diff --git a/ci/bats/tasks/deploy-director.sh b/ci/bats/tasks/deploy-director.sh index 2f337d4f97a..2c14b702c5e 100755 --- a/ci/bats/tasks/deploy-director.sh +++ b/ci/bats/tasks/deploy-director.sh @@ -50,4 +50,9 @@ bosh-cli create-env \ --vars-store director-creds.yml \ director.yml -cat bosh-release/version +version_file="bosh-release/version" +if [ -f "${version_file}" ]; then + cat "${version_file}" +else + echo "Version file '${version_file}' was not present" +fi diff --git a/ci/configure.sh b/ci/configure.sh index 7271f653e19..909dbf00722 100755 --- a/ci/configure.sh +++ b/ci/configure.sh @@ -4,5 +4,4 @@ set -euo pipefail REPO_ROOT="$( cd "$( dirname "${BASH_SOURCE[0]}" )/.." && pwd )" fly -t "${CONCOURSE_TARGET:-bosh}" set-pipeline -p bosh-director \ - -c "${REPO_ROOT}/ci/pipeline.yml" \ - --var=branch_name=main + -c "${REPO_ROOT}/ci/pipeline.yml" diff --git a/ci/dockerfiles/docker-cpi/Dockerfile b/ci/dockerfiles/docker-cpi/Dockerfile index dac94c30d46..fcf8b303c83 100644 --- a/ci/dockerfiles/docker-cpi/Dockerfile +++ b/ci/dockerfiles/docker-cpi/Dockerfile @@ -29,11 +29,10 @@ RUN docker_gpg="/etc/apt/trusted.gpg.d/docker.gpg" \ RUN sed -i 's/\(ulimit -Hn [0-9]*\)/#\1/' /etc/init.d/docker COPY bosh-deployment /usr/local/bosh-deployment/ -RUN curl -o /usr/local/bosh.tgz "$(bosh int /usr/local/bosh-deployment/bosh.yml --path /releases/name=bosh/url)" \ - && curl -o /usr/local/bpm.tgz "$(bosh int /usr/local/bosh-deployment/bosh.yml --path /releases/name=bpm/url)" +RUN mkdir -p /usr/local/releases \ + && curl -o /usr/local/releases/bosh.tgz "$(bosh int /usr/local/bosh-deployment/bosh.yml --path /releases/name=bosh/url)" \ + && curl -o /usr/local/releases/bpm.tgz "$(bosh int /usr/local/bosh-deployment/bosh.yml --path /releases/name=bpm/url)" COPY local-releases.yml /usr/local/local-releases.yml -COPY noble-updates.yml /usr/local/noble-updates.yml COPY start-bosh.sh /usr/local/bin/start-bosh - RUN chmod +x /usr/local/bin/start-bosh diff --git a/ci/dockerfiles/docker-cpi/latest-bosh-release.yml b/ci/dockerfiles/docker-cpi/latest-bosh-release.yml index 2cc7a98f4c1..1d11eb783e6 100644 --- a/ci/dockerfiles/docker-cpi/latest-bosh-release.yml +++ b/ci/dockerfiles/docker-cpi/latest-bosh-release.yml @@ -20,21 +20,21 @@ path: /releases/name=bpm/sha1 - type: replace - path: /releases/name=bosh-docker-cpi/version + path: /releases/name=os-conf/version value: latest - type: remove - path: /releases/name=bosh-docker-cpi/url + path: /releases/name=os-conf/url - type: remove - path: /releases/name=bosh-docker-cpi/sha1 + path: /releases/name=os-conf/sha1 - type: replace - path: /releases/name=os-conf/version + path: /releases/name=bosh-docker-cpi/version value: latest - type: remove - path: /releases/name=os-conf/url + path: /releases/name=bosh-docker-cpi/url - type: remove - path: /releases/name=os-conf/sha1 + path: /releases/name=bosh-docker-cpi/sha1 diff --git a/ci/dockerfiles/docker-cpi/local-releases.yml b/ci/dockerfiles/docker-cpi/local-releases.yml index fe81962ea7c..7f24ea45371 100644 --- a/ci/dockerfiles/docker-cpi/local-releases.yml +++ b/ci/dockerfiles/docker-cpi/local-releases.yml @@ -1,8 +1,8 @@ --- - type: replace path: /releases/name=bosh/url - value: file:///usr/local/bosh.tgz + value: file:///usr/local/releases/bosh.tgz - type: replace path: /releases/name=bpm/url - value: file:///usr/local/bpm.tgz + value: file:///usr/local/releases/bpm.tgz diff --git a/ci/dockerfiles/docker-cpi/noble-updates.yml b/ci/dockerfiles/docker-cpi/noble-updates.yml deleted file mode 100644 index e096d1f49be..00000000000 --- a/ci/dockerfiles/docker-cpi/noble-updates.yml +++ /dev/null @@ -1,3 +0,0 @@ -- path: /instance_groups/name=bosh/properties/docker_cpi/start_containers_with_systemd? - type: replace - value: true diff --git a/ci/dockerfiles/docker-cpi/start-bosh.sh b/ci/dockerfiles/docker-cpi/start-bosh.sh index 96ea9272e4a..41de6f912a9 100755 --- a/ci/dockerfiles/docker-cpi/start-bosh.sh +++ b/ci/dockerfiles/docker-cpi/start-bosh.sh @@ -1,6 +1,10 @@ #!/usr/bin/env bash set -e +if [[ -n "${DEBUG:-}" ]]; then + set -x + export BOSH_LOG_LEVEL=debug +fi function generate_certs() { local certs_dir @@ -39,9 +43,9 @@ EOF bosh int ./certs.yml --path=/client_docker_tls/private_key > ./key.pem # generate certs in json format # - ruby -e 'puts File.read("./ca.pem").split("\n").join("\\n")' > $certs_dir/ca_json_safe.pem - ruby -e 'puts File.read("./cert.pem").split("\n").join("\\n")' > $certs_dir/client_certificate_json_safe.pem - ruby -e 'puts File.read("./key.pem").split("\n").join("\\n")' > $certs_dir/client_private_key_json_safe.pem + ruby -e 'puts File.read("./ca.pem").split("\n").join("\\n")' > "${certs_dir}/ca_json_safe.pem" + ruby -e 'puts File.read("./cert.pem").split("\n").join("\\n")' > "${certs_dir}/client_certificate_json_safe.pem" + ruby -e 'puts File.read("./key.pem").split("\n").join("\\n")' > "${certs_dir}/client_private_key_json_safe.pem" popd > /dev/null } @@ -52,13 +56,14 @@ function sanitize_cgroups() { mount -o remount,rw /sys/fs/cgroup + # shellcheck disable=SC2034 sed -e 1d /proc/cgroups | while read sys hierarchy num enabled; do if [ "$enabled" != "1" ]; then # subsystem disabled; skip continue fi - grouping="$(cat /proc/self/cgroup | cut -d: -f2 | grep "\\<$sys\\>")" + grouping="$(cut -d: -f2 < /proc/self/cgroup | grep "\\<$sys\\>")" if [ -z "$grouping" ]; then # subsystem not mounted anywhere; mount it on its own grouping="$sys" @@ -90,10 +95,12 @@ function stop_docker() { } function start_docker() { + local certs_dir + certs_dir="${1}" # docker will fail starting with the new iptables. it throws: # iptables v1.8.7 (nf_tables): Could not fetch rule set generation id: .... update-alternatives --set iptables /usr/sbin/iptables-legacy - generate_certs $1 + generate_certs "${certs_dir}" mkdir -p /var/log mkdir -p /var/run @@ -110,7 +117,8 @@ function start_docker() { mount -o remount,rw /proc/sys fi - local mtu=$(cat /sys/class/net/$(ip route get 169.254.169.254|awk '{ print $5 }')/mtu) + local mtu + mtu=$(cat "/sys/class/net/$(ip route get 169.254.169.254|awk '{ print $5 }')/mtu") [[ ! -d /etc/docker ]] && mkdir /etc/docker cat < /etc/docker/daemon.json @@ -130,12 +138,9 @@ EOF service docker start - export DOCKER_TLS_VERIFY=1 - export DOCKER_CERT_PATH=$1 - rc=1 for i in $(seq 1 100); do - echo waiting for docker to come up... + echo "waiting for docker to come up... (${i})" sleep 1 set +e docker info @@ -150,69 +155,100 @@ EOF exit 1 fi - echo $certs_dir + echo "${certs_dir}" } function main() { - export OUTER_CONTAINER_IP=$(ruby -rsocket -e 'puts Socket.ip_address_list - .reject { |addr| !addr.ip? || addr.ipv4_loopback? || addr.ipv6? } - .map { |addr| addr.ip_address }') - - export DOCKER_HOST="tcp://${OUTER_CONTAINER_IP}:4243" + OUTER_CONTAINER_IP=$( + ip addr \ + | grep 'inet ' \ + | grep -v -E ' (127\.|172\.|10\.245)' \ + | cut -d/ -f 1 \ + | cut -d' ' -f6 + ) + export OUTER_CONTAINER_IP + + if [[ "${OUTER_CONTAINER_IP}" == *$'\n'* ]] ; then + echo "OUTER_CONTAINER_IP had more than one ip: '${OUTER_CONTAINER_IP}'" >&2 + exit 1 + fi local certs_dir certs_dir=$(mktemp -d) - start_docker "${certs_dir}" local local_bosh_dir local_bosh_dir="/tmp/local-bosh/director" + mkdir -p ${local_bosh_dir} + + export DOCKER_HOST="tcp://${OUTER_CONTAINER_IP}:4243" + export DOCKER_TLS_VERIFY=1 + export DOCKER_CERT_PATH="${certs_dir}" + cat < "${local_bosh_dir}/docker-env" +export DOCKER_HOST="tcp://${OUTER_CONTAINER_IP}:4243" +export DOCKER_TLS_VERIFY=1 +export DOCKER_CERT_PATH="${certs_dir}" + +EOF + echo "Source '${local_bosh_dir}/docker-env' to run docker" >&2 - docker network create -d bridge --subnet=10.245.0.0/16 director_network + start_docker "${certs_dir}" + + local docker_network_name="director_network" + if docker network ls | grep -q "${docker_network_name}"; then + echo "A docker network named '${docker_network_name}' already exists, skipping creation" >&2 + else + docker network create -d bridge --subnet=10.245.0.0/16 "${docker_network_name}" + fi - pushd ${BOSH_DEPLOYMENT_PATH:-/usr/local/bosh-deployment} > /dev/null + pushd "${BOSH_DEPLOYMENT_PATH:-/usr/local/bosh-deployment}" > /dev/null export BOSH_DIRECTOR_IP="10.245.0.3" export BOSH_ENVIRONMENT="docker-director" - mkdir -p ${local_bosh_dir} + cat < "${local_bosh_dir}/docker_tls.json" +{ + "ca": "$(cat "${certs_dir}/ca_json_safe.pem")", + "certificate": "$(cat "${certs_dir}/client_certificate_json_safe.pem")", + "private_key": "$(cat "${certs_dir}/client_private_key_json_safe.pem")" +} - additional_ops_files="" - if [ "$(lsb_release -cs)" != "jammy" ]; then - additional_ops_files="-o /usr/local/noble-updates.yml" - fi +EOF - command bosh int bosh.yml \ + bosh int bosh.yml \ -o docker/cpi.yml \ -o jumpbox-user.yml \ -o /usr/local/local-releases.yml \ - ${additional_ops_files} \ -v director_name=docker \ -v internal_cidr=10.245.0.0/16 \ -v internal_gw=10.245.0.1 \ -v internal_ip="${BOSH_DIRECTOR_IP}" \ -v docker_host="${DOCKER_HOST}" \ - -v network=director_network \ - -v docker_tls="{\"ca\": \"$(cat ${certs_dir}/ca_json_safe.pem)\",\"certificate\": \"$(cat ${certs_dir}/client_certificate_json_safe.pem)\",\"private_key\": \"$(cat ${certs_dir}/client_private_key_json_safe.pem)\"}" \ - ${@} > "${local_bosh_dir}/bosh-director.yml" + -v network="${docker_network_name}" \ + -v docker_tls="$(cat "${local_bosh_dir}/docker_tls.json")" \ + "${@}" > "${local_bosh_dir}/bosh-director.yml" + + bosh create-env "${local_bosh_dir}/bosh-director.yml" \ + --vars-store="${local_bosh_dir}/creds.yml" \ + --state="${local_bosh_dir}/state.json" - command bosh create-env "${local_bosh_dir}/bosh-director.yml" \ - --vars-store="${local_bosh_dir}/creds.yml" \ - --state="${local_bosh_dir}/state.json" + bosh int "${local_bosh_dir}/creds.yml" --path /director_ssl/ca \ + > "${local_bosh_dir}/ca.crt" + bosh_client_secret="$(bosh int "${local_bosh_dir}/creds.yml" --path /admin_password)" - bosh int "${local_bosh_dir}/creds.yml" --path /director_ssl/ca > "${local_bosh_dir}/ca.crt" bosh -e "${BOSH_DIRECTOR_IP}" --ca-cert "${local_bosh_dir}/ca.crt" alias-env "${BOSH_ENVIRONMENT}" cat < "${local_bosh_dir}/env" export BOSH_ENVIRONMENT="${BOSH_ENVIRONMENT}" export BOSH_CLIENT=admin - export BOSH_CLIENT_SECRET=`bosh int "${local_bosh_dir}/creds.yml" --path /admin_password` + export BOSH_CLIENT_SECRET=${bosh_client_secret} export BOSH_CA_CERT="${local_bosh_dir}/ca.crt" EOF + echo "Source '${local_bosh_dir}/env' to run bosh" >&2 source "${local_bosh_dir}/env" - bosh -n update-cloud-config docker/cloud-config.yml -v network=director_network + bosh -n update-cloud-config docker/cloud-config.yml -v network="${docker_network_name}" popd > /dev/null } -main $@ +main "${@}" diff --git a/ci/dockerfiles/docker-cpi/start-inner-bosh-parallel.sh b/ci/dockerfiles/docker-cpi/start-inner-bosh-parallel.sh index 483b18a2e0f..31b4812338f 100755 --- a/ci/dockerfiles/docker-cpi/start-inner-bosh-parallel.sh +++ b/ci/dockerfiles/docker-cpi/start-inner-bosh-parallel.sh @@ -4,19 +4,13 @@ set -euo pipefail set -x script_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -src_dir="${script_dir}/../../../" node_number=${1} -pushd ${BOSH_DEPLOYMENT_PATH} > /dev/null - inner_bosh_dir="/tmp/inner-bosh/director/$node_number" - mkdir -p ${inner_bosh_dir} +pushd "${BOSH_DEPLOYMENT_PATH}" > /dev/null + inner_bosh_dir="/tmp/inner-bosh/director/${node_number}" + mkdir -p "${inner_bosh_dir}" - export BOSH_DIRECTOR_IP="10.245.0.$((10+$node_number))" - - additional_ops_files="" - if [ "$(lsb_release -cs)" != "jammy" ]; then - additional_ops_files="-o /usr/local/noble-updates.yml" - fi + export BOSH_DIRECTOR_IP="10.245.0.$((10 + node_number))" bosh int bosh.yml \ -o "$script_dir/inner-bosh-ops.yml" \ @@ -31,16 +25,16 @@ pushd ${BOSH_DEPLOYMENT_PATH} > /dev/null -o "${BOSH_DEPLOYMENT_PATH}/misc/source-releases/bosh.yml" \ -o "$script_dir/latest-bosh-release.yml" \ -o "$script_dir/deployment-name.yml" \ - ${additional_ops_files} \ - -v deployment_name="bosh-$node_number" \ - ${@:2} > "${inner_bosh_dir}/bosh-director.yml" + -v deployment_name="bosh-${node_number}" \ + "${@:2}" > "${inner_bosh_dir}/bosh-director.yml" - bosh -n deploy -d "bosh-$node_number" "${inner_bosh_dir}/bosh-director.yml" --vars-store="${inner_bosh_dir}/creds.yml" + bosh -n deploy -d "bosh-${node_number}" "${inner_bosh_dir}/bosh-director.yml" --vars-store="${inner_bosh_dir}/creds.yml" # set up inner director export BOSH_ENVIRONMENT="docker-inner-director-${node_number}" export BOSH_CONFIG="${inner_bosh_dir}/config" - export BOSH_CLIENT_SECRET=$(bosh int "${inner_bosh_dir}/creds.yml" --path /admin_password) + BOSH_CLIENT_SECRET=$(bosh int "${inner_bosh_dir}/creds.yml" --path /admin_password) + export BOSH_CLIENT_SECRET bosh int "${inner_bosh_dir}/creds.yml" --path /director_ssl/ca > "${inner_bosh_dir}/ca.crt" bosh -e "${BOSH_DIRECTOR_IP}" --ca-cert "${inner_bosh_dir}/ca.crt" alias-env "${BOSH_ENVIRONMENT}" @@ -64,7 +58,7 @@ EOF "${inner_bosh_dir}/bosh" -n update-cloud-config \ "$script_dir/inner-bosh-cloud-config.yml" \ - -v node_number="$((${node_number} * 4))" \ + -v node_number="$((node_number * 4))" \ -v network=director_network popd > /dev/null diff --git a/ci/dockerfiles/docker-cpi/start-inner-bosh.sh b/ci/dockerfiles/docker-cpi/start-inner-bosh.sh index cac23312702..7da0226fabe 100755 --- a/ci/dockerfiles/docker-cpi/start-inner-bosh.sh +++ b/ci/dockerfiles/docker-cpi/start-inner-bosh.sh @@ -8,7 +8,7 @@ bosh_release_path="" src_dir="${script_dir}/../../../" -default_stemcell_path="${src_dir}/../stemcell/*.tgz" +default_stemcell_path="$(ls "${src_dir}/../stemcell/*.tgz")" stemcell="${CANDIDATE_STEMCELL_TARBALL_PATH:-$default_stemcell_path}" pushd "${bosh_path}" > /dev/null @@ -21,7 +21,7 @@ popd > /dev/null export bosh_release_path -pushd ${BOSH_DEPLOYMENT_PATH} > /dev/null +pushd "${BOSH_DEPLOYMENT_PATH}" > /dev/null inner_bosh_dir="/tmp/inner-bosh/director" export BOSH_DIRECTOR_IP="10.245.0.34" @@ -44,9 +44,9 @@ pushd ${BOSH_DEPLOYMENT_PATH} > /dev/null -o "${BOSH_DEPLOYMENT_PATH}/misc/source-releases/bosh.yml" \ -o "${BOSH_DEPLOYMENT_PATH}/local-bosh-release-tarball.yml" \ -v local_bosh_release="${bosh_release_path}" \ - ${@} > "${inner_bosh_dir}/bosh-director.yml" + "${@}" > "${inner_bosh_dir}/bosh-director.yml" - bosh upload-stemcell ${stemcell} + bosh upload-stemcell "${stemcell}" deployment_name="--deployment=bosh" if [[ "${1}" = "--deployment="* ]]; then @@ -64,12 +64,14 @@ pushd ${BOSH_DEPLOYMENT_PATH} > /dev/null bosh int "${inner_bosh_dir}/creds.yml" --path /jumpbox_ssh/private_key > "${inner_bosh_dir}/jumpbox_private_key.pem" chmod 600 "${inner_bosh_dir}/jumpbox_private_key.pem" + bosh_client_secret="$(bosh int "${inner_bosh_dir}/creds.yml" --path /admin_password)" + cat < "${inner_bosh_dir}/bosh" #!/bin/bash export BOSH_ENVIRONMENT="${BOSH_ENVIRONMENT}" export BOSH_CLIENT=admin -export BOSH_CLIENT_SECRET=`bosh int "${inner_bosh_dir}/creds.yml" --path /admin_password` +export BOSH_CLIENT_SECRET=${bosh_client_secret} export BOSH_CA_CERT="${inner_bosh_dir}/ca.crt" $(which bosh) "\$@" diff --git a/ci/dockerfiles/warden-cpi/Dockerfile b/ci/dockerfiles/warden-cpi/Dockerfile index e02333e6374..aa2f7c577e5 100644 --- a/ci/dockerfiles/warden-cpi/Dockerfile +++ b/ci/dockerfiles/warden-cpi/Dockerfile @@ -37,16 +37,14 @@ RUN \ wget -q -O /usr/local/releases/uaa.tgz "${UAA_RELEASE_URL}" && \ wget -q -O /usr/local/releases/credhub.tgz "${CREDHUB_RELEASE_URL}" -COPY local-releases.yml /usr/local/releases/local-releases.yml - +COPY local-releases.yml /usr/local/local-releases.yml COPY start-bosh.sh /usr/local/bin/start-bosh RUN chmod +x /usr/local/bin/start-bosh -COPY template-renderer.rb /tmp/template-renderer.rb -COPY install-garden.rb /tmp/install-garden.rb -RUN ruby /tmp/install-garden.rb /usr/local/releases/garden-runc.tgz RUN mkdir -p /var/vcap/sys/log/warden_cpi/ - RUN useradd -ms /bin/bash vcap +COPY template-renderer.rb /tmp/template-renderer.rb +COPY install-garden.rb /tmp/install-garden.rb +RUN ruby /tmp/install-garden.rb /usr/local/releases/garden-runc.tgz RUN rm -rf /tmp/* diff --git a/ci/dockerfiles/warden-cpi/create-and-upload-release.sh b/ci/dockerfiles/warden-cpi/create-and-upload-release.sh index 723ae0bfdce..ee5c90f56b6 100755 --- a/ci/dockerfiles/warden-cpi/create-and-upload-release.sh +++ b/ci/dockerfiles/warden-cpi/create-and-upload-release.sh @@ -35,7 +35,7 @@ pushd "${BOSH_DEPLOYMENT_PATH}" > /dev/null mkdir -p "${inner_bosh_dir}" - export BOSH_DIRECTOR_IP="10.245.0.$((10+$node_number))" + export BOSH_DIRECTOR_IP="10.245.0.