kite 0.0.8 → 0.0.9
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +2 -0
- data/CHANGELOG.md +28 -1
- data/README.md +33 -4
- data/kite.gemspec +2 -0
- data/lib/kite.rb +1 -0
- data/lib/kite/core.rb +2 -40
- data/lib/kite/generate.rb +43 -0
- data/lib/kite/helpers.rb +27 -0
- data/lib/kite/render.rb +23 -11
- data/lib/kite/version.rb +1 -1
- data/tpl/aws/README.md +21 -21
- data/tpl/aws/bin/base/bootstrap.sh +35 -0
- data/tpl/aws/bin/base/cleanup.sh.tt +19 -0
- data/tpl/aws/{set-env.sh.erb → bin/base/set-env.sh.tt} +0 -0
- data/tpl/aws/{setup-tunnel.sh.erb → bin/base/setup-tunnel.sh.tt} +0 -0
- data/tpl/aws/{bosh-install.sh.erb → bin/bosh-install.sh.tt} +2 -2
- data/tpl/{gcp/concourse-deploy.sh.erb → aws/bin/concourse-deploy.sh.tt} +0 -0
- data/tpl/aws/bin/vault-deploy.sh.tt +10 -0
- data/tpl/aws/{deployments/bosh/bosh_vars.yml.tt → bosh-vars.yml.erb} +0 -0
- data/tpl/aws/deployments/bosh/cloud-config.yml.tt +2 -1
- data/tpl/aws/deployments/concourse/{concourse.yml.erb → concourse.yml.tt} +7 -0
- data/tpl/aws/deployments/vault/vault.yml.erb +38 -0
- data/tpl/aws/docs/bosh.md +31 -0
- data/tpl/aws/docs/concourse.md +30 -0
- data/tpl/{gcp → aws/docs}/vault.md +13 -6
- data/tpl/aws/terraform/{main.tf → main.tf.tt} +1 -2
- data/tpl/aws/terraform/{network.tf → network.tf.tt} +40 -23
- data/tpl/aws/terraform/{terraform.tfvars.erb → terraform.tfvars.tt} +2 -0
- data/tpl/aws/terraform/variables.tf +8 -0
- data/tpl/gcp/README.md +10 -31
- data/tpl/gcp/bin/base/bootstrap.sh +35 -0
- data/tpl/gcp/bin/base/cleanup.sh.tt +20 -0
- data/tpl/gcp/{set-env.sh.erb → bin/base/set-env.sh.tt} +3 -1
- data/tpl/gcp/{setup-tunnel.sh.erb → bin/base/setup-tunnel.sh.tt} +3 -1
- data/tpl/gcp/{bosh-install.sh.erb → bin/bosh-install.sh.tt} +3 -2
- data/tpl/gcp/bin/concourse-deploy.sh.tt +11 -0
- data/tpl/gcp/{vault-deploy.sh.erb → bin/vault-deploy.sh.tt} +1 -1
- data/tpl/gcp/deployments/bosh/cloud-config.yml.tt +3 -2
- data/tpl/gcp/deployments/concourse/{concourse.yml.erb → concourse.yml.tt} +8 -0
- data/tpl/gcp/deployments/concourse/test/test-credentials.yml +3 -0
- data/tpl/gcp/deployments/concourse/test/test-pipeline.yml +24 -0
- data/tpl/gcp/deployments/nginx/nginx.yml.erb +62 -0
- data/tpl/gcp/deployments/vault/{vault.yml → vault.yml.erb} +1 -1
- data/tpl/gcp/docs/bosh.md +31 -0
- data/tpl/gcp/docs/concourse.md +30 -0
- data/tpl/gcp/docs/vault.md +33 -0
- data/tpl/skel/config/cloud.yml +2 -0
- metadata +62 -19
- data/tpl/aws/concourse-deploy.sh.erb +0 -17
File without changes
|
@@ -0,0 +1,10 @@
|
|
1
|
+
#!/usr/bin/env bash
|
2
|
+
|
3
|
+
set -xe
|
4
|
+
|
5
|
+
# Upload necessary stemcells and releases
|
6
|
+
bosh -e <%= @values['bosh']['name'] %> upload-stemcell https://bosh.io/d/stemcells/bosh-aws-xen-hvm-ubuntu-trusty-go_agent
|
7
|
+
bosh -e <%= @values['bosh']['name'] %> upload-release https://bosh.io/d/github.com/cloudfoundry-community/vault-boshrelease
|
8
|
+
|
9
|
+
# Deploy Vault
|
10
|
+
bosh -e <%= @values['bosh']['name'] %> -d vault deploy deployments/vault/vault.yml
