pivotal-cf/credhub-release

Name: credhub-release

Owner: Pivotal Cloud Foundry

Description: BOSH release of CredHub server

Created: 2016-04-29 00:23:48.0

Updated: 2018-01-09 10:17:35.0

Pushed: 2018-01-17 01:15:54.0

Homepage:

Size: 1202

Language: Shell

GitHub Committers

User	Most Recent Commit	# Commits

Other Committers

User	Email	Most Recent Commit	# Commits

README

CredHub Release provides a BOSH Release for CredHub.

• Documentation
• CredHub Tracker

See additional repos for more info:

• credhub : CredHub server code
• credhub-cli : command line interface for credhub
• credhub-acceptance-tests : integration tests written in Go.

Deploying CredHub

This repository includes code to create a BOSH release of CredHub. Releases based on this repository are created and posted automatically to bosh.io for deployment.

Adding CredHub to an existing deployment manifest can be done by simply adding the release and its appropriate job configurations. Complete sample manifests can be found here.

ases:
me: credhub
l: https://bosh.io/d/github.com/pivotal-cf/credhub-release?v=1.5.0
rsion: 1.5.0
a1: f965d47c261c9c554399ea02cf7ab343b7b7f843

Release Lifecycle

CredHub issues frequent minor releases containing new features. If you wish to receive the latest new features, the most recent release should be used. If you choose to use the latest release line, you must update to a subsequent patch or minor release - which may contain new features - to receive security patches and bug fixes.

If you wish to use a stable version with a less frequent feature release cycle, you may use a long term support version. LTS versions are patched for security vulnerabilities and bugs, but do not contain new features. New LTS versions are released quarterly. Patches are issued for LTS versions for 9 months following release (current?2 structure).

Current long term support versions

| Version | Released | Latest Patch | End of Patch Releases | |———|————-|————–| ———————–| | 1.0.x | Jun-15-2017 | 1.0.8 | Mar-15-2018 | | 1.3.x | Aug-23-2017 | 1.3.4 | Jun-15-2018 |

Reporting a Vulnerability

We strongly encourage people to report security vulnerabilities privately to our security team before disclosing them in a public forum.

Please note that the e-mail address below should only be used for reporting undisclosed security vulnerabilities in Pivotal products and managing the process of fixing such vulnerabilities. We cannot accept regular bug reports or other security-related queries at this address.

The e-mail address to use to contact the Pivotal Application Security Team is security@pivotal.io.

Our public PGP key can be obtained from a public key server such as pgp.mit.edu. Its fingerprint is: 16F6 51BF 4637 F486 C5E2 4635 19BB 5184 0191 92ED. More information can be found at pivotal.io/security.

Development

Updating this repo's submodule before a BOSH release

To manually update a local repo, use

scripts/update

to ensure that the latest code has been pulled into the submodule.

Run unit tests to exercise the template logic used for application properties

spec/run_tests.sh

Create a packaged BOSH release

sh create-release --name credhub --version test --tarball ./credhub-test.tgz