Merge branch 'main' into autoscaler-775/enable-postgres-ssl

cloudfoundry · Aug 14, 2024 · 5ff5829 · 5ff5829
2 parents 1b58997 + d8d6033
commit 5ff5829
Show file tree

Hide file tree

Showing 6 changed files with 131 additions and 4 deletions.
diff --git a/ci/autoscaler/scripts/deploy-autoscaler.sh b/ci/autoscaler/scripts/deploy-autoscaler.sh
@@ -88,7 +88,12 @@ function create_manifest(){
       -v system_domain="${system_domain}" \
       -v deployment_name="${deployment_name}" \
       -v app_autoscaler_version="${bosh_release_version}" \
-      -v admin_password="$(credhub get -n /bosh-autoscaler/cf/cf_admin_password -q)" \
+      -v admin_password="$(credhub get -n /bosh-autoscaler/cf/cf_admin_password -q)"\
+      -v routing_api_ca_certs="$(credhub get -n /bosh-autoscaler/cf/routing_api_tls --key ca --quiet)"\
+      -v routing_api_tls_client_cert="$(credhub get -n /bosh-autoscaler/cf/routing_api_tls_client --key ca --quiet)"\
+      -v routing_api_client_secret="$(credhub get -n /bosh-autoscaler/cf/uaa_clients_routing_api_client_secret --quiet)"\
+      -v routing_api_tls_client_private_key="$(credhub get -n /bosh-autoscaler/cf/routing_api_tls_client --key private_key --quiet)"\
+      -v routing_api_server_ca_cert="$(credhub get -n /bosh-autoscaler/cf/routing_api_tls --key ca --quiet)"\
       -v cf_client_id=autoscaler_client_id \
       -v cf_client_secret=autoscaler_client_secret \
       -v log_cache_syslog_tls_ca="$(credhub get -n /bosh-autoscaler/cf/log_cache_syslog_tls --key ca --quiet)"\

diff --git a/devbox.json b/devbox.json
@@ -39,7 +39,8 @@
     "cloudfoundry-cli":                  "8.7.11",
     "google-cloud-sdk":                  "latest",
     "temurin-bin-17":                    "latest",
-    "ruby":                              "latest"
+    "ruby":                              "latest",
+    "postgresql":                        "latest"
   },
   "shell": {
     "init_hook": [