|
File without changes
|
@@ -55,7 +55,8 @@ networks:
|
|
55
55
|
- az: z1
|
56
56
|
range: <%= @values['aws']['private_subnet']['network'] %>
|
57
57
|
gateway: <%= @values['aws']['private_subnet']['gateway'] %>
|
58
|
-
reserved: [<%= ip_range(@private_subnet, (1..10)) %>]
|
58
|
+
reserved: [<%= ip_range(@private_subnet, (1..10)) %>] # Reserved range for the gateway, BOSH Director etc
|
59
|
+
static: [<%= ip_range(@private_subnet, (11..13)) %>] # Static IP range for Vault, Concourse web panel, nginx etc
|
59
60
|
dns: [<%= @private_subnet[8].to_s %>]
|
60
61
|
cloud_properties: {subnet: <%= @tf_output['platform_subnet_id'] %>}
|
61
62
|
- name: vip
|
@@ -26,6 +26,13 @@ instance_groups:
|
|
26
26
|
basic_auth_password: <%= @values['concourse']['auth_password'] %>
|
27
27
|
publicly_viewable: true
|
28
28
|
|
29
|
+
vault:
|
30
|
+
auth:
|
31
|
+
backend: token
|
32
|
+
client_token: "your Vault root token here"
|
33
|
+
path_prefix: /concourse
|
34
|
+
url: "http://<%= @private_subnet[11] %>:8200" # assuming Vault is deployed first
|
35
|
+
|
29
36
|
postgresql_database: &atc_db atc
|
30
37
|
|
31
38
|
- name: tsa
|
@@ -0,0 +1,38 @@
|
|
1
|
+
---
|
2
|
+
name: vault
|
3
|
+
|
4
|
+
releases:
|
5
|
+
- name: vault
|
6
|
+
version: latest
|
7
|
+
|
8
|
+
instance_groups:
|
9
|
+
- name: vault
|
10
|
+
instances: 1
|
11
|
+
vm_type: default
|
12
|
+
azs: [z1]
|
13
|
+
stemcell: trusty
|
14
|
+
networks:
|
15
|
+
- name: platform_net
|
16
|
+
static_ips: [<%= @private_subnet[11] %>]
|
17
|
+
|
18
|
+
jobs:
|
19
|
+
- name: vault
|
20
|
+
release: vault
|
21
|
+
properties:
|
22
|
+
vault:
|
23
|
+
ha:
|
24
|
+
redirect: ~
|
25
|
+
storage:
|
26
|
+
use_file: true
|
27
|
+
|
28
|
+
update:
|
29
|
+
canaries: 1
|
30
|
+
max_in_flight: 1
|
31
|
+
serial: false
|
32
|
+
canary_watch_time: 1000-60000
|
33
|
+
update_watch_time: 1000-60000
|
34
|
+
|
35
|
+
stemcells:
|
36
|
+
- alias: trusty
|
37
|
+
name: bosh-aws-xen-hvm-ubuntu-trusty-go_agent
|
38
|
+
version: latest
|
@@ -0,0 +1,31 @@
|
|
1
|
+
#### [Back](../README.md)
|
2
|
+
|
3
|
+
## BOSH
|
4
|
+
|
5
|
+
### Prerequisites
|
6
|
+
|
7
|
+
- Terraform IaC applied
|
8
|
+
- [BOSH CLI v2](https://bosh.io/docs/cli-v2.html#install) installed
|
9
|
+
|
10
|
+
### Setup
|
11
|
+
|
12
|
+
Render bosh deployment
|
13
|
+
```
|
14
|
+
kite render manifest bosh --cloud=gcp
|
15
|
+
```
|
16
|
+
|
17
|
+
Setup tunnel
|
18
|
+
```
|
19
|
+
. bin/setup-tunnel.sh
|
20
|
+
```
|
21
|
+
|
22
|
+
Install BOSH
|
23
|
+
```
|
24
|
+
./bin/bosh-install.sh
|
25
|
+
```
|
26
|
+
|
27
|
+
Connect to the Director
|
28
|
+
```
|
29
|
+
. bin/set-env.sh
|
30
|
+
|
31
|
+
```
|
@@ -0,0 +1,30 @@
|
|
1
|
+
#### [Back](../README.md)
|
2
|
+
|
3
|
+
## Concourse
|
4
|
+
|
5
|
+
### Prerequisites
|
6
|
+
|
7
|
+
- Vault [deployed and initialized](vault.md)
|
8
|
+
|
9
|
+
### Setup
|
10
|
+
|
11
|
+
Fill out the "token" field in `deployments/concourse/concourse.yml` with root token received from `vault init`.
|
12
|
+
|
13
|
+
Deploy Concourse
|
14
|
+
```
|
15
|
+
./bin/concourse-deploy.sh
|
16
|
+
```
|
17
|
+
|
18
|
+
### Test
|
19
|
+
|
20
|
+
To run a test Concourse job:
|
21
|
+
|
22
|
+
- Go to test folder: `cd deployments/concourse/test`
|
23
|
+
- Fill out `test-credentials.yml`
|
24
|
+
- Add necessary secrets to your Vault(see [docs/vault.md](docs/vault.md))
|
25
|
+
- Download the `fly` client from Concourse web panel and add it to your PATH: `mv *path_to_fly* /usr/local/bin`
|
26
|
+
- Login to Concourse using the `fly` client: `fly -t ci --concourse-url *concourse-url*`
|
27
|
+
- Create a test pipeline with `fly set-pipeline -t ci -c test-pipeline.yml -p test --load-vars-from test-credentials.yml -n`
|
28
|
+
- Unpause pipeline: `fly unpause-pipeline -t ci -p test`
|
29
|
+
- Trigger and unpause the test job: `fly trigger-job -t ci -j test/test-publish`
|
30
|
+
- See the results on Concourse web panel or use: `fly watch -p test -j test/test-publish`
|
@@ -1,6 +1,8 @@
|
|
1
|
-
|
1
|
+
#### [Back](../README.md)
|
2
2
|
|
3
|
-
##
|
3
|
+
## Vault
|
4
|
+
|
5
|
+
### Prerequisites
|
4
6
|
|
5
7
|
Before using Vault, you should have the client installed:
|
6
8
|
|
@@ -8,19 +10,24 @@ Before using Vault, you should have the client installed:
|
|
8
10
|
- Unzip it and run `chmod +x vault && sudo mv vault /usr/local/bin/vault`
|
9
11
|
- Check if the Vault is installed by running `vault -v`
|
10
12
|
|
11
|
-
|
13
|
+
### Deployment
|
12
14
|
|
13
|
-
To deploy Vault, use
|
15
|
+
To deploy Vault, use `./bin/vault-deploy.sh`
|
14
16
|
|
15
|
-
|
17
|
+
### Connection
|
16
18
|
|
17
19
|
- Export your Vault's IP using `export VAULT_ADDR=*vault_ip*`
|
18
20
|
- Run `vault init` to initialize the vault
|
19
21
|
- Store the keys displayed after init
|
20
22
|
- Unseal the vault by running `vault unseal` three times using three keys from the previous step
|
23
|
+
- Authenticate to the vault with `vault auth` using the root token you got from `vault init`
|
21
24
|
|
22
25
|
[Optional]
|
23
26
|
- Try to store a dummy secret: `vault write secret/handshake knock=knock`
|
24
27
|
- Read it: `vault read secret/handshake`
|
25
28
|
|
26
|
-
|
29
|
+
### Usage with Concourse
|
30
|
+
|
31
|
+
Before using Vault with Concourse you should mount a secrets backend with `vault mount -path=concourse kv`
|
32
|
+
|
33
|
+
To add new secrets accessible for Concourse use `vault write concourse/main/*secret_name* value="*secret_value*"`
|
@@ -16,8 +16,7 @@ resource "aws_instance" "bastion" {
|
|
16
16
|
key_name = "${var.keypair_name}"
|
17
17
|
|
18
18
|
vpc_security_group_ids = ["${aws_security_group.bastion_sg.id}"]
|
19
|
-
subnet_id = "
|
20
|
-
|
19
|
+
subnet_id = <%= "\"#{conditional_subnet_id(@values)}\"" %>
|
21
20
|
associate_public_ip_address = true
|
22
21
|
|
23
22
|
tags {
|
@@ -1,3 +1,4 @@
|
|
1
|
+
<% if @values['aws']['vpc_id'].empty? %>
|
1
2
|
# Create a VPC to launch our instances into
|
