This is a concourse pipeline that performs the following actions:
- Checks if your current PCF certificate is about to expire
- Requests new wildcard certificates from letsencrypt
- Updates the Google Load Balancer
- Updates the following PCF components:
- PAS
- PKS
- VMware Harbor
- RabbitMQ
You should have your DNS delegated to GCP in the same project as PCF is installed.
You should then move the file credentials-sample.yml to credentials.yml and edit the fields for your environment. This file is self-documented.
One that is done and you are logged in to concourse, create the pipeline:
% fly -t <concourse-server> set-pipeline -p le-for-pcf-on-gcp-pipeline -c pipeline.yml -l credentials.yml
By default it will trigger every 24 Hours and check if your current certificate is out of date. If it is, it will go ahead and do all the work for you.
The scripts use the custom docker image mattsday/le-pcf-on-gcp-base, the source for which you can find in the docker-base-img/ folder.