Pivotal Platform Automation Tasks
This document lists each Pivotal Platform Automation task, and provides information about their intentions, inputs, and outputs.
The tasks are presented, in their entirety, as they are found in the product.
The docker image can be used to invoke the commands in each task locally.
Use --help
for more information. To learn more see the running-commands-locally section.
apply-changes
Triggers an install on the Ops Manager described by the auth file.
```yaml tab="Task"
platform: linux
inputs: - name: platform-automation-tasks - name: env # contains the env file with target OpsMan Information
params:
ENV_FILE: env.yml
# - Required
# - Filepath of the env config YAML
# - The path is relative to root of the env
input
run: path: platform-automation-tasks/tasks/apply-changes.sh
1 2 3 4 5 |
|
```yaml tab="Usage" - task: apply-product-changes image: platform-automation-image file: platform-automation-tasks/tasks/apply-changes.yml input_mapping: env: interpolated-creds
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 |
|
```bash tab="Implementation"
cat /var/version && echo "" set -eux om --env env/"${ENV_FILE}" apply-changes \ --skip-deploy-products
1 2 3 4 5 6 |
|
assign-multi-stemcell
assign-multi-stemcell
assigns multiple stemcells to a provided product.
This feature is only available in OpsMan 2.6+.
For more information on how to utilize this workflow,
check out the Stemcell Handling topic.
```yaml tab="Task"
This feature is only available in OpsMan 2.6+.
platform: linux
inputs: - name: platform-automation-tasks - name: env # contains the env file with target OpsMan Information - name: config # contains the configuration file for assign-multi-stemcell command # - Example config: # --- # product: cf # stemcell: # - ubuntu-trusty:1234.6 # - ubuntu-xenial:latest
params:
ENV_FILE: env.yml
# - Required
# - Filepath of the env config YAML
# - The path is relative to root of the env
input
CONFIG_FILE: config.yml
# - Required
# - Filepath of the env config YAML
# - The path is relative to root of the assign-multi-stemcell-config
input
run: path: platform-automation-tasks/tasks/assign-multi-stemcell.sh
1 2 3 4 5 6 |
|
```yaml tab="Usage" - task: assign-multi-stemcell image: platform-automation-image file: platform-automation-tasks/tasks/assign-multi-stemcell.yml params: ENV_FILE: ((foundation))/env/env.yml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 |
|
```bash tab="Implementation"
cat /var/version && echo "" set -eux om --env env/"${ENV_FILE}" assign-stemcell \ --config config/"$CONFIG_FILE"
1 2 3 4 5 6 |
|
configure-authentication
Configures Ops Manager with an internal userstore and admin user account. See configure-saml-authentication to configure an external SAML user store, and configure-ldap-authentication to configure with LDAP.
```yaml tab="Task"
platform: linux
inputs: - name: platform-automation-tasks - name: env # contains the env file with target OpsMan Information - name: config # contains the auth configuration
params:
ENV_FILE: env.yml
# - Required
# - Filepath of the env config YAML
# - The path is relative to root of the env
input
AUTH_CONFIG_FILE: auth.yml
# - Required
# - Filepath of the authorization config YAML
# - The path is relative to root of the config
input
run: path: platform-automation-tasks/tasks/configure-authentication.sh
1 2 3 4 5 6 |
|
```yaml tab="Usage" - task: configure-authentication image: platform-automation-image file: platform-automation-tasks/tasks/configure-authentication.yml attempts: 10 input_mapping: env: interpolated-creds config: interpolated-creds
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 |
|
```bash tab="Implementation"
cat /var/version && echo "" set -eux
vars_files_args=("") for vf in ${VARS_FILES} do vars_files_args+=("--vars-file ${vf}") done
ops_files_args=("") for of in ${OPS_FILES} do ops_files_args+=("--ops-file ${of}") done
${vars_files_args[@] needs to be globbed to pass through properly
${ops_files_args[@] needs to be globbed to pass through properly
shellcheck disable=SC2068
om --env env/"${ENV_FILE}" configure-director \ --config "config/${DIRECTOR_CONFIG_FILE}" \ ${vars_files_args[@]} \ ${ops_files_args[@]}
1 2 3 4 5 6 7 |
|
GCP with service account
For GCP, if service account is used, the property associated_service_account has to be set explicitly in the iaas_configuration
section.