$((10 + node_number))" bosh upload-release "$(bosh int bosh.yml -o misc/source-releases/bosh.yml --path /releases/name=bpm/url)" \ --sha1 "$(bosh int bosh.yml -o misc/source-releases/bosh.yml --path /releases/name=bpm/sha1)" diff --git a/ci/dockerfiles/warden-cpi/destroy-inner-bosh.sh b/ci/dockerfiles/warden-cpi/destroy-inner-bosh.sh index 4fb55130e88..91c8dac870f 100755 --- a/ci/dockerfiles/warden-cpi/destroy-inner-bosh.sh +++ b/ci/dockerfiles/warden-cpi/destroy-inner-bosh.sh @@ -2,7 +2,7 @@ set -e -pushd ${BOSH_DEPLOYMENT_PATH} > /dev/null +pushd "${BOSH_DEPLOYMENT_PATH}" > /dev/null node_number=$1 inner_bosh_dir="/tmp/inner-bosh/director" deployment_name="bosh" diff --git a/ci/dockerfiles/warden-cpi/install-garden.rb b/ci/dockerfiles/warden-cpi/install-garden.rb index 2bbcfa60ed7..42b7279d3eb 100644 --- a/ci/dockerfiles/warden-cpi/install-garden.rb +++ b/ci/dockerfiles/warden-cpi/install-garden.rb @@ -1,55 +1,55 @@ -require 'yaml' -require 'json' -require 'fileutils' -require 'tmpdir' +require "yaml" +require "json" +require "fileutils" +require "tmpdir" garden_archive_path = ARGV[0] -%w{ +%w[ /var/vcap/sys/run/garden /var/vcap/sys/log/garden /var/vcap/data/garden/depo /var/vcap/data/garden/bin /var/vcap/data/tmp -}.each {|path| FileUtils.mkdir_p path} +].each { |path| FileUtils.mkdir_p path } -installed_garden_job_path = File.join('/', 'var', 'vcap', 'jobs', 'garden') +installed_garden_job_path = File.join("/", "var", "vcap", "jobs", "garden") Dir.mktmpdir do |workspace| `tar xzf #{garden_archive_path} -C #{workspace}` - garden_job_path = File.join(workspace, 'garden') + garden_job_path = File.join(workspace, "garden") FileUtils.mkdir_p garden_job_path - `tar xzf #{File.join(workspace, 'jobs', 'garden.tgz')} -C #{garden_job_path}` - garden_job_spec_path = File.join(garden_job_path, 'job.MF') + `tar xzf #{File.join(workspace, "jobs", "garden.tgz")} -C #{garden_job_path}` + garden_job_spec_path = File.join(garden_job_path, "job.MF") job_spec = YAML.load_file(garden_job_spec_path) - job_spec['packages'].each do |package_name| - package_path = File.join('/', 'var', 'vcap', 'packages', package_name) + job_spec["packages"].each do |package_name| + package_path = File.join("/", "var", "vcap", "packages", package_name) FileUtils.mkdir_p(package_path) - `tar xzf #{File.join(workspace, 'compiled_packages', "#{package_name}.tgz")} -C #{package_path}` + `tar xzf #{File.join(workspace, "compiled_packages", "#{package_name}.tgz")} -C #{package_path}` end - context_path = File.join(workspace, 'context.json') + context_path = File.join(workspace, "context.json") context = { - 'default_properties' => job_spec['properties'].map { |key, value| [key, value['default']]}.to_h, - 'job_properties' => { - 'garden' => { - 'allow_host_access': true, - 'debug_listen_address': '127.0.0.1:17013', - 'default_container_grace_time': '0', - 'destroy_containers_on_start': true, - 'graph_cleanup_threshold_in_mb': '0', - 'listen_address': '127.0.0.1:7777', - 'listen_network': 'tcp', + "default_properties" => job_spec["properties"].map { |key, value| [key, value["default"]] }.to_h, + "job_properties" => { + "garden" => { + allow_host_access: true, + debug_listen_address: "127.0.0.1:17013", + default_container_grace_time: "0", + destroy_containers_on_start: true, + graph_cleanup_threshold_in_mb: "0", + listen_address: "127.0.0.1:7777", + listen_network: "tcp" } } } File.write(context_path, context.to_json) - templates = job_spec['templates'] + templates = job_spec["templates"] templates.each do |src, dst| - src_path = File.join(garden_job_path, 'templates', src) + src_path = File.join(garden_job_path, "templates", src) dest_path = File.join(installed_garden_job_path, dst) FileUtils.mkdir_p(File.dirname(dest_path)) - `ruby #{File.join(__dir__, 'template-renderer.rb')} #{context_path} #{src_path} #{dest_path}` + `ruby #{File.join(__dir__, "template-renderer.rb")} #{context_path} #{src_path} #{dest_path}` end end -`chmod +x #{File.join(installed_garden_job_path, 'bin', '*')}` +`chmod +x #{File.join(installed_garden_job_path, "bin", "*")}` diff --git a/ci/dockerfiles/warden-cpi/start-bosh.sh b/ci/dockerfiles/warden-cpi/start-bosh.sh index 00025ea6445..9c7634fea40 100755 --- a/ci/dockerfiles/warden-cpi/start-bosh.sh +++ b/ci/dockerfiles/warden-cpi/start-bosh.sh @@ -1,23 +1,32 @@ #!/usr/bin/env bash set -e +if [[ -n "${DEBUG:-}" ]]; then + set -x + export BOSH_LOG_LEVEL=debug +fi local_bosh_dir="/tmp/local-bosh/director" +# Update the on-container garden ini so that systemd is used as the INIT binary +# See: https://github.com/cloudfoundry/bosh-warden-cpi-release/commit/434738fed168b71cc0c3ba8c038773cc1074189e#diff-f3d9c00d365d08274b8e73e1dc4fc4b2d38a92a654d4d2b27f4ffdc01730576bR1-R8 +sed -i 's/\/var\/vcap\/data\/garden\/bin\/init/\/sbin\/init/' /var/vcap/jobs/garden/config/config.ini + /var/vcap/jobs/garden/bin/pre-start /var/vcap/jobs/garden/bin/garden_ctl start & /var/vcap/jobs/garden/bin/post-start additional_ops_files="" if [ "${USE_LOCAL_RELEASES:="true"}" != "false" ]; then - additional_ops_files="-o /usr/local/releases/local-releases.yml" + additional_ops_files="-o /usr/local/local-releases.yml" fi -pushd ${BOSH_DEPLOYMENT_PATH:-/usr/local/bosh-deployment} > /dev/null +pushd "${BOSH_DEPLOYMENT_PATH:-/usr/local/bosh-deployment}" > /dev/null export BOSH_DIRECTOR_IP="192.168.56.6" mkdir -p ${local_bosh_dir} + # shellcheck disable=SC2086 bosh int bosh.yml \ -o bosh-lite.yml \ -o warden/cpi.yml \ @@ -31,22 +40,29 @@ pushd ${BOSH_DEPLOYMENT_PATH:-/usr/local/bosh-deployment} > /dev/null -v internal_cidr=192.168.56.0/24 \ -v outbound_network_name=NatNetwork \ -v garden_host=127.0.0.1 \ - ${@} > "${local_bosh_dir}/bosh-director.yml" + "${@}" > "${local_bosh_dir}/bosh-director.yml" bosh create-env "${local_bosh_dir}/bosh-director.yml" \ --vars-store="${local_bosh_dir}/creds.yml" \ --state="${local_bosh_dir}/state.json" - bosh int "${local_bosh_dir}/creds.yml" --path /director_ssl/ca > "${local_bosh_dir}/ca.crt" + bosh int "${local_bosh_dir}/creds.yml" --path /director_ssl/ca \ + > "${local_bosh_dir}/ca.crt" + bosh_client_secret="$(bosh int "${local_bosh_dir}/creds.yml" --path /admin_password)" cat < "${local_bosh_dir}/env" export BOSH_ENVIRONMENT="${BOSH_DIRECTOR_IP}" export BOSH_CLIENT=admin -export BOSH_CLIENT_SECRET=`bosh int "${local_bosh_dir}/creds.yml" --path /admin_password` +export BOSH_CLIENT_SECRET=${bosh_client_secret} export BOSH_CA_CERT="${local_bosh_dir}/ca.crt" + EOF + + echo "Source '${local_bosh_dir}/env' to run bosh" >&2 source "${local_bosh_dir}/env" bosh -n update-cloud-config warden/cloud-config.yml + ip route add 10.244.0.0/15 via ${BOSH_DIRECTOR_IP} + popd > /dev/null diff --git a/ci/dockerfiles/warden-cpi/start-inner-bosh-parallel.sh b/ci/dockerfiles/warden-cpi/start-inner-bosh-parallel.sh index bead6fc62a7..af5a13102ef 100755 --- a/ci/dockerfiles/warden-cpi/start-inner-bosh-parallel.sh +++ b/ci/dockerfiles/warden-cpi/start-inner-bosh-parallel.sh @@ -3,14 +3,13 @@ set -eu script_dir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" -src_dir="${script_dir}/../../../" node_number=${1} -pushd ${BOSH_DEPLOYMENT_PATH} > /dev/null - inner_bosh_dir="/tmp/inner-bosh/director/$node_number" - mkdir -p ${inner_bosh_dir} +pushd "${BOSH_DEPLOYMENT_PATH}" > /dev/null + inner_bosh_dir="/tmp/inner-bosh/director/${node_number}" + mkdir -p "${inner_bosh_dir}" - export BOSH_DIRECTOR_IP="10.245.0.$((10+$node_number))" + export BOSH_DIRECTOR_IP="10.245.0.$((10 + node_number))" bosh int bosh.yml \ -o bosh-lite.yml \ @@ -23,10 +22,10 @@ pushd ${BOSH_DEPLOYMENT_PATH} > /dev/null -o "${BOSH_DEPLOYMENT_PATH}/misc/source-releases/bosh.yml" \ -o "$script_dir/latest-bosh-release.yml" \ -o "$script_dir/deployment-name.yml" \ - -v deployment_name="bosh-$node_number" \ - ${@:2} > "${inner_bosh_dir}/bosh-director.yml" + -v deployment_name="bosh-${node_number}" \ + "${@:2}" > "${inner_bosh_dir}/bosh-director.yml" - bosh -n deploy -d "bosh-$node_number" "${inner_bosh_dir}/bosh-director.yml" --vars-store="${inner_bosh_dir}/creds.yml" + bosh -n deploy -d "bosh-${node_number}" "${inner_bosh_dir}/bosh-director.yml" --vars-store="${inner_bosh_dir}/creds.yml" # set up inner director export BOSH_ENVIRONMENT="warden-inner-director-${node_number}" @@ -38,13 +37,15 @@ pushd ${BOSH_DEPLOYMENT_PATH} > /dev/null bosh int "${inner_bosh_dir}/creds.yml" --path /jumpbox_ssh/private_key > "${inner_bosh_dir}/jumpbox_private_key.pem" chmod 600 "${inner_bosh_dir}/jumpbox_private_key.pem" + bosh_client_secret="$(bosh int "${inner_bosh_dir}/creds.yml" --path /admin_password)" + cat < "${inner_bosh_dir}/bosh" #!/bin/bash export BOSH_CONFIG="${BOSH_CONFIG}" export BOSH_ENVIRONMENT="${BOSH_ENVIRONMENT}" export BOSH_CLIENT=admin -export BOSH_CLIENT_SECRET=`bosh int "${inner_bosh_dir}/creds.yml" --path /admin_password` +export BOSH_CLIENT_SECRET=${bosh_client_secret} export BOSH_CA_CERT="${inner_bosh_dir}/ca.crt" $(which bosh) "\$@" diff --git a/ci/dockerfiles/warden-cpi/template-renderer.rb b/ci/dockerfiles/warden-cpi/template-renderer.rb index 92d2222472c..da33f7e1a45 100644 --- a/ci/dockerfiles/warden-cpi/template-renderer.rb +++ b/ci/dockerfiles/warden-cpi/template-renderer.rb @@ -6,13 +6,14 @@ class Hash def recursive_merge!