diff --git a/devbox.lock b/devbox.lock
@@ -1002,6 +1002,115 @@
         }
       }
     },
+    "postgresql@latest": {
+      "last_modified": "2024-08-02T23:16:43Z",
+      "plugin_version": "0.0.2",
+      "resolved": "github:NixOS/nixpkgs/81610abc161d4021b29199aa464d6a1a521e0cc9#postgresql",
+      "source": "devbox-search",
+      "version": "15.7",
+      "systems": {
+        "aarch64-darwin": {
+          "outputs": [
+            {
+              "name": "out",
+              "path": "/nix/store/j063gkab0kj312p0r5wlwh8hhs3ivmmv-postgresql-15.7",
+              "default": true
+            },
+            {
+              "name": "man",
+              "path": "/nix/store/83zyb6qnvn85ilfb4g03yr8zjnc4kw5c-postgresql-15.7-man",
+              "default": true
+            },
+            {
+              "name": "doc",
+              "path": "/nix/store/w98l40gkbw15cxjajs9wr9aaz1zqq8pv-postgresql-15.7-doc"
+            },
+            {
+              "name": "lib",
+              "path": "/nix/store/2lqmjj3nwingqsajwgwym4jjl1plqrxd-postgresql-15.7-lib"
+            }
+          ],
+          "store_path": "/nix/store/j063gkab0kj312p0r5wlwh8hhs3ivmmv-postgresql-15.7"
+        },
+        "aarch64-linux": {
+          "outputs": [
+            {
+              "name": "out",
+              "path": "/nix/store/bm08f8k2gyndfq1mszvdm07jnmwr6nlf-postgresql-15.7",
+              "default": true
+            },
+            {
+              "name": "man",
+              "path": "/nix/store/yd6qvs38zm55271230hfn4j0rd4029ca-postgresql-15.7-man",
+              "default": true
+            },
+            {
+              "name": "debug",
+              "path": "/nix/store/m8kdahlx418v1x8pvbjja5zbl8ix4hff-postgresql-15.7-debug"
+            },
+            {
+              "name": "doc",
+              "path": "/nix/store/nw2ng4sh1vzih1rrfzlivd2c7ifh9zm2-postgresql-15.7-doc"
+            },
+            {
+              "name": "lib",
+              "path": "/nix/store/fvs07mhcygpwy41jhw34kq7ghlcnv4nf-postgresql-15.7-lib"
+            }
+          ],
+          "store_path": "/nix/store/bm08f8k2gyndfq1mszvdm07jnmwr6nlf-postgresql-15.7"
+        },
+        "x86_64-darwin": {
+          "outputs": [
+            {
+              "name": "out",
+              "path": "/nix/store/qvhjnll3n3d1va7rxlh1yd348gqwy4v1-postgresql-15.7",
+              "default": true
+            },
+            {
+              "name": "man",
+              "path": "/nix/store/5mmzk97ppd9b6m2239b4xkwc853116mf-postgresql-15.7-man",
+              "default": true
+            },
+            {
+              "name": "doc",
+              "path": "/nix/store/jwp1aqs6fkbygfg9gpcx99lhc2dlalgc-postgresql-15.7-doc"
+            },
+            {
+              "name": "lib",
+              "path": "/nix/store/sngcqjdypd1bwxz6rs3hwy8jbjb9k690-postgresql-15.7-lib"
+            }
+          ],
+          "store_path": "/nix/store/qvhjnll3n3d1va7rxlh1yd348gqwy4v1-postgresql-15.7"
+        },
+        "x86_64-linux": {
+          "outputs": [
+            {
+              "name": "out",
+              "path": "/nix/store/8gr5ybhmdkafii5idcg57p66nk1qd6sf-postgresql-15.7",
+              "default": true
+            },
+            {
+              "name": "man",
+              "path": "/nix/store/0j6lskwq3imd8gdwy5rz9sjmn3c41qbc-postgresql-15.7-man",
+              "default": true
+            },
+            {
+              "name": "doc",
+              "path": "/nix/store/01snq9n6ka7zkb4dp7k639mbb5p0v5qi-postgresql-15.7-doc"
+            },
+            {
+              "name": "lib",
+              "path": "/nix/store/9xj29q1wf5wazv63hn5dxlwsp8k3h5lc-postgresql-15.7-lib"
+            },
+            {
+              "name": "debug",
+              "path": "/nix/store/xw1fhj72fzrlkvapaf1spx19ixqm7394-postgresql-15.7-debug"
+            }
+          ],
+          "store_path": "/nix/store/8gr5ybhmdkafii5idcg57p66nk1qd6sf-postgresql-15.7"
+        }
+      }
+    },
     "pre-commit@latest": {
       "last_modified": "2024-03-17T01:03:25Z",
       "resolved": "github:NixOS/nixpkgs/299d4668ba61600311553920d9fd9c102145b2cb#pre-commit",

diff --git a/src/autoscaler/Makefile b/src/autoscaler/Makefile
@@ -156,7 +156,7 @@ mta-deploy: mta-build build-extension-file
 	$(MAKE) -f metricsforwarder/Makefile set-security-group
 	$(MAKE) -f metricsforwarder/Makefile stop-metricsforwarder-vm
 	@echo "Deploying with extension file: $(EXTENSION_FILE)"
-	@CF_TRACE=true cf deploy mta_archives/*.mtar -f -e $(EXTENSION_FILE)
+	@cf deploy mta_archives/*.mtar -f -e $(EXTENSION_FILE)
 
 build-extension-file:
 	cp example.mtaext $(EXTENSION_FILE);

diff --git a/src/autoscaler/mta.yaml b/src/autoscaler/mta.yaml
@@ -1,7 +1,7 @@
 ID: com.github.cloudfoundry.app-autoscaler-release
 description: Application Autoscaler Release for Cloud Foundry
 _schema-version: "3.3.0"
-provider: SAP
+provider: Cloud Foundry Foundation
 copyright: Apache License 2.0
 version: 0.0.1
 

diff --git a/templates/app-autoscaler.yml b/templates/app-autoscaler.yml
@@ -169,11 +169,23 @@ instance_groups:
         nats: { from: nats, deployment: cf }
       properties:
         route_registrar:
+          routing_api:
+            ca_certs:
+            - ((!routing_api_ca_certs))
+            client_cert: ((!routing_api_tls_client_cert))
+            client_secret: ((routing_api_client_secret))
+            client_private_key: ((!routing_api_tls_client_private_key))
+            server_ca_cert: ((!routing_api_server_ca_cert))
           routes:
             - name: autoscaler_postgres
               registration_interval: 20s
+              health_check:
+                name: postgres-healthcheck
+                script_path: /var/vcap/packages/postgres-15/bin/pg_isready
+                timeout: 5s
               port: 5432
               type: tcp
+              router_group: default-tcp
               tags:
                 component: autoscaler_postgres
               uris: