profile
viewpoint
Alex Suraci vito @vmware Toronto, ON @concourse co-creator, pm, engineer

maxbrunsfeld/counterfeiter 437

A tool for generating self-contained, type-safe test doubles in go

evanphx/kpeg 144

A simple PEG library for ruby

briantrice/slate-language 119

The Slate programming language

concourse/bin 67

old - now lives in https://github.com/concourse/concourse

vito/atomy 54

a modular, macro-ular, totally tubular language for the Rubinius VM. #atomo @ freenode

tedsuo/ifrit 43

a simple process model for go

mitsuhiko/twig 33

a template engine for the chyrp blog engine.

contraband/gaol 22

garden cli

vito/atomo 17

atomo programming language

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha f8dd5c75e7b1e3e6bb7e60f9da982f9b18bfc31f

bump concourse

view details

push time in 16 hours

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 9d3b3221ca7c6a250ba050b887e8964bbd4bf5cf

bump concourse

view details

push time in a day

issue openedelm-explorations/benchmark

Broken indirect dependency on Murmur3

👋 Just dropping a note that this package has become unusable due to a broken indirect dependency: https://github.com/robinheghan/murmur3/issues/5

It looks like the dependency is being pulled in because of mdgriffith/style-elements. Maybe this could/should be resolved by switching to mdgriffith/elm-ui which is its successor, and no longer depends on murmur3?

(I'm sure that's more work it sounds though.)

created time in 2 days

push eventvito/concourse

Bohan Chen

commit sha 629a566eb422b01d59f289ca08b2f412aba25977

atc: behaviour: simplify pagination concourse/concourse#5977 Pagination was previously controlled primarily using `Since` and `Until` which are exclusive range and view the data from newest to oldest e.g. Until 4 means from the most recent ID to build ID 5 This was pretty confusing, and led to some bugs (like #5977). This commit changes the language and view of the data. Pages are now defined as an inclusive range `[From, To]` (side note: we previously had `From` and `To`, but it was only used for resource versions and was still newest to oldest, i.e. was `[To, From]`). Rather than speaking about the next page and previous page, we found it easier to think about when using "Newer" and "Older" page (since the next page is actually older data). Note that we still refer to the pages as `next` and `prev` in the API since those are standard refs. Test changes will be included in a subsequent commit. Signed-off-by: Bohan Chen <bochen@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>

view details

Bohan Chen

commit sha d8a792d93de43dd117c14c8a7560c730d61fa0a8

atc: behaviour: diff default and zero for page concourse/concourse#5977 If the FirstLoggedBuildID for a build was 0, we had no way to differentiate between fetching `From 0` and not specifying a `From` condition since we were using the zero-value to check if a field was unset. Since 0 is a valid `From` condition, make `From` and `To` pointers - this way, `nil` means unset, and `0` means 0. Signed-off-by: Bohan Chen <bochen@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>

view details

Bohan Chen

commit sha 176d6024591aeb1b3f028b40bbdc7ffbf9de9b03

fly: behaviour: rename since/until to from/to concourse/concourse#5977 Signed-off-by: Bohan Chen <bochen@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io>

view details

Bohan Chen

commit sha ac7dadf45dcd40e36764cde988955147c291c6f8

web: behaviour: rename since/until -> from/to * Replaces since/until with from/to * Build.currentPage is no longer a Maybe Page * buildsWithResources is a RemoteData (previously, we were using the presence of currentPage to determine if things were loading) This is mostly parity with the atc changes for renaming since/until. We ended up changing Build.currentPage because the logic was using it to determine if api requests has finished (Nothing implies the request is still in flight). Instead we changed the type to be RemoteData which is better suited to represent the status of http requests. Signed-off-by: Bohan Chen <bochen@pivotal.io> Co-authored-by: Aidan Oldershaw <aoldershaw@pivotal.io> Co-authored-by: Clara Fu <cfu@pivotal.io>

view details

Chao Li

commit sha 6fb7b5294691a7dbd3f67481b6514fbb8629bf38

Enable secret cache for var_source. Signed-off-by: Chao Li <chaol@vmware.com>

view details

Muntasir Chowdhury

commit sha f46f629d810e13fb487874959535ad0b7e0c179c

web: fix bug where previous page had <100 entries Because the pagination logic is aligned on resource/build ids instead of logical pages (i.e. from=0,to=100 vs page=1), it's possible for a new version/build to get generated while viewing the page. In that scenario, if we clicked on the "Previous" button, we would end up on a page that has only 1 version/build. This commit introduces a new behaviour when handling the callback for fetching resources and job builds. * detect if the current page is the result of clicking the left chevron * if it is, and the length of the content is less than 100, load the default starting page instead Signed-off-by: Muntasir Chowdhury <mchowdhury@pivotal.io> Co-authored-by: Bohan Chen <bochen@pivotal.io> Co-authored-by: Vikram yadav <vyadav@pivotal.io>

view details

Vikram yadav

commit sha 80906c2bfcff9f7564b098b2b7a4625e5cc1fc46

web: structure: cleanup Job and Resource tests refactor / rename / and whatever else made elm-analyze unhappy Signed-off-by: Vikram yadav <vyadav@pivotal.io> Co-authored-by: Bohan Chen <bochen@pivotal.io>

view details

Alexis Vanier

commit sha 0ef2c291cfea3b15e92494723338d57c6d32f23b

fly: Allow the fly http transport to use client certificates Signed-off-by: Alexis Vanier <alexis.vanier@samsung.com>

view details

Alexis Vanier

commit sha 984ed41e8fe1ccd8a487d732a3fd031d06fa275f

fly: Update previous client-side tests for mTLS transport options Signed-off-by: Alexis Vanier <alexis.vanier@samsung.com>

view details

Alexis Vanier

commit sha 8d5649f97477ab74407a8fc75392f2f76a2b2a6d

fly: Add new test cases to support client certificates Signed-off-by: Alexis Vanier <alexis.vanier@samsung.com>

view details

Alexis Vanier

commit sha db129d07a9c2f2a9bb5d91fc53bea412da87531c

fly: Backport insecure flag to the sync command Signed-off-by: Alexis Vanier <alexis.vanier@samsung.com>

view details

Alexis Vanier

commit sha 022bb4b6ab91398654a95fd32e147814c8ffc069

fly: refactor custom types for rc.RC in rc_tests Signed-off-by: Alexis Vanier <alexis.vanier@samsung.com>

view details

Aidan Oldershaw

commit sha 561a4c4da3a8c87968bc309b6f601fc25ab22aec

Merge pull request #6017 from avanier/add-fly-client-tls Allow the fly http transport to use client certificates

view details

Aidan Oldershaw

commit sha 340d3289d7f1e8db753ab5fd5683e07ce5fe0a38

fly: make `--client-cert` flag name consistent This is a follow-up to #6017, which added a new `--client-cert` flag to `fly login` and `fly sync` - only, the latter had the flag as `--client-certificate`, not `--client-cert`. This was due to a review comment I left that wasn't totally clear, and I didn't feel it was worth another review cycle to get this changed, so here we are! Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io>

view details

Aidan Oldershaw

commit sha 904db7e1e4533e55ccf8a8fd89cd4c5183845949

fly: structure: fix test Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io> Co-authored-by: Bohan Chen <bochen@pivotal.io>

view details

Alex Suraci

commit sha e9eeb47cb77d0f60cf6311244bb1ec5854f66b56

atc: structure: use atc.TaskEnv in task step rather than parsing into an atc.Params type and converting values to strings, parse into an atc.TaskEnv type which "does the right thing". atc.TaskEnv was introduced a while back but could not be integrated at this level because we had one big atc.PlanConfig type and we couldn't change the `params:` field only for the task step. now that it has its own atc.TaskStep type, this is easy! note: this fixes a subtle issue with fly set-pipeline --check-creds; previously we would actually validate `params:` *twice* if `file:` was set. now we only validate it once. Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Aidan Oldershaw

commit sha fb1705dcb52ab19af4b9adcdec81e377fc5c1352

Merge pull request #6068 from concourse/fly-client-tls-fix Make `--client-cert` flag name consistent between `fly login` and `fly sync`

view details

Taylor Silva

commit sha ea5c9b885894fe722ecd1febdc7b98d8b9a07394

Merge pull request #6051 from concourse/issue/5977 Fix build reaper missing builds due to pagination

view details

Daniel Chen

commit sha 85dc27c06bc89450aa802875c1cf2b39fa88d798

Merge pull request #6046 from evanchaoli/var_source_cache Enable secret cache for var_source.

view details

Alex Suraci

commit sha 670da8b1740b0e409f2e04c5c4b9895937c08e5a

Merge pull request #6066 from vito/use-task-env-type Use atc.TaskEnv type in task step

view details

push time in 2 days

Pull request review commentconcourse/concourse

Instanced pipelines - Add instance vars as part of the pipeline identifier

 func (s setPipelineSource) FetchPipelineConfig() (atc.Config, error) { 		staticVars = append(staticVars, sv) 	} +	if len(s.step.plan.InstanceVars) > 0 {+		iv := vars.StaticVariables{}+		for k, v := range s.step.plan.InstanceVars {+			iv[k] = v+		}+		staticVars = append(staticVars, iv)+	}

I think it would have to be at runtime because of var_files. This kind of check is unprecedented (heh) though and the implementation doesn't seem like it'd be very graceful. I guess you'd have to loop over vars and all var_files to look for conflicts with instance_vars?

I don't feel strongly about adding the validation unless we think it'll be a "gotcha." It doesn't seem particularly high-risk, and the current behavior seems like a reasonable interpretation.

mouellet

comment created time in 2 days

PullRequestReviewEvent

delete branch vito/concourse

delete branch : use-task-env-type

delete time in 2 days

push eventconcourse/concourse

Alex Suraci

commit sha e9eeb47cb77d0f60cf6311244bb1ec5854f66b56

atc: structure: use atc.TaskEnv in task step rather than parsing into an atc.Params type and converting values to strings, parse into an atc.TaskEnv type which "does the right thing". atc.TaskEnv was introduced a while back but could not be integrated at this level because we had one big atc.PlanConfig type and we couldn't change the `params:` field only for the task step. now that it has its own atc.TaskStep type, this is easy! note: this fixes a subtle issue with fly set-pipeline --check-creds; previously we would actually validate `params:` *twice* if `file:` was set. now we only validate it once. Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 670da8b1740b0e409f2e04c5c4b9895937c08e5a

Merge pull request #6066 from vito/use-task-env-type Use atc.TaskEnv type in task step

view details

push time in 2 days

PR merged concourse/concourse

Use atc.TaskEnv type in task step refactor release/no-impact

What does this PR accomplish?

Refactor

Changes proposed by this PR:

Rather than parsing task step params: into an atc.Params type and converting values to strings when the step runs, parse into an atc.TaskEnv type which already handles the string conversion and is a bit more clear as to what the data is used for.

atc.TaskEnv was introduced a while back but could not be integrated at this level because we had one big atc.PlanConfig type and we couldn't change the params: field only for the task step. Now that it has its own atc.TaskStep type (#5504), this is easy!

Notes to reviewer:

This also fixes a subtle bug with fly set-pipeline --check-creds; previously we would actually validate params: twice if file: was set. Now we only validate it once. The main goal of this PR is the refactor, I just noticed this issue along the way and fixed it.

This change should have no impact but I haven't manually verified so.