configure-ldap-authentication
Configures Ops Manager with an external LDAP user store and admin user account. See configure-authentication to configure an internal user store, and configure-saml-authentication to configure with SAML.
```yaml tab="Task"
platform: linux
inputs: - name: platform-automation-tasks - name: env # contains the env file with target OpsMan Information - name: config # contains the auth configuration
params:
ENV_FILE: env.yml
# - Required
# - Filepath of the env config YAML
# - The path is relative to root of the env
input
AUTH_CONFIG_FILE: auth.yml
# - Required
# - Filepath of the authorization config YAML
# - The path is relative to root of the config
input
run: path: platform-automation-tasks/tasks/configure-ldap-authentication.sh
1 2 3 4 5 6 |
|
```yaml tab="Usage" - task: configure-ldap-authentication image: platform-automation-image file: platform-automation-tasks/tasks/configure-ldap-authentication.yml params: ENV_FILE: ((foundation))/env/env.yml AUTH_CONFIG_FILE: ((foundation))/auth/auth.yml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 |
|
```bash tab="Implementation"
cat /var/version && echo "" set -eux
vars_files_args=("") for vf in ${VARS_FILES} do vars_files_args+=("--vars-file ${vf}") done
ops_files_args=("") for of in ${OPS_FILES} do ops_files_args+=("--ops-file ${of}") done
${vars_files_args[@] needs to be globbed to pass through properly
${ops_files_args[@] needs to be globbed to pass through properly
shellcheck disable=SC2068
om --env env/"${ENV_FILE}" configure-product \ --config "config/${CONFIG_FILE}" \ ${vars_files_args[@]} \ ${ops_files_args[@]}
1 2 3 4 5 6 7 8 9 |
|
configure-saml-authentication
Configures Ops Manager with an external SAML user store and admin user account. See configure-authentication to configure an internal user store, and configure-ldap-authentication to configure with LDAP.
```yaml tab="Task"
platform: linux
inputs: - name: platform-automation-tasks - name: env # contains the env file with target OpsMan Information - name: config # contains the auth configuration
params:
ENV_FILE: env.yml
# - Required
# - Filepath of the env config YAML
# - The path is relative to root of the env
input
AUTH_CONFIG_FILE: auth.yml
# - Required
# - Filepath of the authorization config YAML
# - The path is relative to root of the config
input
run: path: platform-automation-tasks/tasks/configure-saml-authentication.sh
1 2 3 4 5 6 |
|
```yaml tab="Usage" - task: configure-saml-authentication image: platform-automation-image file: platform-automation-tasks/tasks/configure-saml-authentication.yml params: ENV_FILE: ((foundation))/env/env.yml AUTH_CONFIG_FILE: ((foundation))/auth/auth.yml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 |
|
```bash tab="Implementation"
cat /var/version && echo "" set -eux
vars_files_args=("") for vf in ${VARS_FILES} do vars_files_args+=("--vars-file ${vf}") done
'$timestamp' must be a literal, because envsubst uses it as a filter
this allows us to avoid accidentally interpolating anything else.
shellcheck disable=SC2016
INPUT_STATE_FILE="$(echo "$STATE_FILE" | env timestamp='*' envsubst '$timestamp')"
'$timestamp' must be a literal, because envsubst uses it as a filter
this allows us to avoid accidentally interpolating anything else.