(other) - self.merge!(other) do |_, old_value, new_value| - if old_value.class == Hash && new_value.class == Hash + merge!(other) do |_, old_value, new_value| + if old_value.instance_of?(Hash) && new_value.instance_of?(Hash) old_value.recursive_merge!(new_value) else new_value end end + self end end @@ -26,20 +27,21 @@ def initialize(spec) @name = spec["job"]["name"] if spec["job"].is_a?(Hash) @index = spec["index"] - if !spec['job_properties'].nil? - properties1 = spec['job_properties'] - else - properties1 = spec['global_properties'].recursive_merge!(spec['cluster_properties']) - end + properties1 = + if !spec["job_properties"].nil? + spec["job_properties"] + else + spec["global_properties"].recursive_merge!(spec["cluster_properties"]) + end properties = {} - spec['default_properties'].each do |name, value| + spec["default_properties"].each do |name, value| copy_property(properties, properties1, name, value) end - @properties = openstruct(properties) + @properties = open_struct(properties) @raw_properties = properties - @spec = openstruct(spec) + @spec = open_struct(spec) end def get_binding @@ -62,14 +64,16 @@ def if_p(*names) values = names.map do |name| value = lookup_property(@raw_properties, name) return ActiveElseBlock.new(self) if value.nil? + value end - yield *values + yield(*values) + InactiveElseBlock.new end - def if_link(name) + def if_link(_name) false end @@ -94,13 +98,13 @@ def copy_property(dst, src, name, default = nil) dst_ref[keys[-1]] = src_ref.nil? ? default : src_ref end - def openstruct(object) + def open_struct(object) case object when Hash - mapped = object.inject({}) { |h, (k,v)| h[k] = openstruct(v); h } + mapped = object.each_with_object({}) { |(k, v), h| h[k] = open_struct(v) } OpenStruct.new(mapped) when Array - object.map { |item| openstruct(item) } + object.map { |item| open_struct(item) } else object end @@ -142,9 +146,10 @@ def else_if_p(*names, &block) end class InactiveElseBlock - def else; end + def else + end - def else_if_p(*names) + def else_if_p(*_names) InactiveElseBlock.new end end @@ -152,7 +157,7 @@ def else_if_p(*names) # todo do not use JSON in releases class << JSON - alias dump_array_or_hash dump + alias_method :dump_array_or_hash, :dump def dump(*args) arg = args[0] @@ -170,28 +175,26 @@ def initialize(context) end def render(src_path, dst_path) - erb = ERB.new(File.read(src_path), safe_level = nil, trim_mode = "-") + erb = ERB.new(File.read(src_path), trim_mode: "-") erb.filename = src_path - File.open(dst_path, "w") do |f| - f.write(erb.result(@context.get_binding)) - end + File.write(dst_path, erb.result(@context.get_binding)) - rescue Exception => e + rescue Exception => e # rubocop:disable Lint/RescueException name = "#{@context.name}/#{@context.index}" - line_i = e.backtrace.index { |l| l.include?(erb.filename) } - line_num = line_i ? e.backtrace[line_i].split(':')[1] : "unknown" + line_i = e.backtrace&.index { |l| l.include?(erb.filename) } + line_num = line_i ? e.backtrace[line_i].split(":")[1] : "unknown" location = "(line #{line_num}: #{e.inspect})" raise("Error filling in template '#{src_path}' for #{name} #{location}") end end -if $0 == __FILE__ +if $PROGRAM_NAME == __FILE__ context_path, src_path, dst_path = *ARGV - context_hash = JSON.load(File.read(context_path)) + context_hash = JSON.parse(File.read(context_path)) context = TemplateEvaluationContext.new(context_hash) renderer = ERBRenderer.new(context) diff --git a/ci/pipeline.yml b/ci/pipeline.yml index 69547bcd5f0..19a38a9bd4c 100644 --- a/ci/pipeline.yml +++ b/ci/pipeline.yml @@ -1,10 +1,9 @@ --- anchors: + - &branch_name main + - &brats_env_name brats-bosh-main - &ubuntu_base ubuntu:noble - &integration_image ghcr.io/cloudfoundry/bosh/integration - # TODO: delete once all pipelines work w/ Noble - - &ubuntu_base_jammy ubuntu:jammy - - &integration_image_jammy ghcr.io/cloudfoundry/bosh/integration:jammy groups: - name: bosh @@ -26,14 +25,14 @@ groups: - integration-postgres-hotswap - integration-mysql - candidate-release - - compile-bosh-dev-release-jammy - - bats-ubuntu-jammy + - create-bosh-candidate-release-compiled + - bats - bats-cleanup-leftovers - - bats-fips-ubuntu-jammy + - bats-fips - bats-fips-cleanup-leftovers - - brats-acceptance-ubuntu-jammy - - brats-utils-ubuntu-jammy - - brats-performance-ubuntu-jammy + - brats-acceptance + - brats-utils + - brats-performance - bosh-disaster-recovery-acceptance-tests - upgrade-postgres - upgrade-postgres-cleanup-leftovers @@ -55,14 +54,11 @@ groups: - build-main-postgres-15 - build-main-mysql-8-0 - build-integration - - build-integration-jammy - name: container-cpi-images jobs: - build-docker-cpi - - build-docker-cpi-jammy - build-warden-cpi - - build-warden-cpi-jammy jobs: - name: gate @@ -266,7 +262,7 @@ jobs: image_resource: type: docker-image source: - tag: ((branch_name)) + tag: *branch_name repository: ghcr.io/cloudfoundry/bosh/integration username: ((github_read_write_packages.username)) password: ((github_read_write_packages.password)) @@ -401,44 +397,39 @@ jobs: file: "release/bosh-dev-release.tgz" - - name: compile-bosh-dev-release-jammy + - name: create-bosh-candidate-release-compiled plan: - in_parallel: - get: bosh-ci - get: bosh passed: [ candidate-release ] + - get: bosh-deployment - get: release resource: bosh-candidate-release-tarballs passed: [ candidate-release ] trigger: true - - get: stemcell - resource: warden-stemcell - trigger: true - - get: docker-cpi-image - task: export-release - file: bosh-ci/ci/tasks/export-release.yml - image: docker-cpi-image - privileged: true - - put: bosh-compiled-candidate-jammy + file: bosh-deployment/ci/tasks/shared/bosh-agent-compile.yml + - put: bosh-candidate-release-compiled params: file: "compiled-release/*.tgz" - - name: bats-ubuntu-jammy + - name: bats serial: true - serial_groups: [ bats-ubuntu-jammy ] + serial_groups: [ bats ] plan: - do: - in_parallel: - get: bosh-ci - get: integration-image - get: bosh-candidate-release-tarballs - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - get: bosh-release - resource: bosh-compiled-candidate-jammy + resource: bosh-candidate-release-compiled trigger: true - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - get: stemcell - resource: gcp-ubuntu-jammy + resource: gcp-stemcell - get: bosh-cli params: globs: @@ -446,14 +437,14 @@ jobs: - get: bats - get: bosh-deployment - get: bosh - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - put: terraform resource: gcp-terraform params: - env_name: bats-ubuntu-jammy + env_name: bats terraform_source: bosh-ci/ci/bats/iaas/gcp/terraform vars: - name: bats-ubuntu-jammy + name: bats - do: - task: deploy-director file: bosh-ci/ci/bats/tasks/deploy-director.yml @@ -470,7 +461,7 @@ jobs: file: bosh-ci/ci/bats/iaas/gcp/prepare-bats-config.yml image: integration-image params: - STEMCELL_NAME: bosh-google-kvm-ubuntu-jammy-go_agent + STEMCELL_NAME: bosh-google-kvm-ubuntu-noble - task: run-bats file: bats/ci/tasks/run-bats.yml image: integration-image @@ -484,20 +475,20 @@ jobs: no_get: true params: action: destroy - env_name: bats-ubuntu-jammy + env_name: bats terraform_source: bosh-ci/ci/bats/iaas/gcp/terraform vars: - name: bats-ubuntu-jammy + name: bats - task: cleanup-leftover-environments file: bosh-ci/ci/tasks/cleanup-leftovers.yml image: integration-image params: - LEFTOVERS_PREFIX: bats-ubuntu-jammy + LEFTOVERS_PREFIX: bats GCP_JSON_KEY: ((gcp_json_key)) - name: bats-cleanup-leftovers serial: true - serial_groups: [ bats-ubuntu-jammy ] + serial_groups: [ bats ] plan: - in_parallel: - get: bosh-ci @@ -508,25 +499,26 @@ jobs: file: bosh-ci/ci/tasks/cleanup-leftovers.yml image: integration-image params: - LEFTOVERS_PREFIX: bats-ubuntu-jammy + LEFTOVERS_PREFIX: bats GCP_JSON_KEY: ((gcp_json_key)) - - name: bats-fips-ubuntu-jammy + - name: bats-fips serial: true - serial_groups: [ bats-fips-ubuntu-jammy ] + serial_groups: [ bats-fips ] plan: - do: - in_parallel: - get: bosh-ci - get: integration-image - - get: bosh-candidate-release-tarballs - passed: [ compile-bosh-dev-release-jammy ] + # NOTE: because FIPS is still Jammy based the non-compiled release is used - get: bosh-release - resource: bosh-compiled-candidate-jammy + resource: bosh-candidate-release-tarballs trigger: true - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] + - get: bosh-candidate-release-compiled + passed: [ create-bosh-candidate-release-compiled ] - get: stemcell - resource: gcp-ubuntu-jammy-fips + resource: gcp-stemcell-fips - get: bosh-cli