Contributor Checklist

<!-- Most of the PRs should have the following added to them, this doesn't apply to all PRs, so it is helpful to tell us what you did. -->

Reviewer Checklist

<!-- This section is intended for the reviewers only, to track review progress. -->

  • [ ] Code reviewed
  • [ ] Tests reviewed
  • [ ] Documentation reviewed
  • [ ] Release notes reviewed
  • [ ] PR acceptance performed
  • [ ] New config flags added? Ensure that they are added to the BOSH and Helm packaging; otherwise, ignored for the integration tests (for example, if they are Garden configs that are not displayed in the --help text).
+50 -78

0 comment

8 changed files

vito

pr closed time in 2 days

issue openedconcourse/concourse

During image fetching, check from latest version

Right now we always run check with no "from" version when fetching a resource type or a task's image_resource.

Currently resources just returns the latest version, so this is somewhat cheap, but once we start having check return all versions this will result in many more requests and thus slower container creation.

Can we unify all checking so that it will run from the latest version recorded? Ideally we can build off the work in #6022 and just use the CheckStep everywhere.

created time in 2 days

create barnchconcourse/registry-image-resource

branch : use-head-request

created branch time in 2 days

pull request commentconcourse/registry-image-resource

add semver tagging semantics

@xtreme-sameer-vohra I merged master into this instead of rebasing. There are a bunch of commits here so rebasing would have been a nightmarish hellscape vs. merging and resolving all the conflicts at once. Hope that's OK.

vito

comment created time in 2 days

push eventvito/dotfiles

Alex Suraci

commit sha 2810ebdeb3ee0a25b98c13889b593e1523d1a12c

bump nvim Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 2 days

push eventvito/dot-nvim

Alex Suraci

commit sha fdab326af4279e08a3fbf0b99c2739e26f62401b

switch to nord Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 6fd3f34543422a4101713c48b462d779953200e8

bump coc.nvim lightline.vim markdown-preview.nvim nord-vim vim-better-whitespace vim-elm-syntax vim-endwise vim-eunuch vim-fugitive vim-mustache-handlebars vim-one vim-ps1 vim-tmux vim-unimpaired vim-vinegar Submodule bundle/coc.nvim 73f5110..825f7f5: > feat(workspace): support case insensitive for getDocument > remove bin folder > fix(bin): remove server.js > Release v0.0.79 > feat(download): add unzip support > feat(diagnostic): support diagnostic.locationlistUpdate > fix(snippet): cancel completion on placeholder jump > feat(fetch): add http.proxyAuthorization configuration > fix: duplicated diagnostics after undo (#2280) > zN<CR> only if preview window is a horizontal split (#2306) > chore(fetch): use http as default proxy protocol > fix(list): avoid undefined listWindow > fix(complete): check if word is string > feat(plugin): change TMPDIR > feat(util): support g:coc_disable_uncaught_error > feat(handler): support preview for signatureHelpTarget > perf(autocmd): remove calls to get() for 15% faster autcmd (#2229) > fix(plugin): fix typo of toggleSource > fix(workspace): merge edits for same TextDocument > feat(plugin): Copy filepath to clipboard for CocOpenLog > fix(completion): not filter items by max score > Remove duplicate Patreon (#2191) > fix(completion): check latestInsertChar for <C-e> > fix(extensions): filter global extensions without version > test(refactor): fix test fail > fix(completion): patch document before doComplete > fix(document): avoid unnecessary newLine at the end > fix(document): fix changed lines for applyEdits > feat(list): add CocFirst & CocLast > feat(workspace): use coc_quickfix_open_command for locations > fix(handler): doQuickfix should work for current line > fix(snippet): avoid unnecessary feedkeys > fix(snippet): fix index of nested placeholders > feat(plugin): add diagnosticToggle action > fix(list): make sure scrolloff can be window specific > fix(snippet): fix nested plain snippet > fix(completion): avoid complete undefined error > feat(snippet): improve final placeholder > feat(language-client): support disableSnippetCompletion > feat(list): improvement of list > feat(list): support first option > fix(handler): not format during snippet session > chore(language-client): show error message for failed server > fix(handler): fix position after applyEdits > refactor(plugin): use actions for request & notify > fix(snippets): unset globals after session start > feat(diagnostic): use :CocDiagnostics for locationlist > chore(complete): use complete_info for coc#_select_confirm > fix(snippets): avoid clipboardy throw > chore(snippets): use clipboardy for clipboard text > chore(languages): avoid unnecessary redraw of snippet > fix(plugin): make extension initialize earlier > feat(sources): support g:coc_sources_disable_map > remove bin/server.js > feat(vim): check bin/server.js for different git branch > remove bin/server.js > fix(float): not reset signcolumn on vim8 > refactor(completion): reduce communicate with vim > feat(handler): improve offset of signature float > test(CI): avoid CI fail > chore(test): avoid test fail > fix(extensions): avoid watchman spawn error > add coc.preferences.previewMaxHeight (#1972) > fix(diagnostic): make coc_diagnostic_disable work for echoMessage > fix(util): fix float buffer issue on old vim > fix(floatBuffer): try fix highlight of bold text > fix(floatBuffer): fix bold highlight of markdown > feat(diagnostic): support b:coc_diagnostic_disable > fix(cursors): avoid check of document.version > fix(document): rework buffer events handing > test(jest): rm HTTP_PROXY for tests > test(jest): rm HTTP_PROXY for tests > fix(extensions): fix uri in package.json > feat(language-client): add clientInfo > fix(float): fix invalid state caused by highlight > fix(float): fix popup autoclose on vim8 > fix(extensions): fix filter of global extensions > docs(doc): add missing configurations > chore(float): improve position detect for floatFactory > docs(readme): not use `nmap <TAB>` as example > select[Function,Class] changed to selectSymbolRange (#1889) > chore(plugin): use eslint replace tslint > fix(float): avoid lose track of window > fix(languages): fix toggle not exists for completion source > fix(float): avoid crash with popup buffer > fix(languages): fix prefix always undefined > fix(extension): avoid error with fs.rmdirSync > fix(diagnostic): fix can not jump into diagnostic window (#1864) > fix(extension): remove extension folder on install > feat(services): use default schemes for undefined filetypes > feat(diagnostic): show virtualText for current line only > fix(completion): throttle onPumChange handler > fix(util): set tabstop for float buffer > fix(float): fix popup of completion remains on vim8 > fix(float): fix width for float window > fix(plugin): fix broken CocCommand command > fix(list): avoid insert mode before action > fix(services): expand ignoredRootPaths & module for languageserver > fix(services): fix wrong id for languageserver > fix(util): set buflisted=1 for coc#util#open_files > fix(languages): fix wrong filterText > fix(workspace): avoid wrong bufnr on loadFile > fix(client): var define error (#1795) > fix(language-client): fix dynamic register of workspaceSymbolProvider > feat(util): use popup_dialog for prompt when possible > chore(events): log call stack for timeout handler > fix(watchman): fix minimatch for files > feat(list): add fix action to extensions list > fix(list): no await during resume notification for response > chore(list): use clipboardy for test paste action > fix(workspace): send redraw command after jump on vim8 > feat(plugin): support g:coc_channel_timeout for request timeout > fix(workspace): fix renameFile with current buffer > fix(workspace): fix applyEdits failed with edit & rename > chore(package): update @chemzqm/neovim > fix(completion): fix filterText on startcol change > fix(languages): folding ranges used wrong manager (#1763) > feat(document): support coc.preferences.maxFileSize > fix(plugin): use CocActionAsync for jump key-mappings > fix(languages): fix filterText of complete items > fix(languages): fix filterText when textEdit change startcol > chore(doc): add coc#util#float_hide > feat(plugin): make g:node_client_debug enable log of connection > remove unused file > Release v0.0.78 > refactor(diagnostic): clean up DiagnosticCollection.set() (#1688) > fix(services): missing client (#1692) > fix(float): not scroll bottom for single doc > fix(diagnostic): check support of highlight line number > chore(plugin): use vscode-languageserver-textdocument for TextDocument > fix(list): avoid crash on paste by use clipboardy > feat(list): support <C-v> for paste input > fix(diagnostic): enable highlight number when enableSign is true > feat(workspace): add position to error message on completeopt change > fix(list): avoid unnecessary change of history input > fix(util): fix workspace.showMessage on vim8 > fix(util): fix workspace.showMessage on vim8 > feat(util): expand coc_config_home & coc_data_home > fix(services): check needsStop before stop > fix(services): avoid unnecessary service start > fix(util): fix possible wrong highlight > Release v0.0.77 > fix(util): make process.chdir empty function in sandbox > fix(languages): fix registerLanguageProvider broken signature > fix(document): not check cursor on force change > Release v0.0.76 > fix(extensions): not check file when main field not exists > fix(help): avoid polluting q nmap (#1632) > feat(extensions): check main file existence > fix(workspace): use timer to fix input text on vim8 > fix(plugin): fix temp folder not removed > fix(completion): does filter for none keyword > fix(completion): fix wrong showbreak option on vim8 > fix(completion): fix popup width on vim8 > fix(language-client): fix workspace symbols > fix(language-client): remove tagSupport field from notification > fix(test): fix completion test on none keyword input > feat(clean): clean logs in /tmp and /tmp/coc.nvim > fix(float): fix showbreak option on vim&neovim > increase max timeout to 15000 (#1608) > fix(list): avoid double cursors when &guicursor is empty > fix(languages): fix check insertText of CompleteItem > fix(languages): fix check insertText of CompleteItem > fix(languages): fix insertText undefined > feat(diagnostic): refresh diagnostics for first time > fix(languages): fix check of snippet CompleteItem > fix(diagnostic): cancel diagnostic update for unloaded buffer > fix(completion): multiple score from Completeitem > fix(completion): not remove sortText on filter > fix(completion): use score of CompletionItem like sortText > Release v0.0.75 > fix(source): fix undefined synname > chore(README): badges > fix(services): fix compile fail > feat(util): resolve env variable > fix(highlight): make Normal link to CocFloating > feat(diagnostic): checkCurrentLine is a fallback behavior (#1548) > fix(list): fix space can't be override Submodule bundle/lightline.vim 377e62d..f5f870e: > reduce copying two lists in s:line > Merge pull request #505 from sudofoobar/fix-fg-color-in-selenized > Merge pull request #496 from elig0n/patch-1 > use actions/checkout main > Merge pull request #495 from ulrikdem/tab-abbr-columns > Merge pull request #483 from yhu266/master > update screenshot of 16color in colorscheme.md > Merge pull request #479 from jackno/16color > move palette conversion for Windows to colortable.vim > stop quick return because it is true for most users > run test with Vim 8.2.1000 on GitHub Actions > add a test case for #448 > skip updating statusline for autocmd window (close #444, #447, #448) > Merge pull request #468 from chrisnovakovic/colorscheme-trailing-spaces > update CI triggers not to duplicate on pull requests > fix incosistent spacing in selenized_white colorscheme > Merge pull request #458 from kmARC/master > add selenized_black, selenized_light, selenized_white colorschemes > fix non-GUI colors of selenized_dark colorscheme > add simpleblack to the colorscheme list in the document > update screenshot filenames > Merge pull request #457 from jaki/fix-deus-right-bold > add screenshot of ayu_dark to colorscheme.md > fix non-GUI colors of ayu_light, ayu_mirage, ayu_dark colorschemes > Merge pull request #446 from danielpeng2/ayu-dark-theme > tweak the tabline color of solarized theme (close #439) > update statusline on FileChangedShellPost event (close #430) > remove unnecessary comment in colorscheme files > add screenshot of ayu_light in colorscheme.md > add ayu_light to the list of colorscheme names in help > fix ayu_light color > Merge pull request #421 from christalib/master Submodule bundle/markdown-preview.nvim 9be1ff4..d319eaa: > Update README.md > Changed autocmd check to &filetype instead of filename (#224) > chore(README): update minpac doc > fix(address): fix listen address > chore(deps): bump elliptic from 6.4.1 to 6.5.3 (#221) > chore(deps): bump lodash from 4.17.14 to 4.17.19 in /app (#214) > chore(deps): bump lodash from 4.17.14 to 4.17.19 (#212) > feat(highlight): do not highlight code with no specify > support for mermaid.js erDiagram (#201) > Updating README.md with missing ) in minpac install (#200) > fix(opener): catch error when command not exists > Update installation instructions (#194) > feat(preview): add content editable option support closes #192 > chore(README): add minpac note > fix(job): fix close channel error > feat(local image): support relative path start with '/' or '\' (#175) > fix(log): delete log > fix(highlight): fix code block closes #174 > Support global LaTeX macros (#173) > chore(github): delete .github > Bump acorn from 5.7.3 to 5.7.4 (#152) > Reset autocmd in s:init() every time s:init() is called (#145) > chore(readme): add examples for custom css options (#144) > chore(README): fix examples > Support for block ``` dot (#135) Submodule bundle/nord-vim b3c46c8...57dffa7: < Support highlighting for PHP classes and functions/methods (#218) < Add coc error/warning highlight (#213) > Merge branch 'release/0.15.0' < Merge branch 'release/0.15.0' into develop < Add support for vim-clap (#178) < Add basic TypeScript and improve TSX support (#208) > Merge branch 'release/0.14.0' < Merge branch 'release/0.14.0' into develop < Use transparent background for gutter line number in GUI mode (#204) < Consistent `Error` and MoreMsg highlight group consistent between console and GUI modes. (#202) < Add nvim-lsp support (#198) > Merge branch 'release/0.13.0' < Merge branch 'release/0.13.0' into develop < Remove underline from gutter line numbers (#185) < Plugin support for `vim-startify` (#176) < Uniform status lines config for bundled airline and lightline themes (#169) < Fix typo (missing whitespace) (#165) < adds coc error gutter support (#164) > Merge branch 'release/v0.12.0' < Merge branch 'release/v0.12.0' into develop > Merge branch 'release/0.11.0' > Merge branch 'release/0.10.0' > Merge branch 'release/0.9.0' > Merge branch 'release/0.8.0' > Merge branch 'release/0.7.0' Submodule bundle/vim-better-whitespace 4afbd45..8cf4b21: > Handle new buffer types: popups (#129) Submodule bundle/vim-elm-syntax 846a592..68cd898: > Deprecate the plugin > Notice about elm syntax in Vim Submodule bundle/vim-endwise bf90d8b..97180a7: > Add installation instructions for Vim's built-in package support Submodule bundle/vim-eunuch 33e875b..4a4bf16: > Fix #72: Detect the terminal is in local robustly > Allow renaming new files Submodule bundle/vim-fugitive 4606640..511d303: > Fix: digits in a user name was highlighted as time > Support partial staging after git add -N > Fix tab complete for :Git push --option > Recommend :Git log over :Gclog > Trigger OptionSet on automatic :diffoff > Improve weird :Ggrep --column quickfix title > Tighten syntax highlighting for SHA > Add Help: header > Refactor run loop > Extract s:RunEdit() > Fix stash map > Don't default :Git grep to --column > Provide completion relative to working directory > Extract :Ggrep/:Glgrep wrapper function > Use parameterized Git dir when completing heads > Remove commit entry from :{range}Glog > Favor :Ggrep over :Git grep > Fix race condition resuming job after editor invocation > Encapsulate update-index --index-info > Leverage Git config retrieval helpers > Move Quickfix section under Git section > Fix typos in README > Drop support for :{windowheight}Git > Fix some inconsistencies in help mappings > Have remaining mappings use S:Map() > Rewrite feature summary in README > Factor in 8.2.0239 when checking for job env support > Enable closing stdin by pressing CTRL-D > Don't use "Head:" header for commit under cursor > Fix echoed line during :Gread > Fix list indexing bug > Fix staging hunk that comes after binary file > Use status headers for commit maps > Fix erroneous temp buffer on non-listing :Git branch > Support most top level Git options > Don't override alternate implementations of legacy commands > Don't rely on rebase --autosquash shorthand > Fix :GRename ../ > Fix typo > Remove remaining :Gsubcmd calls from implementation > Fix internal documentation command references > Move :Ggrep docs near other :Gcommands > Remove redundant exists(':Gblame') check > Change subtopic help tag style from :Git- to :Git_ > Fix deletion of trailing fold upon loading blob > Use :Gsubcmd completion for :Git subcmd > Remove most uses of s:EchoExec() > Remove old :Git! temp buffer behavior > Drop support for non-PTY :! > Override existing config values on :Git -c config.option= > Use :read for :{range}Git! --paginate > Tease apart bang and non-bang variants of :Gread > Remove erroneous :Gedit! deprecation > Handle custom Git executable for :Git --paginate > Update internal uses of :Git! to :Git --paginate > Use :pedit for :Git! --paginate > Add - map for Push header > Respect 'wildignorecase' when completing :Gedit > Pull out s:fileignorecase() > Refine handling of pagination via temp buffer > Correctly treat config keys without values as true > Deprecate :Gsplit! family in documentation > Quarantine deprecated commands in documentation > Work around minibufexpl/autochdir induced error > Fix Trailing Characters, Invalid range error for :<count>Gstatus > Add capitalized versions of non-standard commands > Partially support :Git difftool on old Git > Parameterize subcommand Git executable Submodule bundle/vim-mustache-handlebars 697fa02..fcc1401: > Make runtime filenames more explicit, hopefully easier to read (#98) > Simplify ftdetect runtimes Submodule bundle/vim-one 6695e13..f8bcef1: > Merge pull request #111 from adrian5/patch-1 > Merge pull request #112 from adrian5/patch-2 Submodule bundle/vim-ps1 d11593b..21d8d9a: > added vim-plug instructions (#47) > Allow more liberal curly-brace variable names (#46) > Fix compiler detection (#43) > make compiler work under WSL and shellescape file path (#42) > add keyword lookup by PowerShell Get-Help (#41) > Add compiler for running powershell scripts (#40) > Only highlight dashed-words starting with an approved verb. (#39) Submodule bundle/vim-tmux 4e77341..7e7680f: > Merge pull request #30 from marcinlos/master Submodule bundle/vim-unimpaired 08e6653..4afbe5e: > Fix: skip while loop if keys is empty Submodule bundle/vim-vinegar fcce70f..5fee9d2: > Allow VinegarUp to work correctly with remote URLs Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha a2a816c558bbcdf14a260b0cf0dd516c5b3d3f0f

