemcells("us") - - #@ cleanup_old_published_light_stemcells("us-gov") -- name: cleanup-unpublished-(@= data.values.stemcell_details.os_name @)-aws-light-stemcells - serial: true - plan: - - get: every-week-on-monday - trigger: true - - get: bosh-stemcells-ci - - get: bosh-integration-registry-image - - #@ cleanup_unpublished_light_stemcells("us") - - #@ cleanup_unpublished_light_stemcells("us-gov") -#!- #@ cleanup_unpublished_light_stemcells("cn") - -- name: build-light-aws-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - plan: - - get: bosh-stemcells-ci - - get: aws-light-stemcell-builder-registry-image - - get: bosh-integration-registry-image - - in_parallel: - - do: - - #@ build_light_aws_stemcell_new(data.values.stemcell_details.os_name, str(data.values.stemcell_details.major_version), "us-gov", data.values.stemcell_details.use_efi, "", "") - - #@ build_light_aws_stemcell_new(data.values.stemcell_details.os_name, str(data.values.stemcell_details.major_version), "us", data.values.stemcell_details.use_efi, "", '["me-central-1"]') - - task: merge-builds - file: bosh-stemcells-ci/ci/tasks/light-aws/us-gov-merge-builds.yml - image: aws-light-stemcell-builder-registry-image - - do: - - in_parallel: - - get: bosh-cpi-src - resource: bosh-aws-cpi-release - trigger: false - - get: cpi-release - resource: bosh-aws-cpi-dev-artifacts - trigger: false - - get: bosh-release - trigger: false - - get: bosh-deployment - trigger: false - - get: pipelines - resource: bosh-cpi-certification-concourse-tasks - - get: bosh-cpi-certification-concourse-tasks - - put: environment - resource: light-aws-environment - params: - delete_on_failure: true - generate_random_name: true - terraform_source: bosh-cpi-src/ci/assets/terraform - - task: prepare-director - file: bosh-cpi-certification-concourse-tasks/shared/tasks/prepare-director.yml - image: bosh-integration-registry-image - input_mapping: - stemcell: light-stemcell - params: - DIRECTOR_VARS_FILE: ((aws_test_director_vars_file)) - INFRASTRUCTURE: aws - OPTIONAL_OPS_FILE: | - -o pipelines/shared/assets/ops/remove-hm.yml - -o bosh-deployment/external-ip-with-registry-not-recommended.yml - -o bosh-deployment/misc/source-releases/bosh.yml - - task: deploy-director - file: bosh-cpi-certification-concourse-tasks/shared/tasks/deploy-director.yml - image: bosh-integration-registry-image - input_mapping: - stemcell: light-stemcell - - task: run-stemcell-upload-tests - file: bosh-stemcells-ci/ci/tasks/light-aws/run-upload-test.yml - image: bosh-integration-registry-image - input_mapping: - stemcell: light-stemcell - ensure: - do: - - task: teardown - file: bosh-cpi-certification-concourse-tasks/shared/tasks/teardown.yml - image: bosh-integration-registry-image - - task: ensure-terminated - file: bosh-cpi-src/ci/tasks/ensure-terminated.yml - image: bosh-integration-registry-image - input_mapping: - bosh-aws-cpi-release: bosh-cpi-src - params: - AWS_PAGER: - AWS_ACCESS_KEY_ID: ((aws_publish_us_access_key)) - AWS_SECRET_ACCESS_KEY: ((aws_publish_us_secret_key)) - AWS_DEFAULT_REGION: ((aws_publish_us_region)) - - put: environment - resource: light-aws-environment - get_params: - action: destroy - params: - action: destroy - env_name_file: environment/name - terraform_source: bosh-cpi-src/ci/assets/terraform - - put: candidate-aws-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - params: - files: - - light-stemcell/*.tgz - options: - author_email: &ci_bot_email bots@cloudfoundry.org - author_name: &ci_bot_name CI Bot - message: 'candidate (light aws): (@= data.values.stemcell_details.os_name @)/(@= str(data.values.stemcell_details.major_version) @).x' - version: us-input-stemcell/.resource/version - serial: true - -- name: build-light-google-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - plan: - - in_parallel: - - get: stemcell - params: - include_files: - - bosh-stemcell-*-google-kvm-(@= data.values.stemcell_details.os_name @)*.tgz - resource: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - trigger: true - version: every - - get: bosh-stemcells-ci - - get: bosh-cpi-release - resource: bosh-google-cpi-release - - get: gce-cpi-release-registry-image - - get: bosh-integration-registry-image - - task: make-raw-from-heavy-stemcell - file: bosh-stemcells-ci/ci/tasks/light-google/make-raw-from-heavy-stemcell.yml - image: gce-cpi-release-registry-image - params: - BUCKET_NAME: bosh-gce-raw-stemcells-new - STEMCELL_BUCKET_PATH: bosh-gce-light-stemcells - S3_API_ENDPOINT: storage.googleapis.com - - params: - file: raw-stemcell/bosh-stemcell-*-google-kvm-ubuntu-*.tar.gz - predefined_acl: publicRead - put: base-oss-google-ubuntu-stemcell - - task: create-public-image - file: bosh-stemcells-ci/ci/tasks/light-google/create-public-image.yml - image: gce-cpi-release-registry-image - params: - GCP_SERVICE_ACCOUNT_KEY: ((gcp_json_key)) - PROJECT_NAME: ((gcp_project_id)) - EFI: #@ data.values.stemcell_details.use_efi - - do: - - put: terraform - resource: light-google-environment-oss - params: - generate_random_name: true - terraform_source: bosh-stemcells-ci/ci/tasks/light-google/terraform/ - - task: deploy-skeletal - file: bosh-stemcells-ci/ci/tasks/light-google/deploy-skeletal.yml - image: bosh-integration-registry-image - params: - GCE_CREDENTIALS_JSON: ((gcp_json_key)) - SSH_PRIVATE_KEY: ((ssh.private_key)) - ensure: - ensure: - get_params: - action: destroy - params: - action: destroy - env_name_file: terraform/name - terraform_source: bosh-stemcells-ci/ci/tasks/light-google/terraform/ - put: terraform - resource: light-google-environment-oss - file: bosh-stemcells-ci/ci/tasks/light-google/destroy-skeletal.yml - image: bosh-integration-registry-image - task: destroy-skeletal - on_failure: - image: bosh-integration-registry-image - config: - platform: linux - run: - args: - - | - * remove artifacts of failed jobs: - ```bash - gcloud auth revoke --all # start with clean slate - gcloud auth activate-service-account concourse@((gcp_project_id)).iam.gserviceaccount.com --key-file <( ((gcp_json_key)) ) - gsutil rm gs://bosh-gce-raw-stemcells-new/STEMCELL_TO_BE_DELETED_raw.tar.gz - gsutil rm gs://bosh-gce-raw-stemcells-new/STEMCELL_TO_BE_DELETED_raw.tar.gz.sha1 - gcloud auth revoke --all - ``` - * re-fly pipeline after commenting-out `disable_manual_trigger: true` - * trigger failed jobs - * re-fly pipeline after uncommenting `disable_manual_trigger: true` - path: echo - task: cleanup-failed-run-instructions - - params: - files: - - light-stemcell/*.tgz - options: - author_email: *ci_bot_email - author_name: *ci_bot_name - message: 'candidate (light google): (@= data.values.stemcell_details.os_name @)/(@= str(data.values.stemcell_details.major_version) @).x' - version: stemcell/.resource/version - put: candidate-google-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - serial: true - -- name: publish-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - plan: - - in_parallel: - - get: bosh-stemcells-ci - - get: bosh-linux-stemcell-builder - resource: bosh-linux-stemcell-builder-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @).x - - get: bosh-integration-registry-image - - get: os-image-stemcell-builder-registry-image - - get: bosh-ecosystem-concourse-registry-image - - get: stemcell-metalink - params: - skip_download: true - passed: - - build-light-aws-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - - build-light-google-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - resource: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - - get: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - passed: - - build-light-aws-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - - build-light-google-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - #@ if len(data.values.stemcell_details.include_fips_iaas) > 0: - - get: candidate-(@= data.values.stemcell_details.os_name @)-fips-stemcell-(@= str(data.values.stemcell_details.major_version) @) - #@ end - - get: candidate-google-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - passed: - - build-light-google-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - - get: candidate-aws-light-stemcell - resource: candidate-aws-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - passed: - - build-light-aws-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @) - - file: bosh-stemcells-ci/ci/tasks/build-release-metadata.yml - image: os-image-stemcell-builder-registry-image - task: build-release-metadata - params: - OS_NAME: ubuntu - OS_VERSION: (@= str(data.values.stemcell_details.os_short_name) @) - BRANCH: (@= data.values.stemcell_details.branch @) - KERNEL_PACKAGE: linux-generic - input_mapping: - candidate-stemcell: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - - task: extract-warden-image - image: bosh-integration-registry-image - config: - inputs: - - name: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - outputs: - - name: stemcell-image - platform: linux - run: - dir: stemcell-image - path: /bin/bash - args: - - -ce - - | - tar xvf ../candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @)/bosh-stemcell-*-warden-boshlite-(@= data.values.stemcell_details.os_name @)*.tgz image - printf 'FROM scratch\nADD image /\n' > Dockerfile - - task: build-stemcell-oci-image - privileged: true - config: - platform: linux - image_resource: - type: registry-image - source: - repository: concourse/oci-build-task - inputs: - - name: stemcell-image - outputs: - - name: image - params: - CONTEXT: stemcell-image - run: - path: build - - put: github-container-registry-(@= data.values.stemcell_details.os_name @)-stemcell - params: - image: image/image.tar - additional_tags: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @)/.resource/version - - put: published-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - params: - files: - - candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @)/*.tgz - options: - author_email: *ci_bot_email - author_name: *ci_bot_name - message: 'publish (heavy): (@= data.values.stemcell_details.os_name @)/(@= str(data.values.stemcell_details.major_version) @).x' - rename: '{{.Version}}/stemcells.meta4' - version: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @)/.resource/version - #@ if len(data.values.stemcell_details.include_fips_iaas) > 0 : - - put: published-(@= data.values.stemcell_details.os_name @)-fips-stemcell-(@= str(data.values.stemcell_details.major_version) @) - params: - files: - - candidate-(@= data.values.stemcell_details.os_name @)-fips-stemcell-(@= str(data.values.stemcell_details.major_version) @)/*.tgz - options: - author_email: *ci_bot_email - author_name: *ci_bot_name - message: 'publish (heavy): (@= data.values.stemcell_details.os_name @)-fips/(@= str(data.values.stemcell_details.major_version) @).x' - rename: '{{.Version}}/stemcells.meta4' - version: candidate-(@= data.values.stemcell_details.os_name @)-fips-stemcell-(@= str(data.values.stemcell_details.major_version) @)/.resource/version - #@ end - - params: - files: - - candidate-aws-light-stemcell/*.tgz - options: - author_email: *ci_bot_email - author_name: *ci_bot_name - message: 'publish (light aws): (@= data.values.stemcell_details.os_name @)/(@= str(data.values.stemcell_details.major_version) @).x' - rename: '{{.Version}}/stemcells.aws.meta4' - version: candidate-aws-light-stemcell/.resource/version - put: published-aws-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - - #! once we release all regions with the same account, we can unify these again - - file: bosh-stemcells-ci/ci/tasks/light-aws/tag-aws-ami-light.yml - image: bosh-ecosystem-concourse-registry-image - task: tag-published-aws-ami-light-stemcells - params: - AWS_PAGER: - AWS_ACCESS_KEY_ID: ((aws_publish_us_access_key)) - AWS_SECRET_ACCESS_KEY: ((aws_publish_us_secret_key)) - GREP_PATTERN: grep -v 'gov-\|cn-' - - file: bosh-stemcells-ci/ci/tasks/light-aws/tag-aws-ami-light.yml - image: bosh-ecosystem-concourse-registry-image - task: tag-gov-published-aws-ami-light-stemcells - params: - AWS_PAGER: - AWS_ACCESS_KEY_ID: ((aws_publish_us-gov_access_key)) - AWS_SECRET_ACCESS_KEY: ((aws_publish_us-gov_secret_key)) - GREP_PATTERN: grep 'gov-' -#! - file: bosh-stemcells-ci/ci/tasks/light-aws/tag-aws-ami-light.yml -#! task: tag-china-published-aws-ami-light-stemcells -#! params: -#! AWS_ACCESS_KEY_ID: ((aws_publish_cn_access_key)) -#! AWS_SECRET_ACCESS_KEY: ((aws_publish_cn_secret_key)) -#! GREP_PATTERN: grep 'cn-' - - params: - files: - - candidate-google-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @)/*.tgz - options: - author_email: *ci_bot_email - author_name: *ci_bot_name - message: 'publish (light google): (@= data.values.stemcell_details.os_name @)/(@= str(data.values.stemcell_details.major_version) @).x' - rename: '{{.Version}}/stemcells.gcp.meta4' - version: candidate-google-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @)/.resource/version - put: published-google-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - - params: - body: release-metadata/body - name: release-metadata/name - tag: release-metadata/tag - put: gh-release-oss - - params: - acl: public-read - file: usn-log/usn-log.json - put: usn-log-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @).x - serial: true - -resource_types: -- name: metalink-repository - source: - repository: dpb587/metalink-repository-resource - tag: latest - type: registry-image -- name: terraform_type - source: - repository: ljfranklin/terraform-resource - type: registry-image -- name: gcs-resource - source: - repository: frodenas/gcs-resource - type: registry-image - -resources: -- name: every-week-on-monday - type: time - source: - days: - - Monday - interval: 168h - location: America/Los_Angeles - start: "6:00" - stop: "8:30" - -- name: gh-release-oss - type: github-release - source: - access_token: ((github_public_repo_token)) - drafts: true - owner: cloudfoundry - repository: bosh-linux-stemcell-builder - -- name: bosh-cpi-certification-concourse-tasks - type: git - source: - branch: master - uri: https://github.com/cloudfoundry/bosh-cpi-certification - -- name: bosh-release - type: bosh-io-release - source: - repository: cloudfoundry/bosh - -- name: bosh-deployment - type: git - source: - branch: master - uri: https://github.com/cloudfoundry/bosh-deployment - -- name: bosh-stemcells-ci - type: git - source: - branch: (@= data.values.stemcell_details.branch @) - paths: - - ci - uri: https://github.com/cloudfoundry/bosh-linux-stemcell-builder.git - -- name: bosh-aws-cpi-release - type: git - source: - branch: master - ignore_paths: - - .final_builds/**/*.yml - - releases/**/*.yml - uri: https://github.com/cloudfoundry/bosh-aws-cpi-release.git - -- name: light-aws-environment - source: - backend_type: s3 - backend_config: - access_key: ((aws_publish_us_access_key)) - secret_key: ((aws_publish_us_secret_key)) - bucket: bosh-aws-light-terraform - key: state/terraform.tfstate - region: ((aws_publish_us_region)) - vars: - access_key: ((aws_publish_us_access_key)) - secret_key: ((aws_publish_us_secret_key)) - public_key: ((aws_test_public_key_file)) - region: ((aws_publish_us_region)) - type: terraform_type - -- name: bosh-aws-cpi-dev-artifacts - type: gcs-resource - source: - versioned_file: bosh-aws-cpi-dev-release.tgz - bucket: bosh-aws-cpi-pipeline - json_key: ((gcp_json_key)) - -- name: bosh-google-cpi-release - source: - repository: cloudfoundry/bosh-google-cpi-release - type: bosh-io-release -- name: light-google-environment-oss - source: - delete_on_failure: true - backend_type: gcs - backend_config: - credentials: ((gcp_json_key)) - bucket: bosh-gce-light-stemcell-ci-terraform-state - prefix: stemcell-ci-terraform/ - vars: - gce_credentials_json: ((gcp_json_key)) - gce_project_id: ((gcp_project_id)) - type: terraform_type -- name: base-oss-google-ubuntu-stemcell - source: - bucket: bosh-gce-raw-stemcells-new - json_key: ((gcp_json_key)) - regexp: bosh-stemcell-([0-9\.]+)-google-kvm-ubuntu-*-raw.tar.gz - type: gcs-resource - -- name: candidate-aws-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - source: - mirror_files: - - destination: s3://storage.googleapis.com/bosh-aws-light-stemcells-candidate/{{.Version}}/{{.Name}} - options: - private_key: ((github_deploy_key_bosh-io-stemcells-cpi-index.private_key)) - uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-cpi-index.git//candidate-aws-light/(@= data.values.stemcell_details.os_name @) - url_handlers: - - include: - - (s3|https)://.* - options: - access_key: ((hmac_accesskey)) - secret_key: ((hmac_secret)) - type: s3 - version: (@= str(data.values.stemcell_details.major_version) @).x - type: metalink-repository -- name: candidate-google-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - source: - mirror_files: - - destination: s3://storage.googleapis.com/bosh-gce-light-stemcells-candidate/{{.Version}}/{{.Name}} - options: - private_key: ((github_deploy_key_bosh-io-stemcells-cpi-index.private_key)) - uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-cpi-index.git//candidate-gcp-light/(@= data.values.stemcell_details.os_name @) - url_handlers: - - include: - - (s3|https)://.* - options: - access_key: ((hmac_accesskey)) - secret_key: ((hmac_secret)) - type: s3 - version: (@= str(data.values.stemcell_details.major_version) @).x - type: metalink-repository -- name: candidate-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - source: - filters: - - repositorypath: '*/stemcells.meta4' - options: - private_key: ((github_deploy_key_bosh-io-stemcells-core-index.private_key)) - uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-core-index.git//candidate/(@= data.values.stemcell_details.os_name @) - url_handlers: - - include: - - (s3|https)://.* - type: s3 - version: (@= str(data.values.stemcell_details.major_version) @).x - type: metalink-repository -#@ if len(data.values.stemcell_details.include_fips_iaas) > 0: -- name: candidate-(@= data.values.stemcell_details.os_name @)-fips-stemcell-(@= str(data.values.stemcell_details.major_version) @) - source: - filters: - - repositorypath: '*/stemcells.meta4' - options: - private_key: ((github_deploy_key_bosh-io-stemcells-core-index.private_key)) - uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-core-index.git//candidate/(@= data.values.stemcell_details.os_name @)-fips - url_handlers: - - include: - - (s3|https)://.* - type: s3 - options: - access_key: ((hmac_accesskey)) - secret_key: ((hmac_secret)) - version: (@= str(data.values.stemcell_details.major_version) @).x - type: metalink-repository -#@ end -- name: bosh-linux-stemcell-builder-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @).x - source: - branch: (@= data.values.stemcell_details.branch @) - private_key: ((bosh_src_key.private_key)) - uri: git@github.com:cloudfoundry/bosh-linux-stemcell-builder - type: git - -- name: usn-log-(@= data.values.stemcell_details.os_name @)-(@= str(data.values.stemcell_details.major_version) @).x - type: gcs-resource - source: - bucket: bosh-stemcell-triggers - json_key: ((gcp_json_key)) - versioned_file: (@= data.values.stemcell_details.branch @)/usn-log.json - -- name: published-aws-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - source: - filters: - - repositorypath: '*/stemcells.aws.meta4' - mirror_files: - - destination: s3://storage.googleapis.com/bosh-aws-light-stemcells/{{.Version}}/{{.Name}} - options: - private_key: ((github_deploy_key_bosh-io-stemcells-cpi-index.private_key)) - uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-cpi-index.git//published/(@= data.values.stemcell_details.os_name @) - url_handlers: - - include: - - (s3|https)://.