params: globs: @@ -534,14 +526,14 @@ jobs: - get: bats - get: bosh-deployment - get: bosh - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - put: terraform resource: gcp-terraform params: - env_name: bats-fips-ubuntu-jammy + env_name: bats-fips terraform_source: bosh-ci/ci/bats/iaas/gcp/terraform vars: - name: bats-fips-ubuntu-jammy + name: bats-fips - do: - task: deploy-director file: bosh-ci/ci/bats/tasks/deploy-director.yml @@ -573,20 +565,20 @@ jobs: no_get: true params: action: destroy - env_name: bats-fips-ubuntu-jammy + env_name: bats-fips terraform_source: bosh-ci/ci/bats/iaas/gcp/terraform vars: - name: bats-fips-ubuntu-jammy + name: bats-fips - task: cleanup-leftover-environments file: bosh-ci/ci/tasks/cleanup-leftovers.yml image: integration-image params: - LEFTOVERS_PREFIX: bats-fips-ubuntu-jammy + LEFTOVERS_PREFIX: bats-fips GCP_JSON_KEY: ((gcp_json_key)) - name: bats-fips-cleanup-leftovers serial: true - serial_groups: [ bats-fips-ubuntu-jammy ] + serial_groups: [ bats-fips ] plan: - in_parallel: - get: bosh-ci @@ -597,34 +589,36 @@ jobs: file: bosh-ci/ci/tasks/cleanup-leftovers.yml image: integration-image params: - LEFTOVERS_PREFIX: bats-fips-ubuntu-jammy + LEFTOVERS_PREFIX: bats-fips GCP_JSON_KEY: ((gcp_json_key)) - - name: brats-acceptance-ubuntu-jammy + - name: brats-acceptance serial: true plan: - in_parallel: - get: bosh-ci - get: integration-image - get: bosh - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - get: bosh-dns-release - get: stemcell resource: warden-stemcell - get: bosh-candidate-release-tarballs - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - get: bosh-release - resource: bosh-compiled-candidate-jammy + resource: bosh-candidate-release-tarballs + passed: [ create-bosh-candidate-release-compiled ] + - get: bosh-candidate-release-compiled trigger: true - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - get: bosh-deployment - get: docker-cpi-image - do: - put: brats-terraform params: - env_name: brats-ubuntu-jammy-((branch_name)) + env_name: *brats_env_name terraform_source: bosh-ci/ci/shared/brats/terraform - vars: &brats-terraform-jammy-vars + vars: &brats-terraform-vars aws_access_key_id: ((brats_rds_terraform_aws_access_key.username)) aws_secret_access_key: ((brats_rds_terraform_aws_access_key.password)) database_name: brats @@ -649,46 +643,45 @@ jobs: GCP_POSTGRES_EXTERNAL_DB_USER: ((brats_database_user.username)) GCP_POSTGRES_EXTERNAL_DB_PASSWORD: ((brats_database_user.password)) GCP_POSTGRES_EXTERNAL_DB_NAME: brats - STEMCELL_OS: ubuntu-jammy + STEMCELL_OS: ubuntu-noble ensure: put: brats-terraform no_get: true params: - env_name: brats-ubuntu-jammy-((branch_name)) + env_name: *brats_env_name terraform_source: bosh-ci/ci/shared/brats/terraform - vars: *brats-terraform-jammy-vars + vars: *brats-terraform-vars action: destroy - - name: brats-performance-ubuntu-jammy + - name: brats-performance serial: true plan: - in_parallel: - get: bosh-ci - get: integration-image - get: bosh - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - get: bosh-release - resource: bosh-compiled-candidate-jammy + resource: bosh-candidate-release-compiled trigger: true - get: cf-deployment - get: docker-cpi-image - get: stemcell resource: warden-stemcell - passed: [ compile-bosh-dev-release-jammy ] - do: - task: test-brats-performance image: docker-cpi-image file: bosh-ci/ci/shared/brats/test-performance.yml privileged: true - - name: brats-utils-ubuntu-jammy + - name: brats-utils serial: true plan: - in_parallel: - get: bosh-ci - get: integration-image - get: bosh - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - do: - task: test-brats-utils file: bosh-ci/ci/shared/brats/test-utils.yml @@ -701,15 +694,15 @@ jobs: - get: bosh-ci - get: integration-image - get: bosh - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - get: stemcell resource: warden-stemcell - get: bosh-candidate-release-tarballs - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - get: bosh-release - resource: bosh-compiled-candidate-jammy + resource: bosh-candidate-release-compiled trigger: true - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - get: bosh-disaster-recovery-acceptance-tests - get: bosh-deployment - get: bbr-cli-binary @@ -731,27 +724,27 @@ jobs: - get: bosh-ci - get: integration-image - get: bosh - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - get: stemcell - resource: gcp-ubuntu-jammy + resource: gcp-stemcell - get: bosh-deployment - get: bosh-cli params: globs: - "bosh-cli-*-linux-amd64" - get: bosh-release - resource: bosh-compiled-candidate-jammy + resource: bosh-candidate-release-compiled trigger: true - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - get: last-released-bosh-release - get: zookeeper-release - put: terraform resource: gcp-terraform params: - env_name: upgrade-postgres-ubuntu-jammy + env_name: upgrade-postgres terraform_source: bosh-ci/ci/bats/iaas/gcp/terraform vars: - name: upgrade-postgres-ubuntu-jammy + name: upgrade-postgres - do: - task: deploy-previous-version image: integration-image @@ -804,10 +797,10 @@ jobs: no_get: true params: action: destroy - env_name: upgrade-postgres-ubuntu-jammy + env_name: upgrade-postgres terraform_source: bosh-ci/ci/bats/iaas/gcp/terraform vars: - name: upgrade-postgres-ubuntu-jammy + name: upgrade-postgres - task: cleanup-leftover-environments file: bosh-ci/ci/tasks/cleanup-leftovers.yml image: integration-image @@ -839,27 +832,27 @@ jobs: - get: bosh-ci - get: integration-image - get: bosh - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - get: stemcell - resource: gcp-ubuntu-jammy + resource: gcp-stemcell - get: bosh-deployment - get: bosh-cli params: globs: - "bosh-cli-*-linux-amd64" - get: bosh-release - resource: bosh-compiled-candidate-jammy + resource: bosh-candidate-release-compiled trigger: true - passed: [ compile-bosh-dev-release-jammy ] + passed: [ create-bosh-candidate-release-compiled ] - get: last-released-bosh-release - get: zookeeper-release - put: terraform resource: gcp-terraform params: - env_name: upgrade-mysql-ubuntu-jammy + env_name: upgrade-mysql terraform_source: bosh-ci/ci/bats/iaas/gcp/terraform vars: - name: upgrade-mysql-ubuntu-jammy + name: upgrade-mysql create_mysql_db: true - do: - task: deploy-previous-version @@ -915,10 +908,10 @@ jobs: no_get: true params: action: destroy - env_name: upgrade-mysql-ubuntu-jammy + env_name: upgrade-mysql terraform_source: bosh-ci/ci/bats/iaas/gcp/terraform vars: - name: upgrade-mysql-ubuntu-jammy + name: upgrade-mysql - task: cleanup-leftover-environments file: bosh-ci/ci/tasks/cleanup-leftovers.yml image: integration-image @@ -947,8 +940,8 @@ jobs: - get: bosh trigger: true passed: - - bats-ubuntu-jammy - - brats-acceptance-ubuntu-jammy + - bats + - brats-acceptance - bosh-disaster-recovery-acceptance-tests - upgrade-postgres - upgrade-mysql @@ -1158,45 +1151,6 @@ jobs: get_params: skip_download: true - # TODO: delete once all pipelines work w/ Noble - - name: build-integration-jammy - public: true - serial: true - plan: - - get: weekly - trigger: true - - get: golang-docker-image - trigger: true - - get: ubuntu-docker-image - trigger: true - - get: ruby-release - trigger: true - passed: [ bump-packages ] - - get: bosh-ci-dockerfiles - trigger: true - - get: bosh - - get: bosh-deployment - params: - depth: 1 - - task: build-docker-args - file: bosh-ci-dockerfiles/ci/dockerfiles/integration/build-docker-args.yml - image: ubuntu-docker-image - params: - GITHUB_ACCESS_TOKEN: ((github_public_repo_token)) - - put: integration-image-jammy - inputs: - - bosh-ci-dockerfiles - - docker-build-args - params: - build: . - build_args_file: docker-build-args/docker-build-args.json - build_args: - BASE_IMAGE: *ubuntu_base_jammy - dockerfile: bosh-ci-dockerfiles/ci/dockerfiles/integration/Dockerfile - tag_as_latest: false - get_params: - skip_download: true - - name: build-main-postgres-13 public: true serial: true @@ -1275,33 +1229,6 @@ jobs: get_params: skip_download: true - # TODO: delete once all pipelines work w/ Noble - - name: build-docker-cpi-jammy - public: true - serial: true - plan: - - in_parallel: - - get: bosh-ci - - get: integration-image - - get: bosh-ci-dockerfiles - - get: integration-image-jammy - trigger: true - - get: bosh-deployment - trigger: true - - task: copy-dependencies - file: bosh-ci/ci/tasks/prepare-build-context-for-container-cpi-image.yml - image: integration-image - params: - CONTAINER_CPI_TYPE: docker-cpi - - put: docker-cpi-image-jammy - params: - build: docker-build-context - build_args: - BASE_IMAGE: *integration_image_jammy - tag_as_latest: false - get_params: - skip_download: true - - name: build-warden-cpi public: true serial: true @@ -1327,33 +1254,6 @@ jobs: get_params: skip_download: true - # TODO: delete once all pipelines work w/ Noble - - name: build-warden-cpi-jammy - public: true - serial: true - plan: - - in_parallel: - - get: bosh-ci - - get: integration-image - - get: bosh-ci-dockerfiles - - get: integration-image-jammy - trigger: true - - get: bosh-deployment - trigger: true - - task: copy-dependencies - file: bosh-ci/ci/tasks/prepare-build-context-for-container-cpi-image.yml - image: integration-image - params: - CONTAINER_CPI_TYPE: warden-cpi - - put: warden-cpi-image-jammy - params: - build: docker-build-context - build_args: - BASE_IMAGE: *integration_image_jammy - tag_as_latest: false - get_params: - skip_download: true - - name: bump-deps serial: true plan: @@ -1751,7 +1651,7 @@ resources: type: git source: uri: git@github.com:cloudfoundry/bosh.git - branch: ((branch_name)) + branch: *branch_name private_key: ((github_deploy_key_bosh.private_key)) ignore_paths: - ci @@ -1760,6 +1660,7 @@ resources: type: git source: uri: https://github.com/cloudfoundry/bosh.git + branch: *branch_name paths: - ci @@ -1767,6 +1668,7 @@ resources: type: git source: uri: https://github.com/cloudfoundry/bosh.git + branch: *branch_name paths: - ci/dockerfiles @@ -1798,12 +1700,12 @@ resources: json_key: ((bosh_director_oss_ci_service_account_json)) versioned_file: "bosh-dev-release.tgz" - - name: bosh-compiled-candidate-jammy + - name: bosh-candidate-release-compiled type: gcs-resource source: - bucket: bosh-director-oss-ci-compiled-candidate-jammy + bucket: bosh-ci-candidate-compiled-releases json_key: ((bosh_director_oss_ci_service_account_json)) - regexp: "bosh-.*dev\\.(\\d+).*jammy.*.tgz" + regexp: "bosh-.*dev\\.(\\d+).*noble.*.tgz" - name: bosh-disaster-recovery-acceptance-tests type: git @@ -1890,12 +1792,12 @@ resources: source: uri: https://github.com/cloudfoundry/cf-deployment - - name: gcp-ubuntu-jammy + - name: gcp-stemcell type: bosh-io-stemcell source: - name: bosh-google-kvm-ubuntu-jammy-go_agent + name: bosh-google-kvm-ubuntu-noble - - name: gcp-ubuntu-jammy-fips + - name: gcp-stemcell-fips type: bosh-io-stemcell source: name: bosh-google-kvm-ubuntu-jammy-fips-go_agent @@ -1906,7 +1808,7 @@ resources: - name: warden-stemcell type: bosh-io-stemcell source: - name: bosh-warden-boshlite-ubuntu-jammy-go_agent + name: bosh-warden-boshlite-ubuntu-noble - name: bosh-agent type: git @@ -1936,15 +1838,7 @@ resources: type: docker-image source: repository: ghcr.io/cloudfoundry/bosh/integration - tag: ((branch_name)) - username: ((github_read_write_packages.username)) - password: ((github_read_write_packages.password)) - - - name: integration-image-jammy - type: docker-image - source: - repository: ghcr.io/cloudfoundry/bosh/integration - tag: jammy + tag: *branch_name username: ((github_read_write_packages.username)) password: ((github_read_write_packages.password)) @@ -1952,7 +1846,7 @@ resources: type: docker-image source: repository: ghcr.io/cloudfoundry/bosh/main-mysql-8.0 - tag: ((branch_name)) + tag: *branch_name username: ((github_read_write_packages.username)) password: ((github_read_write_packages.password)) @@ -1960,7 +1854,7 @@ resources: type: docker-image source: repository: ghcr.io/cloudfoundry/bosh/main-postgres-13 - tag: ((branch_name)) + tag: *branch_name username: ((github_read_write_packages.username)) password: ((github_read_write_packages.password)) @@ -1968,7 +1862,7 @@ resources: type: docker-image source: repository: ghcr.io/cloudfoundry/bosh/main-postgres-15 - tag: ((branch_name)) + tag: *branch_name username: ((github_read_write_packages.username)) password: ((github_read_write_packages.password)) @@ -1976,16 +1870,7 @@ resources: type: docker-image source: repository: ghcr.io/cloudfoundry/bosh/docker-cpi - tag: ((branch_name)) - username: ((github_read_write_packages.username)) - password: ((github_read_write_packages.password)) - - # TODO: delete once all pipelines work w/ Noble - - name: docker-cpi-image-jammy - type: docker-image - source: - repository: ghcr.io/cloudfoundry/bosh/docker-cpi - tag: jammy + tag: *branch_name username: ((github_read_write_packages.username)) password: ((github_read_write_packages.password)) @@ -2033,15 +1918,6 @@ resources: username: ((github_read_write_packages.username)) password: ((github_read_write_packages.password)) - # TODO: delete once all pipelines work w/ Noble - - name: warden-cpi-image-jammy - type: docker-image - source: - repository: ghcr.io/cloudfoundry/bosh/warden-cpi - tag: jammy - username: ((github_read_write_packages.username)) - password: ((github_read_write_packages.password)) - - name: last-released-bosh-release type: bosh-io-release source: diff --git a/ci/shared/brats/test-performance.sh b/ci/shared/brats/test-performance.sh index 244b008d35a..67bec69694f 100755 --- a/ci/shared/brats/test-performance.sh +++ b/ci/shared/brats/test-performance.sh @@ -22,7 +22,7 @@ export BOSH_DIRECTOR_RELEASE_PATH="${bosh_ci_parent_dir}/bosh" export CF_DEPLOYMENT_RELEASE_PATH="${bosh_ci_parent_dir}/cf-deployment" CANDIDATE_STEMCELL_TARBALL_PATH="$(find "${bosh_ci_parent_dir}/stemcell" -maxdepth 1 -path '*.tgz')" export CANDIDATE_STEMCELL_TARBALL_PATH -export STEMCELL_OS=ubuntu-jammy +export STEMCELL_OS=ubuntu-noble DOCKER_CERTS="$(bosh int /tmp/local-bosh/director/bosh-director.yml --path /instance_groups/0/properties/docker_cpi/docker/tls)" export DOCKER_CERTS diff --git a/ci/tasks/deploy-zookeeper/zookeeper-manifest.yml b/ci/tasks/deploy-zookeeper/zookeeper-manifest.yml index 8abb0749775..d46b59b65fc 100644 --- a/ci/tasks/deploy-zookeeper/zookeeper-manifest.yml +++ b/ci/tasks/deploy-zookeeper/zookeeper-manifest.yml @@ -8,7 +8,7 @@ releases: stemcells: - alias: default - os: ubuntu-jammy + os: ubuntu-noble version: latest update: diff --git a/ci/tasks/export-release.sh b/ci/tasks/export-release.sh deleted file mode 100755 index 72b6dac7096..00000000000 --- a/ci/tasks/export-release.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/env bash - -bosh_repo_dir="$(realpath "$(cd "$(dirname "${BASH_SOURCE[0]}")/../../" && pwd)")" - -main() { - set -eu - - tar -xf release/*.tgz "$( tar -tzf release/*.tgz | grep 'release.MF' )" - tar -xf stemcell/*.tgz "$( tar -tzf stemcell/*.tgz | grep 'stemcell.MF' )" - - export STEMCELL_OS=$( grep -E '^operating_system: ' stemcell.MF | awk '{print $2}' | tr -d "\"'" ) - local RELEASE_NAME=$( grep -E '^name: ' release.MF | awk '{print $2}' | tr -d "\"'" ) - local RELEASE_VERSION=$( grep -E '^version: ' release.MF | awk '{print $2}' | tr -d "\"'" ) - local RELEASE_TARBALL=$( echo release/*.tgz ) - local STEMCELL_VERSION=$( grep -E '^version: ' stemcell.MF | awk '{print $2}' | tr -d "\"'" ) - - source start-bosh - source /tmp/local-bosh/director/env - - bosh -n upload-stemcell stemcell/*.tgz - bosh -n upload-release "${RELEASE_TARBALL}" - - bosh -n -d compilation deploy "${bosh_repo_dir}/ci/tasks/export-release/compilation-manifest.yml" \ - -v release_name="${RELEASE_NAME}" \ - -v release_version="'${RELEASE_VERSION}'" \ - -v stemcell_os="${STEMCELL_OS}" \ - -v stemcell_version="'${STEMCELL_VERSION}'" - - bosh -d compilation export-release "${RELEASE_NAME}/${RELEASE_VERSION}" "${STEMCELL_OS}/${STEMCELL_VERSION}" - - mv ./*.tgz "compiled-release/$(echo *.tgz | sed "s/${STEMCELL_VERSION}-.