Merge branch 'wtf' ...i don't know how i ended up in a detached HEAD state, but here we are Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 2 days

push eventvito/dotfiles

Alex Suraci

commit sha 64fe85588181a8c60a2c68480f48c490ec68114e

bump go to 1.15, install mockery Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 0d89d9c2ed9a85239b02135956339026d9bb0e8e

fish: remove onedark and color settings use nord instead, which comes with fish haven't figured out how to set that in here tho Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 98eb1509973706ed1f6cd70d346891a381042752

install gh and jq Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 2 days

delete branch concourse/docker-image-resource

delete branch : check-using-head

delete time in 2 days

Pull request review commentconcourse/docker-image-resource

use HEAD request to avoid rate limits

 import ( 	ecr "github.com/awslabs/amazon-ecr-credential-helper/ecr-login" 	ecrapi "github.com/awslabs/amazon-ecr-credential-helper/ecr-login/api" 	"github.com/concourse/retryhttp"-	"github.com/docker/distribution" 	"github.com/docker/distribution/digest" 	_ "github.com/docker/distribution/manifest/schema1" 	_ "github.com/docker/distribution/manifest/schema2" 	"github.com/docker/distribution/reference"-	"github.com/docker/distribution/registry/api/v2"+	v2 "github.com/docker/distribution/registry/api/v2"

It was done automatically by goimports so I assume it's fine. Maybe so it doesn't get confused with go module versioning conventions which ignore the v2 suffix - in this case it's just a regular package name so it must have decided to explicitly name it that way.

vito

comment created time in 2 days

PullRequestReviewEvent

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 15519cd1ef50bec5dc81d1283fa62ced6ab9868d

bump concourse

view details

push time in 2 days

create barnchvito/concourse

branch : image-check-from-version

created branch time in 3 days

push eventconcourse/registry-image-resource

dependabot-preview[bot]

commit sha d9a2d0b6a996239e7ea09c89b843b566d61b8963

Bump github.com/aws/aws-sdk-go from 1.33.4 to 1.33.17 Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.33.4 to 1.33.17. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.33.4...v1.33.17) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

dependabot-preview[bot]

commit sha e0f5d4618abc252edda8dc66424895f965b8478d

Merge pull request #233 from concourse/dependabot/go_modules/github.com/aws/aws-sdk-go-1.33.17

view details

JT Archie

commit sha c2734fbb8334834df9f4a625139e87e4b06805fe

bump go.mod Signed-off-by: JT Archie <jtarchie@gmail.com>

view details

JT Archie

commit sha 347bbf45498558515fb15952f3fc7dccd2d6f916

extract commands into testable functions Signed-off-by: JT Archie <jtarchie@gmail.com>

view details

Sameer Vohra

commit sha 02dc2e8346982f93b59feb62e2061be8e1852eb1

Merge pull request #234 from jtarchie/master extract commands for testability

view details

dependabot-preview[bot]

commit sha 545f40c0813c1119c1af0df7ebf3f2ec1b359640

Bump github.com/aws/aws-sdk-go from 1.33.17 to 1.34.14 Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.33.17 to 1.34.14. - [Release notes](https://github.com/aws/aws-sdk-go/releases) - [Changelog](https://github.com/aws/aws-sdk-go/blob/master/CHANGELOG.md) - [Commits](https://github.com/aws/aws-sdk-go/compare/v1.33.17...v1.34.14) Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

view details

dependabot-preview[bot]

commit sha 34f2db54b63ca7ac8c516997c89e37da28af8bed

Merge pull request #236 from concourse/dependabot/go_modules/github.com/aws/aws-sdk-go-1.34.14

view details

Matt Dodge

commit sha f2c715eea8693585ed8dbbb07473b65537ff57a2

Call out that aws_region is required for ECR It wasn't clear to me that you had to include an `aws_region` if you wanted this resource to know to talk to an AWS ECR repository. Maybe this was dumb user error on my part but without an example of how this would work with ECR I figure this might help others too. Signed-off-by: Matt Dodge <mattedgod@gmail.com>

view details

Sameer Vohra

commit sha e3e3729db5d4ae1ad22da1013393866475be9f33

Merge pull request #237 from mattdodge/patch-1 Call out that aws_region is required for ECR

view details

Alex Suraci

commit sha ed691571c29aeb0ce6b6fca410e76937126f43dd

check: use HEAD requests to avoid rate limits Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 861e70e2b04d709ea51759663fdf9e63b267e836

Merge branch 'master' into semver-tags Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 3 days

delete branch vito/go-containerregistry

delete branch : add-remote-head

delete time in 3 days

PR opened concourse/docker-image-resource

Reviewers
use HEAD request to avoid rate limits

fixes https://github.com/concourse/concourse/issues/6074

+3 -13

0 comment

1 changed file

pr created time in 3 days

create barnchconcourse/docker-image-resource

branch : check-using-head

created branch time in 3 days

pull request commentgoogle/go-containerregistry

add remote.Head

./hack/presubmit.sh is your friend here.

Woops! I ran it and saw the same failures but didn't expect my changes to affect any dependencies, so I assumed something was wrong on my machine. Pushed a commit to resolve this.

Side note: I haven't skipped the failing test from before but I'll push a commit for that too if it flakes out again.

