README
¶
Warning: From Version 1.0.0 onwards the Cloud Service Broker only supports OpenTofu. Custom brokerpaks need to specify an OpenTofu version and the upgrade process must be followed for existing instances. Only upgrades from terraform versions 1.5.x are supported. For more information, see the OpenTofu migration guide
Cloud Service Broker
An OSBAPI-compliant service broker that uses OpenTofu to create service instances.
This is a service broker built to be used with Cloud Foundry and Kubernetes. It adheres to the Open Service Broker API v2.13.
Cloud Service Broker is a fork of the GCP Service Broker
and uses Brokerpaks to
expose services. As long as your target cloud has a OpenTofu provider,
services can be provisioned via a common interface using standard cf CLI commands.
Some of the benefits over traditional, IaaS-provided, service brokers include:
- Easily extensible and maintainable Less talking to far-flung teams, more getting work done.
- One common broker for all brokered services. Cloud Service Broker decouples the service broker functionality from the catalog of services that it exposes.
- Credhub integration out-of-the-box CredHub encrypts and manages all the secrets associated with your usage of cloud services.
- Community When you expose a service via a Brokerpak, you can make it available to everyone who uses CSB.
- Possible to migrate existing services using OpenTofu Import
Architecture
Slack
Please reach out on the #cloudservicebroker channel in the Cloud Foundry Slack!
Installation
This service broker can be installed as a CF application. See the instructions for:
CSB-Provided Brokerpaks
To examine, submit issues or pull requests to the Brokerpaks which have been created for the major public clouds (AWS, Azure, GCP) see the repos below:
Usage
For operators: see docs/configuration.md for details about configuring the service broker.
For developers: see docs/ ReadMe for service options and details.
You can get documentation specific to your install from the /docs endpoint of your deployment.
Commands
The service broker can be run as both a server (the service broker) and as a general purpose command line utility. It supports the following sub-commands:
client- A CLI client for the service broker.config- Show and merge configuration options together.help- Help about any command.serve- Start the service broker.
Development
make is used to orchestrate most development tasks.
go is required to build the broker.
If you don't have go installed, it is possible to use docker to launch an interactive shell into some supported image containing all necessary tools. For example:
# From the root of this repo run:
docker run -it --rm -v "${PWD}:/repo" --workdir "/repo" --entrypoint "/bin/bash" golang:latest
make
There are make targets for most common dev tasks. Running make without a target will list the possible targets.
| command | action |
|---|---|
make build |
builds broker into ./build |
make test-units |
runs unit tests |
make clean |
removes binaries and built broker paks |
Local mimic commands
The mimic commands look and feel like CloudFoundry CLI commands, but actually run CSB actions locally. They are useful when developing brokerpaks.
By using the make target make install you can install the CSB as a local command called csb.
The mimic commands are:
csb create-service- creates a service instancecsb services- lists created service instancescsb service- displays information on an existing service instancecsb update-service- updates a service instancecsb upgrade-service- upgrades a service instancecsb delete-service- deletes a service instancecsb create-service-key- creates a "binding" and prints credentialscsb service-keys- lists service keyscsb service-key- prints a service keycsb delete-service-key- deletes a "binding"
The mimic commands build a brokerpak, start an ephemeral CSB server and send OSBAPI
requests to it in a similar style to what CloudFoundry would do. The CSB database
is stored as a file called .csb.db.
Additionally, there are commands which use the same framework to run the example tests. These are:
csb examples- list the example testscsb run-examples- runs the specified example tests
Bug Reports, Feature Requests, Documentation Requests & Support
File a GitHub issue for bug reports and documentation or feature requests. Please use the provided templates.
Contributing
We are always looking for folks to contribute Brokerpaks!
See Brokerpak Dissection and the user guides for more information on how to contribute to existing brokerpaks and how build one from scratch.
Documentation
¶
There is no documentation for this package.
