Releases: cloudfoundry-community/safe-boshrelease
safe v0.3.2
Changes
- Self signed certificates generation was moved to a pre-start script.
Features
- Added the beginnings for spec testing manifests.
- Added a temporary fix to deal with consul not allowing self signed certificates to be fully specificied in the consul.config file.
Bugfixes
- Consul did not work with self signed certiticates when you explicitly specified the certificates and keys.
Upgrades
| Package | Version |
|---|---|
| strongbox | 0.0.4 |
| vault | 1.9.3 |
| consul | 1.11.3 |
Deployment
releases:
- name: safe
version: 0.3.2
url: https://github.com/cloudfoundry-community/safe-boshrelease/releases/download/v0.3.2/safe-0.3.2.tgz
sha1: dd57ac0853155ecba3473cf6fd38935806be2932safe v0.3.1
Bugfixes
- Fixing bug in the job vault start script to allow memlock to function correctly.
Deployment
releases:
- name: safe
version: 0.3.1
url: https://github.com/cloudfoundry-community/safe-boshrelease/releases/download/v0.3.1/safe-0.3.1.tgz
sha1: af4a9c32b1475953860dec635740dc9e802ece35safe v0.3.0
Software Updates
- Updated
Vaultto v1.4.0
Bugfixes
- Resolves #31 - Consul skip-tls-verify logic now functions properly
- Change default self signed cert length to 2yrs in accordance with new requirements
Deployment
releases:
- name: safe
version: 0.3.0
url: https://github.com/cloudfoundry-community/safe-boshrelease/releases/download/v0.3.0/safe-0.3.0.tgz
sha1: ee009da0398ec1688ccfe830d68957be49571b0av0.2.1
Features
- Added
safe.uivault spec option which, if set to true, enables the Vault UI.
Deployment
releases:
- name: safe
version: 0.2.1
url: https://github.com/cloudfoundry-community/safe-boshrelease/releases/download/v0.2.1/safe-0.2.1.tgz
sha1: 7da89b2a385c3dfe3dc647844a61e8b531e6e54bv0.2.0
Software Updates
- Update strongbox to v0.0.4
- Update vault-broker to v0.0.2
- Update vault to v1.0.2
Deployment
releases:
- name: safe
version: 0.2.0
url: https://github.com/cloudfoundry-community/safe-boshrelease/releases/download/v0.2.0/safe-0.2.0.tgz
sha1: 417956a970faa348aebc7afd4d1f029395bb3719v0.1.2
Upgrades
The vault-broker component has been upgrade to 0.0.2, which takes
care of some issues with Vault HTTP response handling.
Deployment
releases:
- name: safe
version: 0.1.2
url: https://github.com/cloudfoundry-community/safe-boshrelease/releases/download/v0.1.2/safe-0.1.2.tgz
sha1: 4b9083cb900b9f95d86d3c738c9c1595538c232dsafe BOSH Release v0.1.1
New Features
-
The new
brokerjob allows you to deploy a Cloud Foundry Vault
Service Broker that will provision namespaces for application
owners in your CF environment, via the marketplace. -
Update to Vault 0.9.3
safe BOSH Release v0.1.0
Improvement
-
Now ships with a bosh2 manifest, if you're into that.
-
The
vaultprocess now runs as the vcap:vcap user. -
Upgraded from (ancient) Vault 0.6.2 to 0.9.0 (most current)
-
The Consul Cluster IPs are now detected automagically via an
implicit self-link, making the deployment manifest even more
hands-off than before. -
The README is actually useful now.
-
This release now works on the warden CPI, by dynamically
detecting whether or not the platform supports mlock(2). -
The release internals got cleaned up quite a bit to pull out
some cruft and cargo-culting that was cluttering up logs.
safe BOSH Release v0.0.6
#Improvements
Handle Non RFC1918 compliant ip address for Cousul.
A handful of very large organizations allocate public ip space for use
in their private environments. Consul refuses to bind to a Non RFC1918
address by default and bind_addr needs to be set in the config.
Development
Update Concourse Templates
safe BOSH Release v0.0.5
Improvements
- Correct bootstrapping technique to improve stability of the
backing Consul cluster during rolling deploys, restarts, node
loss, bosh stops, etc.
Development
- Fixed CI/CD pipeline URLs
Package Updates
strongbox
Bumped strongbox to v0.0.4