Thanks for your help!

vito

comment created time in 3 days

push eventvito/go-containerregistry

Alex Suraci

commit sha 710b9118d65bb2e559377b1f6b43d4a70f245fbe

fix up modules Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 3 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 7d2ccc8c016db8e06505c7aa273afcf0a4768c6e

bump concourse

view details

push time in 3 days

push eventvito/go-containerregistry

Alex Suraci

commit sha e9d76a2416ed6d4ce4ef3d1f173c3843ce913eac

add remote.Head this is useful for fetching a reference's digest/size/type via a HEAD request, which does not count towards Docker Hub image pull rate limits Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 3 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 7251504d2b08594ba38b52d91bd8a65e8de9f087

bump concourse

view details

push time in 3 days

pull request commentgoogle/go-containerregistry

add remote.Head

One thing I noticed when trying to use this: for multi-platform images, the digest you'll get back from remote.Head(ref) will be different from the digest you'll get from remote.Image(ref).Digest(), which is what we used before.

The former is the digest of the "manifest list", while the latter is the digest of the manifest for your particular platform, contained in said list.

I'm guessing there's no real way around this, since the platforms are discovered through the manifest, and the whole point of this is to not fetch the manifest. It's probably fine for our use case - it just means that the digest will change when any of the platforms change.

vito

comment created time in 3 days

issue openedconcourse/concourse

Implement mitigations for stricter Docker Hub rate limits

Summary

Docker Hub will begin enforcing pretty strict rate limits on November 1.

The main problem is that the registry-image and docker-image resource types both make requests during check that count towards the rate limit. This means that pipelines will most likely be affected shortly after these new limits take effect. The impact will probably be severe; both resource types retry with exponential backoff but give up after an hour, while the limits are enforced for 6-hour windows.

Effectively, tasks which use image_resource pointing to an unauthenticated Docker Hub repository will likely start to hang.

Context

  • Prior discussion: https://github.com/concourse/concourse/discussions/6039

created time in 3 days

Pull request review commentconcourse/concourse

Instanced pipelines - Add instance vars as part of the pipeline identifier

 func (s setPipelineSource) FetchPipelineConfig() (atc.Config, error) { 		staticVars = append(staticVars, sv) 	} +	if len(s.step.plan.InstanceVars) > 0 {+		iv := vars.StaticVariables{}+		for k, v := range s.step.plan.InstanceVars {+			iv[k] = v+		}+		staticVars = append(staticVars, iv)+	}

Precedence is kind of funny to reason about here. Does this mean that if you you set an instance var, but then set the same var through vars/var_files, the template will be evaluated with values from vars/var_files however the pipeline will be identified by the instance_vars?

Seems kind of sneaky. I wonder if it should be a validation warning/error. Can we think of any situation where this might occur intentionally or accidentally?

mouellet

comment created time in 3 days

PullRequestReviewEvent

PR opened google/go-containerregistry

add remote.Head

fixes #769

Lend me your nitpicks! There's a bit of copypasta here but I didn't want to over-aggressively DRY things up.

+125 -0

0 comment

2 changed files

pr created time in 3 days

create barnchvito/go-containerregistry

branch : add-remote-head

created branch time in 3 days

fork vito/go-containerregistry

Go library and CLIs for working with container registries

fork in 3 days

issue commentconcourse/concourse

Precedence of `var_files` in the `set_pipeline` step is reversed

Is this a duplicate of https://github.com/concourse/concourse/issues/5455?

aoldershaw

comment created time in 3 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha bd7b0ce74c94740c81868940bcec3f348374f3cd

bump concourse

view details

push time in 3 days

issue openedgoogle/go-containerregistry

Ability to send a `HEAD` request to get a manifest's digest

With Docker soon enforcing pretty strict rate limits we're scrambling a bit to prevent Concourse's image polling from grinding to a halt on November 1.

The registry-image resource check call currently uses remote.Image to fetch an image's digest. However this results in a GET request, which counts towards the rate limit.

Given that we only need the sha256:... digest string, which is available as the Docker-Content-Digest response header, would it be possible to add a go-containerregistry API which just sends a HEAD request and returns the hash? Something like remote.ImageDigest(name.Reference, ...Option) (v1.Hash, error)?

Happy to put together a PR if you've got any guidance.

created time in 3 days

issue commentconcourse/concourse

--docker-registry doesn't work

@evanchaoli Thanks! I'm going to work on some short-term mitigations too. My plan is to make it so that image checks are given the latest version as the cursor and update registry-image and docker-image to just return the cursor version when they hit the rate limit. This should at least prevent builds from grinding to a halt, but it will only help for images which have already been checked at least once.

evanchaoli

comment created time in 3 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha c41974a0b47dea3733ca8b9e72aa015d1efac982

bump concourse

view details

push time in 3 days

delete branch concourse/ci

delete branch : upgrade-downgrade-prs

delete time in 3 days

push eventconcourse/ci

Aidan Oldershaw

commit sha d2f989b3cc257f32252c10a0ac6f45f9e422f0f9

support building dev image in upgrade/downgrade In order to use these tasks in the PR pipeline, allow building the dev image in the upgrade/downgrade tasks. Initially I tried using the oci-build-task to build the image explicitly and pass it in to the tasks, but `oci-build-task` produces a `digest`, not a `tag`, so more modification would be required in the task. I also thought about having a single job that builds the image with passed constraints to all the PR test jobs, but decided against it, since we'd need to upload every image to docker hub. Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io>

view details

Aidan Oldershaw

commit sha 9ef2623fa73c12eda043ed05fcd2132d5c57e0a5

fallback to latest dev image in generate-keys CONCOURSE_DEV_TAG will be unset when we BUILD the dev image. Fallback to latest in this case. This also means we don't need to pull the dev-image for all of the other jobs that also build their own dev images (e.g. watsjs) Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io>

view details

Aidan Oldershaw

commit sha 42be14490d017d82ca85d56367dfd72c22507271

fix issues with unset vars Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io>

view details

Aidan Oldershaw

commit sha 6710a396b14a58e85ceefad7314cfd264bbb9dc7

use proper image for re-upgrade on downgrade Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io>

view details

Aidan Oldershaw

commit sha 9b99d30b23a8464d45cf47a94d995d9d5061643d

stop worker before recreating deployment This is necessary due to the way docker-compose recreates containers. Without this, the ATC may continually try to use the old worker to run the resource check, despite that old worker no longer existing. This is because the old worker couldn't unregister itself in time as the ATC was terminated before the worker. Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io>

view details

Aidan Oldershaw

commit sha e048f88e546383d5caa265ba3c36ba12688c2ed5

add upgrade/downgrade to PR pipeline Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io>

view details

Alex Suraci

commit sha 7d24cef768d44b5e1dec4ae2666542b0f8c7521e

Merge pull request #376 from concourse/upgrade-downgrade-prs Test upgrade/downgrade in PR pipeline

view details

push time in 3 days

PR merged concourse/ci

Test upgrade/downgrade in PR pipeline

I've seen PRs where the upgrade or downgrade path breaks things, but the existing PR tests don't capture these failures. Instead of waiting for these buggy PRs to be merged to find these errors, let's be proactive and test them prior to merging

As a side effect, this should also help with flakes like https://ci.concourse-ci.org/teams/main/pipelines/release-6.5.x/jobs/downgrade/builds/38#L5f5b83a3:288:289

+176 -26

0 comment

6 changed files

aoldershaw

pr closed time in 3 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 1f1f3c335302dc0ab82a6a776bf91fa5a00ae693

bump concourse

view details

push time in 3 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 5c0e8076021d5a9f74efdb083e2cdfc8f5484655

bump concourse

view details

push time in 3 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha fce96462706d93d5efc8908930d66a90c69a5493

bump concourse

view details

push time in 3 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 6daa3a24032390dbe0b0678bfbc939de36cf2c79

bump concourse

view details

push time in 4 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 47871591bac513f91d09a3d79f26531060195a6c

bump concourse

view details

push time in 4 days

push eventvito/concourse

Alex Suraci

commit sha e9eeb47cb77d0f60cf6311244bb1ec5854f66b56

atc: structure: use atc.TaskEnv in task step rather than parsing into an atc.Params type and converting values to strings, parse into an atc.TaskEnv type which "does the right thing". atc.TaskEnv was introduced a while back but could not be integrated at this level because we had one big atc.PlanConfig type and we couldn't change the `params:` field only for the task step. now that it has its own atc.TaskStep type, this is easy! note: this fixes a subtle issue with fly set-pipeline --check-creds; previously we would actually validate `params:` *twice* if `file:` was set. now we only validate it once. Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 4 days

push eventvito/concourse

Alex Suraci

commit sha f702ee9dbe24e2ac0c3663e87e51455b5f0bb2c1

atc: structure: use atc.TaskEnv in task step rather than parsing into an atc.Params type and converting values to strings, parse into an atc.TaskEnv type which "does the right thing". atc.TaskEnv was introduced a while back but could not be integrated at this level because we had one big atc.PlanConfig type and we couldn't change the `params:` field only for the task step. now that it has its own atc.TaskStep type, this is easy! note: this fixes a subtle issue with fly set-pipeline --check-creds; previously we would actually validate `params:` *twice* if `file:` was set. now we only validate it once. Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 4 days

push eventvito/concourse

Alex Suraci

commit sha 109295179acebe502c24e73281de1b885cb88461

atc: behavior: propagate span context to checks Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 8ef4fb753718f9ea9f25848d9522d3a6000b0751

atc: structure: clean up a few TODOs * use a plan factory in check factory * remove reminders which are no longer needed * remove TaskEnv comment; that has been split out into another PR Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 4 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 7f6ba178a29157657dfbdbf1f489df7790616493

bump concourse

view details

push time in 4 days

PR opened concourse/concourse

Use atc.TaskEnv type in task step refactor release/no-impact

What does this PR accomplish?

Refactor

Changes proposed by this PR:

Rather than parsing task step params: into an atc.Params type and converting values to strings when the step runs, parse into an atc.TaskEnv type which already handles the string conversion and is a bit more clear as to what the data is used for.

atc.TaskEnv was introduced a while back but could not be integrated at this level because we had one big atc.PlanConfig type and we couldn't change the params: field only for the task step. Now that it has its own atc.TaskStep type (#5504), this is easy!

Notes to reviewer:

This also fixes a subtle bug with fly set-pipeline --check-creds; previously we would actually validate params: twice if file: was set. Now we only validate it once. The main goal of this PR is the refactor, I just noticed this issue along the way and fixed it.

This change should have no impact but I haven't manually verified so.

Contributor Checklist

<!-- Most of the PRs should have the following added to them, this doesn't apply to all PRs, so it is helpful to tell us what you did. -->

Reviewer Checklist

<!-- This section is intended for the reviewers only, to track review progress. -->

  • [ ] Code reviewed
  • [ ] Tests reviewed
  • [ ] Documentation reviewed
  • [ ] Release notes reviewed
  • [ ] PR acceptance performed
  • [ ] New config flags added? Ensure that they are added to the BOSH and Helm packaging; otherwise, ignored for the integration tests (for example, if they are Garden configs that are not displayed in the --help text).
+45 -73

0 comment

6 changed files

pr created time in 4 days

create barnchvito/concourse

branch : use-task-env-type

created branch time in 4 days

create barnchvito/concourse

branch : scrapped-image-fetching-refactor

created branch time in 5 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 2a60239ba656335a51492ddae639d4011b3a9fa5

bump concourse

view details

push time in 5 days

issue closedconcourse/concourse

[SPIKE] Review the k8s worker POC

Reference: https://github.com/concourse/concourse/issues/5209

Background

Months ago, @cirocosta created an experiment that allowed the ability to target Kubernetes with native workloads. At a very (very) high level, this allowed the ability for Concourse, when running a step, to have the atc communicate with Kubernetes to create a pod that would represent that step.

At the time this experiment was created, we were still in the midst of the initial phase of our containerd runtime epic. Given that this work also included the decoupling of the Concourse runtime from core, it made sense to hold off on any further implementation of the k8s runtime until phase one of containerd was completed.