* - options: - access_key: ((hmac_accesskey)) - secret_key: ((hmac_secret)) - type: s3 - version: (@= str(data.values.stemcell_details.major_version) @).x - type: metalink-repository - -- name: published-google-light-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - source: - filters: - - repositorypath: '*/stemcells.gcp.meta4' - mirror_files: - - destination: s3://storage.googleapis.com/bosh-gce-light-stemcells/{{.Version}}/{{.Name}} - options: - private_key: ((github_deploy_key_bosh-io-stemcells-cpi-index.private_key)) - uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-cpi-index.git//published/(@= data.values.stemcell_details.os_name @) - url_handlers: - - include: - - (s3|https)://.* - options: - access_key: ((hmac_accesskey)) - secret_key: ((hmac_secret)) - type: s3 - version: (@= str(data.values.stemcell_details.major_version) @).x - type: metalink-repository - -- name: published-(@= data.values.stemcell_details.os_name @)-stemcell-(@= str(data.values.stemcell_details.major_version) @) - source: - filters: - - repositorypath: '*/stemcells.meta4' - mirror_files: - - destination: s3://storage.googleapis.com/bosh-core-stemcells/{{.Version}}/{{.Name}} - options: - private_key: ((github_deploy_key_bosh-io-stemcells-core-index.private_key)) - uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-core-index.git//published/(@= data.values.stemcell_details.os_name @) - url_handlers: - - include: - - (s3|https)://.* - options: - access_key: ((hmac_accesskey)) - secret_key: ((hmac_secret)) - type: s3 - version: (@= str(data.values.stemcell_details.major_version) @).x - type: metalink-repository - #@ if len(data.values.stemcell_details.include_fips_iaas) > 0: -- name: published-(@= data.values.stemcell_details.os_name @)-fips-stemcell-(@= str(data.values.stemcell_details.major_version) @) - source: - filters: - - repositorypath: '*/stemcells.meta4' - mirror_files: - - destination: s3://storage.googleapis.com/bosh-core-stemcells-fips/{{.Version}}/{{.Name}} - options: - private_key: ((github_deploy_key_bosh-io-stemcells-core-index.private_key)) - uri: git+ssh://git@github.com:cloudfoundry/bosh-io-stemcells-core-index.git//published/(@= data.values.stemcell_details.os_name @)-fips - url_handlers: - - include: - - (s3|https)://.* - options: - access_key: ((hmac_accesskey)) - secret_key: ((hmac_secret)) - type: s3 - version: (@= str(data.values.stemcell_details.major_version) @).x - type: metalink-repository - #@ end - -- name: github-container-registry-(@= data.values.stemcell_details.os_name @)-stemcell - type: registry-image - source: - repository: ghcr.io/cloudfoundry/(@= data.values.stemcell_details.os_name @)-stemcell - username: ((github_read_write_packages.username)) - password: ((github_read_write_packages.password)) - tag: latest - -- name: bosh-integration-registry-image - type: registry-image - source: - repository: ghcr.io/cloudfoundry/bosh/integration - tag: main - username: ((github_read_write_packages.username)) - password: ((github_read_write_packages.password)) - -- name: aws-light-stemcell-builder-registry-image - type: registry-image - source: - repository: bosh/light-stemcell-builder - username: ((dockerhub_username)) - password: ((dockerhub_password)) - -- name: os-image-stemcell-builder-registry-image - type: registry-image - source: - repository: bosh/os-image-stemcell-builder - username: ((dockerhub_username)) - password: ((dockerhub_password)) - -- name: bosh-ecosystem-concourse-registry-image - type: registry-image - source: - repository: bosh/bosh-ecosystem-concourse - username: ((dockerhub_username)) - password: ((dockerhub_password)) - -- name: gce-cpi-release-registry-image - type: registry-image - source: - repository: foundationalinfrastructure/gce-cpi-release diff --git a/docs/new_stemcell_line.md b/docs/new_stemcell_line.md index 74b64e006..7864944a9 100644 --- a/docs/new_stemcell_line.md +++ b/docs/new_stemcell_line.md @@ -8,7 +8,7 @@ git switch -c ubuntu-${short_name} {commit} ``` -2. Update `ci/pipelines/vars.yml` with the appropriate values +2. Update `ci/pipeline-vars.yml` with the appropriate values ```yaml #@data/values