From 86af10c0773a8406460cab5a3e3c422c3fa518cd Mon Sep 17 00:00:00 2001 From: "Jason A. Gambino" Date: Tue, 10 Oct 2023 11:44:03 -0400 Subject: [PATCH 1/7] adding in opensearch firehose --- bosh/opsfiles/clients.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/bosh/opsfiles/clients.yml b/bosh/opsfiles/clients.yml index a51ee862..49693190 100644 --- a/bosh/opsfiles/clients.yml +++ b/bosh/opsfiles/clients.yml @@ -8,6 +8,15 @@ authorities: doppler.firehose,cloud_controller.global_auditor secret: ((logsearch-firehose-ingestor-client-secret)) +- type: replace + path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/opensearch_firehose_ingestor? + value: + override: true + access-token-validity: 172800 + authorized-grant-types: client_credentials + authorities: doppler.firehose,cloud_controller.global_auditor + secret: ((opensearch-firehose-ingestor-client-secret)) + - type: replace path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/uaa-client-audit? value: From 88926d221cad9e88d0edb8511d3c0b2805da766f Mon Sep 17 00:00:00 2001 From: "Jason A. Gambino" Date: Wed, 11 Oct 2023 10:41:28 -0400 Subject: [PATCH 2/7] Updating for new opensearch_firehose and logsearchV2_firehose --- bosh/opsfiles/clients.yml | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/bosh/opsfiles/clients.yml b/bosh/opsfiles/clients.yml index 49693190..b484beb0 100644 --- a/bosh/opsfiles/clients.yml +++ b/bosh/opsfiles/clients.yml @@ -1,4 +1,13 @@ # Add custom clients +# - type: replace +# path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/logsearch_firehose_ingestor? +# value: +# override: true +# access-token-validity: 172800 +# authorized-grant-types: client_credentials +# authorities: doppler.firehose,cloud_controller.global_auditor +# secret: ((logsearch-firehose-ingestor-client-secret)) + - type: replace path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/logsearch_firehose_ingestor? value: @@ -6,7 +15,7 @@ access-token-validity: 172800 authorized-grant-types: client_credentials authorities: doppler.firehose,cloud_controller.global_auditor - secret: ((logsearch-firehose-ingestor-client-secret)) + secret: ((logsearchv2-firehose-ingestor-client-secret)) - type: replace path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/opensearch_firehose_ingestor? From eaa48f3912664eae76b30794b7851f404a07dc3e Mon Sep 17 00:00:00 2001 From: "Jason A. Gambino" Date: Wed, 11 Oct 2023 10:43:53 -0400 Subject: [PATCH 3/7] removing logsearchv1 --- bosh/opsfiles/clients.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/bosh/opsfiles/clients.yml b/bosh/opsfiles/clients.yml index b484beb0..9ca2af19 100644 --- a/bosh/opsfiles/clients.yml +++ b/bosh/opsfiles/clients.yml @@ -1,13 +1,4 @@ # Add custom clients -# - type: replace -# path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/logsearch_firehose_ingestor? -# value: -# override: true -# access-token-validity: 172800 -# authorized-grant-types: client_credentials -# authorities: doppler.firehose,cloud_controller.global_auditor -# secret: ((logsearch-firehose-ingestor-client-secret)) - - type: replace path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/logsearch_firehose_ingestor? value: From 1915dbd77f41672cf32415d8f5fc57654387c2ae Mon Sep 17 00:00:00 2001 From: "Jason A. Gambino" Date: Wed, 11 Oct 2023 10:58:48 -0400 Subject: [PATCH 4/7] adding back in old one --- bosh/opsfiles/clients.yml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/bosh/opsfiles/clients.yml b/bosh/opsfiles/clients.yml index 9ca2af19..661d5b0b 100644 --- a/bosh/opsfiles/clients.yml +++ b/bosh/opsfiles/clients.yml @@ -1,4 +1,13 @@ # Add custom clients +- type: replace + path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/logsearch_firehose_ingestor? + value: + override: true + access-token-validity: 172800 + authorized-grant-types: client_credentials + authorities: doppler.firehose,cloud_controller.global_auditor + secret: ((logsearch-firehose-ingestor-client-secret)) + - type: replace path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/logsearch_firehose_ingestor? value: From b69a8df0b76e73f7cae68b57804db63b63ac9203 Mon Sep 17 00:00:00 2001 From: "Jason A. Gambino" Date: Wed, 11 Oct 2023 11:13:34 -0400 Subject: [PATCH 5/7] putting in only development --- bosh/opsfiles/clients.yml | 18 ------------------ bosh/opsfiles/development-clients.yml | 17 +++++++++++++++++ ci/pipeline.yml | 3 ++- 3 files changed, 19 insertions(+), 19 deletions(-) create mode 100644 bosh/opsfiles/development-clients.yml