From f2ec33c89fc14a554c0d2d2d8e9ec67a0407ed29 Mon Sep 17 00:00:00 2001
From: arnol377 <david.j.arnold.jr@census.gov>
Date: Thu, 23 Jan 2025 13:00:32 -0500
Subject: [PATCH] Refactor image pipeline repository names and workflows

---
 image-pipeline.tf            |  9 +++++----
 moved.tf                     | 10 ++++++++++
 varfiles/default.tfvars      |  2 +-
 workflows/s3_upload.yaml.tpl | 22 ++++++++++++++--------
 4 files changed, 30 insertions(+), 13 deletions(-)
 create mode 100644 moved.tf

diff --git a/image-pipeline.tf b/image-pipeline.tf
index dcc5065..1d286a5 100644
--- a/image-pipeline.tf
+++ b/image-pipeline.tf
@@ -1,8 +1,8 @@
 locals {
   pipeline_repos = [
-    "image-pipeline-goss-testing",
+    "image-pipeline-goss",
     "image-pipeline-ansible-playbooks",
-    "linux-image-pipeline",
+    "image-pipeline-packer",
     "windows-image-pipeline",
     "docker-image-pipeline"
   ]
@@ -34,8 +34,9 @@ module "image_pipeline_repos" {
       content = templatefile(
         lookup(var.image_pipeline_workflows, each.value, local.s3_upload),
         {
-          repo_name   = each.value,
-          bucket_name = "image-pipeline-assets"
+          repo_name    = each.value,
+          bucket_name  = "image-pipeline-assets"
+          runner_group = "229685449397"
         }
       )
     }
diff --git a/moved.tf b/moved.tf
new file mode 100644
index 0000000..e0ff153
--- /dev/null
+++ b/moved.tf
@@ -0,0 +1,10 @@
+moved {
+  from = module.image_pipeline_repos["linux-image-pipeline"]
+  to   = module.image_pipeline_repos["image-pipeline-packer"]
+}
+
+# image-pipeline-goss
+moved {
+  from = module.image_pipeline_repos["image-pipeline-goss-testing"]
+  to   = module.image_pipeline_repos["image-pipeline-goss"]
+}
\ No newline at end of file
diff --git a/varfiles/default.tfvars b/varfiles/default.tfvars
index 594519f..7b9dfe4 100644
--- a/varfiles/default.tfvars
+++ b/varfiles/default.tfvars
@@ -3,7 +3,7 @@ image_pipeline_workflows = {
 }
 
 repolist = [
-   {
+  {
     description = "Terraform module repo for terraform-morpheus-database"
     repo_org    = "CSVD"
     name        = "terraform-morpheus-database"
diff --git a/workflows/s3_upload.yaml.tpl b/workflows/s3_upload.yaml.tpl
index 531c9b6..facf3e0 100644
--- a/workflows/s3_upload.yaml.tpl
+++ b/workflows/s3_upload.yaml.tpl
@@ -12,22 +12,28 @@ jobs:
   # This workflow contains a single job called "build"
   build:
     # The type of runner that the job will run on
-    runs-on: [ ${repo_name} ]
-    env:
-      AWS_SECRET_ACCESS_KEY: "$${{ secrets.AWS_SECRET_ACCESS_KEY }}"
-      AWS_ACCESS_KEY_ID: "$${{ vars.AWS_ACCESS_KEY_ID }}"
-      AWS_SESSION_TOKEN: "$${{ secrets.AWS_SESSION_TOKEN }}"
-      
-
+    runs-on: [ ${runner_group} ]
+    
     # Steps represent a sequence of tasks that will be executed as part of the job
     steps:
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
-      - uses: actions/checkout@v3
+      - uses: CSVD/gh-actions-checkout@v4
+        id: checkout
+        with:
+          persist-credentials: false
 
       - uses: CSVD/gh-actions-setup-node@v3
         with:
            node-version: 16
     
+      - name: AWS Auth
+        id: aws_auth
+        uses: CSVD/aws-auth@main
+
       - run: |
           zip -r ${repo_name}.zip *
           aws s3 cp ${repo_name}.zip s3://${bucket_name}
+        env:
+          AWS_ACCESS_KEY_ID: ${{ steps.aws_auth.outputs.aws_access_key_id }}
+          AWS_SECRET_ACCESS_KEY: ${{ steps.aws_auth.outputs.aws_secret_access_key }}
+          AWS_SESSION_TOKEN: ${{ steps.aws_auth.outputs.aws_session_token }}