shellcheck disable=SC2016
OUTPUT_FILE_NAME="$(echo "$STATE_FILE" | env timestamp="$(date '+%Y%m%d.%-H%M.%S+%Z')" envsubst '$timestamp')" GENERATED_STATE_FILE_NAME="$(basename "$OUTPUT_FILE_NAME")"
export IMAGE_FILE IMAGE_FILE="$(find image/*.{yml,ova,raw} 2>/dev/null | head -n1)"
if [ -z "$IMAGE_FILE" ]; then echo "No image file found in image input." echo "Contents of image input:" ls -al image exit 1 fi
${vars_files_args[@] needs to be globbed to split properly (SC2068)
INPUT_STATE_FILE need to be globbed (SC2086)
shellcheck disable=SC2068,SC2086
p-automator create-vm \ --config "config/${OPSMAN_CONFIG_FILE}" \ --image-file "${IMAGE_FILE}" \ --state-file state/${INPUT_STATE_FILE} \ ${vars_files_args[@]}
INPUT_STATE_FILE need to be globbed (SC2086)
shellcheck disable=SC2086
cp state/${INPUT_STATE_FILE} "generated-state/${GENERATED_STATE_FILE_NAME}"
1 2 3 4 5 6 7 8 |
|
This task requires a config file specific to the IaaS being deployed to. Please see the configuration page for more specific examples.
The task does specific CLI commands for the creation of the Ops Manager VM on each IAAS. See below for more information:
AWS
- Requires the image YAML file from Pivnet
- Validates the existence of the VM if defined in the statefile, if so do nothing
- Chooses the correct ami to use based on the provided image YAML file from Pivnet
- Creates the vm configured via opsman config and the image YAML. This only attaches existing infrastructure to a newly created VM. This does not create any new resources
- The public IP address, if provided, is assigned after successful creation
Azure
- Requires the image YAML file from Pivnet
- Validates the existence of the VM if defined in the statefile, if so do nothing
- Copies the image (of the OpsMan VM from the specified region) as a blob into the specified storage account
- Creates the Ops Manager image
- Creates a VM from the image. This will use unmanaged disk (if specified), and assign a public and/or private IP. This only attaches existing infrastructure to a newly createdVM. This does not create any new resources.
GCP
- Requires the image YAML file from Pivnet
- Validates the existence of the VM if defined in the statefile, if so do nothing
- Creates a compute image based on the region specific Ops Manager source URI in the specified Ops Manager account
- Creates a VM from the image. This will assign a public and/or private IP address, VM sizing, and tags. This does not create any new resources.
Openstack
- Requires the image YAML file from Pivnet
- Validates the existence of the VM if defined in the statefile, if so do nothing
- Recreates the image in openstack if it already exists to validate we are using the correct version of the image
- Creates a VM from the image. This does not create any new resources
- The public IP address, if provided, is assigned after successful creation
Vsphere
- Requires the OVA image from Pivnet
- Validates the existence of the VM if defined in the statefile, if so do nothing
- Build ipath from the provided datacenter, folder, and vmname provided in the config file. The created VM is stored on the generated path. If folder is not provided, the vm will be placed in the datacenter.
- Creates a VM from the image provided to the
create-vm
command. This does not create any new resources
credhub-interpolate
Interpolate credhub entries into configuration files
```yaml tab="Task"
platform: linux
inputs: - name: platform-automation-tasks - name: files
contains YAML files with extension .yml
.
Each one of these files will have their values interpolated from credhub.
For examples, run: credhub interpolate --help
(minimum version >= 2.1.0 required)
outputs: - name: interpolated-files
Contains only yaml files found and interpolated by this task.
