diff --git a/jobs/blobstore_benchmark/templates/storage_cli_config_buildpacks.json.erb b/jobs/blobstore_benchmark/templates/storage_cli_config_buildpacks.json.erb index 2e6886adf7..cc4e5bfb53 100644 --- a/jobs/blobstore_benchmark/templates/storage_cli_config_buildpacks.json.erb +++ b/jobs/blobstore_benchmark/templates/storage_cli_config_buildpacks.json.erb @@ -91,21 +91,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = l.p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = l.p("#{scope}.username") options["password"] = l.p("#{scope}.password") - options["endpoint"] = l.p("#{scope}.public_endpoint") - add_optional(options, "secret", l.p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = l.p("cc.buildpacks.buildpack_directory_key", "cc-buildpacks") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = l.p("#{scope}.secret", nil) + base_endpoint = l.p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", l.p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", l.p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=l.p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/blobstore_benchmark/templates/storage_cli_config_droplets.json.erb b/jobs/blobstore_benchmark/templates/storage_cli_config_droplets.json.erb index c72cf61b76..6479375c34 100644 --- a/jobs/blobstore_benchmark/templates/storage_cli_config_droplets.json.erb +++ b/jobs/blobstore_benchmark/templates/storage_cli_config_droplets.json.erb @@ -91,21 +91,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = l.p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = l.p("#{scope}.username") options["password"] = l.p("#{scope}.password") - options["endpoint"] = l.p("#{scope}.public_endpoint") - add_optional(options, "secret", l.p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = l.p("cc.droplets.droplet_directory_key", "cc-droplets") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = l.p("#{scope}.secret", nil) + base_endpoint = l.p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", l.p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", l.p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=l.p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/blobstore_benchmark/templates/storage_cli_config_packages.json.erb b/jobs/blobstore_benchmark/templates/storage_cli_config_packages.json.erb index 62b6703cfa..0f0d596b36 100644 --- a/jobs/blobstore_benchmark/templates/storage_cli_config_packages.json.erb +++ b/jobs/blobstore_benchmark/templates/storage_cli_config_packages.json.erb @@ -91,21 +91,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = l.p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = l.p("#{scope}.username") options["password"] = l.p("#{scope}.password") - options["endpoint"] = l.p("#{scope}.public_endpoint") - add_optional(options, "secret", l.p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = l.p("cc.packages.app_package_directory_key", "cc-packages") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = l.p("#{scope}.secret", nil) + base_endpoint = l.p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", l.p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", l.p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=l.p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/blobstore_benchmark/templates/storage_cli_config_resource_pool.json.erb b/jobs/blobstore_benchmark/templates/storage_cli_config_resource_pool.json.erb index 575efadebb..e94a4a0922 100644 --- a/jobs/blobstore_benchmark/templates/storage_cli_config_resource_pool.json.erb +++ b/jobs/blobstore_benchmark/templates/storage_cli_config_resource_pool.json.erb @@ -91,21 +91,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = l.p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = l.p("#{scope}.username") options["password"] = l.p("#{scope}.password") - options["endpoint"] = l.p("#{scope}.public_endpoint") - add_optional(options, "secret", l.p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = l.p("cc.resource_pool.resource_directory_key", "cc-resources") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = l.p("#{scope}.secret", nil) + base_endpoint = l.p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", l.p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", l.p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=l.p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/cc_deployment_updater/templates/storage_cli_config_buildpacks.json.erb