Refactor deployment script and add autoscaler-secrets.yml template #3291
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
bonzofenix
added
the
allow-acceptance-tests
- Add a new autoscaler-secrets.yml.tpl file for managing autoscaler secrets - Streamline secret injection by using `credhub interpolate` with the new secrets template - Remove direct `credhub get` calls for secrets in the deploy-autoscaler.sh script - Comment out Prometheus alert silencing commands in the deploy function
bonzofenix
force-pushed
the
deploy-autoscaler-fetch-secrets-improvement
branch
from
6f7282b
to
699b4d7
Compare
bonzofenix
removed
the
allow-acceptance-tests
• Implement conditional inclusion of use-cf-services.yml based on enable_mtar flag in deploy-autoscaler.sh • Introduce ENABLE_MTAR environment variable with default false in vars.source.sh
bonzofenix
force-pushed
the
deploy-autoscaler-fetch-secrets-improvement
branch
from
d7455e1
to
c376f1b
Compare
bonzofenix
added
the
allow-acceptance-tests
…nd binding in metricsforwarder
…nterpolate and yq • Replace direct credhub secret retrieval with credhub interpolate to generate a secrets YAML file. • Utilize yq to extract secrets from the generated YAML file for environment variable assignment. • Streamline the process of setting environment variables for metrics forwarder and policy DB credentials, as well as syslog client certificates.
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request includes several updates to the autoscaler deployment scripts to streamline the handling of secrets and improve the deployment process. The most important changes include adding a template for autoscaler secrets, updating the deployment script to use this template, and modifying the handling of Prometheus alerts.
Improvements to secret management:
autoscaler-secrets.yml.tplto manage secrets in a centralized manner. (ci/autoscaler/scripts/autoscaler-secrets.yml.tpl)deploy-autoscaler.shscript to use the newautoscaler-secrets.yml.tplfile for interpolating secrets, reducing the need for multiplecredhub getcommands. (ci/autoscaler/scripts/deploy-autoscaler.sh)Deployment script enhancements:
ops_filesvariable assignment withindeploy-autoscaler.sh. (ci/autoscaler/scripts/deploy-autoscaler.sh)ci/autoscaler/scripts/deploy-autoscaler.sh) - Add a new autoscaler-secrets.yml.tpl file for managing autoscaler secretscredhub interpolatewith the new secrets templatecredhub getcalls for secrets in the deploy-autoscaler.sh script