Now that phase one of containerd is nearing completion, the time is right to start working towards the implementation of a full k8s runtime.

Summary

While the initial experiment was extremely detailed and workable, there were still a lot of open questions/jumping off points and places for clean-up.

As a good first step before starting the k8s runtime implementation, it makes sense to review the content of the initial experiment, and from that, create a series of notes/issues/thoughts that we can arrange into the initial epics for this track of work.

Acceptance Criteria

  • [ ] Review the initial k8s worker experiment and record logical next steps or areas for further investigation (this doesn't have to be overly detailed)
  • [ ] Once complete, @scottietremendous will arrange time to review and build out initial epics

closed time in 5 days

scottietremendous

issue commentconcourse/concourse

[SPIKE] Review the k8s worker POC

Closing as this has led to further spikes.

scottietremendous

comment created time in 5 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 6aee81030615bb37e23756c94b37c0f4a9e2851f

bump concourse

view details

push time in 5 days

issue commentconcourse/concourse

--docker-registry doesn't work

@skreddy6673 No - as I mentioned in https://github.com/concourse/concourse/discussions/6039#discussioncomment-61205 this will require something like the feature proposed in https://github.com/concourse/concourse/pull/5942#issuecomment-669283962.

I'll start an RFC for it - we need to get the ball rolling since the Docker Hub deadline is approaching.

evanchaoli

comment created time in 5 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 0aeda03e001c53ec29ad0c93176d0bdfa2ea0d62

bump concourse

view details

push time in 5 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 6b897a828e12ac23bda5e699f3f34c55fb1ef77d

bump concourse

view details

push time in 6 days

push eventvito/concourse

Alex Suraci

commit sha 5ab21a3cca70ad6fdaf32c1ce2d4626916862912

atc: structure: dbtest AdoptRerunInputsAndPipes Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 2c765ee276acd9d7f574a8e9da758478520cd8b4

atc: structure: dbtest (db.Build).ResourcesChecked Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 6 days

push eventvito/concourse

Alex Suraci

commit sha 5e902aecd1a55379778bf98c8f7e7c146b2f1049

atc: structure: dbtest check session collector Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 85cbcf6392ef79768c8d7bde8f3b87967e0a146c

atc: structure: dbtest (db.Build).SaveOutput * add helper to get a ResourceConfigVersion from a Resource * remove ResourceConfigScope getter from ResourceConfigVersion as it makes constructing/querying for them too complicated * this was only used by a test, and all it did was assert equality note: I removed a test Context which doesn't seem necessary anymore - a 'git blame' showed it was to handle a condition which is no longer possible. Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 9712653190e98b2d61e66fbe4fc6df937bc2e182

fixup: regen Checkable for removal of SetResourceConfig Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 1887a561919de24511c93a86a52525f6b403f151

atc: structure: dbtest (db.Build).Resources Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 1cee11677db5a19e27956c75660a0002078ff3bc

atc: structure: dbtest (db.Build).Preparation note: made SaveResourceVersions also bump the last check end time, since it's significant for these tests Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 6 days

push eventvito/concourse

Alex Suraci

commit sha c32594e8f94aeda0835d2b1eb72bb0e9c0f323b0

wip Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 6 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 07a1824d974a472610777ff00f04951a6492c80e

bump concourse

view details

push time in 6 days

push eventvito/concourse

Aidan Oldershaw

commit sha 0b1813dffc0a2682caf9f6e1801aa62d26af69d5

add fallback encryption strategy concourse/concourse#5959 During migrations, if the old-encryption-key wasn't specified, it could mean either the database wasn't previously encrypted, or there's no change to the encryption key. We can handle this during decryption by trying the current encryption key and then fallback to plaintext if needed. Note that we will always encrypt using the actual encryption key regardless. Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io> Co-authored-by: Bohan Chen <bochen@pivotal.io>

view details

Aidan Oldershaw

commit sha 69a91d6d9c221a94f1f165594138f7ddb57f4782

move encryption logic into migrations concourse/concourse#5959 Previously, we only encrypted/decrypted/rotated encryption key in `db.Open`. With this commit, we do so whenever we migrate the database. `db.Open` runs an up migration, so now `concourse web` and `concourse migrate` share the code path that runs the encryption logic. This isn't a pure refactor, as it also fixes the bug where the incorrect encryption key was used for migrations. Now, we correctly assign the strategy based both on the old and new encryption keys. Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io> Co-authored-by: Bohan Chen <bochen@pivotal.io>

view details

Aidan Oldershaw

commit sha b9a924a2766d18ff2aaebd96ba5164b49fbe7fab

allow rotating encryption key in `concourse migrate` concourse/concourse#5960 When `--old-encryption-key` is provided to `concourse migrate` (without also specifying `--migrate-db-to-version`, the user can either decrypt the database (by not providing `--encryption-key`) or re-encrypt the database with a new key. Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io> Co-authored-by: Bohan Chen <bochen@pivotal.io>

view details

Adnan Kobir

commit sha 77ba65ad0f6559615b05e30e912ad606c6ce152e

skymarshal: add saml flags to skycmd https://github.com/concourse/concourse/issues/1036 https://github.com/concourse/dex already includes the saml connector, this commit simply adds the skycmd flags required to enable saml authentication. Signed-off-by: Adnan Kobir <adnan.kobir@gmail.com>

view details

James Thomson

commit sha 2c6d61c8f3f082ddeeebe2af3a3eb36213a824f5

fly/exec: only upload current dir if it's an input concourse/concourse#4828 - the name of the current directory has to match one of the inputs - the input must also not be provided by a `--input NAME=PATH` flag as well Signed-off-by: James Thomson <jthomson@pivotal.io> Co-authored-by: Bohan Chen <bochen@pivotal.io> Signed-off-by: James Thomson <jthomson@pivotal.io>

view details

Andy Paine

commit sha 1e5c207bb2c1ead51b28c1f4945e0558a863ac22

atc: Allow OPA integration to return reasons Allow OPA documents to include an `allowed` and a `reasons` field that gives a bit more feedback to the user about why something failed. This allows OPA operators to write rules that are self explanatory as to why things are getting denied. Fly does not appear to print the full error message currently but this works for the UI. Signed-off-by: Andy Paine <andy.paine@engineerbetter.com>

view details

Bohan Chen

commit sha 18c35e5ac849f54e2876e6ccc2d701e9b5e4db17

fixup tests now that some of the tests upload more than 1 artifact, we can use the len of the chan to keep track of how many were successfully uploaded. Signed-off-by: Bohan Chen <bochen@pivotal.io>

view details

Andy Paine

commit sha 036f6beac9d03e9a6fc177e36245643ae32f38d8

web: Make UI render `set_pipeline` as yellow on change When a SetPipelineChanged event is received, change the color of the `set_pipeline` header to yellow. This is similar behaviour to the "first occurrence" bits in the get step so commonise on a `changed` flag between them both. Signed-off-by: Andy Paine <andy.paine@engineerbetter.com>

view details

Andy Paine

commit sha 1ce0a5b82fab64584466910b029a7d01b75fbbaf

atc: Create set_pipeline changed events So the UI can render a yellow tooltip when a set_pipeline produced a diff Signed-off-by: Andy Paine <andy.paine@engineerbetter.com>

view details

Alex Suraci

commit sha 3dcbd018a0189f87ceb12a2351e81251788458ca

revise 'road to v10' words * "for the forseeable future" sounded a bit exclusive - we're working on other things too, like k8s runtime, it's just not part of "v10" * apply more empathy and less pushiness ("strongly" is annoying especially when asking for something :P) Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Andy Paine

commit sha 31f126ec65b26afa13963a55572fdeab1e92ec9d

web: Refactor firstOccurence -> changed set_pipeline can also use a similar tooltip so rename to make it more generic Signed-off-by: Andy Paine <andy.paine@engineerbetter.com>

view details

Andy Paine

commit sha f201825a8f629ada541c960632f5fb6f4bdbcb35

web: Add tooltip for set_pipeline steps When a set pipeline step actually changes something, include a `pipeline config changed` tooltip. Not quite as extensively tested as the `get:` tooltip behaviour as these use shared code so would just be duplicate testing Signed-off-by: Andy Paine <andy.paine@engineerbetter.com>

view details

Andy Paine

commit sha 488930b53a5c20d4b96fa50cf1e922582ddbe463

atc: Make OPA checks default to failing Calls to OPA that don't return an explicit `allowed: true` should be considered failed. As a user has to opt-in to the OPA system, it is reasonable to expect that the OPA integration is properly configured and to deny admitting any checks that don't explicitly pass. Signed-off-by: Andy Paine <andy.paine@engineerbetter.com>

view details

Taylor Silva

commit sha 189dd3d6f7f208388efce112300182ddfa123aa4

Merge pull request #5995 from EngineerBetter/opa-deny-reasons atc: Allow OPA integration to return reasons for failures (breaking change)

view details

Rui Yang

commit sha dfdc304495672fcf9300abe480ee3169a8dd21d1

atc/db/migration: changd type of id column in resource_config_versions to bigint Signed-off-by: Rui Yang <ruiya@vmware.com> Co-authored-by: Bohan Chen <chenbh@pivotal.io>

view details

Scott Foerster

commit sha 85ec4aec699fb2f22b84eeb9d4ebd6405990178e

Merge pull request #6016 from concourse/issue-5667-resouce-config-version-id atc/db/migration: changd type of id column in resource_config_version…

view details

Daniel Chen

commit sha a572988b67e1ce2cbbfd4b720f4709a1468a49c3

Merge pull request #6002 from concourse/issue/4828 fly/exec: only upload current directory if it's an input

view details

Bishoy Youssef

commit sha 8f98888761f88285f22d631ce4b0ec02f83f7ef7

use the configured resolv.conf The nameserver values could come from manually defined properties or the host itself Revert "k8s topgun: behaviour: skip containerd dns tests" This reverts commit 0b03e84c5a1109855351787fd74296430efbcc14. Signed-off-by: Bishoy Youssef <byoussef@pivotal.io> Co-authored-by: Vikram Yadav <vyadav@pivotal.io> Co-authored-by: Izabela Gomes <igomes@pivotal.io>

view details

chrisfarms

commit sha b98ff62b984599c893ff5f6a817cf83ab6e0859a

add test for concurrent use of lru.cache adds a new test that will trip the race detector (when tests are run with -race) to ensure concurrent use of the claims cache is safe. the claims cache currently makes use of an lru.cache that is not safe for concurrent access, but it is used from concurrent code (and HTTP handler) Signed-off-by: chrisfarms <chris.farmiloe@digital.cabinet-office.gov.uk>

view details

chrisfarms

commit sha 23f39bf1ba73e72fb7d5b268a9e5b2214ad612de

make claims cacher safe for concurrent use the lru.cache is not safe for concurrent access so protect it's use with a mutex Signed-off-by: chrisfarms <chris.farmiloe@digital.cabinet-office.gov.uk>

view details

push time in 6 days

push eventvito/concourse

Alex Suraci

commit sha 675367590395750dad95ed27f5026e7678ffdf29

watsjs: fix a couple of issues with login test * i think the pipeline cleanup was being backgrounded and it would fail if it ran concurrent to the team's deletion. it's now inlined and called with `await`. * the CSS selector for the play/pause icon wasn't specific enough. it's now scoped to the team's cards. Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 6 days

push eventvito/concourse

Alex Suraci

commit sha 8f798ad5f63b14292262d64a380777de2ed2c2a9

atc: behavior: check factory creates builds as-is, this will be pretty wasteful: it'll end up queueing a bunch of redundant checks for resources with the same config/scope, and they'll all run their checks, pretty much undoing the benefits of global resources. the next step is to mitigate this by having the 'check' step regulate itself by skipping the check if its interval has not elapsed, while locking to prevent concurrent checks of the same scope. with that mitigation, there will still be the overhead of queueing and builds for all resources for each scope to check, but at least the build will do something useful: its check step will update the config/scope on the resource or resource type. Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 25617082fd59dccd095225b29b3687f3aba6fdaa