2
3
|
resource "aws_vpc" "platform" {
|
3
4
|
cidr_block = "${var.vpc_cidr_block}"
|
@@ -8,6 +9,18 @@ resource "aws_vpc" "platform" {
|
|
8
9
|
}
|
9
10
|
}
|
10
11
|
|
12
|
+
# DMZ subnet
|
13
|
+
resource "aws_subnet" "platform_dmz" {
|
14
|
+
vpc_id = "${aws_vpc.platform.id}"
|
15
|
+
availability_zone = "${var.availability_zone}"
|
16
|
+
cidr_block = "${var.public_subnet_cidr}"
|
17
|
+
map_public_ip_on_launch = false
|
18
|
+
tags {
|
19
|
+
Name = "${var.public_subnet_name}"
|
20
|
+
Component = "kite-platform"
|
21
|
+
}
|
22
|
+
}
|
23
|
+
|
11
24
|
# Create an internet gateway to give our subnet access to the outside world
|
12
25
|
resource "aws_internet_gateway" "platform" {
|
13
26
|
vpc_id = "${aws_vpc.platform.id}"
|
@@ -17,9 +30,19 @@ resource "aws_internet_gateway" "platform" {
|
|
17
30
|
}
|
18
31
|
}
|
19
32
|
|
33
|
+
# Grant the VPC internet access on its main route table
|
34
|
+
resource "aws_route" "internet_access" {
|
35
|
+
route_table_id = "${aws_vpc.platform.main_route_table_id}"
|
36
|
+
destination_cidr_block = "0.0.0.0/0"
|
37
|
+
gateway_id = "${aws_internet_gateway.platform.id}"
|
38
|
+
}
|
39
|
+
|
40
|
+
<% end %>
|
41
|
+
|
42
|
+
<% if !@values['aws']['vpc_id'].empty? && @values['aws']['public_subnet']['id'].empty? %>
|
20
43
|
# DMZ subnet
|
21
44
|
resource "aws_subnet" "platform_dmz" {
|
22
|
-
vpc_id = "${
|
45
|
+
vpc_id = "${var.vpc_id}"
|
23
46
|
availability_zone = "${var.availability_zone}"
|
24
47
|
cidr_block = "${var.public_subnet_cidr}"
|
25
48
|
map_public_ip_on_launch = false
|
@@ -28,10 +51,11 @@ resource "aws_subnet" "platform_dmz" {
|
|
28
51
|
Component = "kite-platform"
|
29
52
|
}
|
30
53
|
}
|
54
|
+
<% end %>
|
31
55
|
|
32
56
|
# Private subnet
|
33
57
|
resource "aws_subnet" "platform_net" {
|
34
|
-
vpc_id = "
|
58
|
+
vpc_id = <%= "\"#{conditional_vpc_id(@values)}\"" %>
|
35
59
|
availability_zone = "${var.availability_zone}"
|
36
60
|
cidr_block = "${var.private_subnet_cidr}"
|
37
61
|
map_public_ip_on_launch = false
|
@@ -41,26 +65,9 @@ resource "aws_subnet" "platform_net" {
|
|
41
65
|
}
|
42
66
|
}
|
43
67
|
|
44
|
-
# Allocate an Elastic IP for NAT gateway
|
45
|
-
resource "aws_eip" "nat_ip" {
|
46
|
-
}
|
47
|
-
|
48
|
-
# Create a NAT gateway to forward the traffic for BOSH
|
49
|
-
resource "aws_nat_gateway" "nat_gateway" {
|
50
|
-
allocation_id = "${aws_eip.nat_ip.id}"
|
51
|
-
subnet_id = "${aws_subnet.platform_dmz.id}"
|
52
|
-
}
|
53
|
-
|
54
|
-
# Grant the VPC internet access on its main route table
|
55
|
-
resource "aws_route" "internet_access" {
|
56
|
-
route_table_id = "${aws_vpc.platform.main_route_table_id}"
|
57
|
-
destination_cidr_block = "0.0.0.0/0"
|
58
|
-
gateway_id = "${aws_internet_gateway.platform.id}"
|
59
|
-
}
|
60
|
-
|
61
68
|
# Create a custom route table for the private subnet
|
62
69
|
resource "aws_route_table" "private_route" {
|
63
|
-
vpc_id = "
|
