diff --git a/bosh/releases/pre_render_scripts/uaa/uaa/jobs/patch_pre-start.sh b/bosh/releases/pre_render_scripts/uaa/uaa/jobs/patch_pre-start.sh index 5725a6655e..573b6d4d30 100644 --- a/bosh/releases/pre_render_scripts/uaa/uaa/jobs/patch_pre-start.sh +++ b/bosh/releases/pre_render_scripts/uaa/uaa/jobs/patch_pre-start.sh @@ -16,7 +16,7 @@ fi patch --verbose "${target}" <<'EOT' --- pre-start.erb 2019-12-04 08:37:51.046503943 +0100 +++ - 2019-12-04 08:41:36.055142488 +0100 -@@ -32,9 +32,24 @@ +@@ -32,9 +32,29 @@ <% end %> log "Trying to run update-ca-certificates..." @@ -36,6 +36,11 @@ patch --verbose "${target}" <<'EOT' + mv /var/lib/ca-certificates/ca-bundle.pem /etc/ssl/certs/"$(basename "${OS_CERTS_FILE}")" + ;; + ++ *rhel|centos|fedora*) ++ timeout --signal=KILL 180s /usr/bin/update-ca-trust ++ cp /etc/ssl/certs/ca-bundle.crt ${OS_CERTS_FILE} ++ ;; ++ + *) + echo "Unsupported operating system: ${PRETTY_NAME}" + exit 42 diff --git a/chart/config/releases.yaml b/chart/config/releases.yaml index bf4a722f21..0038c0f021 100644 --- a/chart/config/releases.yaml +++ b/chart/config/releases.yaml @@ -20,7 +20,7 @@ releases: tag: 0.1.0 brain-tests: condition: testing.brain_tests.enabled - version: v0.0.14 + version: v0.0.15 bosh-dns-aliases: # not needed for kubecf; functionality provided by quarks-operator condition: false diff --git a/chart/config/unsupported.yaml b/chart/config/unsupported.yaml index 9222d61958..c9988ca820 100644 --- a/chart/config/unsupported.yaml +++ b/chart/config/unsupported.yaml @@ -10,6 +10,9 @@ unsupported: Don't use properties.diego-cell.garden.grootfs.reserved_space_for_other_jobs_in_mb. Use sizing.diego_cell.ephemeral_disk.size to set the amount of disk available to the cell. + features.routing_api.enabled && features.eirini.enabled: | + Cannot activate routing-api for eirini. It is not yet supported by this scheduler. + features.embedded_database.enabled && features.external_database.enabled: | Cannot simultaneously activate both features.embedded_database and features.external_database. diff --git a/chart/templates/_features.tpl b/chart/templates/_features.tpl index 20521da766..4e7f8a2a54 100644 --- a/chart/templates/_features.tpl +++ b/chart/templates/_features.tpl @@ -13,4 +13,8 @@ {{- else }} {{- $_ := merge $.Values (dict "features" (dict "external_blobstore" (dict "enabled" false))) }} {{- end}} + {{- /* Fix routing_api to proper (per-scheduler) default when not overriden by user */}} + {{- if kindIs "invalid" $.Values.features.routing_api.enabled }} + {{- $_ := set $.Values.features.routing_api "enabled" (not $.Values.features.eirini.enabled) }} + {{- end }} {{- end }} diff --git a/chart/values.schema.yaml b/chart/values.schema.yaml index 55ab64b3ca..8d2bb11ddd 100644 --- a/chart/values.schema.yaml +++ b/chart/values.schema.yaml @@ -306,6 +306,15 @@ properties: password: {type: string} additionalProperties: false additionalProperties: false + + routing_api: + type: object + properties: + enabled: + oneOf: + - type: boolean + - type: 'null' + additionalProperties: type: object properties: diff --git a/chart/values.yaml b/chart/values.yaml index 9c819cc0a1..0814171b8d 100644 --- a/chart/values.yaml +++ b/chart/values.yaml @@ -348,7 +348,8 @@ features: routing_api: # Enable the routing API. Disabling this will also disable TCP routing, which is used for TCP # port forwarding. - enabled: true + # Enabled by default, except under Eirini, where the routing-api is not (yet) supported. + enabled: ~ embedded_database: # Enable the embedded database. If this is disabled, then features.external_database should be # configured to use an external database. diff --git a/dependencies.yaml b/dependencies.yaml index ab5078388d..5e9636a949 100644 --- a/dependencies.yaml +++ b/dependencies.yaml @@ -103,9 +103,9 @@ binaries: # Additional files we need to download; see http_file() invocation in WORKSPACE. external_files: cf_operator: - sha256: cb8893522bd1b81878186d866becb01bcc67f6c7dacb71e3e0a6e48e9b014410 + sha256: 9d4f8219a204b7f0b90170c4289b0df80e6da350f8941f047bc6e873ba22ad4c url: https://s3.amazonaws.com/cf-operators/release/helm-charts/cf-operator-{version}.tgz - version: 6.1.15%2B0.g89a56300 + version: 6.1.17%2B0.gec409fd7 kube_dashboard: sha256: f849252870818a2971dfc3c4f8a8c5f58a57606bc2b5f221d7ab693e1d1190e0 url: https://raw.githubusercontent.com/kubernetes/dashboard/{version}/aio/deploy/recommended.yaml diff --git a/doc/rfd/README.md b/doc/rfd/README.md index d3e32bda76..c09df7f8a7 100644 --- a/doc/rfd/README.md +++ b/doc/rfd/README.md @@ -3,8 +3,13 @@ | state | RFD | | --------- | ------------------------------------------------------------- | +| publish | [RFD 0 Request for Discussion](./rfd/0000/README.md) | | abandoned | [RFD 1 Record architecture decisions](./rfd/0001/README.md) | | publish | [RFD 2 Git Commit Messages](./rfd/0002/README.md) | | publish | [RFD 3 Deprecate Bazel](./rfd/0003/README.md) | | publish | [RFD 4 Upgrade Testing Methodology When Releasing](./rfd/0004/README.md) | | publish | [RFD 5 Limit the Languages, Data Formats, and Tools Used by KubeCF](./rfd/0005/README.md) | + +## Introduction + +To know the RFD process and states please visit the [RFD 0](./rfd/0000/README.md). diff --git a/doc/rfd/rfd/0000/README.md b/doc/rfd/rfd/0000/README.md index 182276eced..a9d8951496 100644 --- a/doc/rfd/rfd/0000/README.md +++ b/doc/rfd/rfd/0000/README.md @@ -4,7 +4,7 @@ state: discussion discussion: https://github.com/cloudfoundry-incubator/kubecf/pull/1223 --- -# Request for Discussion +# RFD 0 Request for Discussion The goal is to have an constructive discussion within the team about an idea and capture it in a document known by RFD. diff --git a/scripts/image_list.rb b/scripts/image_list.rb index 430fbeb897..53edf69079 100644 --- a/scripts/image_list.rb +++ b/scripts/image_list.rb @@ -91,7 +91,12 @@ def initialize(chart:, values:) # Provide required value to avoid schema validation failure values['system_domain'] = 'example.com' # Eirini will throw an error unless a compatible stack is selected - values['install_stacks'] = ['sle15'] + if values['features']['eirini']['enabled'] + values['install_stacks'] = ['sle15'] + # Chart will throw an error when trying to use both eirini and + # routing_api. Avoid. + values['features']['routing_api']['enabled'] = false + end Tempfile.open(['values-', '.yaml']) do |values_file| values_file.write values.to_yaml values_file.close