Walkthrough manifests are unusable

[domdom82]

I tried the walkthrough manifests at https://github.com/cloudfoundry-incubator/fissile/blob/develop/docs/configuration.md and failed multiple times.

Some of the bugs I found:

• yaml structure no longer complies with what fissile cli expects. variables node must be at top level.
• bosh_containerization property is required on each job
• tags: indexed no longer works
• must use dark-opinions.yml file even though I did not need them for my bosh release
• can't have empty dark-opinions.yml (or just a properties yml node)
• variable node structure different. e.g. description must be under options node instead

I finally succeeded by looking at the code and using the test assets as template for my own manifests.

I suggest to add the walkthrough example manifests to daily builds to make sure they work.

[drnic]

@domdom82 could you drop in your working walkthrough manifests and/or PR them into the docs? I was just about to give it a try.

[domdom82]

@drnic I will provide a PR later, here is what worked for me (tried HAproxy bosh release sniff test):

role-manifest.yml

instance_groups:
- name: haproxy                    # The name of the instance group
  jobs:                            # BOSH jobs this group will have
  - name: haproxy
    release: haproxy               # The name of the BOSH release this is from
    properties:
      bosh_containerization:
        run:
          flight-stage: pre-flight
          memory: 128

  tags:
  run:                             # Runtime configuration
    scaling:                       # Auto-scaling limits
      min: 1
      max: 3
    memory: 256                    # Memory request for each instance (MB)
    virtual-cpus: 4                # CPU request for each instance
    exposed-ports:
    - name: http
      protocol: TCP                # TCP or UDP
      external: 80                 # Port visible outside the container
      internal: 80                 # Port inside the container
      public: false                # Whether to expose to outside the cluster

configuration:
  templates:
    networks.default.dns_record_name: '"((DNS_RECORD_NAME))"'
    networks.default.ip: '"((IP_ADDRESS))"'
    properties.ha_proxy.ssl_pem: '"((SSL_PEM))"'  # <<< your dark opinions here

variables:
- name: SSL_PEM
  options:
    description: server certificate chain
    secret: true
    required: true

opinions.yml:

properties:
  ha_proxy:
    backend_servers: 10.10.10.10 .    # <<< your opinions here

dark-opinions.yml:

properties:
  ha_proxy:
    ssl_pem: # <<< this must match the properties in role-manifest.yml
      - |
        -----BEGIN CERTIFICATE-----
        -----END CERTIFICATE-----
        -----BEGIN CERTIFICATE-----
        -----END CERTIFICATE-----
        -----BEGIN RSA PRIVATE KEY-----
        -----END RSA PRIVATE KEY-----

[viovanov]

Thanks for going through all this @domdom82.
We're working on this nats containerized release as an example (we plan to keep it up-to-date because we're using it in our new CI pipeline).