From de3475ebd13c9733cf3d5e45e58e7bc9f90b1c7e Mon Sep 17 00:00:00 2001 From: Mike Yeromko Date: Wed, 27 May 2026 14:44:50 +0200 Subject: [PATCH 1/2] fix: pinned docker-cpi version --- ci/Dockerfile | 2 +- ci/pipeline.yml | 9 ++++++--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/ci/Dockerfile b/ci/Dockerfile index 3974df62..190ee2ed 100644 --- a/ci/Dockerfile +++ b/ci/Dockerfile @@ -1,4 +1,4 @@ -FROM ghcr.io/cloudfoundry/bosh/docker-cpi:latest +FROM ghcr.io/cloudfoundry/bosh/docker-cpi@sha256:1ce361cdc6a26b6382a542b889da8bd56c28220065c5185bf6e7bdd21f4a8931 # Install all necessary tools for haproxy testflight and dependency autobump ENV DEBIAN_FRONTEND=noninteractive diff --git a/ci/pipeline.yml b/ci/pipeline.yml index 9b805502..afefe89c 100644 --- a/ci/pipeline.yml +++ b/ci/pipeline.yml @@ -25,6 +25,7 @@ jobs: - get: git trigger: true - get: haproxy-boshrelease-testflight + trigger: true - task: lint image: haproxy-boshrelease-testflight config: @@ -125,7 +126,7 @@ jobs: - { get: git, trigger: true, passed: [unit-tests] } - { get: stemcell } - { get: stemcell-jammy } - - get: haproxy-boshrelease-testflight + - { get: haproxy-boshrelease-testflight, trigger: true, passed: [build-haproxy-testflight-image] } - task: acceptance-tests privileged: true timeout: 4h @@ -377,7 +378,7 @@ jobs: plan: - in_parallel: - { get: git-pull-requests, trigger: true, version: every } - - get: docker-cpi-image + - { get: docker-cpi-image, trigger: true } - task: create-pr-tag image: docker-cpi-image config: @@ -486,9 +487,11 @@ resources: interval: 24h - name: docker-cpi-image - type: docker-image + type: registry-image source: repository: ghcr.io/cloudfoundry/bosh/docker-cpi + version: + digest: "sha256:1ce361cdc6a26b6382a542b889da8bd56c28220065c5185bf6e7bdd21f4a8931" - name: git-ci type: git From c60f17495274288cd0e3185e690a7d8aff5dec64 Mon Sep 17 00:00:00 2001 From: Mike Yeromko Date: Fri, 29 May 2026 13:26:46 +0200 Subject: [PATCH 2/2] error handling; rollback pinning --- ci/Dockerfile | 2 +- ci/pipeline.yml | 4 +--- ci/scripts/start-bosh.sh | 13 +++++++++++++ 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/ci/Dockerfile b/ci/Dockerfile index 190ee2ed..3974df62 100644 --- a/ci/Dockerfile +++ b/ci/Dockerfile @@ -1,4 +1,4 @@ -FROM ghcr.io/cloudfoundry/bosh/docker-cpi@sha256:1ce361cdc6a26b6382a542b889da8bd56c28220065c5185bf6e7bdd21f4a8931 +FROM ghcr.io/cloudfoundry/bosh/docker-cpi:latest # Install all necessary tools for haproxy testflight and dependency autobump ENV DEBIAN_FRONTEND=noninteractive diff --git a/ci/pipeline.yml b/ci/pipeline.yml index afefe89c..1fc246c3 100644 --- a/ci/pipeline.yml +++ b/ci/pipeline.yml @@ -487,11 +487,9 @@ resources: interval: 24h - name: docker-cpi-image - type: registry-image + type: docker-image source: repository: ghcr.io/cloudfoundry/bosh/docker-cpi - version: - digest: "sha256:1ce361cdc6a26b6382a542b889da8bd56c28220065c5185bf6e7bdd21f4a8931" - name: git-ci type: git diff --git a/ci/scripts/start-bosh.sh b/ci/scripts/start-bosh.sh index d2b29f86..31198064 100755 --- a/ci/scripts/start-bosh.sh +++ b/ci/scripts/start-bosh.sh @@ -256,9 +256,22 @@ EOF "${@}" > "${local_bosh_dir}/bosh-director.yml" echo "Creating BOSH director environment (this may take several minutes)..." >&2 + set +e bosh create-env "${local_bosh_dir}/bosh-director.yml" \ --vars-store="${local_bosh_dir}/creds.yml" \ --state="${local_bosh_dir}/state.json" + create_env_rc=$? + set -e + if [ "$create_env_rc" -ne "0" ]; then + echo "" >&2 + echo "ERROR: 'bosh create-env' failed." >&2 + echo "This could be caused by a new version of the docker-cpi image which sets up the latest bosh and bosh-deployment releases that may introduce bugs." >&2 + echo "You can:" >&2 + echo " 1) Check the bosh release changelog for breaking changes" >&2 + echo " 2) Communicate with the BOSH team to report/confirm the issue" >&2 + echo " 3) Pin an older version of the docker-cpi image and start a new job" >&2 + exit 1 + fi bosh int "${local_bosh_dir}/creds.yml" --path /director_ssl/ca > "${local_bosh_dir}/ca.crt" bosh_client_secret="$(bosh int "${local_bosh_dir}/creds.yml" --path /admin_password)"