b/jobs/cc_deployment_updater/templates/storage_cli_config_buildpacks.json.erb index f5454cf125..f481343d96 100644 --- a/jobs/cc_deployment_updater/templates/storage_cli_config_buildpacks.json.erb +++ b/jobs/cc_deployment_updater/templates/storage_cli_config_buildpacks.json.erb @@ -90,22 +90,38 @@ if provider == "aliyun" || provider == "alioss" options["endpoint"] = l.p("#{scope}.aliyun_oss_endpoint") options["bucket_name"] = l.p("#{scope}.aliyun_oss_bucket") end - -# WebDAV/dav support intentionally excluded (not fully implemented) + +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = l.p("#{scope}.username") options["password"] = l.p("#{scope}.password") - options["endpoint"] = l.p("#{scope}.public_endpoint") - add_optional(options, "secret", l.p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = l.p("cc.buildpacks.buildpack_directory_key", "cc-buildpacks") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = l.p("#{scope}.secret", nil) + base_endpoint = l.p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", l.p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", l.p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=l.p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/cc_deployment_updater/templates/storage_cli_config_droplets.json.erb b/jobs/cc_deployment_updater/templates/storage_cli_config_droplets.json.erb index 050c260f39..b1669d5f29 100644 --- a/jobs/cc_deployment_updater/templates/storage_cli_config_droplets.json.erb +++ b/jobs/cc_deployment_updater/templates/storage_cli_config_droplets.json.erb @@ -91,21 +91,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = l.p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = l.p("#{scope}.username") options["password"] = l.p("#{scope}.password") - options["endpoint"] = l.p("#{scope}.public_endpoint") - add_optional(options, "secret", l.p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = l.p("cc.droplets.droplet_directory_key", "cc-droplets") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = l.p("#{scope}.secret", nil) + base_endpoint = l.p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", l.p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", l.p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=l.p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/cc_deployment_updater/templates/storage_cli_config_packages.json.erb b/jobs/cc_deployment_updater/templates/storage_cli_config_packages.json.erb index 62b6703cfa..0f0d596b36 100644 --- a/jobs/cc_deployment_updater/templates/storage_cli_config_packages.json.erb +++ b/jobs/cc_deployment_updater/templates/storage_cli_config_packages.json.erb @@ -91,21 +91,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = l.p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = l.p("#{scope}.username") options["password"] = l.p("#{scope}.password") - options["endpoint"] = l.p("#{scope}.public_endpoint") - add_optional(options, "secret", l.p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = l.p("cc.packages.app_package_directory_key", "cc-packages") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = l.p("#{scope}.secret", nil) + base_endpoint = l.p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", l.p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", l.p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=l.p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/cc_deployment_updater/templates/storage_cli_config_resource_pool.json.erb b/jobs/cc_deployment_updater/templates/storage_cli_config_resource_pool.json.erb index cc3f84adb0..c77101ac6d 100644 --- a/jobs/cc_deployment_updater/templates/storage_cli_config_resource_pool.json.erb +++ b/jobs/cc_deployment_updater/templates/storage_cli_config_resource_pool.json.erb @@ -91,21 +91,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = l.p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = l.p("#{scope}.username") options["password"] = l.p("#{scope}.password") - options["endpoint"] = l.p("#{scope}.public_endpoint") - add_optional(options, "secret", l.p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = l.p("cc.resource_pool.resource_directory_key", "cc-resources") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = l.p("#{scope}.secret", nil) + base_endpoint = l.p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", l.p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", l.p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=l.p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/cloud_controller_clock/templates/storage_cli_config_buildpacks.json.erb b/jobs/cloud_controller_clock/templates/storage_cli_config_buildpacks.json.erb index 3df22410bd..9e8b4422cc 100644 --- a/jobs/cloud_controller_clock/templates/storage_cli_config_buildpacks.json.erb +++ b/jobs/cloud_controller_clock/templates/storage_cli_config_buildpacks.json.erb @@ -89,21 +89,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = p("#{scope}.username") options["password"] = p("#{scope}.password") - options["endpoint"] = p("#{scope}.public_endpoint") - add_optional(options, "secret", p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = p("cc.buildpacks.buildpack_directory_key", "cc-buildpacks") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = p("#{scope}.secret", nil) + base_endpoint = p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/cloud_controller_clock/templates/storage_cli_config_droplets.json.erb b/jobs/cloud_controller_clock/templates/storage_cli_config_droplets.json.erb index 4616d8afe9..e482cf91ef 100644 --- a/jobs/cloud_controller_clock/templates/storage_cli_config_droplets.json.erb +++ b/jobs/cloud_controller_clock/templates/storage_cli_config_droplets.json.erb @@ -89,21 +89,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = p("#{scope}.username") options["password"] = p("#{scope}.password") - options["endpoint"] = p("#{scope}.public_endpoint") - add_optional(options, "secret", p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = p("cc.droplets.droplet_directory_key", "cc-droplets") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = p("#{scope}.secret", nil) + base_endpoint = p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/cloud_controller_clock/templates/storage_cli_config_packages.json.erb b/jobs/cloud_controller_clock/templates/storage_cli_config_packages.json.erb index 9b35f91c78..a810016898 100644 --- a/jobs/cloud_controller_clock/templates/storage_cli_config_packages.json.erb +++ b/jobs/cloud_controller_clock/templates/storage_cli_config_packages.json.erb @@ -89,21 +89,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = p("#{scope}.username") options["password"] = p("#{scope}.password") - options["endpoint"] = p("#{scope}.public_endpoint") - add_optional(options, "secret", p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = p("cc.packages.app_package_directory_key", "cc-packages") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = p("#{scope}.secret", nil) + base_endpoint = p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/cloud_controller_clock/templates/storage_cli_config_resource_pool.json.erb b/jobs/cloud_controller_clock/templates/storage_cli_config_resource_pool.json.erb index 024e57456e..3b11b00cc7 100644 --- a/jobs/cloud_controller_clock/templates/storage_cli_config_resource_pool.json.erb +++ b/jobs/cloud_controller_clock/templates/storage_cli_config_resource_pool.json.erb @@ -89,21 +89,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = p("#{scope}.username") options["password"] = p("#{scope}.password") - options["endpoint"] = p("#{scope}.public_endpoint") - add_optional(options, "secret", p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = p("cc.resource_pool.resource_directory_key", "cc-resources") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = p("#{scope}.secret", nil) + base_endpoint = p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/cloud_controller_ng/templates/storage_cli_config_buildpacks.json.erb b/jobs/cloud_controller_ng/templates/storage_cli_config_buildpacks.json.erb index 3df22410bd..9e8b4422cc 100644 --- a/jobs/cloud_controller_ng/templates/storage_cli_config_buildpacks.json.erb +++ b/jobs/cloud_controller_ng/templates/storage_cli_config_buildpacks.json.erb @@ -89,21 +89,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = p("#{scope}.username") options["password"] = p("#{scope}.password") - options["endpoint"] = p("#{scope}.public_endpoint") - add_optional(options, "secret", p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = p("cc.buildpacks.buildpack_directory_key", "cc-buildpacks") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = p("#{scope}.secret", nil) + base_endpoint = p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/cloud_controller_ng/templates/storage_cli_config_droplets.json.erb