70
|
+
vpc_id = <%= "\"#{conditional_vpc_id(@values)}\"" %>
|
64
71
|
|
65
72
|
route {
|
66
73
|
cidr_block = "0.0.0.0/0"
|
@@ -73,6 +80,16 @@ resource "aws_route_table" "private_route" {
|
|
73
80
|
}
|
74
81
|
}
|
75
82
|
|
83
|
+
# Allocate an Elastic IP for NAT gateway
|
84
|
+
resource "aws_eip" "nat_ip" {
|
85
|
+
}
|
86
|
+
|
87
|
+
# Create a NAT gateway to forward the traffic for BOSH
|
88
|
+
resource "aws_nat_gateway" "nat_gateway" {
|
89
|
+
allocation_id = "${aws_eip.nat_ip.id}"
|
90
|
+
subnet_id = <%= "\"#{conditional_subnet_id(@values)}\"" %>
|
91
|
+
}
|
92
|
+
|
76
93
|
# Associate custom route table with private subnet
|
77
94
|
resource "aws_route_table_association" "private_route" {
|
78
95
|
subnet_id = "${aws_subnet.platform_net.id}"
|
@@ -83,7 +100,7 @@ resource "aws_route_table_association" "private_route" {
|
|
83
100
|
resource "aws_security_group" "bastion_sg" {
|
84
101
|
name = "bastion_sg"
|
85
102
|
description = "Bastion security group"
|
86
|
-
vpc_id = "
|
103
|
+
vpc_id = <%= "\"#{conditional_vpc_id(@values)}\"" %>
|
87
104
|
tags {
|
88
105
|
Name = "bastion-sg"
|
89
106
|
Component = "bosh-director"
|
@@ -110,7 +127,7 @@ resource "aws_security_group" "bastion_sg" {
|
|
110
127
|
resource "aws_security_group" "bosh_sg" {
|
111
128
|
name = "bosh_sg"
|
112
129
|
description = "Default BOSH security group"
|
113
|
-
vpc_id = "
|
130
|
+
vpc_id = <%= "\"#{conditional_vpc_id(@values)}\"" %>
|
114
131
|
tags {
|
115
132
|
Name = "bosh-sg"
|
116
133
|
Component = "bosh-director"
|
@@ -169,7 +186,7 @@ resource "aws_security_group" "bosh_sg" {
|
|
169
186
|
resource "aws_security_group" "concourse_sg" {
|
170
187
|
name = "concourse-sg"
|
171
188
|
description = "Concourse security group"
|
172
|
-
vpc_id
|
189
|
+
vpc_id = <%= "\"#{conditional_vpc_id(@values)}\"" %>
|
173
190
|
tags {
|
174
191
|
Name = "concourse-sg"
|
175
192
|
Component = "concourse"
|
@@ -7,8 +7,10 @@ availability_zone = "<%= @values['aws']['zone'] %>"
|
|
7
7
|
# Network Config
|
8
8
|
vpc_cidr_block = "<%= @values['aws']['vpc_cidr_block'] %>"
|
9
9
|
vpc_name = "<%= @values['aws']['vpc_name'] %>"
|
10
|
+
vpc_id = "<%= @values['aws']['vpc_id'] %>"
|
10
11
|
public_subnet_name = "<%= @values['aws']['public_subnet']['name'] %>"
|
11
12
|
public_subnet_cidr = "<%= @values['aws']['public_subnet']['network'] %>"
|
13
|
+
public_subnet_id = "<%= @values['aws']['public_subnet']['id'] %>"
|
12
14
|
private_subnet_name = "<%= @values['aws']['private_subnet']['name'] %>"
|
13
15
|
private_subnet_cidr = "<%= @values['aws']['private_subnet']['network'] %>"
|
14
16
|
|
@@ -36,10 +36,18 @@ variable "vpc_name" {
|
|
36
36
|
type = "string"
|
37
37
|
}
|
38
38
|
|
39
|
+
variable "vpc_id" {
|
40
|
+
type = "string"
|
41
|
+
}
|
42
|
+
|
39
43
|
variable "public_subnet_cidr" {
|
40
44
|
type = "string"
|
41
45
|
}
|
42
46
|
|
47
|
+
variable "public_subnet_id" {
|
48
|
+
type = "string"
|