*\.tgz/${STEMCELL_VERSION}.tgz/")" -} - -main "$@" diff --git a/ci/tasks/export-release.yml b/ci/tasks/export-release.yml deleted file mode 100644 index 849096eabb2..00000000000 --- a/ci/tasks/export-release.yml +++ /dev/null @@ -1,13 +0,0 @@ ---- -platform: linux - -inputs: -- name: bosh-ci -- name: release -- name: stemcell - -outputs: -- name: compiled-release - -run: - path: bosh-ci/ci/tasks/export-release.sh diff --git a/config/blobs.yml b/config/blobs.yml index ba6fbda2229..10baeed8944 100644 --- a/config/blobs.yml +++ b/config/blobs.yml @@ -1,15 +1,15 @@ -azure-storage-cli/azure-storage-cli-0.0.203-linux-amd64: - size: 10466994 - object_id: 6ac9fb56-2b38-4439-4c39-464f19fba556 - sha: sha256:700db2b085bc52047608a1e598641cc2599f7ef8ca68512784ba54f229062b19 -bosh-gcscli/bosh-gcscli-0.0.350-linux-amd64: - size: 45467220 - object_id: 25558ac8-8568-41c3-7f1a-331a22b3fd97 - sha: sha256:72a1c821ada123acdc0b975e062ee93a8893c228e9a6b16608c57f35e8cd561d -davcli/davcli-0.0.451-linux-amd64: +azure-storage-cli/azure-storage-cli-0.0.206-linux-amd64: + size: 10466986 + object_id: a18a6da5-4935-4d08-7dc3-d10b5435bfae + sha: sha256:c4f788b36a889e2b59eaa743cd7895676e56d9337ff908c84c852161d8ee586c +bosh-gcscli/bosh-gcscli-0.0.353-linux-amd64: + size: 45487034 + object_id: d7740299-8ccc-47db-7bfb-1c68205f5ecd + sha: sha256:12e16810d5160edb06788f68d45d4f4ea71b6df723d04c7def6eac362249ff0e +davcli/davcli-0.0.452-linux-amd64: size: 10167205 - object_id: 292175a3-5a06-4330-5052-dc7c1d43b03b - sha: sha256:691e3f9d9cab36ebc42df073924b5ec5663e10087920dcd00f0ddf61063114ba + object_id: 9bae12d5-e077-4850-74ad-b22cf76ecfe5 + sha: sha256:b0764a551ba670c260154be31d76990aa566a509761cc100d608492f38f32727 mysql/mariadb-connector-c-3.4.8-src.tar.gz: size: 1380411 object_id: 31e2e6c6-eefe-4512-68bd-757a7c27b044 @@ -34,7 +34,7 @@ s3cli/s3cli-0.0.382-linux-amd64: size: 17092710 object_id: f2dfa879-daea-42d8-76a9-c7cd70c6117b sha: sha256:6fdcdf596ee83c5d87f61793fa80beb9a14e180e69a1c96745591df869092264 -verify-multidigest/verify-multidigest-0.0.579-linux-amd64: +verify-multidigest/verify-multidigest-0.0.581-linux-amd64: size: 4153999 - object_id: 04ba615d-8e37-4d60-5cc9-014ebe4d9708 - sha: sha256:830712c2ee5a40708198a478f6b1a0de361219fde2d5d06c7a4579c169d8715e + object_id: 2e89a728-ad3f-4856-49b3-edb6698a4fcd + sha: sha256:1d57c7eb44f186baa101b60572f9f633070bd826215f3dd5aa052d687992ead6 diff --git a/src/Gemfile.lock b/src/Gemfile.lock index 4eb4dc1ef1b..e7d18858396 100644 --- a/src/Gemfile.lock +++ b/src/Gemfile.lock @@ -69,7 +69,7 @@ PATH GEM remote: https://rubygems.org/ specs: - activesupport (8.1.1) + activesupport (8.1.2) base64 bigdecimal concurrent-ruby (~> 1.0, >= 1.3.1) @@ -91,14 +91,14 @@ GEM io-event (~> 1.11) metrics (~> 0.12) traces (~> 0.18) - async-http (0.92.1) + async-http (0.93.0) async (>= 2.10.2) async-pool (~> 0.11) io-endpoint (~> 0.14) io-stream (~> 0.6) metrics (~> 0.12) - protocol-http (~> 0.49) - protocol-http1 (~> 0.30) + protocol-http (~> 0.58) + protocol-http1 (~> 0.36) protocol-http2 (~> 0.22) protocol-url (~> 0.2) traces (~> 0.10) @@ -220,9 +220,9 @@ GEM prometheus-client (4.2.5) base64 protocol-hpack (1.5.1) - protocol-http (0.56.1) - protocol-http1 (0.35.2) - protocol-http (~> 0.22) + protocol-http (0.58.0) + protocol-http1 (0.36.0) + protocol-http (~> 0.58) protocol-http2 (0.23.0) protocol-hpack (~> 1.4) protocol-http (~> 0.47) @@ -321,8 +321,8 @@ GEM talentbox-delayed_job_sequel (4.4.0) delayed_job (~> 4.1) sequel (>= 5.0, < 6.0) - thor (1.4.0) - tilt (2.6.1) + thor (1.5.0) + tilt (2.7.0) timecop (0.9.10) timeout (0.6.0) traces (0.18.2) diff --git a/src/brats/go.mod b/src/brats/go.mod index 7e5fd6dffe6..f1e4fdb6d2a 100644 --- a/src/brats/go.mod +++ b/src/brats/go.mod @@ -4,8 +4,8 @@ go 1.24.0 require ( github.com/creack/pty v1.1.15 - github.com/onsi/ginkgo/v2 v2.27.3 - github.com/onsi/gomega v1.38.3 + github.com/onsi/ginkgo/v2 v2.27.4 + github.com/onsi/gomega v1.39.0 ) require ( @@ -15,10 +15,10 @@ require ( github.com/google/go-cmp v0.7.0 // indirect github.com/google/pprof v0.0.0-20251114195745-4902fdda35c8 // indirect go.yaml.in/yaml/v3 v3.0.4 // indirect - golang.org/x/mod v0.31.0 // indirect + golang.org/x/mod v0.32.0 // indirect golang.org/x/net v0.48.0 // indirect golang.org/x/sync v0.19.0 // indirect - golang.org/x/sys v0.39.0 // indirect - golang.org/x/text v0.32.0 // indirect + golang.org/x/sys v0.40.0 // indirect + golang.org/x/text v0.33.0 // indirect golang.org/x/tools v0.40.0 // indirect ) diff --git a/src/brats/go.sum b/src/brats/go.sum index ce6416195ef..9f1423377aa 100644 --- a/src/brats/go.sum +++ b/src/brats/go.sum @@ -30,10 +30,10 @@ github.com/maruel/natural v1.1.1 h1:Hja7XhhmvEFhcByqDoHz9QZbkWey+COd9xWfCfn1ioo= github.com/maruel/natural v1.1.1/go.mod h1:v+Rfd79xlw1AgVBjbO0BEQmptqb5HvL/k9GRHB7ZKEg= github.com/mfridman/tparse v0.18.0 h1:wh6dzOKaIwkUGyKgOntDW4liXSo37qg5AXbIhkMV3vE= github.com/mfridman/tparse v0.18.0/go.mod h1:gEvqZTuCgEhPbYk/2lS3Kcxg1GmTxxU7kTC8DvP0i/A= -github.com/onsi/ginkgo/v2 v2.27.3 h1:ICsZJ8JoYafeXFFlFAG75a7CxMsJHwgKwtO+82SE9L8= -github.com/onsi/ginkgo/v2 v2.27.3/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= -github.com/onsi/gomega v1.38.3 h1:eTX+W6dobAYfFeGC2PV6RwXRu/MyT+cQguijutvkpSM= -github.com/onsi/gomega v1.38.3/go.mod h1:ZCU1pkQcXDO5Sl9/VVEGlDyp+zm0m1cmeG5TOzLgdh4= +github.com/onsi/ginkgo/v2 v2.27.4 h1:fcEcQW/A++6aZAZQNUmNjvA9PSOzefMJBerHJ4t8v8Y= +github.com/onsi/ginkgo/v2 v2.27.4/go.mod h1:ArE1D/XhNXBXCBkKOLkbsb2c81dQHCRcF5zwn/ykDRo= +github.com/onsi/gomega v1.39.0 h1:y2ROC3hKFmQZJNFeGAMeHZKkjBL65mIZcvrLQBF9k6Q= +github.com/onsi/gomega v1.39.0/go.mod h1:ZCU1pkQcXDO5Sl9/VVEGlDyp+zm0m1cmeG5TOzLgdh4= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/rogpeppe/go-internal v1.13.1 h1:KvO1DLK/DRN07sQ1LQKScxyZJuNnedQ5/wKSR38lUII= @@ -50,16 +50,16 @@ github.com/tidwall/sjson v1.2.5 h1:kLy8mja+1c9jlljvWTlSazM7cKDRfJuR/bOJhcY5NcY= github.com/tidwall/sjson v1.2.5/go.mod h1:Fvgq9kS/6ociJEDnK0Fk1cpYF4FIW6ZF7LAe+6jwd28= go.yaml.in/yaml/v3 v3.0.4 h1:tfq32ie2Jv2UxXFdLJdh3jXuOzWiL1fo0bu/FbuKpbc= go.yaml.in/yaml/v3 v3.0.4/go.mod h1:DhzuOOF2ATzADvBadXxruRBLzYTpT36CKvDb3+aBEFg= -golang.org/x/mod v0.31.0 h1:HaW9xtz0+kOcWKwli0ZXy79Ix+UW/vOfmWI5QVd2tgI= -golang.org/x/mod v0.31.0/go.mod h1:43JraMp9cGx1Rx3AqioxrbrhNsLl2l/iNAvuBkrezpg= +golang.org/x/mod v0.32.0 h1:9F4d3PHLljb6x//jOyokMv3eX+YDeepZSEo3mFJy93c= +golang.org/x/mod v0.32.0/go.mod h1:SgipZ/3h2Ci89DlEtEXWUk/HteuRin+HHhN+WbNhguU= golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU= golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY= golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4= golang.org/x/sync v0.19.0/go.mod h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI= -golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk= -golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= -golang.org/x/text v0.32.0 h1:ZD01bjUt1FQ9WJ0ClOL5vxgxOI/sVCNgX1YtKwcY0mU= -golang.org/x/text v0.32.0/go.mod h1:o/rUWzghvpD5TXrTIBuJU77MTaN0ljMWE47kxGJQ7jY= +golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ= +golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/text v0.33.0 h1:B3njUFyqtHDUI5jMn1YIr5B0IE2U0qck04r6d4KPAxE= +golang.org/x/text v0.33.0/go.mod h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8= golang.org/x/tools v0.40.0 h1:yLkxfA+Qnul4cs9QA3KnlFu0lVmd8JJfoq+E41uSutA= golang.org/x/tools v0.40.0/go.mod h1:Ik/tzLRlbscWpqqMRjyWYDisX8bG13FrdXp3o4Sr9lc= google.golang.org/protobuf v1.36.7 h1:IgrO7UwFQGJdRNXH/sQux4R1Dj1WAKcLElzeeRaXV2A= diff --git a/src/brats/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md b/src/brats/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md index 9d1bb914b6e..69be62380db 100644 --- a/src/brats/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md +++ b/src/brats/vendor/github.com/onsi/ginkgo/v2/CHANGELOG.md @@ -1,3 +1,8 @@ +## 2.27.4 + +### Fixes +- CurrentTreeConstructionNodeReport: fix for nested container nodes [59bc751] + ## 2.27.3 ### Fixes diff --git a/src/brats/vendor/github.com/onsi/ginkgo/v2/internal/suite.go b/src/brats/vendor/github.com/onsi/ginkgo/v2/internal/suite.go index ef76cd099e6..9d5f590011e 100644 --- a/src/brats/vendor/github.com/onsi/ginkgo/v2/internal/suite.go +++ b/src/brats/vendor/github.com/onsi/ginkgo/v2/internal/suite.go @@ -208,9 +208,12 @@ func (suite *Suite) PushNode(node Node) error { // Ensure that code running in the body of the container node // has access to information about the current container node(s). + // The current one (nil in top-level container nodes, non-nil in an + // embedded container node) gets restored when the node is done. + oldConstructionNodeReport := suite.currentConstructionNodeReport suite.currentConstructionNodeReport = constructionNodeReportForTreeNode(suite.tree) defer func() { - suite.currentConstructionNodeReport = nil + suite.currentConstructionNodeReport = oldConstructionNodeReport }() node.Body(nil) diff --git a/src/brats/vendor/github.com/onsi/ginkgo/v2/types/version.go b/src/brats/vendor/github.com/onsi/ginkgo/v2/types/version.go index 2a50192871e..66cbbcf3c3a 100644 --- a/src/brats/vendor/github.com/onsi/ginkgo/v2/types/version.go +++ b/src/brats/vendor/github.com/onsi/ginkgo/v2/types/version.go @@ -1,3 +1,3 @@ package types -const VERSION = "2.27.3" +const VERSION = "2.27.4" diff --git a/src/brats/vendor/github.com/onsi/gomega/CHANGELOG.md b/src/brats/vendor/github.com/onsi/gomega/CHANGELOG.md index 64b33e8b7cc..cf020605c6e 100644 --- a/src/brats/vendor/github.com/onsi/gomega/CHANGELOG.md +++ b/src/brats/vendor/github.com/onsi/gomega/CHANGELOG.md @@ -1,3 +1,9 @@ +## 1.39.0 + +### Features + +Add `MatchErrorStrictly` which only passes if `errors.Is(actual, expected)` returns