Source Files
Directories
¶
| Path | Synopsis |
|---|---|
|
brokerapi
|
|
|
broker
Package broker implements the github.com/pivotal-cf/brokerapi/domain.ServiceBroker interface
|
Package broker implements the github.com/pivotal-cf/brokerapi/domain.ServiceBroker interface |
|
broker/brokerfakes
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
|
broker/decider
Package decider works out whether a service instance update is an Upgrade or and Update
|
Package decider works out whether a service instance update is an Upgrade or and Update |
|
Package brokerpaktestframework implements a test framework that can be used by brokerpaks for testing
|
Package brokerpaktestframework implements a test framework that can be used by brokerpaks for testing |
|
Package cmd implements a command line interface using Cobra
|
Package cmd implements a command line interface using Cobra |
|
Package dbservice implements database setup, connection, and migration
|
Package dbservice implements database setup, connection, and migration |
|
models
Package models implements database object models for use with GORM
|
Package models implements database object models for use with GORM |
|
integrationtest
|
|
|
packer
Package packer is a test helper to build brokerpaks for the integration tests
|
Package packer is a test helper to build brokerpaks for the integration tests |
|
internal
|
|
|
brokerpak/brokerpakurl
Package brokerpakurl handles the logic of working out which URL to fetch Terraform resources from
|
Package brokerpakurl handles the logic of working out which URL to fetch Terraform resources from |
|
brokerpak/fetcher
Package fetcher has logic for fetching a file from a source (which may be a file or URL) and saving it to a destination.
|
Package fetcher has logic for fetching a file from a source (which may be a file or URL) and saving it to a destination. |
|
brokerpak/manifest
Package manifest is the data model for a manifest file.
|
Package manifest is the data model for a manifest file. |
|
brokerpak/packer
Package packer knows how to create a brokerpak given a manifest, a source directory and a destination.
|
Package packer knows how to create a brokerpak given a manifest, a source directory and a destination. |
|
brokerpak/platform
Package platform is a utility for handling platform data
|
Package platform is a utility for handling platform data |
|
brokerpak/reader
Package reader is for reading manifest files
|
Package reader is for reading manifest files |
|
displaycatalog
Package displaycatalog is used to print out the key data of the catalog in the logs without printing out binary images etc...
|
Package displaycatalog is used to print out the key data of the catalog in the logs without printing out binary images etc... |
|
encryption
Package encryption handles encryption of secrets
|
Package encryption handles encryption of secrets |
|
encryption/compoundencryptor
Package compoundencryptor allows encryptors to be combined
|
Package compoundencryptor allows encryptors to be combined |
|
encryption/gcmencryptor
Package gcmencryptor implements AES GCM encryption
|
Package gcmencryptor implements AES GCM encryption |
|
encryption/noopencryptor
Package noopencryptor looks like an encryptor but doesn't do any encryption
|
Package noopencryptor looks like an encryptor but doesn't do any encryption |
|
encryption/passwordcombiner
Package passwordcombiner combines passwords with salt to create encryption keys
|
Package passwordcombiner combines passwords with salt to create encryption keys |
|
encryption/passwordparser
Package passwordparser parses password data
|
Package passwordparser parses password data |
|
infohandler
Package infohandler handles the /info endpoint
|
Package infohandler handles the /info endpoint |
|
local
Package local is an experimental mimic for the "cf create-service" command
|
Package local is an experimental mimic for the "cf create-service" command |
|
paramparser
Package paramparser handles the parsing of parameters from brokerapi
|
Package paramparser handles the parsing of parameters from brokerapi |
|
serviceimage
Package serviceimage knows how to base64 encode a local image file
|
Package serviceimage knows how to base64 encode a local image file |
|
steps
Package steps implements a "stepper" which steps through a list of callbacks, running each one sequentially
|
Package steps implements a "stepper" which steps through a list of callbacks, running each one sequentially |
|
storage
Package storage implements a Database Access Object (DAO)
|
Package storage implements a Database Access Object (DAO) |
|
storage/storagefakes
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
