Hello, this is the CAPI team's CI repo. It houses Concourse configuration settings for our CI environments.
Check it out! https://concourse.app-runtime-interfaces.ci.cloudfoundry.org/teams/capi-team/pipelines/capi
📌 This repository has gone through a complete overhaul. The old artifacts can still be found on the legacy branch.
See pipeline.yml for more details.
All environments are short-lived. The webserver is now "Puma" for all environments.
________________________________________________________________________
/ \ \
| | Elsa: biggest and most "real" environment |
\_ | · HA / Multi-AZ |
| · Windows cell |
| · Encrypted database |
| · Clustered database |
| · Runtime CredHub (assisted mode) |
| · Database: MySQL |
| · Platform: GCP |
| · Blobstore: GCP blobstore |
| · Runs rotate-cc-database-key errand for smoke testing |
| |
| Kiki: used for testing that db migrations are backwards compatible |
| · Database: PostgreSQL |
| · Platform: GCP |
| · Blobstore: WebDAV |
| |
| Asha: used for testing CATS and CAPI-BARA tests on MySQL |
| · Database: MySQL |
| · Platform: GCP |
| · Blobstore: WebDAV |
| |
| Olaf: used for running CATS and CAPI-BARA tests on AWS with MySQL |
| · Database: MySQL |
| · Platform: AWS |
| · Blobstore: S3 |
| |
| Scar: used for testing CATS and CAPI-BARA tests on PostgreSQL |
| · Database: PostgreSQL |
| · Platform: Azure |
| · Blobstore: Azure Blob Storage |
| |
| Gyro: used for testing experimental features on GCP / PostgreSQL |
| · Database: PostgreSQL |
| · Platform: GCP |
| · Blobstore: WebDAV |
| ___________________________________________________________________|___
| / /
\_/______________________________________________________________________/
Kiki starts with an older version of cf-deployment. It then runs the new migrations, but keeps the old Cloud Controller code. This catches any backwards-incompatible migrations. This is important because Cloud Controller instances do rolling upgrades. For example: if you write a migration that drops a table, old CC instances that depend on that table existing will crash during the rolling deploy.
The "Scar" environment runs on Azure. It uses an application client secret for authentication. If the secret expires, you can renew it by following these steps:
- Log on to the Azure portal: https://portal.azure.com/
- Make sure the "Cloud Foundry Foundation" directory is selected in the top right corner.
- Navigate to "Microsoft Entra ID" > "Manage" > "App registrations" > "All applications" > "sp-ari-bbl" > "Client secrets".
- Click on "New client secret". Choose 12 months for the expiration and click "Add".
- Copy the value of the secret. (The secret ID is not needed, just the value.)
- Log on to the ARI WG Concourse CredHub using the start-credhub-cli.sh script.
- Run the following command to set the new secret value in CredHub:
credhub set -n /concourse/capi-team/capi-bbl-scar-azure-client-secret -t password - Make sure the bbl-up-scar-psql Concourse job runs. It updates the secret in the BOSH Azure CPI.
- Now the Scar scar-psql-deploy-cf job should succeed again. Delete the old expired secret in the Azure portal to keep things tidy.
This pipeline is responsible for testing, building, and releasing capi-release. For guidance on releasing CAPI, see this document.
This is where the majority of testing for capi-release components live.
- Runs unit tests for Cloud Controller and bridge components
- Builds capi-release release candidates and deploys to Elsa, Kiki, Asha, Olaf, and Scar
- Runs appropriate integration tests for each environment
- Bumps the
ci-passedbranch of capi-release - Updates release candidate in v3 docs every time
ci-passedbranch is updated.
Automatically bumps golang version for capi-release components every time a new golang-release is available. Also bumps Valkey and nginx.
Jobs responsible for cutting a capi-release.
- Bump API versions
- Update API docs
- Release capi-release
Updates the bosh deployments for all the pipeline environments (using bbl up).
Theoretically useful for destroying broken bosh deployments for all the pipeline environments. Often doesn't work because the directors are in such bad state. There are also jobs to manually release pool resources for the following environments: Elsa, Asha, and Scar.
Pipeline responsible for managing the development bosh-lite pool.
- Create new bosh-lites if there is room in the pool
- Delete released bosh-lites
There are a number of helpful scripts in capi-workspace for using the bosh-lite pool. Most notably, claim_bosh_lite, unclaim_bosh_lite, and print_env_info. See the commands list for a full list of useful commands for interacting with the pool.