atc: behavior: add interval to check plan * if the interval has not elapsed since the last check end time, skip the check * if the build is manually triggered, ignore the interval and run immediately note: the method is called WaitAndRun because this is where we can add back the rate limiting, which used to be done in the resource checker. interestingly, this also lets us consider having it wait until the interval elapses. then there'd be two kinds of rate limiting: limit each scope to once every interval, and limit all checking overall just so things aren't so spikey. one neat thing that might enable in the future is to have much more responsive webhook handling: rather than webhooks triggering builds, they could just wake up a goroutine in a build that's already running. that shoud have much lower latency - great for snappy webhook responsiveness. Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 50a61f71e0720210c09c05217cf3d1bc2a55942d

atc: behavior: acquire checking lock in check step Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha eb1ffe4cc419435948877e946e3952526bb64196

atc: behavior: associate check builds to resources * add a resource_id column to builds table * column is unique and ensures only one build is queued for a resource, though this is not likely to be a problem anyway as only one lidar runs at a time, and manually triggered checks are one-offs * when the last build completes, it is deleted and replaced with a new build, so we don't have an infinitely growing build history a future direction may be to make the column non-unique and add some sort of retention policy, but this will at least keep it from growing forever until we decide to do that. note: build IDs will continue to climb even though builds are deleted - we should migrate build IDs to bigint. Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 2e2db3dfb577b5f76b6286fc21247ba993bdcc85

atc: behavior: grace period for resource config gc previously, when the GC ran in the period of time between a config being constructed and being assigned to its resource (which includes running the check), the config would be removed, causing mayhem in the check step. now, resource configs will be marked as 'referenced' by the check step, and they will be removed when they have not been referenced for a while (and are not referenced by a resource, resource type, or resource cache by that point). "a while" is hardcoded to the overall check timeout + spare change (5 minutes). it honestly doesn't matter too much because they're literally just rows in the database at that point (caches go away before configs), so hours is better than seconds here; don't want it to happen during a slow check, because it won't be assigned to the resource by then. one nifty thing: this effectively removes the need to use resource_config_check_sessions to keep resource configs alive, so this simplifies the GC query. i haven't benchmarked or EXPLAIN ANAYLZEd it though. ...and another thing: it may be tempting to simplify the resource config query completely down to just use the 'last referenced' time, because their periodic checking effectively heartbeats it, but simplifying it that far is a little risky. it's only bumped when a check runs, so if the check_every is longer than the grace period (maybe they're using webhooks), the config might get GC'd. i suppose you could just bump this default value even higher then. Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 2434e9a78f4a729415b55b9ef7283f773c9ac1c1

atc: behavior: update check error in check step this should result in check errors showing up on the resource in the API/UI like before. Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha c79d08d08bec4fca9f2c7e7a5c3cc579456081a3

atc: behavior: respect manually triggered checks queue them even if the interval has not elapsed Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 10a729b783a434bd19c35718e8da527aef9c5aac

atc: behavior: check step emits events emit initializing, starting, finished, and i/o events just like all other steps. UI and CLI doesn't do anything with it yet - that's up next! Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha a4b8b45f7e052a67d32ac3fd35fd66489eca80e3

testflight: fix flake caused by check builds now that checks run as builds, there are way more builds to list, which caused these tests to flake out as the things they were looking for were paginated away. Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 406e62a7af421bb7e76207c6119a92ecd2711df6

fly: behavior: render check build event stream rather than displaying a table, render the build event output from running the check. this gets testflight passing! Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 2febd00493683131db834607b0f4af903e61d893

atc: behavior: render check steps in build Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 957b5aef2dd7fa8d538bf93776944d221330db96

atc: behavior: clean up and godoc a few plans * rename update_resource/update_resource_type to just resource/resource_type for consistency with get/put plans * revise XXX comments and add godoc for Check/Get/Put/Task plans note: this is marked as behavior because it technically renames some plan fields, which would be an upgrade concern, but this code has never been released. Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 1595a5c0a77618a56394b19cffbd6977360b2726

atc: structure: revise comments, backfill tests * nothing was actually testing that 'from version' was respected - so those have been added, along with tests for the defaulting behavior * some of these comments won't be resolved in this first pass, so they've been revised for clarity/longevity * some comments were just stale or redundant, so they've been removed Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 8404d888794fb2255482240417cf70376cafe650

atc: behavior: don't assume builds have jobs previously, many areas of the codebase - primary logging and tracing - assumed that builds had a job name. this commit centralizes the construction of lager.Data and tracing.Attrs for builds onto the db.Build type itself. it also modifies the step tracing flow to go through the step delegate. this is ultimately so that we can call the new .TracingAttrs method on the build, but also makes it a bit easier to test. Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 8f42e9962001eb20fa8194641c9a73f96009b445

atc: behavior: use tracing attrs for build events these seem to be a pretty close duplicate of build.TracingAttrs, so let's use it here too. Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha a07ded5bd8c3a18d37b86b8b1cb751b693e9c4d6

atc: behavior: auth doesn't assume build has job this used to call .Job with an empty job name, which was kind of weird. instead, let's just say any pipeline build that has no job is treated as 'private'. this is consistent with the previous behavior of who could see resource checking errors (only those authorized with the team). Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 17858ec884bd0cd2abf6aba463441b74480e46be

atc: behavior: build resource in API/logs/metrics Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 0bb1f2374940c7603b5e7530b53c980ae4a76385

atc: structure: explode delegate factory "explode" in every sense of the word: it has been divided, and it is no more. this factory served no real purpose - nothing was passed to it, its usage was never tested, and it really doesn't do anything worth testing anyway. its methods literally just called a function with the same name and the exact same arguments. and a clock. shoulda called it the delegate clocker. and then deleted it. (just wanted to get this large diff out of the way first so the next commits are readable and don't have their diffs lost in this mess.) Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha e9859d10c8239a8255f2dfae6b02548bc9800fb9

atc: behavior: rate limit resource checks * inject rate limiter which bases its rate on the number of checkable things (resource scopes) * rate limit refreshes every minute (...this is enforced by a second, internal rate limiter lol) * only enforced for check steps which are running for a resource * not enforced for manually triggered checks Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha cb8ffbd01beccf65366572b5b4edd3ff971cbcb0

atc: behavior: migrate build ids to bigint Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 7 days

Pull request review commentconcourse/rfcs

RFC: `set_pipeline` step

+# Summary++This RFC proposes a new `set_pipeline` step type for configuring pipelines within a build plan.+++# Motivation++## Short-term motivation++Lots of folks are already using the [`concourse-pipeline` resource](https://github.com/concourse/concourse-pipeline-resource), however the resource has two fatal flaws:++* Users have to configure a local auth user and pass it to the resource definition.+* The resource is versioned independently of the user's Concourse, meaning the `fly` version won't always be in sync. The resource makes an attempt to resolve this by doing a `sync` after logging in, but this is a pretty clunky problem regardless.++If we had native support for a `set_pipeline` step, both of these problems would go away.++## Long-term motivation++By having a `set_pipeline` step in the build plan, we can start to improve Concourse's story around automating the full CI stack for projects of all sizes. Users can start to trust that pipelines are always configured via CI, and they can go over the build history to see who changed what and when.++Later RFCs (namely, 'projects' and 'instanced pipelines') will build on this idea to provide a truly continuous workflow for automating pipelines - including their automatic archival when they're no longer needed, in the case of instanced pipelines.+++# Proposal++Using the step would look something like this:++```yaml+plan:+- get: ci+- set_pipeline: concourse+  file: ci/pipelines/concourse.yml+```++The `x` in `set_pipeline: x` is the pipeline name, and `file:` would be used to specify the pipeline config.++The pipeline would be configured within whichever team the build execution belongs to.++Upon first configuration pipeline will be automatically unpaused, as opposed to `fly set-pipeline` which puts newly configured pipelines in paused state by default. The assumption here is that if you're automating `set_pipeline` you're not just kicking the tires and can probably trust the pipelines that you're configuring are correct, at least enough to have made it into version control.++When configuring an existing pipeline, however, the pipeline's paused status will not be changed. In other words, the `set_pipeline` step will leave already-existing paused pipelines in the paused state. The assumption here is that the pipeline has been manually paused by a pipeline operator, possibly in response to an emergent situation, and it should be left alone.++## `((vars))` support++Additionally, we should support `vars` (as in `fly set-pipeline -y`) and `var_files` (i.e. `fly set-pipeline -l`):++```yaml+plan:+- get: ci+- set_pipeline: release+  file: ci/pipelines/release.yml+  vars: {release_version: 5.3}+  var_files:+  - ci/pipelines/vars/foo.yml+```++## Preventing manual updates++When using `fly set-pipeline` to update a pipeline that has been configured+through the `set_pipeline` step, a warning will be printed and a confirmation+dialogue will be presented.++When configured through `fly set-pipeline` thereafter, warnings will no+longer be issued.++This is to prevent accidentally configuring changes that will be blown away,+while still allowing pipeline operators to take over its configuration if+needed.+++# Experiments++There are a few extended pieces of functionality that have been proposed. There+is currently no consensus on these being the ideal long-term design, because+there are alternative methods we're planning that should make them unnecessary.++However, there is value in supporting them "until we get there." We can+implement support for them, and include a warning both in their usage and in+the documentation that they may be removed in the future.++Each experiment must have an easy-to-find GitHub Discussion so that we can+collect feedback on how the feature is used and confirm that the long-term+design addresses the core need appropriately.++## `set_pipeline: self`++* PR: [#4857](https://github.com/concourse/concourse/pull/4857)+* Feedback: [#5732](https://github.com/concourse/concourse/discussions/5732)++Currently, the `foo` in `set_pipeline: foo` is the name of a pipeline to set. A+pipeline could technically update itself by configuring its own name in the+step, but pipeline configs aren't meant to contain their own name, as doing so+prevents the config from being re-used as a 'pipeline template'. You could of+course turn this into a var, but that's a little clunky to use.++To support self-updating pipelines without making them self-aware, we can allow+the keyword `self` to mean the current pipeline. There is precedent for such a+keyword in other fields like `version: every`, `version: latest`, `inputs:+all`, and `inputs: detect`.++One downside of this approach is it doesn't cover the full lifecycle of the+pipeline: who set it initially, so that the `set_pipeline: self` step can even+run?++This is a question that will likely be answered by the [Projects+concept][projects-rfc] once it's introduced. Projects are designed to be the+authoritative source for pipeline configuration, covering both the initial+creation and the later updating of all pipelines contained therein.++As such, it will be a little odd to support both `set_pipeline: self` and+Projects side-by-side. But until Projects lands, there is benefit in allowing+it so that we can confirm that Projects covers all the use cases for it by+analyzing user feedback.++## Setting pipelines in other teams++* PR: [#5729](https://github.com/concourse/concourse/pull/5729)+* Feedback: [#5731](https://github.com/concourse/concourse/discussions/5731)++The `set_pipeline` step is designed to be a "piece of the puzzle" - just like+other steps like `get`, `put`, and `task`.++It is designed to operate against *one* pipeline, in the current team, and in+the current Concourse cluster. This is in contrast to the+[`concourse-pipeline` resource][concourse-pipeline-resource], which supports+setting *many* pipelines across *many* teams within *any* Concourse cluster.++This step is not intended to be a drop-in replacement for the+`concourse-pipeline` resource, but it *is* a goal to deprecate it. However+full deprecation is blocked on further development around the [Projects+concept][projects-rfc] or other ideas that lead towards auto-configuring the+full Concourse cluster.++The `concourse-pipeline` resource provides significant enough burden to+maintainers and users that it is probably wise to expedite its deprecation+without waiting on these farther-off goals. To this end, we can+experimentally support setting pipelines in other teams by configuring a+`team:` field on the step:++```yml+set_pipeline: foo+team: bar+file: ci/foo.yml+```++This must only work if the step is being run by an admin team (i.e. `main`),+making its usage somewhat limited. Once a more suitable replacement arrives+this field can be removed.+++# Open Questions++n/a+++# Answered Questions++* > Should we support glob expansion in `var_files`?+  >+  > The `concourse-pipeline` resource supports this by just performing glob+  > expansion against its local filesystem. For the `set_pipeline` step, this is+  > a bit more challenging - there *is* no local filesystem. Would we have to+  > implement glob expansion in the Baggageclaim API or something? How easily+  > would this translate to other runtimes?++  This is a question we'll probably have to answer for various different+  steps, so it should probably be addressed outside of this RFC.+++# New Implications++## Deprecating `concourse-pipeline` resource++Deprecating the `concourse-pipeline` resource should be the primary goal.++Some of the extended functionality of the resource will not be supported in the name of keeping the `set_pipeline` step design simple and easy to reason about.++For example, the step should only ever configure one pipeline at a time - it should not support the `pipelines:` functionality for configuring a bunch at once.++Similarly, the step should not support fully dynamic configuration (`pipelines_file:`).