|
testdrive
Package testdrive is used in testing and local development to take the broker for a test drive
|
Package testdrive is used in testing and local development to take the broker for a test drive |
|
testmatchers
Package testmatchers implements custom test matchers
|
Package testmatchers implements custom test matchers |
|
tfproviderfqn
Package tfproviderfqn implements fully qualified Terraform provider names
|
Package tfproviderfqn implements fully qualified Terraform provider names |
|
zippy
Package zippy is a basic API to zip and unzip files that uses archive/zip Name inspired by: https://en.wikipedia.org/wiki/Zippy_(Rainbow)
|
Package zippy is a basic API to zip and unzip files that uses archive/zip Name inspired by: https://en.wikipedia.org/wiki/Zippy_(Rainbow) |
|
pkg
|
|
|
broker
Package broker implements some helpers needed for brokerapi
|
Package broker implements some helpers needed for brokerapi |
|
broker/brokerfakes
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
|
brokerpak
Package brokerpak implements the "pak" command and other things
|
Package brokerpak implements the "pak" command and other things |
|
client
Package client enables code to make OSBAPI calls
|
Package client enables code to make OSBAPI calls |
|
config
Package config implements configuration parsing for CredHub
|
Package config implements configuration parsing for CredHub |
|
credstore
Package credstore enables a connection to CredHub
|
Package credstore enables a connection to CredHub |
|
credstore/credstorefakes
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
|
featureflags
Package featureflags is used to determine the state of feature flags
|
Package featureflags is used to determine the state of feature flags |
|
generator
Package generator is used to generate docs
|
Package generator is used to generate docs |
|
providers/tf
Package tf implements the Terraform "provider".
|
Package tf implements the Terraform "provider". |
|
providers/tf/command
Package command is an interface for the Terraform command
|
Package command is an interface for the Terraform command |
|
providers/tf/executor
Package executor executes Terraform
|
Package executor executes Terraform |
|
providers/tf/executor/executorfakes
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
|
providers/tf/hclparser
Package hclparser is used to parse HCL (Hashicorp Configuration Language) that Terraform is written in
|
Package hclparser is used to parse HCL (Hashicorp Configuration Language) that Terraform is written in |
|
providers/tf/invoker
Package invoker allows different Terraform versions to be invoked
|
Package invoker allows different Terraform versions to be invoked |
|
providers/tf/invoker/invokerfakes
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
|
providers/tf/tffakes
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
|
providers/tf/workspace
Package workspace is a model for Terraform workspaces
|
Package workspace is a model for Terraform workspaces |
|
providers/tf/workspace/workspacefakes
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
|
server
Package server implements helpers and endpoints for the server
|
Package server implements helpers and endpoints for the server |
|
server/fakes
Code generated by counterfeiter.
|
Code generated by counterfeiter. |
|
toggles
Package toggles defines a standard way to define, list, and use feature toggles in the service broker.
|
Package toggles defines a standard way to define, list, and use feature toggles in the service broker. |
|
validation
Package validation implements a generic validator for values
|
Package validation implements a generic validator for values |
|
varcontext
Package varcontext works out the values for Terraform variables
|
Package varcontext works out the values for Terraform variables |
|
varcontext/interpolation
Package interpolation exposes the HIL (Hashicorp Interpolation Language)
|
Package interpolation exposes the HIL (Hashicorp Interpolation Language) |
|
Package utils contains various utils that do various things.
|
Package utils contains various utils that do various things. |
|
correlation
Package correlation reads correlation IDs from the context for logging
|
Package correlation reads correlation IDs from the context for logging |
|
freeport
Package freeport identifies a random unused port
|
Package freeport identifies a random unused port |
|
request
Package request decodes the originating identity header
|
Package request decodes the originating identity header |
|
stream
Package stream implements streaming a bit like 'gulp' on nodejs
|
Package stream implements streaming a bit like 'gulp' on nodejs |