49
|
+
}
|
50
|
+
|
43
51
|
variable "public_subnet_name" {
|
44
52
|
type = "string"
|
45
53
|
}
|
data/tpl/gcp/README.md
CHANGED
@@ -1,6 +1,6 @@
|
|
1
1
|
## GCP Cloud
|
2
2
|
|
3
|
-
###
|
3
|
+
### Setup
|
4
4
|
|
5
5
|
Set path to your service account credentials:
|
6
6
|
```
|
@@ -12,44 +12,23 @@ Apply terraform code
|
|
12
12
|
pushd terraform && terraform init && terraform apply && popd
|
13
13
|
```
|
14
14
|
|
15
|
-
Render
|
15
|
+
Render BOSH manifest and related files
|
16
16
|
```
|
17
|
-
kite render manifest bosh --cloud
|
17
|
+
kite render manifest bosh --cloud gcp
|
18
18
|
```
|
19
19
|
|
20
|
-
|
21
|
-
```
|
22
|
-
. bin/setup-tunnel.sh
|
23
|
-
```
|
20
|
+
Prepare BOSH environment using instructions from [docs/bosh.md](docs/bosh.md)
|
24
21
|
|
25
|
-
|
26
|
-
```
|
27
|
-
./bin/bosh-install.sh
|
22
|
+
Render Vault deployment
|
28
23
|
```
|
29
|
-
|
30
|
-
Connect to the Director
|
24
|
+
kite render manifest vault --cloud gcp
|
31
25
|
```
|
32
|
-
. bin/set-env.sh
|
33
26
|
|
34
|
-
|
27
|
+
Follow instructions from [docs/vault.md](docs/vault.md) to deploy Vault
|
35
28
|
|
36
|
-
Render
|
29
|
+
Render Concourse manifest
|
37
30
|
```
|
38
|
-
kite render manifest concourse --cloud
|
31
|
+
kite render manifest concourse --cloud gcp
|
39
32
|
```
|
40
33
|
|
41
|
-
|
42
|
-
```
|
43
|
-
bosh -e bosh-1 update-cloud-config deployments/concourse/cloud-config.yml
|
44
|
-
|
45
|
-
bosh -e bosh-1 upload-stemcell \
|
46
|
-
https://bosh.io/d/stemcells/bosh-google-kvm-ubuntu-trusty-go_agent?v=3445.7
|
47
|
-
|
48
|
-
bosh -e bosh-1 upload-release \
|
49
|
-
https://github.com/concourse/concourse/releases/download/v3.4.1/concourse-3.4.1.tgz
|
50
|
-
|
51
|
-
bosh -e bosh-1 upload-release \
|
52
|
-
https://github.com/concourse/concourse/releases/download/v3.4.1/garden-runc-1.6.0.tgz
|
53
|
-
|
54
|
-
bosh -e bosh-1 -d concourse deploy deployments/concourse/concourse.yml
|
55
|
-
```
|
34
|
+
Follow instructions from [docs/concourse.md](docs/concourse.md) to deploy Concourse
|
@@ -0,0 +1,35 @@
|
|
1
|
+
#!/usr/bin/env bash
|
2
|
+
|
3
|
+
set -xe
|
4
|
+
|
5
|
+
# Apply Terraform IaC
|
6
|
+
pushd terraform
|
7
|
+
|
8
|
+
terraform init
|
9
|
+
terraform apply
|
10
|
+
|
11
|
+
popd
|
12
|
+
|
13
|
+
# Set up an SSH tunnel to Bastion
|
14
|
+
. bin/setup-tunnel.sh
|
15
|
+
|
16
|
+
# Render BOSH manifest and related files
|
17
|
+
kite render manifest bosh --cloud gcp
|
18
|
+
|
19
|
+
# Deploy BOSH Director
|
20
|
+
./bin/bosh-install.sh
|
21
|
+
|
22
|
+
# Set the needed environment variables
|
23
|
+
. bin/set-env.sh
|
24
|
+
|
25
|
+
# Render Vault manifest and related files
|
26
|
+
kite render manifest vault --cloud gcp
|
27
|
+
|
28
|
+
# Deploy Vault
|
29
|
+
./bin/vault-deploy.sh
|
30
|
+
|
31
|
+
# Render Concourse manifest
|
32
|
+
kite render manifest concourse --cloud gcp
|
33
|
+
|
34
|
+
# Deploy Concourse
|
35
|
+
./bin/concourse-deploy.sh
|