From 3746c1ef14b1d0fa22c21368cad1214d15eea7db Mon Sep 17 00:00:00 2001 From: Rifa Achrinza <25147899+achrinza@users.noreply.github.com> Date: Mon, 22 Jun 2026 23:24:23 +0800 Subject: [PATCH 1/2] docs: update blobstore configs - Add note to differentiate release- and director blobstore. There's a cross reference from the Director Blobstore docs to the Release Blobstore docs, but not the other way around. - Warn on the potential publishing of blobstore secrets. CLI v2 does not force users to put sensitive blobstore options (e.g. `secret_access_key`) in private.yml. Hence, we should document how CLI v2 actually uses `private.yml` and `final.yml`, and the potential footgun. - Remove incorrect docs on Azure support for Release Blobstore. Although the BOSH Director + BOSH Agent supports Azure blobstore, CLIv2 [doesn't share blobstore support parity](https://github.com/cloudfoundry/bosh-cli/blob/27b76482223696f45c8269d233a3cdd42cdb77a3/releasedir/provider.go#L114-L125 Signed-off-by: Rifa Achrinza <25147899+achrinza@users.noreply.github.com> --- content/create-release.md | 15 ++++++++----- content/release-blobstore.md | 41 +++++++++++------------------------- mkdocs.yml | 1 + 3 files changed, 23 insertions(+), 34 deletions(-) diff --git a/content/create-release.md b/content/create-release.md index 5de0e51c..72ea1cc7 100644 --- a/content/create-release.md +++ b/content/create-release.md @@ -675,7 +675,6 @@ Example `private.yml`: ```yaml --- -blobstore_secret: 'does-not-matter' blobstore: local: blobstore_path: /tmp/ardo-blobs @@ -684,10 +683,16 @@ blobstore: If you have a `private.yml` file: * **Required**: Include the `blobstore_path` in the `private.yml` file. -* **Optional**: Include the `blobstore_path` in the `final.yml` file. Doing so allows you to `gitignore` the `private.yml` file but still allow the release to be downloaded and used on other systems. - -!!! note - The `blobstore_secret` is required for the `local` type blobstore. This is true even though the `blobstore_secret` line is deprecated and its content does not matter. There is never a `blobstore_secret` line for blobstores of types other than `local`. +* **Optional**: Include the `blobstore_path` in the `final.yml` file. Doing so + allows you to `gitignore` the `private.yml` file but still allow the release + to be downloaded and used on other systems. + +!!! warning "Managing split-configuration between `private.yml` and `final.yml`" + In CLI v2, the value of `/blobstore//` in `private.yml` [is + shallow-merged with, and takes precedence over,](https://github.com/cloudfoundry/bosh-cli/blob/27b76482223696f45c8269d233a3cdd42cdb77a3/releasedir/fs_config.go#L114-L120) the value of `/blobstore/options/` + in `final.yml`. The CLI does not distinguish which file a blobstore + option should be placed in. Hence, it is possible to create and publish a + valid `final.yml` with secrets. ### Inform BOSH where blobs are {: #inform } diff --git a/content/release-blobstore.md b/content/release-blobstore.md index cd5fe0e3..01b33f0c 100644 --- a/content/release-blobstore.md +++ b/content/release-blobstore.md @@ -1,5 +1,7 @@ !!! note - Examples require CLI v2. + This describes configuring a blobstore for publishing BOSH Releases with + **BOSH CLI v2+**, which is separate from [configuring the blobstore of a + BOSH Director](director-configure-blobstore). A release blobstore contains [release blob](release-blobs.md) and created final releases. @@ -8,8 +10,15 @@ Access to release blobstore is configured via two files: - `config/final.yml` (checked into Git repository): contains blobstore location - `config/private.yml` (is NOT checked into Git repository): contains blobstore credentials -CLI supports three different blobstore providers: `s3`, `gcs`, `azure-storage` -and `local`. +CLI supports three different blobstore providers: `s3`, `gcs`, and `local`. + +!!! warning "Managing split-configuration between `private.yml` and `final.yml`" + In CLI v2, the value of `/blobstore//` in `private.yml` [is + shallow-merged with, and takes precedence over,](https://github.com/cloudfoundry/bosh-cli/blob/27b76482223696f45c8269d233a3cdd42cdb77a3/releasedir/fs_config.go#L114-L120) the value of `/blobstore/options/` + in `final.yml`. The CLI does not distinguish which file a blobstore + option should be placed in. Hence, it is possible to create and publish a + valid `final.yml` with secrets. + ## S3 Configuration {: #s3-config } @@ -81,32 +90,6 @@ blobstore: Nothing in `config/private.yml`. ---- - -## Azure Storage Account Configuration {: #azure-storage-config } - -Azure Storage Account is supported from bosh version `278.0.0`. - -**config/final.yml** - -```yaml ---- -blobstore: - provider: azure-storage - options: - container_name: - account_name: -``` - -**config/private.yml** - -```yaml ---- -blobstore: - options: - account_key: -``` - --- ## Release Compression Configuration {: #no-compression } diff --git a/mkdocs.yml b/mkdocs.yml index 96979568..46d26cfe 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -116,6 +116,7 @@ pages: - Builtin DAV Server: director-configure-blobstore.md - Amazon S3: director-configure-blobstore.md - Google Cloud Storage: director-configure-blobstore.md + - Azure Storage Account: director-configure-blobstore.md - Managing Releases: managing-releases.md - Managing Stemcells: managing-stemcells.md - Auto-healing Capabilities: resurrector.md From c28449d098b834774b388c59b286b8ec175153e0 Mon Sep 17 00:00:00 2001 From: Rifa