Maintains the filestructure of the files
input.
all params are required to be filled out
params:
CREDHUB_CLIENT: CREDHUB_SECRET: CREDHUB_SERVER: # - Required # - Credentials to talk to credhub server
CREDHUB_CA_CERT: # - Optional # - This is only necessary if your Concourse worker # is not already configured to trust the CA used for Credhub. # - If more than one CA cert is required (ie the UAA), # the CA certs can be concatenated together and separated by a newline. # For example, # CREDHUB_CA_CERT: | # -----BEGIN CERTIFICATE----- # ...credhub cert... # -----END CERTIFICATE----- # -----BEGIN CERTIFICATE----- # ...UAA cert... # -----END CERTIFICATE-----
PREFIX: # - Required # - Prefix flag used by credhub interpolate
INTERPOLATION_PATHS: '.' # - Required # - Path the contains the files to read from # - This is a space separated list of directories # the paths are all evaluated relative to files/
SKIP_MISSING: true # Optional # Change to false to have strict interpolation # and fail if params are missing from vars
run: path: platform-automation-tasks/tasks/credhub-interpolate.sh
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
|
```yaml tab="Usage" - task: interpolate-env-creds image: platform-automation-image file: platform-automation-tasks/tasks/credhub-interpolate.yml params: CREDHUB_CLIENT: ((credhub-client)) CREDHUB_SECRET: ((credhub-secret)) CREDHUB_SERVER: ((credhub-server)) PREFIX: '/pipeline/vsphere' INTERPOLATION_PATHS: ((foundation))/config SKIP_MISSING: true input_mapping: files: configuration output_mapping: interpolated-files: interpolated-configs
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
|
```bash tab="Implementation"
cat /var/version && echo "" set -eux om --env env/"${ENV_FILE}" delete-installation --force
1 2 3 4 5 6 |
|
delete-vm
Deletes the Ops Manager VM instantiated by create-vm.
```yaml tab="Task"
platform: linux
inputs: - name: platform-automation-tasks - name: state # contains the state for the vm - name: config # contains the product configuration file - name: vars # variable files to be made available optional: true - name: secrets # secret files to be made available # separate from vars, so they can be store securely optional: true
outputs: - name: generated-state #contains the updated state file
params:
VARS_FILES:
# - Optional
# - Filepath to the Ops Manager vars yaml file
# - The path is relative to root of the task build,
# so vars
and secrets
can be used.
OPSMAN_CONFIG_FILE: opsman.yml
# - Required
# - Filepath of the opsman config YAML
# - The path is relative to root of the config
input
STATE_FILE: state.yml
# - Required
# - Filepath of the state yaml file
# - The path is relative to root of the state
output
# - if the filename includes "$timestamp",
# for example "state-$timestamp.yml",
# the final filename will include the current timestamp.
# - this is necessary if using an "S3 compatible" blobstore
# that doesn't support versioned blobs
# - timestamped filenames will need to be represented
# with a glob-style wildcard in tasks that use this state file
# (such as state-*.yml)
run: path: platform-automation-tasks/tasks/delete-vm.sh
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 |
|
```yaml tab="Usage" - task: delete-vm image: platform-automation-image file: platform-automation-tasks/tasks/delete-vm.yml input_mapping: config: interpolated-creds ensure: &put-state do: - put: state params: file: generated-state/state.yml
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 |
|
```bash tab="Implementation"
cat /var/version && echo "" set -eux
vars_files_args=("") for vf in ${VARS_FILES} do vars_files_args+=("--vars-file ${vf}") done
${vars_files_args[@] needs to be globbed to pass through properly
shellcheck disable=SC2068
om download-product \ --config config/"${CONFIG_FILE}" ${vars_files_args[@]} \ --output-directory downloaded-files
{ printf "\nReading product details..."; } 2> /dev/null
shellcheck disable=SC2068
product_slug=$(om interpolate \ --config config/"${CONFIG_FILE}" ${vars_files_args[@]} \ --path /pivnet-product-slug)
product_file=$(om interpolate \ --config downloaded-files/download-file.json \ --path /product_path)
stemcell_file=$(om interpolate \ --config downloaded-files/download-file.json \ --path /stemcell_path?)