b/jobs/cloud_controller_ng/templates/storage_cli_config_droplets.json.erb index 45024f6ccd..b1e60479e8 100644 --- a/jobs/cloud_controller_ng/templates/storage_cli_config_droplets.json.erb +++ b/jobs/cloud_controller_ng/templates/storage_cli_config_droplets.json.erb @@ -21,6 +21,11 @@ end scope = "cc.droplets.connection_config" provider = p("cc.droplets.blobstore_provider", nil) + +# Normalize legacy fog provider names to storage-cli names +# Legacy fog name support to be REMOVED May 2026 +provider = "dav" if provider == "webdav" + options = {} # Support both native storage-cli types (azurebs) AND legacy fog names (AzureRM) @@ -89,19 +94,33 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) -if provider == "webdav" || provider == "dav" - options["provider"] = provider +if provider == "dav" + options["provider"] = "dav" options["user"] = p("#{scope}.username") options["password"] = p("#{scope}.password") - options["endpoint"] = p("#{scope}.public_endpoint") - add_optional(options, "secret", p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = p("cc.droplets.droplet_directory_key", "cc-droplets") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = p("#{scope}.secret", nil) + base_endpoint = p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end diff --git a/jobs/cloud_controller_ng/templates/storage_cli_config_packages.json.erb b/jobs/cloud_controller_ng/templates/storage_cli_config_packages.json.erb index d345fe3d88..a810016898 100644 --- a/jobs/cloud_controller_ng/templates/storage_cli_config_packages.json.erb +++ b/jobs/cloud_controller_ng/templates/storage_cli_config_packages.json.erb @@ -88,22 +88,38 @@ if provider == "aliyun" || provider == "alioss" options["endpoint"] = p("#{scope}.aliyun_oss_endpoint") options["bucket_name"] = p("#{scope}.aliyun_oss_bucket") end - -# WebDAV/dav support intentionally excluded (not fully implemented) + +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = p("#{scope}.username") options["password"] = p("#{scope}.password") - options["endpoint"] = p("#{scope}.public_endpoint") - add_optional(options, "secret", p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = p("cc.packages.app_package_directory_key", "cc-packages") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = p("#{scope}.secret", nil) + base_endpoint = p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/cloud_controller_ng/templates/storage_cli_config_resource_pool.json.erb b/jobs/cloud_controller_ng/templates/storage_cli_config_resource_pool.json.erb index 024e57456e..3b11b00cc7 100644 --- a/jobs/cloud_controller_ng/templates/storage_cli_config_resource_pool.json.erb +++ b/jobs/cloud_controller_ng/templates/storage_cli_config_resource_pool.json.erb @@ -89,21 +89,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = p("#{scope}.username") options["password"] = p("#{scope}.password") - options["endpoint"] = p("#{scope}.public_endpoint") - add_optional(options, "secret", p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = p("cc.resource_pool.resource_directory_key", "cc-resources") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = p("#{scope}.secret", nil) + base_endpoint = p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/cloud_controller_worker/templates/storage_cli_config_buildpacks.json.erb b/jobs/cloud_controller_worker/templates/storage_cli_config_buildpacks.json.erb index 3df22410bd..9e8b4422cc 100644 --- a/jobs/cloud_controller_worker/templates/storage_cli_config_buildpacks.json.erb +++ b/jobs/cloud_controller_worker/templates/storage_cli_config_buildpacks.json.erb @@ -89,21 +89,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = p("#{scope}.username") options["password"] = p("#{scope}.password") - options["endpoint"] = p("#{scope}.public_endpoint") - add_optional(options, "secret", p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = p("cc.buildpacks.buildpack_directory_key", "cc-buildpacks") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = p("#{scope}.secret", nil) + base_endpoint = p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/cloud_controller_worker/templates/storage_cli_config_droplets.json.erb b/jobs/cloud_controller_worker/templates/storage_cli_config_droplets.json.erb index 4616d8afe9..e482cf91ef 100644 --- a/jobs/cloud_controller_worker/templates/storage_cli_config_droplets.json.erb +++ b/jobs/cloud_controller_worker/templates/storage_cli_config_droplets.json.erb @@ -89,21 +89,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = p("#{scope}.username") options["password"] = p("#{scope}.password") - options["endpoint"] = p("#{scope}.public_endpoint") - add_optional(options, "secret", p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = p("cc.droplets.droplet_directory_key", "cc-droplets") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = p("#{scope}.secret", nil) + base_endpoint = p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/cloud_controller_worker/templates/storage_cli_config_packages.json.erb b/jobs/cloud_controller_worker/templates/storage_cli_config_packages.json.erb index d345fe3d88..d688769ae1 100644 --- a/jobs/cloud_controller_worker/templates/storage_cli_config_packages.json.erb +++ b/jobs/cloud_controller_worker/templates/storage_cli_config_packages.json.erb @@ -89,21 +89,37 @@ if provider == "aliyun" || provider == "alioss" options["bucket_name"] = p("#{scope}.aliyun_oss_bucket") end -# WebDAV/dav support intentionally excluded (not fully implemented) +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = p("#{scope}.username") options["password"] = p("#{scope}.password") - options["endpoint"] = p("#{scope}.public_endpoint") - add_optional(options, "secret", p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = p("cc.packages.app_package_directory_key", "cc-packages") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = p("#{scope}.secret", nil) + base_endpoint = p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/jobs/cloud_controller_worker/templates/storage_cli_config_resource_pool.json.erb b/jobs/cloud_controller_worker/templates/storage_cli_config_resource_pool.json.erb index 024e57456e..3dc3809e89 100644 --- a/jobs/cloud_controller_worker/templates/storage_cli_config_resource_pool.json.erb +++ b/jobs/cloud_controller_worker/templates/storage_cli_config_resource_pool.json.erb @@ -88,22 +88,38 @@ if provider == "aliyun" || provider == "alioss" options["endpoint"] = p("#{scope}.aliyun_oss_endpoint") options["bucket_name"] = p("#{scope}.aliyun_oss_bucket") end - -# WebDAV/dav support intentionally excluded (not fully implemented) + +# Support both native storage-cli types (dav) AND legacy fog names (webdav) +# Legacy fog name support to be REMOVED May 2026 if provider == "webdav" || provider == "dav" - options["provider"] = provider + options["provider"] = "dav" options["user"] = p("#{scope}.username") options["password"] = p("#{scope}.password") - options["endpoint"] = p("#{scope}.public_endpoint") - add_optional(options, "secret", p("#{scope}.secret", nil)) + + # Resource-specific directory for compatibility with fog/webdav + resource_dir = p("cc.resource_pool.resource_directory_key", "cc-resources") + + # When using signed URLs (secret present), endpoint points to resource directory + # When using basic auth only (no secret), endpoint includes /admin/ prefix + secret = p("#{scope}.secret", nil) + base_endpoint = p("#{scope}.private_endpoint") + + if secret.nil? || secret.empty? + options["endpoint"] = "#{base_endpoint}/admin/#{resource_dir}" + else + options["endpoint"] = "#{base_endpoint}/#{resource_dir}" + end + + add_optional(options, "secret", secret) + add_optional(options, "signing_method", p("#{scope}.signing_method", nil)) add_optional(options, "retry_attempts", p("#{scope}.retry_attempts", nil)) # TLS nested object with a Cert inside ca_cert=p("#{scope}.ca_cert",nil) unless ca_cert.empty? - options["tls"]={"cert"=>ca_cert} + options["tls"]={"cert"=>{"ca"=>ca_cert}} end end -%> -<%= JSON.pretty_generate(options) %> \ No newline at end of file +<%= JSON.pretty_generate(options) %> diff --git a/spec/cc_deployment_updater/storage_cli_config_jsons_spec.rb b/spec/cc_deployment_updater/storage_cli_config_jsons_spec.rb index 24bec8ab58..61fab22105 100644 --- a/spec/cc_deployment_updater/storage_cli_config_jsons_spec.rb +++ b/spec/cc_deployment_updater/storage_cli_config_jsons_spec.rb @@ -320,46 +320,59 @@ def props_for_provider(provider) let(:links) { [cc_link] } let(:props) { {} } + # Helper to determine expected directory key based on template path + def expected_directory_key(template_path) + case template_path + when /droplets/ then 'cc-droplets' + when /packages/ then 'cc-packages' + when /buildpacks/ then 'cc-buildpacks' + when /resource_pool/ then 'cc-resources' + end + end + TEMPLATES.each_value do |(template_path, keypath)| describe template_path do let(:template) { job.template(template_path) } + let(:directory_key) { expected_directory_key(template_path) } it 'maps required properties into the rendered config' do set(link_props, keypath, { - 'provider' => 'webdav', + 'provider' => 'dav', 'username' => 'user', 'password' => 'secret', - 'public_endpoint' => 'webdav.com', + 'private_endpoint' => 'https://webdav.com', 'ca_cert' => 'some_cert' }) json = YAML.safe_load(template.render(props, consumes: links)) expect(json).to include( - 'provider' => 'webdav', + 'provider' => 'dav', 'user' => 'user', 'password' => 'secret', - 'endpoint' => 'webdav.com', - 'tls' => { 'cert' => 'some_cert' } + 'endpoint' => "https://webdav.com/admin/#{directory_key}", + 'tls' => { 'cert' => { 'ca' => 'some_cert' } } ) end it 'includes optional properties when provided' do set(link_props, keypath, { - 'provider' => 'webdav', + 'provider' => 'dav', 'username' => 'user', 'password' => 'secret', - 'public_endpoint' => 'webdav.com', + 'private_endpoint' => 'https://webdav.com', 'ca_cert' => 'some_cert', 'secret' => 'secret', + 'signing_method' => 'md5', 'retry_attempts' => '4' }) json = YAML.safe_load(template.render(props, consumes: links)) expect(json).to include( - 'provider' => 'webdav', + 'provider' => 'dav', 'user' => 'user', 'password' => 'secret', - 'endpoint' => 'webdav.com', - 'tls' => { 'cert' => 'some_cert' }, + 'endpoint' => "https://webdav.com/#{directory_key}", + 'tls' => { 'cert' => { 'ca' => 'some_cert' } }, 'secret' => 'secret', + 'signing_method' => 'md5', 'retry_attempts' => '4' ) end diff --git a/spec/cloud_controller_clock/storage_cli_config_jsons_spec.rb b/spec/cloud_controller_clock/storage_cli_config_jsons_spec.rb index ff1fbc52a1..7c904a6d8e 100644 --- a/spec/cloud_controller_clock/storage_cli_config_jsons_spec.rb +++ b/spec/cloud_controller_clock/storage_cli_config_jsons_spec.rb @@ -273,46 +273,59 @@ def props_for_provider(provider) describe 'when provider is webdav' do let(:props) { props_for_provider('webdav') } + # Helper to determine expected directory key based on template path + def expected_directory_key(template_path) + case template_path + when /droplets/ then 'cc-droplets' + when /packages/ then 'cc-packages' + when /buildpacks/ then 'cc-buildpacks' + when /resource_pool/ then 'cc-resources' + end + end + TEMPLATES.each_value do |(template_path, keypath)| describe template_path do let(:template) { job.template(template_path) } + let(:directory_key) { expected_directory_key(template_path) } it 'maps required properties into the rendered config' do set(props, keypath, { - 'provider' => 'webdav', + 'provider' => 'dav', 'username' => 'user', 'password' => 'secret', - 'public_endpoint' => 'webdav.com', + 'private_endpoint' => 'https://webdav.com', 'ca_cert' => 'some_cert' }) json = YAML.safe_load(template.render(props, consumes: links)) expect(json).to include( - 'provider' => 'webdav', + 'provider' => 'dav', 'user' => 'user', 'password' => 'secret', - 'endpoint' => 'webdav.com', - 'tls' => { 'cert' => 'some_cert' } + 'endpoint' => "https://webdav.com/admin/#{directory_key}", + 'tls' => { 'cert' => { 'ca' => 'some_cert' } } ) end it 'includes optional properties when provided' do set(props, keypath, { - 'provider' => 'webdav', + 'provider' => 'dav', 'username' => 'user', 'password' => 'secret', - 'public_endpoint' => 'webdav.com', + 'private_endpoint' => 'https://webdav.com', 'ca_cert' => 'some_cert', 'secret' => 'secret', + 'signing_method' => 'md5', 'retry_attempts' => '4' }) json = YAML.safe_load(template.render(props, consumes: links)) expect(json).to include( - 'provider' => 'webdav', + 'provider' => 'dav', 'user' => 'user', 'password' => 'secret', - 'endpoint' => 'webdav.com', - 'tls' => { 'cert' => 'some_cert' }, + 'endpoint' => "https://webdav.com/#{directory_key}", + 'tls' => { 'cert' => { 'ca' => 'some_cert' } }, 'secret' => 'secret', + 'signing_method' => 'md5', 'retry_attempts' => '4' ) end diff --git a/spec/cloud_controller_ng/storage_cli_config_jsons_spec.rb b/spec/cloud_controller_ng/storage_cli_config_jsons_spec.rb index a44653048c..b0f95fbf5b 100644 --- a/spec/cloud_controller_ng/storage_cli_config_jsons_spec.rb +++ b/spec/cloud_controller_ng/storage_cli_config_jsons_spec.rb @@ -274,25 +274,36 @@ def props_for_provider(provider) describe 'when provider is webdav' do let(:props) { props_for_provider('webdav') } + # Helper to determine expected directory key based on template path + def expected_directory_key(template_path) + case template_path + when /droplets/ then 'cc-droplets' + when /packages/ then 'cc-packages' + when /buildpacks/ then 'cc-buildpacks' + when /resource_pool/ then 'cc-resources' + end + end + TEMPLATES.each_value do |(template_path, keypath)| describe template_path do let(:template) { job.template(template_path) } + let(:directory_key) { expected_directory_key(template_path) } it 'maps required properties into the rendered config' do set(props, keypath, { 'provider' => 'webdav', 'username' => 'user', 'password' => 'secret', - 'public_endpoint' => 'webdav.com', + 'private_endpoint' => 'https://webdav.com', 'ca_cert' => 'some_cert' }) json = YAML.safe_load(template.render(props, consumes: links)) expect(json).to include( - 'provider' => 'webdav', + 'provider' => 'dav', 'user' => 'user', 'password' => 'secret', - 'endpoint' => 'webdav.com', - 'tls' => { 'cert' => 'some_cert' } + 'endpoint' => "https://webdav.com/admin/#{directory_key}", + 'tls' => { 'cert' => { 'ca' => 'some_cert' } } ) end @@ -301,19 +312,21 @@ def props_for_provider(provider) 'provider' => 'webdav', 'username' => 'user', 'password' => 'secret', - 'public_endpoint' => 'webdav.com', + 'private_endpoint' => 'https://webdav.com', 'ca_cert' => 'some_cert', 'secret' => 'secret', + 'signing_method' => 'md5', 'retry_attempts' => '4' }) json = YAML.safe_load(template.render(props, consumes: links)) expect(json).to include( - 'provider' => 'webdav', + 'provider' => 'dav', 'user' => 'user', 'password' => 'secret', - 'endpoint' => 'webdav.com', - 'tls' => { 'cert' => 'some_cert' }, + 'endpoint' => "https://webdav.com/#{directory_key}", + 'tls' => { 'cert' => { 'ca' => 'some_cert' } }, 'secret' => 'secret', + 'signing_method' => 'md5', 'retry_attempts' => '4' ) end diff --git a/spec/cloud_controller_worker/storage_cli_config_jsons_spec.rb b/spec/cloud_controller_worker/storage_cli_config_jsons_spec.rb index 8d08c5f950..97c20c6152 100644 --- a/spec/cloud_controller_worker/storage_cli_config_jsons_spec.rb +++ b/spec/cloud_controller_worker/storage_cli_config_jsons_spec.rb @@ -273,46 +273,59 @@ def props_for_provider(provider) describe 'when provider is webdav' do let(:props) { props_for_provider('webdav') } + # Helper to determine expected directory key based on template path + def expected_directory_key(template_path) + case template_path + when /droplets/ then 'cc-droplets' + when /packages/ then 'cc-packages' + when /buildpacks/ then 'cc-buildpacks' + when /resource_pool/ then 'cc-resources' + end + end + TEMPLATES.each_value do |(template_path, keypath)| describe template_path do let(:template) { job.template(template_path) } + let(:directory_key) { expected_directory_key(template_path) } it 'maps required properties into the rendered config' do set(props, keypath, { - 'provider' => 'webdav', + 'provider' => 'dav', 'username' => 'user', 'password' => 'secret', - 'public_endpoint' => 'webdav.com', + 'private_endpoint' => 'https://webdav.com', 'ca_cert' => 'some_cert' }) json = YAML.safe_load(template.render(props, consumes: links)) expect(json).to include( - 'provider' => 'webdav', + 'provider' => 'dav', 'user' => 'user', 'password' => 'secret', - 'endpoint' => 'webdav.com', - 'tls' => { 'cert' => 'some_cert' } + 'endpoint' => "https://webdav.com/admin/#{directory_key}", + 'tls' => { 'cert' => { 'ca' => 'some_cert' } } ) end it 'includes optional properties when provided' do set(props, keypath, { - 'provider' => 'webdav', + 'provider' => 'dav', 'username' => 'user', 'password' => 'secret', - 'public_endpoint' => 'webdav.com', + 'private_endpoint' => 'https://webdav.com', 'ca_cert' => 'some_cert', 'secret' => 'secret', + 'signing_method' => 'md5', 'retry_attempts' => '4' }) json = YAML.safe_load(template.render(props, consumes: links)) expect(json).to include( - 'provider' => 'webdav', + 'provider' => 'dav', 'user' => 'user', 'password' => 'secret', - 'endpoint' => 'webdav.com', - 'tls' => { 'cert' => 'some_cert' }, + 'endpoint' => "https://webdav.com/#{directory_key}", + 'tls' => { 'cert' => { 'ca' => 'some_cert' } }, 'secret' => 'secret', + 'signing_method' => 'md5', 'retry_attempts' => '4' ) end