From c999feddf96ddfbdfcfa26cc246ab164a7d9774f Mon Sep 17 00:00:00 2001 From: Serguei Filimonov Date: Mon, 16 Mar 2015 17:02:56 -0700 Subject: [PATCH] Revert "Add ca_truster job to trust CA certs configured by manifest" This reverts commit 064fcac3ebc69668f64c585214c5d5ac09b17907. --- bosh-lite/cf-stub-spiff.yml | 23 -------- jobs/ca_truster/monit | 5 -- jobs/ca_truster/spec | 17 ------ jobs/ca_truster/templates/ca_truster.sh.erb | 18 ------ jobs/ca_truster/templates/ca_truster_ctl.erb | 25 -------- spec/fixtures/aws/cf-manifest.yml.erb | 60 ------------------- spec/fixtures/openstack/cf-manifest.yml.erb | 60 ------------------- spec/fixtures/vsphere/cf-manifest.yml.erb | 61 -------------------- spec/fixtures/warden/cf-manifest.yml.erb | 60 ------------------- templates/cf-infrastructure-vsphere.yml | 6 ++ templates/cf-infrastructure-warden.yml | 2 - templates/cf-jobs.yml | 36 ------------ templates/cf-properties.yml | 3 - 13 files changed, 6 insertions(+), 370 deletions(-) delete mode 100644 jobs/ca_truster/monit delete mode 100644 jobs/ca_truster/spec delete mode 100644 jobs/ca_truster/templates/ca_truster.sh.erb delete mode 100644 jobs/ca_truster/templates/ca_truster_ctl.erb diff --git a/bosh-lite/cf-stub-spiff.yml b/bosh-lite/cf-stub-spiff.yml index 1c66fa46e2..bc086a00aa 100644 --- a/bosh-lite/cf-stub-spiff.yml +++ b/bosh-lite/cf-stub-spiff.yml @@ -8,29 +8,6 @@ properties: loggregator_endpoint: shared_secret: PLACEHOLDER-LOGGREGATOR-SECRET - ca_truster: - certificates: - - | - -----BEGIN CERTIFICATE----- - MIIDETCCAfmgAwIBAgIJANZuykf1uh3LMA0GCSqGSIb3DQEBBQUAMB8xHTAbBgNV - BAMMFCouMTAuMjQ0LjAuMzQueGlwLmlvMB4XDTE0MTIyNDIzMTkxM1oXDTI0MTIy - MTIzMTkxM1owHzEdMBsGA1UEAwwUKi4xMC4yNDQuMC4zNC54aXAuaW8wggEiMA0G - CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDCjq73Fgwfj2UT0/+wR9kVVsGAguMj - poA0opLCgE0yHStAhSvqq7YpO39dH3vBMWXyr2xIfDyaeZyhV86jWu/ZKswGjNGI - ZKv/yUINe1bqukOBqd+SHVvkVhxSLJuD1MR83JQMONRjOPJp661/ABpVhnrNfBiA - AA6aaFv4/KbyGY/E1FHoUXqEdh4WxaJdfX6SbgG05ArWxhSD7PNj4CYvJWGCdvqP - KBsvWFDrkxBHn5h1JIDfZJB8FKP6vaHBr7MU4pIHM+qaZ1Y+8ja0wcgkHn4YHcp6 - IOhqpck7LaH5Qq2ydYFNTcG4fTbG0jXqcit2WSUxRkXzWnrgo2E0SiHBAgMBAAGj - UDBOMB0GA1UdDgQWBBSpCtEDtEvMwaZzXN6Lvk5U7Eyn2zAfBgNVHSMEGDAWgBSp - CtEDtEvMwaZzXN6Lvk5U7Eyn2zAMBgNVHRMEBTADAQH/MA0GCSqGSIb3DQEBBQUA - A4IBAQB1YIHmw3gPiMn8WDR4yVxDvSVgFHY6ZE1iZb17vVs4N2/mhQZXWJ2nZV02 - goAivtgxHOj39sK5OBWsGvrQo5H8dt1t4XmbwB1C6xRerGc25dhDRq42RqhCN0RJ - zzjd9b8YSiwtAaZlW36l2jVDLfRapb00tWToF9qYrDrmKy2sekS7g2hbiRStcue/ - bpT4X/CHxb/lUbpL4m8BpDbkGiOJgl+SEHRx5tZ0Kob/RDQRCcN3p+71FRbDIEBj - +8sJl/yUUUPwQ6PNYx6cjtlICWJ1G0l0hRa141VXPqSNCmxYS4dp/8ifPCSoLc+k - 9TXFkuGl+86CPTyyMJxyMhEcAGZT - -----END CERTIFICATE----- - cc: min_cli_version: "6.0.0" min_recommended_cli_version: "6.10.0" diff --git a/jobs/ca_truster/monit b/jobs/ca_truster/monit deleted file mode 100644 index ed248f731f..0000000000 --- a/jobs/ca_truster/monit +++ /dev/null @@ -1,5 +0,0 @@ -check process ca_truster with pidfile /var/vcap/sys/run/ca_truster/ca_truster.pid - start program "/var/vcap/jobs/ca_truster/bin/ca_truster_ctl start" - stop program "/var/vcap/jobs/ca_truster/bin/ca_truster_ctl stop" - - diff --git a/jobs/ca_truster/spec b/jobs/ca_truster/spec deleted file mode 100644 index 43c83f9dd4..0000000000 --- a/jobs/ca_truster/spec +++ /dev/null @@ -1,17 +0,0 @@ ---- -name: ca_truster - -description: "CA truster adds CA certificates to the trusted list. It is intented do be included in every VM." - -templates: - ca_truster.sh.erb: bin/ca_truster.sh - ca_truster_ctl.erb: bin/ca_truster_ctl - -packages: - - common - -properties: - ca_truster.certificates: - description: "CA certificates to trust." - default: [] - diff --git a/jobs/ca_truster/templates/ca_truster.sh.erb b/jobs/ca_truster/templates/ca_truster.sh.erb deleted file mode 100644 index 0ebaf14a74..0000000000 --- a/jobs/ca_truster/templates/ca_truster.sh.erb +++ /dev/null @@ -1,18 +0,0 @@ -trust_cas() { - set -e -x - - <% p("ca_truster.certificates", []).each_with_index do |certificate, i| %> - echo "adding CA /usr/local/share/ca-certificates/cf-ca-truster-<%= i %>.crt" - echo '<%= certificate %>' > /usr/local/share/ca-certificates/cf-ca-truster-<%= i %>.crt - <% end %> - update-ca-certificates - echo 1 > ${RUN_DIR}/ca_truster.pid -} - -untrust_cas() { - set -e -x - - rm -f /usr/local/share/ca-certificates/cf-ca-truster-*.crt - update-ca-certificates --fresh - rm -f ${RUN_DIR}/ca_truster.pid -} diff --git a/jobs/ca_truster/templates/ca_truster_ctl.erb b/jobs/ca_truster/templates/ca_truster_ctl.erb deleted file mode 100644 index 0fb8f3b605..0000000000 --- a/jobs/ca_truster/templates/ca_truster_ctl.erb +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/bash - -export CA_TRUSTER_JOB_DIR=/var/vcap/jobs/ca_truster - -RUN_DIR=/var/vcap/sys/run/ca_truster - -source /var/vcap/packages/common/utils.sh -source $CA_TRUSTER_JOB_DIR/bin/ca_truster.sh - -case $1 in - - start) - mkdir -p $RUN_DIR - trust_cas - ;; - - stop) - untrust_cas - ;; - - *) - echo "Usage: ca_truster_ctl {start|stop}" - ;; - -esac diff --git a/spec/fixtures/aws/cf-manifest.yml.erb b/spec/fixtures/aws/cf-manifest.yml.erb index 21b5ff8a10..0d61f5904d 100644 --- a/spec/fixtures/aws/cf-manifest.yml.erb +++ b/spec/fixtures/aws/cf-manifest.yml.erb @@ -36,8 +36,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: nats_z1 @@ -58,8 +56,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: nats_z2 @@ -80,8 +76,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: consul_z1 @@ -107,8 +101,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 serial: true @@ -137,8 +129,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 serial: true @@ -163,8 +153,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: etcd_z2 @@ -186,8 +174,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: stats_z1 @@ -204,8 +190,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: nfs_z1 @@ -224,8 +208,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: postgres_z1 @@ -244,8 +226,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: uaa_z1 @@ -271,8 +251,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -300,8 +278,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -320,8 +296,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: login_z2 @@ -338,8 +312,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: api_z1 @@ -374,8 +346,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -412,8 +382,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -433,8 +401,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: api_worker_z1 @@ -460,8 +426,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: api_worker_z2 @@ -487,8 +451,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: hm9000_z1 @@ -505,8 +467,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: hm9000_z2 @@ -523,8 +483,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: runner_z1 @@ -546,8 +504,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 - instances: 1 @@ -570,8 +526,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 - instances: 1 @@ -648,8 +602,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -679,8 +631,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -709,8 +659,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -739,8 +687,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -753,8 +699,6 @@ jobs: templates: - name: acceptance-tests release: cf - - name: ca_truster - release: cf - instances: 1 lifecycle: errand name: smoke_tests @@ -767,8 +711,6 @@ jobs: templates: - name: smoke-tests release: cf - - name: ca_truster - release: cf meta: environment: null releases: @@ -796,8 +738,6 @@ properties: acceptance_tests: null app_domains: - example.com - ca_truster: - certificates: [] cc: allowed_cors_domains: [] app_events: diff --git a/spec/fixtures/openstack/cf-manifest.yml.erb b/spec/fixtures/openstack/cf-manifest.yml.erb index d070644eea..30457f871c 100644 --- a/spec/fixtures/openstack/cf-manifest.yml.erb +++ b/spec/fixtures/openstack/cf-manifest.yml.erb @@ -39,8 +39,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: nats_z1 @@ -61,8 +59,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: nats_z2 @@ -82,8 +78,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: consul_z1 @@ -105,8 +99,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 serial: true @@ -130,8 +122,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 serial: true @@ -155,8 +145,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: etcd_z2 @@ -177,8 +165,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: stats_z1 @@ -195,8 +181,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: nfs_z1 @@ -216,8 +200,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: postgres_z1 @@ -237,8 +219,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: uaa_z1 @@ -261,8 +241,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -287,8 +265,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -307,8 +283,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: login_z2 @@ -325,8 +299,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: api_z1 @@ -358,8 +330,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -393,8 +363,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -414,8 +382,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: api_worker_z1 @@ -441,8 +407,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: api_worker_z2 @@ -468,8 +432,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: hm9000_z1 @@ -486,8 +448,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: hm9000_z2 @@ -504,8 +464,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: runner_z1 @@ -527,8 +485,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 - instances: 0 @@ -551,8 +507,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 - instances: 1 @@ -626,8 +580,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -653,8 +605,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -680,8 +630,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -707,8 +655,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -721,8 +667,6 @@ jobs: templates: - name: acceptance-tests release: cf - - name: ca_truster - release: cf - instances: 0 lifecycle: errand name: smoke_tests @@ -735,8 +679,6 @@ jobs: templates: - name: smoke-tests release: cf - - name: ca_truster - release: cf meta: environment: null releases: @@ -759,8 +701,6 @@ properties: acceptance_tests: null app_domains: - example.com - ca_truster: - certificates: [] cc: allowed_cors_domains: [] app_events: diff --git a/spec/fixtures/vsphere/cf-manifest.yml.erb b/spec/fixtures/vsphere/cf-manifest.yml.erb index 1eba9d8281..0fc23ca0ec 100644 --- a/spec/fixtures/vsphere/cf-manifest.yml.erb +++ b/spec/fixtures/vsphere/cf-manifest.yml.erb @@ -38,8 +38,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: nats_z1 @@ -60,8 +58,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: nats_z2 @@ -82,8 +78,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: consul_z1 @@ -109,8 +103,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 serial: true @@ -139,8 +131,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 serial: true @@ -165,8 +155,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: etcd_z2 @@ -188,8 +176,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: stats_z1 @@ -206,8 +192,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: nfs_z1 @@ -227,8 +211,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: postgres_z1 @@ -248,8 +230,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: uaa_z1 @@ -275,8 +255,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -304,8 +282,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -321,11 +297,8 @@ jobs: resource_pool: medium_z1 templates: - name: login - release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: login_z2 @@ -342,8 +315,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: api_z1 @@ -378,8 +349,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -416,8 +385,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -437,8 +404,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: api_worker_z1 @@ -464,8 +429,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: api_worker_z2 @@ -491,8 +454,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: hm9000_z1 @@ -509,8 +470,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: hm9000_z2 @@ -527,8 +486,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: runner_z1 @@ -550,8 +507,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 - instances: 1 @@ -574,8 +529,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 - instances: 1 @@ -652,8 +605,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -683,8 +634,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -713,8 +662,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -743,8 +690,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -757,8 +702,6 @@ jobs: templates: - name: acceptance-tests release: cf - - name: ca_truster - release: cf - instances: 1 lifecycle: errand name: smoke_tests @@ -771,8 +714,6 @@ jobs: templates: - name: smoke-tests release: cf - - name: ca_truster - release: cf meta: environment: null releases: @@ -800,8 +741,6 @@ properties: acceptance_tests: null app_domains: - 0.0.0.3.xip.io - ca_truster: - certificates: [] cc: allowed_cors_domains: [] app_events: diff --git a/spec/fixtures/warden/cf-manifest.yml.erb b/spec/fixtures/warden/cf-manifest.yml.erb index d8c33d7131..17556f34b1 100644 --- a/spec/fixtures/warden/cf-manifest.yml.erb +++ b/spec/fixtures/warden/cf-manifest.yml.erb @@ -81,8 +81,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: nats_z1 @@ -103,8 +101,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: nats_z2 @@ -124,8 +120,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: consul_z1 @@ -149,8 +143,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 serial: true @@ -175,8 +167,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 serial: true @@ -200,8 +190,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: etcd_z2 @@ -222,8 +210,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: stats_z1 @@ -240,8 +226,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: nfs_z1 @@ -260,8 +244,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: postgres_z1 @@ -281,8 +263,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: uaa_z1 @@ -306,8 +286,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -333,8 +311,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -353,8 +329,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: login_z2 @@ -371,8 +345,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: api_z1 @@ -409,8 +381,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -445,8 +415,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -466,8 +434,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: api_worker_z1 @@ -493,8 +459,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: api_worker_z2 @@ -520,8 +484,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: hm9000_z1 @@ -538,8 +500,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 0 name: hm9000_z2 @@ -556,8 +516,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: {} - instances: 1 name: runner_z1 @@ -580,8 +538,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 - instances: 0 @@ -604,8 +560,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf update: max_in_flight: 1 - instances: 1 @@ -680,8 +634,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -708,8 +660,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -736,8 +686,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -764,8 +712,6 @@ jobs: release: cf - name: metron_agent release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf update: {} @@ -778,8 +724,6 @@ jobs: templates: - name: acceptance-tests release: cf - - name: ca_truster - release: cf - instances: 1 lifecycle: errand name: smoke_tests @@ -792,8 +736,6 @@ jobs: templates: - name: smoke-tests release: cf - - name: ca_truster - release: cf meta: environment: cf-warden releases: @@ -2489,8 +2431,6 @@ properties: skip_ssl_validation: true app_domains: - 10.244.0.34.xip.io - ca_truster: - certificates: [] cc: allowed_cors_domains: [] app_events: diff --git a/templates/cf-infrastructure-vsphere.yml b/templates/cf-infrastructure-vsphere.yml index b79c7f3e2d..06424221ab 100644 --- a/templates/cf-infrastructure-vsphere.yml +++ b/templates/cf-infrastructure-vsphere.yml @@ -191,6 +191,12 @@ jobs: networks: - name: cf2 static_ips: (( static_ips(17, 18, 19) )) + # using login template, that supports self-signed certs + - name: login_z1 + templates: + - name: login + - name: metron_agent + release: cf - name: acceptance_tests instances: 1 diff --git a/templates/cf-infrastructure-warden.yml b/templates/cf-infrastructure-warden.yml index 2c05872533..1c640e576d 100644 --- a/templates/cf-infrastructure-warden.yml +++ b/templates/cf-infrastructure-warden.yml @@ -357,8 +357,6 @@ jobs: release: cf - name: nfs_mounter release: cf - - name: ca_truster - release: cf - name: consul_agent release: cf diff --git a/templates/cf-jobs.yml b/templates/cf-jobs.yml index d4cf4ea4a1..b33d2af5bd 100644 --- a/templates/cf-jobs.yml +++ b/templates/cf-jobs.yml @@ -33,8 +33,6 @@ meta: release: (( meta.release.name )) - name: nfs_mounter release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) - name: consul_agent release: (( meta.release.name )) @@ -45,16 +43,12 @@ meta: release: (( meta.release.name )) - name: nfs_mounter release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) clock_templates: - name: cloud_controller_clock release: (( meta.release.name )) - name: metron_agent release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) nats_templates: - name: nats @@ -63,8 +57,6 @@ meta: release: (( meta.release.name )) - name: metron_agent release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) dea_templates: - name: dea_next @@ -73,16 +65,12 @@ meta: release: (( meta.release.name )) - name: metron_agent release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) router_templates: - name: gorouter release: (( meta.release.name )) - name: metron_agent release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) - name: consul_agent release: (( meta.release.name )) @@ -91,8 +79,6 @@ meta: release: (( meta.release.name )) - name: metron_agent release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) - name: consul_agent release: (( meta.release.name )) @@ -101,8 +87,6 @@ meta: release: (( meta.release.name )) - name: metron_agent release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) etcd_templates: - name: etcd @@ -111,40 +95,30 @@ meta: release: (( meta.release.name )) - name: metron_agent release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) stats_templates: - name: collector release: (( meta.release.name )) - name: metron_agent release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) nfs_templates: - name: debian_nfs_server release: (( meta.release.name )) - name: metron_agent release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) postgres_templates: - name: postgres release: (( meta.release.name )) - name: metron_agent release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) uaa_templates: - name: uaa release: (( meta.release.name )) - name: metron_agent release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) - name: consul_agent release: (( meta.release.name )) @@ -153,24 +127,18 @@ meta: release: (( meta.release.name )) - name: metron_agent release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) hm9000_templates: - name: hm9000 release: (( meta.release.name )) - name: metron_agent release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) consul_templates: - name: consul_agent release: (( meta.release.name )) - name: metron_agent release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) jobs: - name: ha_proxy_z1 @@ -650,8 +618,6 @@ jobs: templates: - name: acceptance-tests release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) instances: 0 resource_pool: small_errand lifecycle: errand @@ -662,8 +628,6 @@ jobs: templates: - name: smoke-tests release: (( meta.release.name )) - - name: ca_truster - release: (( meta.release.name )) instances: 0 resource_pool: small_errand lifecycle: errand diff --git a/templates/cf-properties.yml b/templates/cf-properties.yml index 73a574f3c9..e30227ceeb 100644 --- a/templates/cf-properties.yml +++ b/templates/cf-properties.yml @@ -35,9 +35,6 @@ properties: loggregator_endpoint: shared_secret: (( merge )) - ca_truster: - certificates: (( merge || [] )) - cc: jobs: global: