From 2853bd4c16231feebf2cef4264392cc9450928c9 Mon Sep 17 00:00:00 2001 From: Nicolas Bender Date: Wed, 10 Jun 2026 14:37:53 +0200 Subject: [PATCH 1/8] Use fileserver with buildpacks mount Co-authored-by: Ralf Pannemans --- Makefile | 7 ++++--- helmfile.yaml.gotmpl | 3 ++- scripts/upload_buildpacks.sh | 6 +++--- versions.yaml | 27 ++++++++++++++++++++++++++- 4 files changed, 35 insertions(+), 8 deletions(-) diff --git a/Makefile b/Makefile index 688c943a..c3349f0d 100644 --- a/Makefile +++ b/Makefile @@ -10,9 +10,10 @@ temp/certs/ca.key temp/certs/ca.crt temp/certs/ssh_key temp/certs/ssh_key.pub te install: kind get kubeconfig --name cfk8s > temp/kubeconfig - docker run --rm --net=host --env-file temp/secrets.env \ - --env INSTALL_OPTIONAL_COMPONENTS \ - -v "$$PWD/temp/certs:/certs" -v "$$PWD/temp/kubeconfig:/helm/.kube/config:ro" -v "$$PWD:/wd" --workdir /wd ghcr.io/helmfile/helmfile:v$(HELMFILE_VERSION) helmfile sync +# docker run --rm --net=host --env-file temp/secrets.env \ +# --env INSTALL_OPTIONAL_COMPONENTS \ +# -v "$$PWD/temp/certs:/certs" -v "$$PWD/temp/kubeconfig:/helm/.kube/config:ro" -v "$$PWD:/wd" --workdir /wd ghcr.io/helmfile/helmfile:v$(HELMFILE_VERSION) helmfile sync + helmfile sync login: @ . temp/secrets.sh; \ diff --git a/helmfile.yaml.gotmpl b/helmfile.yaml.gotmpl index 3828ee2b..72e52efb 100644 --- a/helmfile.yaml.gotmpl +++ b/helmfile.yaml.gotmpl @@ -310,10 +310,11 @@ releases: - auctioneer: enabled: true certificateSecret: all-in-one-tls - - bbs: + - bb enabled: true certificateSecret: all-in-one-tls - fileserver: + buildpacks: {{ .Values.buildpacks }} enabled: true - sshProxy: enabled: true diff --git a/scripts/upload_buildpacks.sh b/scripts/upload_buildpacks.sh index 29a509fb..94af2b36 100755 --- a/scripts/upload_buildpacks.sh +++ b/scripts/upload_buildpacks.sh @@ -4,7 +4,7 @@ set -e INSTALLED_BUILPACKS=$(cf curl /v3/buildpacks | jq -r '.resources[] | "#" + .name + "#"') -buildpacks=("java_buildpack" "nodejs_buildpack" "go_buildpack" "binary_buildpack") +buildpacks=("nodejs_buildpack" "binary_buildpack") position=1 if [[ $ALL_BUILDPACKS == "true" ]]; then @@ -14,9 +14,9 @@ fi for buildpack in "${buildpacks[@]}"; do if [[ $INSTALLED_BUILPACKS =~ "#$buildpack#" ]]; then - cf update-buildpack "$buildpack" -p "http://fileserver.127-0-0-1.nip.io/${buildpack}-cflinuxfs4.zip" + cf update-buildpack "$buildpack" -p "http://fileserver.127-0-0-1.nip.io/${buildpack}/${buildpack}.zip" else - cf create-buildpack "$buildpack" "http://fileserver.127-0-0-1.nip.io/${buildpack}-cflinuxfs4.zip" "$position" + cf create-buildpack "$buildpack" "http://fileserver.127-0-0-1.nip.io/${buildpack}/${buildpack}.zip" "$position" fi ((position++)) done diff --git a/versions.yaml b/versions.yaml index 85b0e528..854e3a57 100644 --- a/versions.yaml +++ b/versions.yaml @@ -12,7 +12,7 @@ charts: url: cloudfoundry-k8s/credhub version: 2.15.8 diego: - url: cloudfoundry-k8s/diego + url: ../cf-k8s-releases-os/diego/helm version: 0.23.0 istioBase: url: istio/base @@ -56,3 +56,28 @@ charts: uaa: url: cloudfoundry-k8s/uaa version: 78.16.0 + +buildpacks: + binary-buildpack: + version: 1.0.0 + dotnet-core-buildpack: + version: 1.0.0 + go-buildpack: + version: 1.0.0 + java-buildpack: + version: 1.0.0 + nginx-buildpack: + version: 1.0.0 + nodejs-buildpack: + version: 1.0.0 + php-buildpack: + version: 1.0.0 + python-buildpack: + version: 1.0.0 + r-buildpack: + version: 1.0.0 + ruby-buildpack: + version: 1.0.0 + staticfile-buildpack: + version: 1.0.0 + \ No newline at end of file From 664a41e6c69f523cbac4ee988d5368669003b105 Mon Sep 17 00:00:00 2001 From: Ralf Pannemans Date: Wed, 10 Jun 2026 16:43:03 +0200 Subject: [PATCH 2/8] Adjust buildpack yaml structure Co-authored-by: Nicolas Bender --- helmfile.yaml.gotmpl | 9 +++++++-- scripts/upload_buildpacks.sh | 2 +- versions.yaml | 34 +++++++++++++++++++++------------- 3 files changed, 29 insertions(+), 16 deletions(-) diff --git a/helmfile.yaml.gotmpl b/helmfile.yaml.gotmpl index 72e52efb..7d48d446 100644 --- a/helmfile.yaml.gotmpl +++ b/helmfile.yaml.gotmpl @@ -310,11 +310,16 @@ releases: - auctioneer: enabled: true certificateSecret: all-in-one-tls - - bb + - bbs: enabled: true certificateSecret: all-in-one-tls - fileserver: - buildpacks: {{ .Values.buildpacks }} + buildpacks: + {{ range $name, $buildpack := .Values.buildpacks }} + {{ $name }}: + image: {{ $buildpack.image }} + tag: {{ $buildpack.tag }} + {{ end }} enabled: true - sshProxy: enabled: true diff --git a/scripts/upload_buildpacks.sh b/scripts/upload_buildpacks.sh index 94af2b36..cda24f1a 100755 --- a/scripts/upload_buildpacks.sh +++ b/scripts/upload_buildpacks.sh @@ -4,7 +4,7 @@ set -e INSTALLED_BUILPACKS=$(cf curl /v3/buildpacks | jq -r '.resources[] | "#" + .name + "#"') -buildpacks=("nodejs_buildpack" "binary_buildpack") +buildpacks=("nodejs-buildpack" "binary-buildpack") position=1 if [[ $ALL_BUILDPACKS == "true" ]]; then diff --git a/versions.yaml b/versions.yaml index 854e3a57..61ca8d3d 100644 --- a/versions.yaml +++ b/versions.yaml @@ -12,7 +12,7 @@ charts: url: cloudfoundry-k8s/credhub version: 2.15.8 diego: - url: ../cf-k8s-releases-os/diego/helm + url: ../cf-k8s-releases/diego/helm version: 0.23.0 istioBase: url: istio/base @@ -59,25 +59,33 @@ charts: buildpacks: binary-buildpack: - version: 1.0.0 + image: ghcr.io/cloudfoundry/k8s/binary-buildpack + tag: 1.1.26 dotnet-core-buildpack: - version: 1.0.0 + image: ghcr.io/cloudfoundry/k8s/dotnet-core-buildpack + tag: 2.4.51 go-buildpack: - version: 1.0.0 - java-buildpack: - version: 1.0.0 + image: ghcr.io/cloudfoundry/k8s/go-buildpack + tag: 1.10.47 nginx-buildpack: - version: 1.0.0 + image: ghcr.io/cloudfoundry/k8s/nginx-buildpack + tag: 1.2.38 nodejs-buildpack: - version: 1.0.0 + image: ghcr.io/cloudfoundry/k8s/nodejs-buildpack + tag: 1.9.2 php-buildpack: - version: 1.0.0 + image: ghcr.io/cloudfoundry/k8s/php-buildpack + tag: 5.0.6 python-buildpack: - version: 1.0.0 + image: ghcr.io/cloudfoundry/k8s/python-buildpack + tag: 1.9.1 r-buildpack: - version: 1.0.0 + image: ghcr.io/cloudfoundry/k8s/r-buildpack + tag: 1.2.28 ruby-buildpack: - version: 1.0.0 + image: ghcr.io/cloudfoundry/k8s/ruby-buildpack + tag: 1.11.1 staticfile-buildpack: - version: 1.0.0 + image: ghcr.io/cloudfoundry/k8s/staticfile-buildpack + tag: 1.6.38 \ No newline at end of file From 3bcda64481b65cd071453484c4f0111c688dceb2 Mon Sep 17 00:00:00 2001 From: Ralf Pannemans Date: Thu, 11 Jun 2026 09:27:42 +0200 Subject: [PATCH 3/8] Update sync-cf-deployment script with buildpacks --- scripts/sync-cf-deployment-versions.py | 20 +++++++++++++------- scripts/upload_buildpacks.sh | 4 ++-- versions.yaml | 16 +++++++++------- 3 files changed, 24 insertions(+), 16 deletions(-) diff --git a/scripts/sync-cf-deployment-versions.py b/scripts/sync-cf-deployment-versions.py index 2ea2d953..503a7539 100755 --- a/scripts/sync-cf-deployment-versions.py +++ b/scripts/sync-cf-deployment-versions.py @@ -17,6 +17,8 @@ "routing": "routing", "uaa": "uaa", } + +BUILDPACKS = [ "java-buildpack", "nodejs-buildpack", "go-buildpack", "binary-buildpack", "dotnet-core-buildpack", "nginx-buildpack", "php-buildpack", "python-buildpack", "r-buildpack", "ruby-buildpack", "staticfile-buildpack"] def latest_cf_deployment_release() -> str: @@ -68,16 +70,20 @@ def main(): release_versions["cf-deployment"] = manifest_version for r in releases: - if r["name"] not in BOSH_RELEASES: + if (r["name"] not in BOSH_RELEASES) and (r["name"] not in BUILDPACKS): print(f"Skipping release update of '{r['name']}': not a managed release", file=sys.stderr) continue - yaml_key = BOSH_RELEASES[r["name"]] - if yaml_key not in values.get("charts", {}): - print(f"error in release update of '{r['name']}': no value found", file=sys.stderr) - sys.exit(1) + yaml_key = BOSH_RELEASES.get(r["name"], "unknown") + if yaml_key in values.get("charts", {}): + values["charts"][yaml_key]["version"] = str(r["version"]) + print(f"Updated release '{r['name']}' to version {r['version']}") + elif r["name"] in BUILDPACKS and r["name"] in values.get("buildpacks", {}): + values["buildpacks"][r["name"]]["tag"] = str(r["version"]) + print(f"Updated buildpack '{r['name']}' to version {r['version']}") + else: + print(f"error in release update of '{r['name']}': no value found", file=sys.stderr) + sys.exit(1) - values["charts"][yaml_key]["version"] = str(r["version"]) - print(f"Updated release '{r['name']}' to version {r['version']}") with open(values_file, "w") as f: yaml.dump(values, f) diff --git a/scripts/upload_buildpacks.sh b/scripts/upload_buildpacks.sh index cda24f1a..94ea20f1 100755 --- a/scripts/upload_buildpacks.sh +++ b/scripts/upload_buildpacks.sh @@ -4,11 +4,11 @@ set -e INSTALLED_BUILPACKS=$(cf curl /v3/buildpacks | jq -r '.resources[] | "#" + .name + "#"') -buildpacks=("nodejs-buildpack" "binary-buildpack") +buildpacks=("java-buildpack" "nodejs-buildpack" "go-buildpack" "binary-buildpack") position=1 if [[ $ALL_BUILDPACKS == "true" ]]; then - buildpacks+=("dotnet-core_buildpack" "nginx_buildpack" "php_buildpack" "python_buildpack" "r_buildpack" "ruby_buildpack" "staticfile_buildpack") + buildpacks+=("dotnet-core-buildpack" "nginx-buildpack" "php-buildpack" "python-buildpack" "r-buildpack" "ruby-buildpack" "staticfile-buildpack") fi diff --git a/versions.yaml b/versions.yaml index 61ca8d3d..312c4a48 100644 --- a/versions.yaml +++ b/versions.yaml @@ -1,10 +1,10 @@ charts: capi: url: cloudfoundry-k8s/capi - version: 1.235.0 + version: 1.236.0 cfNetworking: url: cloudfoundry-k8s/cf-networking - version: 3.114.0 + version: 3.115.0 cilium: url: cilium/cilium version: 1.18.4 @@ -13,7 +13,7 @@ charts: version: 2.15.8 diego: url: ../cf-k8s-releases/diego/helm - version: 0.23.0 + version: 2.138.0 istioBase: url: istio/base version: 1.29.1 @@ -26,7 +26,7 @@ charts: version: 0.6.3 logCache: url: cloudfoundry-k8s/log-cache - version: 3.2.8 + version: 3.2.10 loggregator: url: cloudfoundry-k8s/loggregator version: 107.0.31 @@ -52,7 +52,7 @@ charts: version: 16.7.27 routing: url: cloudfoundry-k8s/routing - version: 0.382.0 + version: 0.384.0 uaa: url: cloudfoundry-k8s/uaa version: 78.16.0 @@ -60,10 +60,13 @@ charts: buildpacks: binary-buildpack: image: ghcr.io/cloudfoundry/k8s/binary-buildpack - tag: 1.1.26 + tag: 1.1.21 dotnet-core-buildpack: image: ghcr.io/cloudfoundry/k8s/dotnet-core-buildpack tag: 2.4.51 + java-buildpack: + image: ghcr.io/cloudfoundry/k8s/java-buildpack + tag: 5.0.4 go-buildpack: image: ghcr.io/cloudfoundry/k8s/go-buildpack tag: 1.10.47 @@ -88,4 +91,3 @@ buildpacks: staticfile-buildpack: image: ghcr.io/cloudfoundry/k8s/staticfile-buildpack tag: 1.6.38 - \ No newline at end of file From af1f9e3c78339a33e924eedaa8d56c916ec174d7 Mon Sep 17 00:00:00 2001 From: Nicolas Bender Date: Thu, 11 Jun 2026 10:47:24 +0200 Subject: [PATCH 4/8] Buildpack renaming Co-authored-by: Ralf Pannemans --- .github/cats-config.tpl | 12 ++++++------ versions.yaml | 2 +- 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/cats-config.tpl b/.github/cats-config.tpl index f0cd8dd6..b880183c 100644 --- a/.github/cats-config.tpl +++ b/.github/cats-config.tpl @@ -55,12 +55,12 @@ "volume_service_create_config": "{\"share\": \"nfs-server/exports/test-share\"}", - "java_buildpack_name": "java_buildpack", - "ruby_buildpack_name": "ruby_buildpack", - "nodejs_buildpack_name": "nodejs_buildpack", - "binary_buildpack_name": "binary_buildpack", - "go_buildpack_name": "go_buildpack", - "python_buildpack_name": "python_buildpack", + "java_buildpack_name": "java-buildpack", + "ruby_buildpack_name": "ruby-buildpack", + "nodejs_buildpack_name": "nodejs-buildpack", + "binary_buildpack_name": "binary-buildpack", + "go_buildpack_name": "go-buildpack", + "python_buildpack_name": "python-buildpack", "catnip_docker_app_image": "ghcr.io/cloudfoundry/catnip-app:latest" } diff --git a/versions.yaml b/versions.yaml index 312c4a48..00a1f27d 100644 --- a/versions.yaml +++ b/versions.yaml @@ -1,7 +1,7 @@ charts: capi: url: cloudfoundry-k8s/capi - version: 1.236.0 + version: 1.235.0 cfNetworking: url: cloudfoundry-k8s/cf-networking version: 3.115.0 From 966c97418c0053f9a5fcd2e97c05cdb81a93284a Mon Sep 17 00:00:00 2001 From: Ralf Pannemans Date: Thu, 11 Jun 2026 10:53:31 +0200 Subject: [PATCH 5/8] Use upstream diego Co-authored-by: Nicolas Bender --- versions.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/versions.yaml b/versions.yaml index 00a1f27d..6c9069fb 100644 --- a/versions.yaml +++ b/versions.yaml @@ -12,7 +12,7 @@ charts: url: cloudfoundry-k8s/credhub version: 2.15.8 diego: - url: ../cf-k8s-releases/diego/helm + url: cloudfoundry-k8s/diego version: 2.138.0 istioBase: url: istio/base From 366539e5c532d6ae5808e64bfa3b7fdd09a85f71 Mon Sep 17 00:00:00 2001 From: Nicolas Bender Date: Thu, 11 Jun 2026 10:57:05 +0200 Subject: [PATCH 6/8] Remove comment Co-authored-by: Ralf Pannemans --- Makefile | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/Makefile b/Makefile index c3349f0d..688c943a 100644 --- a/Makefile +++ b/Makefile @@ -10,10 +10,9 @@ temp/certs/ca.key temp/certs/ca.crt temp/certs/ssh_key temp/certs/ssh_key.pub te install: kind get kubeconfig --name cfk8s > temp/kubeconfig -# docker run --rm --net=host --env-file temp/secrets.env \ -# --env INSTALL_OPTIONAL_COMPONENTS \ -# -v "$$PWD/temp/certs:/certs" -v "$$PWD/temp/kubeconfig:/helm/.kube/config:ro" -v "$$PWD:/wd" --workdir /wd ghcr.io/helmfile/helmfile:v$(HELMFILE_VERSION) helmfile sync - helmfile sync + docker run --rm --net=host --env-file temp/secrets.env \ + --env INSTALL_OPTIONAL_COMPONENTS \ + -v "$$PWD/temp/certs:/certs" -v "$$PWD/temp/kubeconfig:/helm/.kube/config:ro" -v "$$PWD:/wd" --workdir /wd ghcr.io/helmfile/helmfile:v$(HELMFILE_VERSION) helmfile sync login: @ . temp/secrets.sh; \ From ff92178b26d134abd70661c87db7105d3c067202 Mon Sep 17 00:00:00 2001 From: Ralf Pannemans Date: Thu, 11 Jun 2026 11:11:52 +0200 Subject: [PATCH 7/8] Use correct version Co-authored-by: Nicolas Bender --- versions.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/versions.yaml b/versions.yaml index 6c9069fb..ce97c749 100644 --- a/versions.yaml +++ b/versions.yaml @@ -60,7 +60,7 @@ charts: buildpacks: binary-buildpack: image: ghcr.io/cloudfoundry/k8s/binary-buildpack - tag: 1.1.21 + tag: 1.1.26 dotnet-core-buildpack: image: ghcr.io/cloudfoundry/k8s/dotnet-core-buildpack tag: 2.4.51 From a648fd085a30e07be8735b8fe4ac8c7a29ecbe0f Mon Sep 17 00:00:00 2001 From: Nicolas Bender Date: Thu, 11 Jun 2026 12:59:13 +0200 Subject: [PATCH 8/8] Use underscores in all buildpack names Co-authored-by: Ralf Pannemans Co-authored-by: Nicolas Bender --- .github/cats-config.tpl | 12 ++++++------ scripts/upload_buildpacks.sh | 10 +++++----- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/.github/cats-config.tpl b/.github/cats-config.tpl index b880183c..f0cd8dd6 100644 --- a/.github/cats-config.tpl +++ b/.github/cats-config.tpl @@ -55,12 +55,12 @@ "volume_service_create_config": "{\"share\": \"nfs-server/exports/test-share\"}", - "java_buildpack_name": "java-buildpack", - "ruby_buildpack_name": "ruby-buildpack", - "nodejs_buildpack_name": "nodejs-buildpack", - "binary_buildpack_name": "binary-buildpack", - "go_buildpack_name": "go-buildpack", - "python_buildpack_name": "python-buildpack", + "java_buildpack_name": "java_buildpack", + "ruby_buildpack_name": "ruby_buildpack", + "nodejs_buildpack_name": "nodejs_buildpack", + "binary_buildpack_name": "binary_buildpack", + "go_buildpack_name": "go_buildpack", + "python_buildpack_name": "python_buildpack", "catnip_docker_app_image": "ghcr.io/cloudfoundry/catnip-app:latest" } diff --git a/scripts/upload_buildpacks.sh b/scripts/upload_buildpacks.sh index 94ea20f1..051a843a 100755 --- a/scripts/upload_buildpacks.sh +++ b/scripts/upload_buildpacks.sh @@ -2,7 +2,7 @@ set -e -INSTALLED_BUILPACKS=$(cf curl /v3/buildpacks | jq -r '.resources[] | "#" + .name + "#"') +INSTALLED_BUILDPACKS=$(cf curl /v3/buildpacks | jq -r '.resources[] | "#" + .name + "#"') buildpacks=("java-buildpack" "nodejs-buildpack" "go-buildpack" "binary-buildpack") position=1 @@ -11,12 +11,12 @@ if [[ $ALL_BUILDPACKS == "true" ]]; then buildpacks+=("dotnet-core-buildpack" "nginx-buildpack" "php-buildpack" "python-buildpack" "r-buildpack" "ruby-buildpack" "staticfile-buildpack") fi - for buildpack in "${buildpacks[@]}"; do - if [[ $INSTALLED_BUILPACKS =~ "#$buildpack#" ]]; then - cf update-buildpack "$buildpack" -p "http://fileserver.127-0-0-1.nip.io/${buildpack}/${buildpack}.zip" + buildpack_name=$(echo "$buildpack" | sed 's/-buildpack/_buildpack/') + if [[ $INSTALLED_BUILDPACKS =~ "#$buildpack_name#" ]]; then + cf update-buildpack "$buildpack_name" -p "http://fileserver.127-0-0-1.nip.io/${buildpack}/${buildpack}.zip" else - cf create-buildpack "$buildpack" "http://fileserver.127-0-0-1.nip.io/${buildpack}/${buildpack}.zip" "$position" + cf create-buildpack "$buildpack_name" "http://fileserver.127-0-0-1.nip.io/${buildpack}/${buildpack}.zip" "$position" fi ((position++)) done