true. `MatchError`, by contrast, will fallback to string comparison. + ## 1.38.3 ### Fixes diff --git a/src/brats/vendor/github.com/onsi/gomega/gomega_dsl.go b/src/brats/vendor/github.com/onsi/gomega/gomega_dsl.go index 55c0e895e2f..cd6ce450fb9 100644 --- a/src/brats/vendor/github.com/onsi/gomega/gomega_dsl.go +++ b/src/brats/vendor/github.com/onsi/gomega/gomega_dsl.go @@ -22,7 +22,7 @@ import ( "github.com/onsi/gomega/types" ) -const GOMEGA_VERSION = "1.38.3" +const GOMEGA_VERSION = "1.39.0" const nilGomegaPanic = `You are trying to make an assertion, but haven't registered Gomega's fail handler. If you're using Ginkgo then you probably forgot to put your assertion in an It(). diff --git a/src/brats/vendor/github.com/onsi/gomega/matchers.go b/src/brats/vendor/github.com/onsi/gomega/matchers.go index 40ba15c5e7f..16ca8f46dcf 100644 --- a/src/brats/vendor/github.com/onsi/gomega/matchers.go +++ b/src/brats/vendor/github.com/onsi/gomega/matchers.go @@ -146,6 +146,24 @@ func MatchError(expected any, functionErrorDescription ...any) types.GomegaMatch } } +// MatchErrorStrictly succeeds iff actual is a non-nil error that matches the passed in +// expected error according to errors.Is(actual, expected). +// +// This behavior differs from MatchError where +// +// Expect(errors.New("some error")).To(MatchError(errors.New("some error"))) +// +// succeeds, but errors.Is would return false so: +// +// Expect(errors.New("some error")).To(MatchErrorStrictly(errors.New("some error"))) +// +// fails. +func MatchErrorStrictly(expected error) types.GomegaMatcher { + return &matchers.MatchErrorStrictlyMatcher{ + Expected: expected, + } +} + // BeClosed succeeds if actual is a closed channel. // It is an error to pass a non-channel to BeClosed, it is also an error to pass nil // diff --git a/src/brats/vendor/github.com/onsi/gomega/matchers/match_error_strictly_matcher.go b/src/brats/vendor/github.com/onsi/gomega/matchers/match_error_strictly_matcher.go new file mode 100644 index 00000000000..63969b26630 --- /dev/null +++ b/src/brats/vendor/github.com/onsi/gomega/matchers/match_error_strictly_matcher.go @@ -0,0 +1,39 @@ +package matchers + +import ( + "errors" + "fmt" + + "github.com/onsi/gomega/format" +) + +type MatchErrorStrictlyMatcher struct { + Expected error +} + +func (matcher *MatchErrorStrictlyMatcher) Match(actual any) (success bool, err error) { + + if isNil(matcher.Expected) { + return false, fmt.Errorf("Expected error is nil, use \"ToNot(HaveOccurred())\" to explicitly check for nil errors") + } + + if isNil(actual) { + return false, fmt.Errorf("Expected an error, got nil") + } + + if !isError(actual) { + return false, fmt.Errorf("Expected an error. Got:\n%s", format.Object(actual, 1)) + } + + actualErr := actual.(error) + + return errors.Is(actualErr, matcher.Expected), nil +} + +func (matcher *MatchErrorStrictlyMatcher) FailureMessage(actual any) (message string) { + return format.Message(actual, "to match error", matcher.Expected) +} + +func (matcher *MatchErrorStrictlyMatcher) NegatedFailureMessage(actual any) (message string) { + return format.Message(actual, "not to match error", matcher.Expected) +} diff --git a/src/brats/vendor/modules.txt b/src/brats/vendor/modules.txt index 6e682f82124..b2c70c1c1ba 100644 --- a/src/brats/vendor/modules.txt +++ b/src/brats/vendor/modules.txt @@ -21,7 +21,7 @@ github.com/google/go-cmp/cmp/internal/value # github.com/google/pprof v0.0.0-20251114195745-4902fdda35c8 ## explicit; go 1.24.0 github.com/google/pprof/profile -# github.com/onsi/ginkgo/v2 v2.27.3 +# github.com/onsi/ginkgo/v2 v2.27.4 ## explicit; go 1.23.0 github.com/onsi/ginkgo/v2 github.com/onsi/ginkgo/v2/config @@ -45,7 +45,7 @@ github.com/onsi/ginkgo/v2/internal/reporters github.com/onsi/ginkgo/v2/internal/testingtproxy github.com/onsi/ginkgo/v2/reporters github.com/onsi/ginkgo/v2/types -# github.com/onsi/gomega v1.38.3 +# github.com/onsi/gomega v1.39.0 ## explicit; go 1.23.0 github.com/onsi/gomega github.com/onsi/gomega/format @@ -65,7 +65,7 @@ github.com/onsi/gomega/types # go.yaml.in/yaml/v3 v3.0.4 ## explicit; go 1.16 go.yaml.in/yaml/v3 -# golang.org/x/mod v0.31.0 +# golang.org/x/mod v0.32.0 ## explicit; go 1.24.0 golang.org/x/mod/semver # golang.org/x/net v0.48.0 @@ -76,10 +76,10 @@ golang.org/x/net/html/charset # golang.org/x/sync v0.19.0 ## explicit; go 1.24.0 golang.org/x/sync/errgroup -# golang.org/x/sys v0.39.0 +# golang.org/x/sys v0.40.0 ## explicit; go 1.24.0 golang.org/x/sys/unix -# golang.org/x/text v0.32.0 +# golang.org/x/text v0.33.0 ## explicit; go 1.24.0 golang.org/x/text/encoding golang.org/x/text/encoding/charmap diff --git a/src/vendor/cache/activesupport-8.1.1.gem b/src/vendor/cache/activesupport-8.1.1.gem deleted file mode 100644 index e076ce247a7..00000000000 --- a/src/vendor/cache/activesupport-8.1.1.gem +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:5e92534e8d0c8b8b5e6b16789c69dbea65c1d7b752269f71a39422e9546cea67 -size 267776 diff --git a/src/vendor/cache/activesupport-8.1.2.gem b/src/vendor/cache/activesupport-8.1.2.gem new file mode 100644 index 00000000000..fbaa78271d0 --- /dev/null +++ b/src/vendor/cache/activesupport-8.1.2.gem @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:88842578ccd0d40f658289b0e8c842acfe9af751afee2e0744a7873f50b6fdae +size 268800 diff --git a/src/vendor/cache/async-http-0.92.1.gem b/src/vendor/cache/async-http-0.92.1.gem deleted file mode 100644 index bf851896919..00000000000 --- a/src/vendor/cache/async-http-0.92.1.gem +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:66db56854cd9173b2f4e3b55f6ba48e15021e316425f0275e310a1d9ab173d59 -size 39936 diff --git a/src/vendor/cache/async-http-0.93.0.gem b/src/vendor/cache/async-http-0.93.0.gem new file mode 100644 index 00000000000..8309b022285 --- /dev/null +++ b/src/vendor/cache/async-http-0.93.0.gem @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:04ff9aee39d981ebccf33b70dc6c69e39f60ea4a9199d1e6378afa09eacd53ec +size 39936 diff --git a/src/vendor/cache/protocol-http-0.56.1.gem b/src/vendor/cache/protocol-http-0.56.1.gem deleted file mode 100644 index dfa6688f487..00000000000 --- a/src/vendor/cache/protocol-http-0.56.1.gem +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a2cf738967f417048c27f0beb37a976c54fedc6a2532d8d13e7454597dd294d1 -size 59904 diff --git a/src/vendor/cache/protocol-http-0.58.0.gem b/src/vendor/cache/protocol-http-0.58.0.gem new file mode 100644 index 00000000000..2240fb9c69f --- /dev/null +++ b/src/vendor/cache/protocol-http-0.58.0.gem @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:b77c5799e7a7acd31afaa9fed5c3714fe91ab7746925d66e9e4d92a5c74555fa +size 60928 diff --git a/src/vendor/cache/protocol-http1-0.35.2.gem b/src/vendor/cache/protocol-http1-0.35.2.gem deleted file mode 100644 index 48c9d9e5973..00000000000 --- a/src/vendor/cache/protocol-http1-0.35.2.gem +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:b47aded38cd08dc37e9ed9ac7a54dc7bfaffa6d088dfaf3b178e2ef42fc614e6 -size 25088 diff --git a/src/vendor/cache/protocol-http1-0.36.0.gem b/src/vendor/cache/protocol-http1-0.36.0.gem new file mode 100644 index 00000000000..1ea8421c874 --- /dev/null +++ b/src/vendor/cache/protocol-http1-0.36.0.gem @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:057344d2509a59338d0b4bc8f092a52126bb9ed51b76adbb4365f132bbd4ef09 +size 25088 diff --git a/src/vendor/cache/thor-1.4.0.gem b/src/vendor/cache/thor-1.4.0.gem deleted file mode 100644 index a28419ea360..00000000000 --- a/src/vendor/cache/thor-1.4.0.gem +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8763e822ccb0f1d7bee88cde131b19a65606657b847cc7b7b4b82e772bcd8a3d -size 56320 diff --git a/src/vendor/cache/thor-1.5.0.gem b/src/vendor/cache/thor-1.5.0.gem new file mode 100644 index 00000000000..e1c971d7aba --- /dev/null +++ b/src/vendor/cache/thor-1.5.0.gem @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e3a9e55fe857e44859ce104a84675ab6e8cd59c650a49106a05f55f136425e73 +size 56832 diff --git a/src/vendor/cache/tilt-2.6.1.gem b/src/vendor/cache/tilt-2.6.1.gem deleted file mode 100644 index 03323f2de69..00000000000 --- a/src/vendor/cache/tilt-2.6.1.gem +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:35a99bba2adf7c1e362f5b48f9b581cce4edfba98117e34696dde6d308d84770 -size 26624 diff --git a/src/vendor/cache/tilt-2.7.0.gem b/src/vendor/cache/tilt-2.7.0.gem new file mode 100644 index 00000000000..7c29020b913 --- /dev/null +++ b/src/vendor/cache/tilt-2.7.0.gem @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:0d5b9ba69f6a36490c64b0eee9f6e9aad517e20dcc848800a06eb116f08c6ab3 +size 30720