Refactor image pipeline repository names and workflows

CSVD · Jan 23, 2025 · f2ec33c · f2ec33c
1 parent fd4b2ec
commit f2ec33c
Show file tree

Hide file tree

Showing 4 changed files with 30 additions and 13 deletions.
diff --git a/image-pipeline.tf b/image-pipeline.tf
@@ -1,8 +1,8 @@
 locals {
   pipeline_repos = [
-    "image-pipeline-goss-testing",
+    "image-pipeline-goss",
     "image-pipeline-ansible-playbooks",
-    "linux-image-pipeline",
+    "image-pipeline-packer",
     "windows-image-pipeline",
     "docker-image-pipeline"
   ]
@@ -34,8 +34,9 @@ module "image_pipeline_repos" {
       content = templatefile(
         lookup(var.image_pipeline_workflows, each.value, local.s3_upload),
         {
-          repo_name   = each.value,
-          bucket_name = "image-pipeline-assets"
+          repo_name    = each.value,
+          bucket_name  = "image-pipeline-assets"
+          runner_group = "229685449397"
         }
       )
     }

diff --git a/moved.tf b/moved.tf
@@ -0,0 +1,10 @@
+moved {
+  from = module.image_pipeline_repos["linux-image-pipeline"]
+  to   = module.image_pipeline_repos["image-pipeline-packer"]
+}
+
+# image-pipeline-goss
+moved {
+  from = module.image_pipeline_repos["image-pipeline-goss-testing"]
+  to   = module.image_pipeline_repos["image-pipeline-goss"]
+}
diff --git a/varfiles/default.tfvars b/varfiles/default.tfvars
@@ -3,7 +3,7 @@ image_pipeline_workflows = {
 }
 
 repolist = [
-   {
+  {
     description = "Terraform module repo for terraform-morpheus-database"
     repo_org    = "CSVD"
     name        = "terraform-morpheus-database"

diff --git a/workflows/s3_upload.yaml.tpl b/workflows/s3_upload.yaml.tpl
@@ -12,22 +12,28 @@ jobs:
   # This workflow contains a single job called "build"
   build:
     # The type of runner that the job will run on
-    runs-on: [ ${repo_name} ]
-    env:
-      AWS_SECRET_ACCESS_KEY: "$${{ secrets.AWS_SECRET_ACCESS_KEY }}"
-      AWS_ACCESS_KEY_ID: "$${{ vars.AWS_ACCESS_KEY_ID }}"
-      AWS_SESSION_TOKEN: "$${{ secrets.AWS_SESSION_TOKEN }}"
-
-
+    runs-on: [ ${runner_group} ]
+
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
-      - uses: actions/checkout@v3
+      - uses: CSVD/gh-actions-checkout@v4
+        id: checkout
+        with:
+          persist-credentials: false
 
       - uses: CSVD/gh-actions-setup-node@v3
         with:
            node-version: 16
 
+      - name: AWS Auth
+        id: aws_auth
+        uses: CSVD/aws-auth@main
+
       - run: |
           zip -r ${repo_name}.zip *
           aws s3 cp ${repo_name}.zip s3://${bucket_name}
+        env:
+          AWS_ACCESS_KEY_ID: ${{ steps.aws_auth.outputs.aws_access_key_id }}
+          AWS_SECRET_ACCESS_KEY: ${{ steps.aws_auth.outputs.aws_secret_access_key }}
+          AWS_SESSION_TOKEN: ${{ steps.aws_auth.outputs.aws_session_token }}