{ printf "\nChecking if product needs winfs injected..."; } 2> /dev/null if [ "$product_slug" == "pas-windows" ]; then TILE_FILENAME="$(basename "$product_file")"
# The winfs-injector determines the necessary windows image, # and uses the CF-foundation dockerhub repo # to pull the appropriate Microsoft-hosted foreign layer. winfs-injector \ --input-tile "$product_file" \ --output-tile "downloaded-product/${TILE_FILENAME}" else cp "$product_file" downloaded-product fi
if [ -e "$stemcell_file" ]; then cp "$stemcell_file" downloaded-stemcell fi
if [ -e downloaded-files/assign-stemcell.yml ]; then cp downloaded-files/assign-stemcell.yml assign-stemcell-config/config.yml fi
1 2 3 4 5 6 7 |
|
download-product-s3
Downloads a product specified in a config file from an S3-compatible blobstore. This is useful when retrieving assets in an offline environment.
Downloads are cached, so files are not re-downloaded each time.
This is intended to be used with files downloaded from Pivnet by download-product
and then persisted to a blobstore using a put
step.
Outputs can be used directly as an input to upload-and-stage-product and upload-stemcell tasks.
This task requires a download-product config file.
The same configuration file should be used with both this task and download-product
.
This ensures that the same file
is being captured with both tasks.
The product files uploaded to s3 for download with this task require a specific prefix:
[product-slug,semantic-version]
.
This prefix is added by the download-product
task
when S3 keys are present in the configuration file.
This is the meta information about the product from Pivnet,
which is not guaranteed to be in the original filename.
This tasks uses the meta information to be able to perform
consistent downloads from s3
as defined in the provided download config.
For example:
-
original-pivnet-filenames:
1 2
ops-manager-aws-2.5.0-build.123.yml cf-2.5.0-build.45.pivotal
-
filenames expected by
download-product-s3
in a bucket:1 2
[ops-manager,2.5.0]ops-manager-aws-2.5.0-build.123.yml [elastic-runtime,2.5.0]cf-2.5.0-build.45.pivotal
When only downloading from Pivnet
When the download product config only has Pivnet credentials,
it will not add the prefix to the downloaded product.
For example, example-product.pivotal
from Pivnet will be outputed
as example-product.pivotal
.
Info
It's possible to use IAM instance credentials instead of providing S3 creds in the config file. See download-product config file for details.
```yaml tab="Task"
platform: linux
inputs: - name: platform-automation-tasks - name: config # contains download-file config file - name: vars # variable files to be made available optional: true - name: secrets # secret files to be made available # separate from vars, so they can be store securely optional: true
outputs: - name: downloaded-product - name: downloaded-stemcell - name: assign-stemcell-config
caches: - path: downloaded-files
params:
CONFIG_FILE: download-config.yml
# - Required
# - Filepath to the product configuration yaml file
# - The path is relative to the root of the config
input
VARS_FILES:
# - Optional
# - Filepath to the product configuration vars yaml file
# - The path is relative to root of the task build,
# so vars
and secrets
can be used.
run: path: platform-automation-tasks/tasks/download-product-s3.sh
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 |
|
```yaml tab="Usage" - task: download-pas image: platform-automation-image file: platform-automation-tasks/tasks/download-product-s3.yml params: CONFIG_FILE: download-product/pas.yml input_mapping: config: interpolated-creds output_mapping: downloaded-product: pas-product downloaded-stemcell: pas-stemcell
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
|
Info
The timestamp is generated using the time on concourse worker. If the time is different on different workers, the generated timestamp may fail to sort correctly. Changing the time or timezone on workers might interfere with ordering.
```yaml tab="Task"
platform: linux
inputs: - name: platform-automation-tasks - name: env # contains the env file with target OpsMan Information
outputs: - name: installation # will contain the exported installation
params:
ENV_FILE: env.yml
# - Required
# - Filepath of the env config YAML
# - The path is relative to root of the env
input
INSTALLATION_FILE: installation-$timestamp.zip
# - Required
# - Filepath of the installation ZIP file
# - The path is relative to root of the installation
output
# - if the filename includes "$timestamp",
# for example "installation-$timestamp.zip",
# the final filename will include the current timestamp.
# - this is necessary if using an "S3 compatible" blobstore
# that doesn't support versioned blobs
# - timestamped filenames will need to be represented
# with a glob-style wildcard in the upgrade-opsman
task configuration
# (the default will work with the example provided above).
run: path: platform-automation-tasks/tasks/export-installation.sh
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
|
```yaml tab="Usage" - task: export-installation image: platform-automation-image file: platform-automation-tasks/tasks/export-installation.yml input_mapping: env: interpolated-creds params: INSTALLATION_FILE: installation-$timestamp.zip
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
|
```bash tab="Implementation"
cat /var/version && echo "" set -eux
INSTALLATION_FILE needs to be globbed
shellcheck disable=SC2086
om --env env/"${ENV_FILE}" import-installation \ --installation installation/$INSTALLATION_FILE
1 2 3 4 5 6 7 8 9 |
|
make-git-commit
Copies a single file into a repo and makes a commit. Useful for persisting the state output of tasks that manage the vm, such as:
Also useful for persisting the configuration output from:
Info
This commits all changes present
in the repo used for the repository
input,
in addition to copying in a single file.
Info
This does not perform a git push
!
You will need to put
the output of this task to a git resource to persist it.
```yaml tab="Task"
platform: linux
inputs: - name: platform-automation-tasks - name: repository # - This must be an initialized git repository. # - Note that any changes present in this input # will be committed along with the file copied in # by this task. - name: file-source # - This is the input folder containing the file to be committed. # Typically, this will from some other task # with an output that needs to be persisted.
outputs: - name: repository-commit
params:
FILE_SOURCE_PATH:
# - Required
# - Filepath to be copied into the git repo
# before a commit is created
# - Relative to the root of the file-source
input
FILE_DESTINATION_PATH:
# - Required
# - Filepath to write the file specified by FILE_SOURCE_PATH
# - Relative to the root of the repository
input
GIT_AUTHOR_NAME:
# - Required
# - Used to configure the human-readable
# name in the author
field of the commit
GIT_AUTHOR_EMAIL:
# - Required
# - Used to configure the email address
# in the author
field of the commit
COMMIT_MESSAGE: # - Required # - Specify a commit message to be used # for all commits made by this task.
run: path: platform-automation-tasks/tasks/make-git-commit.sh
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
|
```yaml tab="Usage" - task: make-commit image: platform-automation-image file: platform-automation-tasks/tasks/make-git-commit.yml input_mapping: repository: configuration file-source: generated-state output_mapping: repository-commit: configuration-commit params: FILE_SOURCE_PATH: state.yml FILE_DESTINATION_PATH: state/state.yml GIT_AUTHOR_EMAIL: "pcf-pipeline-bot@example.com" GIT_AUTHOR_NAME: "Platform Automation Bot" COMMIT_MESSAGE: 'Update state file'
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 |
|
```bash tab="Implementation"
cat /var/version && echo "" set -eux
om --env env/"${ENV_FILE}" pre-deploy-check
1 2 3 4 5 6 |
|
stage-product
Staged a product to the Ops Manager specified in the config file.