diff --git a/bosh/opsfiles/clients.yml b/bosh/opsfiles/clients.yml index 661d5b0b..a51ee862 100644 --- a/bosh/opsfiles/clients.yml +++ b/bosh/opsfiles/clients.yml @@ -8,24 +8,6 @@ authorities: doppler.firehose,cloud_controller.global_auditor secret: ((logsearch-firehose-ingestor-client-secret)) -- type: replace - path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/logsearch_firehose_ingestor? - value: - override: true - access-token-validity: 172800 - authorized-grant-types: client_credentials - authorities: doppler.firehose,cloud_controller.global_auditor - secret: ((logsearchv2-firehose-ingestor-client-secret)) - -- type: replace - path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/opensearch_firehose_ingestor? - value: - override: true - access-token-validity: 172800 - authorized-grant-types: client_credentials - authorities: doppler.firehose,cloud_controller.global_auditor - secret: ((opensearch-firehose-ingestor-client-secret)) - - type: replace path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/uaa-client-audit? value: diff --git a/bosh/opsfiles/development-clients.yml b/bosh/opsfiles/development-clients.yml new file mode 100644 index 00000000..c64ee6dd --- /dev/null +++ b/bosh/opsfiles/development-clients.yml @@ -0,0 +1,17 @@ +- type: replace + path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/logsearchv2_firehose_ingestor? + value: + override: true + access-token-validity: 172800 + authorized-grant-types: client_credentials + authorities: doppler.firehose,cloud_controller.global_auditor + secret: ((logsearchv2-firehose-ingestor-client-secret)) + +- type: replace + path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/opensearch_firehose_ingestor? + value: + override: true + access-token-validity: 172800 + authorized-grant-types: client_credentials + authorities: doppler.firehose,cloud_controller.global_auditor + secret: ((opensearch-firehose-ingestor-client-secret)) \ No newline at end of file diff --git a/ci/pipeline.yml b/ci/pipeline.yml index 67a613ca..16da8c7f 100644 --- a/ci/pipeline.yml +++ b/ci/pipeline.yml @@ -46,6 +46,7 @@ jobs: - cf-deployment/operations/enable-service-discovery.yml - cf-manifests/bosh/opsfiles/remove-routing-components-for-transition.yml - cf-manifests/bosh/opsfiles/clients.yml + - cf-manifests/bosh/opsfiles/development-clients.yml - cf-manifests/bosh/opsfiles/pages-clients-dev.yml - cf-manifests/bosh/opsfiles/users.yml - cf-manifests/bosh/opsfiles/secureproxy.yml @@ -1472,7 +1473,7 @@ resources: source: commit_verification_keys: ((cloud-gov-pgp-keys)) uri: ((cf-manifests-git-url)) - branch: main + branch: opensearch-secret paths: - ci/* - bosh/* From 66ad471dcdfa19ae96f47cd470b58342a3de106a Mon Sep 17 00:00:00 2001 From: "Jason A. Gambino" Date: Wed, 11 Oct 2023 11:14:35 -0400 Subject: [PATCH 6/7] fixing branch --- ci/pipeline.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ci/pipeline.yml b/ci/pipeline.yml index 16da8c7f..8329bd9c 100644 --- a/ci/pipeline.yml +++ b/ci/pipeline.yml @@ -1473,7 +1473,7 @@ resources: source: commit_verification_keys: ((cloud-gov-pgp-keys)) uri: ((cf-manifests-git-url)) - branch: opensearch-secret + branch: main paths: - ci/* - bosh/* From aec938eb394825ef2554c09813cfa84a09e34002 Mon Sep 17 00:00:00 2001 From: "Jason A. Gambino" Date: Wed, 11 Oct 2023 12:39:10 -0400 Subject: [PATCH 7/7] adding variables for secrets --- bosh/opsfiles/development-clients.yml | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/bosh/opsfiles/development-clients.yml b/bosh/opsfiles/development-clients.yml index c64ee6dd..918084f7 100644 --- a/bosh/opsfiles/development-clients.yml +++ b/bosh/opsfiles/development-clients.yml @@ -7,6 +7,12 @@ authorities: doppler.firehose,cloud_controller.global_auditor secret: ((logsearchv2-firehose-ingestor-client-secret)) +- type: replace + path: /variables/- + value: + name: logsearchv2-firehose-ingestor-client-secret + type: password + - type: replace path: /instance_groups/name=uaa/jobs/name=uaa/properties/uaa/clients/opensearch_firehose_ingestor? value: @@ -14,4 +20,10 @@ access-token-validity: 172800 authorized-grant-types: client_credentials authorities: doppler.firehose,cloud_controller.global_auditor - secret: ((opensearch-firehose-ingestor-client-secret)) \ No newline at end of file + secret: ((opensearch-firehose-ingestor-client-secret)) + +- type: replace + path: /variables/- + value: + name: opensearch-firehose-ingestor-client-secret + type: password \ No newline at end of file