release: github.com/cloudfoundry/cf-release / 222

Github source: 53014242 or master branch

The cf-release v222 was released on October 19, 2015.

Important: - With this release, the default behavior is to hide the Create Account & Reset Password links on the UAA Login Page. Please set the login.self_service_links_enabled property to true (either on the uaa jobs or in the global properties section) in your deployment manifest to make these links visible. This will soon be corrected in an upcoming release to default to true, so it will not be necessary to specify in your manifests. Because the impact of this change is not critical, and easy to fix, this release is not being marked as a pre-release. details - If you are using the “spiff” templates for manifest generation located in the templates directory of the cf-release repo, they are no longer overriding the defaults in for the DEAs’ overcommit factors. If you were depending on the overrides in the templates, you should not be specifying overrides in your stubs. details

Contents: - CC and Service Broker APIs - Runtime - Buildpacks and Stacks - Identity - Routing - Loggregator - Internal Components - Job Spec Changes - Recommended BOSH Release and Stemcell Versions - Recommended Diego Version - Recommended Garden Linux Version

CC and Service Broker APIs

CC API Version: 2.41.0

Service Broker API Version: 2.7

Cloud Controller

  • [Experimental] Work continues on /v3 and Application Process Types details
  • [Experimental] Work continues on Private Brokers details
  • [Experimental] Work continues on Route Services details
  • cloudfoundry/cloud_controller_ng #444: app.rb: has_stop_event_for_latest_run? definition removed, but one use remains details

Runtime

DEA

No changes.

Warden

HM9000

No changes.

Buildpacks and Stacks

stacks

updated to 1.11.0 (from 1.9.0)

1.11.0

Notably, this release addresses USN-2767-1, “GDK-PixBuf vulnerabilities”, which is related to: - CVE-2015-7673 “Heap overflow and DoS with a tga file in gdk-pixbuf < 2.32.1” - CVE-2015-7674 “Heap overflow with a gif file in gdk-pixbuf < 2.32.1”

1.10.0

This release contains only non-critical updates to the rootfs. See the receipt changes at this commit for more information.

Identity

Known Issues - Self Service Links disabled on Login Page

With this release, the default behavior is to hide the Create Account & Reset Password links on the UAA Login Page. Please set _self_service_links_enabled_ to _true_ under login section of the cf manifest to make these links visible

Pull Requests Merged pull request to clean up UAA spec & templates and remove references to unused properties details

Routing

  • Routing API request body is now flat for TCP resources details

Work continues on adding support for Route Services to CC API (epic) - User-provided service instances can now be created with a route_service_url, bound to a route, and unbound from a route - End-to-end acceptance tests added for the route services feature

Work continues on support for TCP routes in CF (epic) - TCP Routes are deleted when removed with an updateLRP call to Diego

Loggregator

Internal Components

consul

No changes.

etcd

No changes.

etcd-metrics-server

No changes.

route_registrar

No changes.

Job Spec Changes

  • Remove unused login.links.home, login.links.network, and login.links.signup-network properties from uaa job. details
  • Remove Pivotal-specific default value for login.links.passwd property in uaa job. details
  • Add login.self_service_links_enabled property to uaa job. details

Recommended BOSH Release and Stemcell Versions

  • BOSH Release Version: bosh/201
  • BOSH Stemcell Version(s): bosh-aws-xen-hvm-ubuntu-trusty-go_agent/3104

These are soft recommendations; several different versions of the BOSH release and stemcell are likely to work fine with this version of cf-release.

Recommended Diego Version

This is a soft recommendation; several different versions of the diego-release may work fine with this version of cf-release.

Recommended Garden Linux Version

This is a soft recommendation; several different versions of the garden-linux release may work fine with this version of cf-release and the aforementioned version of diego-release.

Recommended ETCD Version for Diego Deployment

  • Etcd final release 16

This is a soft recommendation; several different versions of the etcd release may work fine with this version of cf-release and the aforementioned version of diego-release.

Upload this release version to the Director:

$ bosh upload-release https://bosh.io/d/github.com/cloudfoundry/cf-release?v=222 --sha1 ca2a82f0cf17c2bab54f564fac65ee1fd75f4b01

Modify deployment manifest to use this release in addition to any other used releases:

releases:
- name: cf
  version: "222"

Finally add needed deployment jobs and specify values for required properties.

Optionally download sha1: ca2a82f0cf17c2bab54f564fac65ee1fd75f4b01 release tarball locally:

# ...or download it directly using curl
$ curl -L -J -O https://bosh.io/d/github.com/cloudfoundry/cf-release?v=222

# or with wget...
$ wget --content-disposition https://bosh.io/d/github.com/cloudfoundry/cf-release?v=222