Achrinza <25147899+achrinza@users.noreply.github.com> Date: Mon, 22 Jun 2026 23:31:52 +0800 Subject: [PATCH 2/2] fix: update community info - Point roadmap from defunct Pivotal Tracker to GitHub Project - Remove references to no-longer-used `cloudfoundry-incubator` and `bosh-packages` GitHub organisations - Revive with an archive link for now-defunct "Ultimate Guide to BOSH" Signed-off-by: Rifa Achrinza <25147899+achrinza@users.noreply.github.com> --- content/community.md | 33 ++++++++++++++++++++++++++------- content/package-vendoring.md | 7 +++++-- 2 files changed, 31 insertions(+), 9 deletions(-) diff --git a/content/community.md b/content/community.md index 3454871d..a35e9f03 100644 --- a/content/community.md +++ b/content/community.md @@ -1,6 +1,7 @@ # Community -BOSH is part of the open-source community, so you can easily find us in a few places... +BOSH is part of the open-source community, so you can easily find us in a few +places... ## Slack @@ -8,26 +9,44 @@ BOSH is part of the open-source community, so you can easily find us in a few pl The [Cloud Foundry Slack](https://cloudfoundry.slack.com) is a great place to ask questions or discuss issues - especially if you are still trying to figure out what might actually be wrong. Contributors, operators, and developers of BOSH are typically hanging out in the [`#bosh`](https://cloudfoundry.slack.com/messages/C02HPPYQ2/) channel and happy to help answer questions. !!! info "Slack Invitation" - Slack requires members to be invited, so please [request an invite](https://slack.cloudfoundry.org/) from our bot first if you are new to the community. + Slack requires members to be invited, so please [request an + invite](https://slack.cloudfoundry.org/) from our bot first if you are + new to the community. ## GitHub -BOSH is open source, so you can find most of the code in either the [`cloudfoundry`](https://github.com/cloudfoundry) or [`cloudfoundry-incubator`](https://github.com/cloudfoundry-incubator) GitHub organizations. If you are looking for a repository to start with, [`cloudfoundry/bosh`](https://github.com/cloudfoundry/bosh) is a great place to start. +BOSH is open source, so you can find most of the code in the +[`cloudfoundry`](https://github.com/cloudfoundry) GitHub organizations. If you +are looking for a repository to start with, +[`cloudfoundry/bosh`](https://github.com/cloudfoundry/bosh) is a great place +to start. -Since BOSH is a larger project, there are quite a few repositories for the various components. If you are not sure which repository is best to discuss an issue or make a change, please feel free to ask! [Slack](#slack) usually works best for that, but you can also just [create an issue](https://github.com/cloudfoundry/bosh/issues/new) if that's easier. +Since BOSH is a larger project, there are quite a few repositories for the +various components. If you are not sure which repository is best to discuss an +issue or make a change, please feel free to ask! [Slack](#slack) usually works +best for that, but you can also just [create an +issue](https://github.com/cloudfoundry/bosh/issues/new) if that's easier. ## Roadmap -We use [Pivotal Tracker](https://www.pivotaltracker.com/) for keeping track of what we're working on and prioritizing tasks. We have several projects, but our main project is [CF BOSH](https://www.pivotaltracker.com/n/projects/956238). For an aggregated view of all our projects, check out [bosh-stories](https://github.com/cloudfoundry/bosh-stories) to see a quick summary of our recent and upcoming work. +We use [GitHub +Projects](https://github.com/orgs/cloudfoundry/projects?query=is%3Aopen) for +keeping track of what we're working on and prioritizing tasks. ## Mailing List -If you prefer mailing lists, you can find us through the [`cf-bosh` mailing list](https://lists.cloudfoundry.org/g/cf-bosh). Although it is quieter than [Slack](#slack), the community is usually able to help answer questions raised on the list. We also occasionally use this for announcements or product discussion. +If you prefer mailing lists, you can find us through the [`cf-bosh` mailing +list](https://lists.cloudfoundry.org/g/cf-bosh). Although it is quieter than +[Slack](#slack), the community is usually able to help answer questions raised +on the list. We also occasionally use this for announcements or product +discussion. ## Additional Resources - * [Ultimate Guide to BOSH](https://ultimateguidetobosh.com/) - a great resource for learning more about BOSH concepts + * [Ultimate Guide to + BOSH](https://web.archive.org/web/20260214185516/https://ultimateguidetobosh.com/) - + a great resource for learning more about BOSH concepts diff --git a/content/package-vendoring.md b/content/package-vendoring.md index 18c2ef4e..561647dd 100644 --- a/content/package-vendoring.md +++ b/content/package-vendoring.md @@ -95,8 +95,11 @@ Packages may also include `bosh/runtime.env` for loading specific functionality When to use this approach: -- package is readily available from `bosh-packages` Github organization -- package is an internal implementation detail of your release that cannot or should not be swappable by an operator +- package is [readily + available](https://github.com/orgs/cloudfoundry/repositories?q=in%3Aname+bosh-package-) + from the `cloudfoundry` Github organization. +- package is an internal implementation detail of your release that cannot or + should not be swappable by an operator When to be cautious with this approach: