forked from cloudfoundry/cf-deployment-concourse-tasks
-
Notifications
You must be signed in to change notification settings - Fork 1
/
task.yml
163 lines (139 loc) · 5.13 KB
/
task.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
---
platform: linux
image_resource:
type: docker-image
source:
repository: relintdockerhubpushbot/cf-deployment-concourse-tasks
tag: latest
inputs:
- name: cf-deployment-concourse-tasks # - This repo
- name: bbl-state # - The env repo containing the Director's bbl state dir
- name: bbl-config # - The repo containing bbl plan patches
# - If no plan patches are necessary in your case,
# we suggest you use `input_mapping`
# to map your `bbl-state` resource to `bbl-config`
# in order to satisfy this required input.
- name: pool-lock
optional: true
outputs:
- name: updated-bbl-state
# - The bbl-state resource, with changes git committed,
# - ready to be `put` to a git resource.
# - This output _must_ be persisted for these tasks to function properly
run:
path: cf-deployment-concourse-tasks/bbl-up/task
params:
# AWS Configuration Params
# - Required for AWS
BBL_AWS_ACCESS_KEY_ID:
BBL_AWS_SECRET_ACCESS_KEY:
BBL_AWS_REGION:
# Azure Configuration Params
# - Required for Azure
BBL_AZURE_CLIENT_ID:
BBL_AZURE_CLIENT_SECRET:
BBL_AZURE_TENANT_ID:
BBL_AZURE_SUBSCRIPTION_ID:
BBL_AZURE_REGION:
# GCP Configuration Params
# - Required for GCP
BBL_GCP_SERVICE_ACCOUNT_KEY:
# - Key content or path to the file containing credentials downloaded from GCP
# - Path is relative to the `bbl-state` input
BBL_GCP_REGION:
# OpenStack Configuration Params
# - Required for OpenStack
BBL_OPENSTACK_AUTH_URL:
BBL_OPENSTACK_AZ:
BBL_OPENSTACK_NETWORK_ID:
BBL_OPENSTACK_NETWORK_NAME:
BBL_OPENSTACK_PASSWORD:
BBL_OPENSTACK_USERNAME:
BBL_OPENSTACK_PROJECT:
BBL_OPENSTACK_DOMAIN:
BBL_OPENSTACK_REGION:
# vSphere Configuration Params
# - Required for vSphere
BBL_VSPHERE_VCENTER_USER:
BBL_VSPHERE_VCENTER_PASSWORD:
BBL_VSPHERE_VCENTER_IP:
BBL_VSPHERE_VCENTER_DC:
BBL_VSPHERE_VCENTER_CLUSTER:
BBL_VSPHERE_VCENTER_RP:
BBL_VSPHERE_NETWORK:
BBL_VSPHERE_VCENTER_DS:
BBL_VSPHERE_SUBNET_CIDR:
BBL_VSPHERE_VCENTER_DISKS:
BBL_VSPHERE_VCENTER_TEMPLATES:
BBL_VSPHERE_VCENTER_VMS:
BBL_STATE_DIR: bbl-state
# - Path to the directory containing the `bbl-state.json` file
# - The path is relative to the `bbl-state` input
# - If blank or '.', uses `bbl-state` input as the location for bbl state
# - If the specified path does not exist, it will be created
BBL_CONFIG_DIR:
# - Optional
# - Path to the directory containing bbl plan patches
# - The path is relative to the `bbl-config` input
# - If left empty, no customizations (i.e. ops-files, terraform templates, etc.) will be applied during `bbl up`
BBL_IAAS:
# - Required
# - The target IAAS which bbl will create infrastructure
# - Must be `aws` or `azure` or `gcp` or `openstack` or `vsphere`
BBL_LB_CERT:
# - Required if `SKIP_LB_CREATION` is false
# - PEM encoded certificate to be associated with the load balancer
# for SSL termination
# - Can be either the certificate content or a path to the certificate
# - If a path is provided, path is relative to the BBL_STATE_DIR
BBL_LB_CERT_CHAIN:
# - Optional
# - PEM encoded certificate to be associated with the load balancer
# certificate chain
# - Can be either the certificate content or a path to the certificate
# - If a path is provided, path is relative to the BBL_STATE_DIR
BBL_LB_KEY:
# - Required if `SKIP_LB_CREATION` is false
# - PEM-encoded private key to be used for TLS termination on the load
# balancer.
# - Can be either the key content or a path to the key
# - If a path is provided, path is relative to the BBL_STATE_DIR
LB_DOMAIN:
# - Required if `SKIP_LB_CREATION` is false
# - The domain which bbl will register
BBL_ENV_NAME:
# - Optional
# - A label to apply to the bbl environment
# - Label will appear in the IaaS metadata/interface
GIT_COMMIT_EMAIL: "cf-release-integration@pivotal.io"
GIT_COMMIT_USERNAME: "CI Bot"
GIT_COMMIT_MESSAGE: "Update bbl state dir"
# - Optional
# - You may choose the git committer
# username, email address and message by setting these
SKIP_LB_CREATION: false
# - Optional
# - Set to `true` to skip load balancer creation,
# - for example, a BOSH Lite environment
DEBUG_MODE: false
# - Optional
# - BE CAREFUL! For public pipelines it can cause credentials disclosure.
# - With `false` all output from BBL calls will be saved in log files inside concourse job only.
# - Set this to `true` to see all output straight in the pipeline.
STORE_BBL_STATE_AS_TARBALL: false
# - Optional
# - Creates a tarball of the bbl-state directory, instead of treating it
# - as a git repo and committing.
# - This is useful if you want to store your state file in S3 or GCS.
DELETE_TERRAFORM_PLUGINS: true
# - Optional
# - Deletes Terraform plugins in the bbl state directory before pushing or uploading state
# - These plugins are very large (around 50 MB for the Google plugin, for instance)
# - bbl will replace them on its next operation
# - Set this to `false` to keep these plugins
BBL_JSON_CONFIG:
# - Optional
# - For if you need a dynamic config for BBL
TRUSTED_CA:
# - Optional
# - For if you need an additional CA cert to be trusted by BOSH VMs