BOSH release of CredHub server
CF CredHub CI Pipeline
CF CredHub CI Pipeline Create final release 1.7.8
Latest commit 5c8314e Sep 19, 2018

README.md

CredHub

CredHub Release provides a BOSH Release for CredHub.

See additional repos for more info:

Deploying CredHub

This repository includes code to create a BOSH release of CredHub. Releases based on this repository are created and posted automatically to bosh.io for deployment.

Adding CredHub to an existing deployment manifest can be done by simply adding the release and its appropriate job configurations. Complete sample manifests can be found here.

releases:
- name: credhub
  url: https://bosh.io/d/github.com/pivotal-cf/credhub-release?v=1.5.0
  version: 1.5.0
  sha1: f965d47c261c9c554399ea02cf7ab343b7b7f843

Release Lifecycle

CredHub issues frequent minor releases containing new features. If you wish to receive the latest new features, the most recent release should be used. If you choose to use the latest release line, you must update to a subsequent patch or minor release - which may contain new features - to receive security patches and bug fixes.

If you wish to use a stable version with a less frequent feature release cycle, you may use a long term support version. LTS versions are patched for security vulnerabilities and bugs, but do not contain new features. New LTS versions are released quarterly. Patches are issued for LTS versions for at least 9 months following release.

Current long term support versions:

Version End of Patch Releases
1.6.x 2018-09-31
1.7.x 2018-12-31
1.9.x 2019-03-31

Reporting a Vulnerability

We strongly encourage people to report security vulnerabilities privately to our security team before disclosing them in a public forum.

Please note that the e-mail address below should only be used for reporting undisclosed security vulnerabilities in Pivotal products and managing the process of fixing such vulnerabilities. We cannot accept regular bug reports or other security-related queries at this address.

The e-mail address to use to contact the Pivotal Application Security Team is security@pivotal.io. Find our PGP fingerprint and more information about our security channels at pivotal.io/security.

Development

Updating this repo's submodule before a BOSH release

To manually update a local repo, use

$ ./scripts/update

to ensure that the latest code has been pulled into the submodule.

Run unit tests to exercise the template logic used for application properties

$ ./spec/run_tests.sh

Create a packaged BOSH release

$ bosh create-release --name credhub --version test --tarball ./credhub-test.tgz