Release Notes for Spring Cloud Services for VMware Tanzu

Release notes for Spring Cloud Services for VMware Tanzu

WARNING: Spring Cloud Services (SCS) v3.1.x and v2.x versions are deployable as separate tiles, and both use the p-spring-cloud-services org to deploy service instance backing apps. Deleting SCS v2.0.10 or earlier will delete this org, including any v3.1.x backing apps. See Known Issues. VMware recommends upgrading and migrating completely to SCS v3.1.x. For more information, see Upgrading Spring Cloud Services for VMware Tanzu.

Known Issues

Cannot Update Credentials for Git Repositories That Use HTTP(S) URLs

In Spring Cloud Services v3.1.0–v3.1.5, you cannot update credentials for a Git repository that was originally added to a Config Server service instance using a HTTP or HTTPS URL. This means that if the repository’s credentials are rotated, the Config Server’s mirror service will be unable to update its mirror of the repository.

To resolve this issue, you can update the Config Server to use SSH, rather than HTTP or HTTPS, to access the Git repository. See SSH Repository Access.


Release Date: 13th July 2020

  • Resolved issue with Git repository passwords not encoding some special characters appropriately leading to failed mirroring of the repository.


Release Date: 13th July 2020

  • Resolved issue with application-security-groups configuration not applying on cf create-service.


Release Date: 25th June 2020

  • Added ability to provide names of Application Security Groups (ASGs) to be used for a service instance. When creating or updating a service instance using the cf create-service or cf update-service commands, you can include an application-security-groups parameter listing the ASGs which should be applied for the service instance, and these ASGs will be added to the space used by the service instance’s backing app.
  • The configuration shown on a Config Server service instance’s dashboard now includes the list of ASGs applied for that service instance.
  • The Config Server is now compatible with the Service Instance Logging cf CLI plugin’s cf service-logs (or cf sil) command, including the --recent flag.
  • The Service Registry is now compatible with the Service Instance Logging cf CLI plugin’s cf service-logs (or cf sil) command, including the --recent flag.


Release Date: 29th May 2020

  • Added ability to enable off-platform service key access for service instances in tile configuration.
  • Fixed issue when Config Server Git repo is set to specific label and executing “Sync Mirrors” from dashboard was reporting the incorrect commit hash after the sync.
  • Fixed issue when Config Server uses Git repo with no master branch.
  • Fixed issue when Config Server is configured with multiple Git repos with same URL but different labels.


Release Date: 4th May 2020

  • Fixed issue for users with Space Developer role accessing dashboards when there a significant amount of spaces created on platform.


Release Date: 21st April 2020

  • Upgraded stemcell major version to Ubuntu Xenial 621.*.


Release Date: 14th April 2020

  • Fixed issue with periodic configuration view on service instance dashboard.


Release Date: 27th March 2020

  • Added ability to see that encrypt.key is configured via Config Server dashboard but redacted to ensure key token is not exposed.
  • Added back API support on Config Server service instances to encrypt values based on encrypt.key configured token.


Release Date: 13th March 2020

  • Removed ability to create service keys to ensure secure access for client applications.
  • Added the ability to set encrypt.key on Git repository configurations enabling hashed secrets in property files.
  • Fixed issue with updating credentials on Git repository defined with a HTTPS URI.
  • Fixed issue with custom domain not being used in dashboard URL.


Release Date: 22nd January 2020

  • Further improved fix for rotating Certificate Authorities while maintaining certificate uniqueness in errand JVM truststore.


Release Date: 15th January 2020

  • A periodic parameter added to Config Server service instance configuration updates Git repository mirrors on the Config Server’s mirror service every five minutes.
  • Added tile configuration for the timeout used for pushing backing apps for a service instance.
  • Fixed an issue that could cause a server error to appear on the Config Server dashboard when using the HashiCorp Vault backend.
  • Fixed use of the default label configured per Config Server Git repository for client app property requests.


Release Date: 25th November 2019

  • Fixed issue when rotating Certificate Authorities while maintaining certificate uniqueness in errand JVM truststore.


Release Date: 14th November 2019

  • Fixed CredHub bootstrapper errand so that it can update client credential permissions when re-running after tile install failure.


Release Date: 28th October 2019

  • Resolved issue with accessing service instance dashboard when VMware Tanzu Application Service for VMs (TAS) tile is configured with “Authentication and Enterprise SSO” as SAML.


Release Date: 7th October 2019

Enhancements included in this release:

  • The Spring Cloud Services broker has been upgraded to Spring Boot 2.1.8.RELEASE and Spring Cloud Greenwich.SR3.
  • Service Registry service has been added back with a new name: p.service-registry.
  • The existing Service Registry configuration options have not changed although there is now a new option named peer-timeout that can be set in milliseconds. This can alleviate issues with peer replication timing out when there is higher latency in the network between peers.
  • There is now a process for doing backup and restore of Spring Cloud Services stateful resources.

Important items to note:

  • Spring Cloud Services v3.1.0 does not include Circuit Breaker Dashboard services. To use these services, you can install Spring Cloud Services v2.0.x alongside v3.1.0.

    Warning: You cannot upgrade to Ops Manager v2.7 if you are running Spring Cloud Services v2.0.x.

  • The Circuit Breaker Dashboard service will not return, as the underlying Netflix OSS Hystrix Dashboard project has been deprecated.