```yaml tab="Task"
platform: linux
inputs: - name: platform-automation-tasks - name: product # contains the product file to be uploaded and staged - name: env # contains the env file with target OpsMan Information
params:
ENV_FILE: env.yml
# - Required
# - Filepath of the env config YAML
# - The path is relative to root of the env
input
run: path: platform-automation-tasks/tasks/stage-product.sh
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 |
|
```yaml tab="Usage" - task: stage-product image: platform-automation-image file: platform-automation-tasks/tasks/stage-product.yml input_mapping: product: pas-product env: interpolated-creds
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
|
```bash tab="Implementation"
cat /var/version && echo "" set -eux
flag=$(if "$SUBSTITUTE_CREDENTIALS_WITH_PLACEHOLDERS"; then echo '--include-placeholders'; else echo '--include-credentials'; fi )
om --env env/"${ENV_FILE}" staged-config \ --product-name "$PRODUCT_NAME" \ "$flag" > generated-config/"$PRODUCT_NAME".yml
1 2 3 4 5 6 7 8 9 |
|
staged-director-config
Ops Manager 2.5
The filename for the artifact downloaded from Ops Manager is changed! If your resources or pipelines have a regex for the Ops Manager filename, you may be affected. (Please see Ops Manager's official notice for more information)
Downloads configuration for the BOSH director from Ops Manager.
```yaml tab="Task"
platform: linux
inputs: - name: platform-automation-tasks - name: env # contains the env file with target OpsMan Information
outputs: - name: generated-config # will contain the staged product config
params:
ENV_FILE: env.yml
# - Required
# - Filepath of the env config YAML
# - The path is relative to root of the env
input
run: path: platform-automation-tasks/tasks/staged-director-config.sh
1 2 3 4 5 6 |
|
```yaml tab="Usage" - task: staged-director-config image: platform-automation-image file: platform-automation-tasks/tasks/staged-director-config.yml input_mapping: env: interpolated-creds ensure: *put-state
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 |
|
```bash tab="Implementation"
echo "Platform Automation for PCF version:" cat /var/version && echo ""
printf "\np-automator version:" p-automator -v
printf "\nom version:" om -v
set -eux p-automator --help om --help { echo "Successfully validated tasks and image!"; } 2> /dev/null
1 2 3 4 |
|
test-interpolate
An example task to ensure that all required vars are present when interpolating into a base file. For more instruction on this topic, see the variables section
```yaml tab="Task"
platform: linux
inputs: - name: platform-automation-tasks - name: config # contains the base configuration file - name: vars # variable files to be made available optional: true
params:
VARS_FILES:
# - Optional
# - Filepath to the vars yaml file
# - The path is relative to root of the task build,
# so vars
and secrets
can be used.
CONFIG_FILE: base.yml # - Required # - Filepath to the base yaml file to interpolate from # - The path is relative to root of the task build
SKIP_MISSING: true # - Optional # - Change to false to have strict interpolation # and fail if params are missing from vars
run: path: platform-automation-tasks/tasks/test-interpolate.sh
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
|
```yaml tab="Usage" - task: test-interpolate image: platform-automation-image file: platform-automation-tasks/tasks/test-interpolate.yml params: CONFIG_FILE: download-product/pas.yml SKIP_MISSING: true input_mapping: config: configuration
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 |
|
```bash tab="Implementation"
cat /var/version && echo "" p-automator -v set -eux
vars_files_args=("") for vf in ${VARS_FILES} do vars_files_args+=("--vars-file ${vf}") done
'$timestamp' must be a literal, because envsubst uses it as a filter
this allows us to avoid accidentally interpolating anything else.
shellcheck disable=SC2016
INPUT_STATE_FILE="$(echo "$STATE_FILE" | env timestamp='*' envsubst '$timestamp')"
'$timestamp' must be a literal, because envsubst uses it as a filter
this allows us to avoid accidentally interpolating anything else.