So far, vars and var_files are implemented, config_file is the same as file:, unpaused is just forced as true, team is experimentally supported (collecting feedback here: https://github.com/concourse/concourse/discussions/5731), and exposed has just been proposed (https://github.com/concourse/rfcs/discussions/75).

vito

comment created time in 7 days

PullRequestReviewEvent

push eventvito/concourse

Alex Suraci

commit sha 73c981297fa153803b8fe1ca75d4cb19f421d721

atc: behavior: rate limit resource checks * inject rate limiter which bases its rate on the number of checkable things (resource scopes) * rate limit refreshes every minute (...this is enforced by a second, internal rate limiter lol) * only enforced for check steps which are running for a resource * not enforced for manually triggered checks Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 4a8f8a333973017ec8973473f71681c6f899e098

atc: behavior: migrate build ids to bigint Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha f6f7bebaa1f0feacac9cf0fd9c9ba30c200e850b

atc: structure: bump migrations Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 7 days

push eventvito/concourse

Alex Suraci

commit sha 0466fcc394b2178ff90d4669579918d543e3df6c

atc: behavior: migrate build ids to bigint Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 83f34f62bcbf079277830702e79db58ed738df31

atc: structure: bump migrations Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 7 days

push eventvito/concourse

Aidan Oldershaw

commit sha 0b1813dffc0a2682caf9f6e1801aa62d26af69d5

add fallback encryption strategy concourse/concourse#5959 During migrations, if the old-encryption-key wasn't specified, it could mean either the database wasn't previously encrypted, or there's no change to the encryption key. We can handle this during decryption by trying the current encryption key and then fallback to plaintext if needed. Note that we will always encrypt using the actual encryption key regardless. Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io> Co-authored-by: Bohan Chen <bochen@pivotal.io>

view details

Aidan Oldershaw

commit sha 69a91d6d9c221a94f1f165594138f7ddb57f4782

move encryption logic into migrations concourse/concourse#5959 Previously, we only encrypted/decrypted/rotated encryption key in `db.Open`. With this commit, we do so whenever we migrate the database. `db.Open` runs an up migration, so now `concourse web` and `concourse migrate` share the code path that runs the encryption logic. This isn't a pure refactor, as it also fixes the bug where the incorrect encryption key was used for migrations. Now, we correctly assign the strategy based both on the old and new encryption keys. Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io> Co-authored-by: Bohan Chen <bochen@pivotal.io>

view details

Aidan Oldershaw

commit sha b9a924a2766d18ff2aaebd96ba5164b49fbe7fab

allow rotating encryption key in `concourse migrate` concourse/concourse#5960 When `--old-encryption-key` is provided to `concourse migrate` (without also specifying `--migrate-db-to-version`, the user can either decrypt the database (by not providing `--encryption-key`) or re-encrypt the database with a new key. Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io> Co-authored-by: Bohan Chen <bochen@pivotal.io>

view details

Adnan Kobir

commit sha 77ba65ad0f6559615b05e30e912ad606c6ce152e

skymarshal: add saml flags to skycmd https://github.com/concourse/concourse/issues/1036 https://github.com/concourse/dex already includes the saml connector, this commit simply adds the skycmd flags required to enable saml authentication. Signed-off-by: Adnan Kobir <adnan.kobir@gmail.com>

view details

Andy Paine

commit sha 036f6beac9d03e9a6fc177e36245643ae32f38d8

web: Make UI render `set_pipeline` as yellow on change When a SetPipelineChanged event is received, change the color of the `set_pipeline` header to yellow. This is similar behaviour to the "first occurrence" bits in the get step so commonise on a `changed` flag between them both. Signed-off-by: Andy Paine <andy.paine@engineerbetter.com>

view details

Andy Paine

commit sha 1ce0a5b82fab64584466910b029a7d01b75fbbaf

atc: Create set_pipeline changed events So the UI can render a yellow tooltip when a set_pipeline produced a diff Signed-off-by: Andy Paine <andy.paine@engineerbetter.com>

view details

Andy Paine

commit sha 31f126ec65b26afa13963a55572fdeab1e92ec9d

web: Refactor firstOccurence -> changed set_pipeline can also use a similar tooltip so rename to make it more generic Signed-off-by: Andy Paine <andy.paine@engineerbetter.com>

view details

Andy Paine

commit sha f201825a8f629ada541c960632f5fb6f4bdbcb35

web: Add tooltip for set_pipeline steps When a set pipeline step actually changes something, include a `pipeline config changed` tooltip. Not quite as extensively tested as the `get:` tooltip behaviour as these use shared code so would just be duplicate testing Signed-off-by: Andy Paine <andy.paine@engineerbetter.com>

view details

Bishoy Youssef

commit sha 8f98888761f88285f22d631ce4b0ec02f83f7ef7

use the configured resolv.conf The nameserver values could come from manually defined properties or the host itself Revert "k8s topgun: behaviour: skip containerd dns tests" This reverts commit 0b03e84c5a1109855351787fd74296430efbcc14. Signed-off-by: Bishoy Youssef <byoussef@pivotal.io> Co-authored-by: Vikram Yadav <vyadav@pivotal.io> Co-authored-by: Izabela Gomes <igomes@pivotal.io>

view details

Izabela Gomes

commit sha e4c91cf4c0d7bc09512371cf0fdf6bc12e5c6c4c

fly: admins can login to any team that exists concourse/concourse#5939 Before this commit admins could log into any teams, even those that don't exist. If the admin did log into a team that did not exist they would get unclear error messages when running other commands that then tried to target the non-existant team (e.g. HTTP 500 error from set-pipeline command). Now an admin will know if they successfully logged into another team or not. Signed-off-by: Izabela Gomes <igomes@pivotal.io> Co-authored-by: Taylor Silva <tsilva@pivotal.io>

view details

Rui Yang

commit sha d0f797a8ce7d7d1e3f5ca14d793fb70ea83853c3

atc/db: request schedule when aborting a pending build Signed-off-by: Rui Yang <ruiya@vmware.com>

view details

Mike Dalessio

commit sha 771ba23f27e1b409837067dceaaed7db1a9afab3

`validatepipelinehelpers.Validate` no longer exits on some errors Previously this method called displayhelpers.Failf() when errors were encountered during parsing, or when warnings were encountered during strict parsing. This made it impossible to test for validator behavior during error conditions. Now, this method simply returns an error. part of fixing #6026 Signed-off-by: Mike Dalessio <mike.dalessio@gmail.com>

view details

Mike Dalessio

commit sha d2120849e9cfd18bba2869ca6bb8cae19c4f144a

fly: validate-pipeline accepts --enable-across-step PR #5887 introduced experimental support for an across step, which ATC allows when the --enable-across-step flag is set. This commit provides the validate-pipeline command with an analogous flag, to allow validation on pipelines that contain an across step. part of fixing #6026, and related to #5887 Signed-off-by: Mike Dalessio <mike.dalessio@gmail.com>

view details

Aidan Oldershaw

commit sha df23b367d73b7151c0065e001435b2c088c11139

Merge pull request #6027 from flavorjones/flavorjones-fly-validate-pipeline-enable-across-step Enable fly validate-pipeline to accept "--enable-across-step"

view details

Adnan Kobir

commit sha 5ec6a8f51110ceb8b1f60635a685c6e262c6ac3c

fix: add EntityIssuer and SsoIssuer flags Signed-off-by: Adnan Kobir <adnan.kobir@gmail.com>

view details

Izabela Gomes

commit sha 48d7662117af454888050223973368751ea871ea

api: return 404 when team is not found This change only affects the SaveConfig endpoint for PUT requests. When the team is not found a 404 is returned. This now matches how the GetConfig endpoint works. Also added tests to cover this behaviour and when there's a 500 response as well when fetching the team. Signed-off-by: Izabela Gomes <igomes@pivotal.io> Co-authored-by: Taylor Silva <tsilva@pivotal.io>

view details

Rui Yang

commit sha 382684cca704d4be6ef53c08874955a341f0a35e

Merge pull request #6023 from concourse/issue-5935-abort0-pending-build

view details

Aidan Oldershaw

commit sha 61a49580f0540587ff989a3ba04b99cbe4c83788

Merge pull request #5998 from adnankobir/master Support SAML 2.0 as an auth backend

view details

Taylor Silva

commit sha 56f379494ed492dc3f385ed9819aff80d594fb0d

Merge pull request #6021 from concourse/issue/5939 fly: admins can login to any team that exists

view details

Jamie Klassen

commit sha e86990fa1a3022a8a67cd2e3a5d7a20a91b2e047

retry login with incorrect CA We were seeing false failures on CI because `fly login` would fail when the web node was not yet listening, rather than because of the untrusted cert. Retrying increases the likelihood that we will attempt to log in while the web node is actually up. Signed-off-by: Jamie Klassen <jklassen@vmware.com> Co-authored-by: Zoe Tian <twanru@vmware.com>

view details

push time in 7 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 82e9793b1a6d913a710e4d87efb3b981ac03630a

bump concourse

view details

push time in 7 days

push eventvito/concourse

Alex Suraci

commit sha 7fbabe4b9c64e620385e6379c92570ee31a4a8ea

atc: structure: explode delegate factory "explode" in every sense of the word: it has been divided, and it is no more. this factory served no real purpose - nothing was passed to it, its usage was never tested, and it really doesn't do anything worth testing anyway. its methods literally just called a function with the same name and the exact same arguments. and a clock. shoulda called it the delegate clocker. and then deleted it. (just wanted to get this large diff out of the way first so the next commits are readable and don't have their diffs lost in this mess.) Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha bdec40282df8a94c5214eabc1a99f5f19d77c0ca

atc: behavior: rate limit resource checks * inject rate limiter which bases its rate on the number of checkable things (resource scopes) * rate limit refreshes every minute (...this is enforced by a second, internal rate limiter lol) * only enforced for check steps which are running for a resource * not enforced for manually triggered checks Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha bb15e858f813c313e9e4f07868c6c66e729b1ddd

atc: structure: bump migrations Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

Alex Suraci

commit sha 3d12e25e3a07ca4929de6adc272cabd8cad1cf4b

atc: behavior: migrate build ids to bigint Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 7 days

push eventvito/concourse

Aidan Oldershaw

commit sha 0b1813dffc0a2682caf9f6e1801aa62d26af69d5

add fallback encryption strategy concourse/concourse#5959 During migrations, if the old-encryption-key wasn't specified, it could mean either the database wasn't previously encrypted, or there's no change to the encryption key. We can handle this during decryption by trying the current encryption key and then fallback to plaintext if needed. Note that we will always encrypt using the actual encryption key regardless. Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io> Co-authored-by: Bohan Chen <bochen@pivotal.io>

view details

Aidan Oldershaw

commit sha 69a91d6d9c221a94f1f165594138f7ddb57f4782

move encryption logic into migrations concourse/concourse#5959 Previously, we only encrypted/decrypted/rotated encryption key in `db.Open`. With this commit, we do so whenever we migrate the database. `db.Open` runs an up migration, so now `concourse web` and `concourse migrate` share the code path that runs the encryption logic. This isn't a pure refactor, as it also fixes the bug where the incorrect encryption key was used for migrations. Now, we correctly assign the strategy based both on the old and new encryption keys. Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io> Co-authored-by: Bohan Chen <bochen@pivotal.io>

view details

Aidan Oldershaw

commit sha b9a924a2766d18ff2aaebd96ba5164b49fbe7fab

allow rotating encryption key in `concourse migrate` concourse/concourse#5960 When `--old-encryption-key` is provided to `concourse migrate` (without also specifying `--migrate-db-to-version`, the user can either decrypt the database (by not providing `--encryption-key`) or re-encrypt the database with a new key. Signed-off-by: Aidan Oldershaw <aoldershaw@pivotal.io> Co-authored-by: Bohan Chen <bochen@pivotal.io>

view details

Adnan Kobir

commit sha 77ba65ad0f6559615b05e30e912ad606c6ce152e

skymarshal: add saml flags to skycmd https://github.com/concourse/concourse/issues/1036 https://github.com/concourse/dex already includes the saml connector, this commit simply adds the skycmd flags required to enable saml authentication. Signed-off-by: Adnan Kobir <adnan.kobir@gmail.com>

view details

Andy Paine

commit sha 036f6beac9d03e9a6fc177e36245643ae32f38d8

web: Make UI render `set_pipeline` as yellow on change When a SetPipelineChanged event is received, change the color of the `set_pipeline` header to yellow. This is similar behaviour to the "first occurrence" bits in the get step so commonise on a `changed` flag between them both. Signed-off-by: Andy Paine <andy.paine@engineerbetter.com>

view details

Andy Paine

commit sha 1ce0a5b82fab64584466910b029a7d01b75fbbaf

atc: Create set_pipeline changed events So the UI can render a yellow tooltip when a set_pipeline produced a diff Signed-off-by: Andy Paine <andy.paine@engineerbetter.com>

view details

Andy Paine

commit sha 31f126ec65b26afa13963a55572fdeab1e92ec9d

web: Refactor firstOccurence -> changed set_pipeline can also use a similar tooltip so rename to make it more generic Signed-off-by: Andy Paine <andy.paine@engineerbetter.com>

view details

Andy Paine

commit sha f201825a8f629ada541c960632f5fb6f4bdbcb35

web: Add tooltip for set_pipeline steps When a set pipeline step actually changes something, include a `pipeline config changed` tooltip. Not quite as extensively tested as the `get:` tooltip behaviour as these use shared code so would just be duplicate testing Signed-off-by: Andy Paine <andy.paine@engineerbetter.com>

view details

Bishoy Youssef

commit sha 8f98888761f88285f22d631ce4b0ec02f83f7ef7

use the configured resolv.conf The nameserver values could come from manually defined properties or the host itself Revert "k8s topgun: behaviour: skip containerd dns tests" This reverts commit 0b03e84c5a1109855351787fd74296430efbcc14. Signed-off-by: Bishoy Youssef <byoussef@pivotal.io> Co-authored-by: Vikram Yadav <vyadav@pivotal.io> Co-authored-by: Izabela Gomes <igomes@pivotal.io>

view details

Izabela Gomes

commit sha e4c91cf4c0d7bc09512371cf0fdf6bc12e5c6c4c

fly: admins can login to any team that exists concourse/concourse#5939 Before this commit admins could log into any teams, even those that don't exist. If the admin did log into a team that did not exist they would get unclear error messages when running other commands that then tried to target the non-existant team (e.g. HTTP 500 error from set-pipeline command). Now an admin will know if they successfully logged into another team or not. Signed-off-by: Izabela Gomes <igomes@pivotal.io> Co-authored-by: Taylor Silva <tsilva@pivotal.io>

view details

Rui Yang

commit sha d0f797a8ce7d7d1e3f5ca14d793fb70ea83853c3

atc/db: request schedule when aborting a pending build Signed-off-by: Rui Yang <ruiya@vmware.com>

view details

Mike Dalessio

commit sha 771ba23f27e1b409837067dceaaed7db1a9afab3

`validatepipelinehelpers.Validate` no longer exits on some errors Previously this method called displayhelpers.Failf() when errors were encountered during parsing, or when warnings were encountered during strict parsing. This made it impossible to test for validator behavior during error conditions. Now, this method simply returns an error. part of fixing #6026 Signed-off-by: Mike Dalessio <mike.dalessio@gmail.com>

view details

Mike Dalessio

commit sha d2120849e9cfd18bba2869ca6bb8cae19c4f144a

fly: validate-pipeline accepts --enable-across-step PR #5887 introduced experimental support for an across step, which ATC allows when the --enable-across-step flag is set. This commit provides the validate-pipeline command with an analogous flag, to allow validation on pipelines that contain an across step. part of fixing #6026, and related to #5887 Signed-off-by: Mike Dalessio <mike.dalessio@gmail.com>

view details

Aidan Oldershaw

commit sha df23b367d73b7151c0065e001435b2c088c11139

Merge pull request #6027 from flavorjones/flavorjones-fly-validate-pipeline-enable-across-step Enable fly validate-pipeline to accept "--enable-across-step"

view details

Adnan Kobir

commit sha 5ec6a8f51110ceb8b1f60635a685c6e262c6ac3c

fix: add EntityIssuer and SsoIssuer flags Signed-off-by: Adnan Kobir <adnan.kobir@gmail.com>

view details

Izabela Gomes

commit sha 48d7662117af454888050223973368751ea871ea

api: return 404 when team is not found This change only affects the SaveConfig endpoint for PUT requests. When the team is not found a 404 is returned. This now matches how the GetConfig endpoint works. Also added tests to cover this behaviour and when there's a 500 response as well when fetching the team. Signed-off-by: Izabela Gomes <igomes@pivotal.io> Co-authored-by: Taylor Silva <tsilva@pivotal.io>

view details

Rui Yang

commit sha 382684cca704d4be6ef53c08874955a341f0a35e

Merge pull request #6023 from concourse/issue-5935-abort0-pending-build

view details

Aidan Oldershaw

commit sha 61a49580f0540587ff989a3ba04b99cbe4c83788

Merge pull request #5998 from adnankobir/master Support SAML 2.0 as an auth backend

view details

Taylor Silva

commit sha 56f379494ed492dc3f385ed9819aff80d594fb0d

Merge pull request #6021 from concourse/issue/5939 fly: admins can login to any team that exists

view details

Jamie Klassen

commit sha e86990fa1a3022a8a67cd2e3a5d7a20a91b2e047

retry login with incorrect CA We were seeing false failures on CI because `fly login` would fail when the web node was not yet listening, rather than because of the untrusted cert. Retrying increases the likelihood that we will attempt to log in while the web node is actually up. Signed-off-by: Jamie Klassen <jklassen@vmware.com> Co-authored-by: Zoe Tian <twanru@vmware.com>

view details

push time in 7 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 4df9ae96998b95eb1e46d4260fbfab057eb7e3c7

bump concourse

view details

push time in 7 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 48574e5cea80aadea9f76ba5a7d3ae101d34dbae

bump concourse

view details

push time in 7 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha 7231d3bb6c1f67261ec4bd000301822935648707

bump concourse

view details

push time in 8 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha bd6f7ed7c1e812ae90b858482a69e92172f9daf5

bump concourse

view details

push time in 8 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha d4849eaf89d1aa74a6cf72c71a1ea2fa00d067f9

bump concourse

view details

push time in 8 days

PR opened concourse/docs

switch forum links to GitHub Discussions

also remove Discourse theme and README section

+27 -662

0 comment

18 changed files

pr created time in 8 days

push eventconcourse/docs

Alex Suraci

commit sha 10925eb7d651f1c4e106aa5f20f5c1f877e5ca66

switch forum links to GitHub Discussions also remove Discourse theme and README section Signed-off-by: Alex Suraci <suraci.alex@gmail.com>

view details

push time in 8 days

create barnchconcourse/docs

branch : switch-to-discussions

created branch time in 8 days

push eventconcourse/concourse-bosh-deployment

Sam Coward

commit sha a76ec6545b284078d23ed5b72bbf2ac0d55ff3c1

Add manifest for an external windows worker Signed-off-by: Sam Coward <scoward@vmware.com>

view details

Alex Suraci

commit sha 3f120f7ff48c5ad040b66e6c20adc6e2ac930593

Merge pull request #226 from idoru/windows-external-worker-manifest Add manifest for an external windows worker

view details

push time in 8 days

PR merged concourse/concourse-bosh-deployment

Add manifest for an external windows worker

Hi!

I recently needed to deploy an external windows worker. This turned out to require a lot of patching if one starts off with external-worker.yml manifest. While the ops files for windows-worker.yml and windows-worker-ephemeral-disk.yml will add the necessary sections to the manifest, because they are assumed largely to apply to the main concourse deployment, and not an external deployment, one still needs to manually craft an ops file to do the following things:

  • remove the linux worker and stemcell definitions if they aren't needed
  • add in the necessary properties to enable the remote worker to contact the tsa (worker_gateway.hosts, worker_gateway.host_public_key)

This PR adds a manifest specifically for deploying an external windows worker, taking inspiration and attempting to follow the pattern set in external-worker.yml.

It's still compatible with windows-worker-ephemeral-disk.yml if it is needed.

+42 -0

1 comment

1 changed file

idoru

pr closed time in 8 days

pull request commentconcourse/concourse-bosh-deployment

Add manifest for an external windows worker

Thanks!

idoru

comment created time in 8 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha c28d039de14d7de4b02f4b891763ef3642c2ce7a

bump concourse

view details

push time in 8 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha bc2eab0be3255c1c05f4105d60f3a7615803b55c

bump concourse

view details

push time in 9 days

release concourse/ft

v0.0.0-1599763998

released time in 9 days

push eventconcourse/concourse-bosh-deployment

Hristo Boyanov

commit sha c46f8581ee0147818ba77fe50d7dc05000ef9f4f

Add encryption ops files Signed-off-by: Hristo Boyanov <hristoboyanov098@gmail.com>

view details

Alex Suraci

commit sha 2579c531a18c931e87869b8a9ca199c50623b808

Merge pull request #225 from IcoBoyanov/add-encryption-ops-files Added ops files for encryption

view details

push time in 9 days

PR merged concourse/concourse-bosh-deployment

Added ops files for encryption

The current encryption.yml supports only enabling concourse encryption.

We will support all scenarios by adding those two files:

+10 -0

1 comment

2 changed files

IcoBoyanov

pr closed time in 9 days

pull request commentconcourse/concourse-bosh-deployment

Added ops files for encryption

Thanks!

IcoBoyanov

comment created time in 9 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha a045dd6bcf1020b36693501472200c4362feae9f

bump concourse

view details

push time in 9 days

push eventconcourse/concourse-bosh-release

Concourse Bot

commit sha e704db70bc619f8e03f016ae52b182e659a176bf

bump concourse

view details

push time in 10 days

more