shellcheck disable=SC2016
OUTPUT_FILE_NAME="$(echo "$STATE_FILE" | env timestamp="$(date '+%Y%m%d.%-H%M.%S+%Z')" envsubst '$timestamp')" GENERATED_STATE_FILE_NAME="$(basename "$OUTPUT_FILE_NAME")"
export IMAGE_FILE IMAGE_FILE="$(find image/*.{yml,ova,raw} 2>/dev/null | head -n1)"
if [ -z "$IMAGE_FILE" ]; then echo "No image file found in image input." echo "Contents of image input:" ls -al image exit 1 fi
${vars_files_args[@] needs to be globbed to split properly (SC2068)
INSTALLATION_FILE and INPUT_STATE_FILE need to be globbed (SC2086)
shellcheck disable=SC2068,SC2086
p-automator upgrade-opsman \ --config "config/${OPSMAN_CONFIG_FILE}" \ --image-file "${IMAGE_FILE}" \ --state-file state/${INPUT_STATE_FILE} \ --installation installation/${INSTALLATION_FILE} \ --env-file env/"${ENV_FILE}" \ ${vars_files_args[@]}
INPUT_STATE_FILE could have a "*", and needs to be expanded by the shell
shellcheck disable=SC2086
cp state/${INPUT_STATE_FILE} "generated-state/${GENERATED_STATE_FILE_NAME}"
1 2 3 4 5 6 7 8 9 |
|
For more information about this task and how it works, see the upgrade page.
upload-and-stage-product
Uploads and stages product to the Ops Manager specified in the config file.
```yaml tab="Task"
platform: linux
inputs: - name: platform-automation-tasks - name: product # contains the product file to be uploaded and staged - name: env # contains the env file with target OpsMan Information - name: config # contains the product configuration file optional: true
params: CONFIG_FILE: # - Optional # - Path to the config file for the product # - Relative to the root of the config input # - If empty, no config will be used; version and sha256 will not be checked # - Example config: # --- # product-version: 1.2.3-build.4 # sha256: 6daededd8fb4c341d0cd437a669d732d2fde62cb89716498e6b16f34607a1498
ENV_FILE: env.yml
# - Required
# - Filepath of the env config YAML
# - The path is relative to root of the env
input
run: path: platform-automation-tasks/tasks/upload-and-stage-product.sh
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 |
|
```yaml tab="Usage" - task: upload-and-stage-product image: platform-automation-image file: platform-automation-tasks/tasks/upload-and-stage-product.yml input_mapping: product: healthwatch-product env: interpolated-creds
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 |
|
```bash tab="Implementation"
cat /var/version && echo "" set -eux
export OPTIONAL_CONFIG_FLAG="" if [ -n "$CONFIG_FILE" ]; then export OPTIONAL_CONFIG_FLAG="--config config/$CONFIG_FILE" fi
shellcheck disable=SC2086
om --env env/"${ENV_FILE}" upload-product \ --product product/*.pivotal \ $OPTIONAL_CONFIG_FLAG
1 2 3 4 5 6 7 |
|
upload-stemcell
Uploads a stemcell to Ops Manager.
Note that the filename of the stemcell must be exactly as downloaded from Pivnet. Ops Manager parses this filename to determine the version and OS of the stemcell.
```yaml tab="Task"
platform: linux
inputs: - name: platform-automation-tasks - name: env # contains the env file with target OpsMan Information - name: stemcell # contains the stemcell tarball
- The stemcell filename is important and must be preserved.
if using the bosh.io concourse resource,
set params.preserve_filename: true
on your GET.
params:
CONFIG_FILE:
# - Optional
# - Path to the config file for the product
# - Relative to the root of the config
input
# - If empty, no config will be used; version and sha256 will not be checked
# - Example config:
# ---
# shasum: 6daededd8fb4c341d0cd437a669d732d2fde62cb89716498e6b16f34607a1498
ENV_FILE: env.yml
# - Required
# - Filepath of the env config YAML
# - The path is relative to root of the env
input
FLOATING_STEMCELL: true # - Optional # - Assigns the stemcell to all compatible products # - If false, a user is required to run the assign-stemcell task
run: path: platform-automation-tasks/tasks/upload-stemcell.sh
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
|
yaml tab="Usage"
- task: upload-pas-stemcell
image: platform-automation-image
file: platform-automation-tasks/tasks/upload-stemcell.yml
input_mapping:
env: interpolated-creds
stemcell: pas-stemcell