From eb5f7b21a8b26b7217bfa1892318055e84f1ee94 Mon Sep 17 00:00:00 2001 From: David Anderson Date: Thu, 27 Jun 2024 17:01:52 -0400 Subject: [PATCH] update to use hardened images --- ci/acceptance-tests-config.yml | 9 -- ci/check-deployment-was-zdt.yml | 9 -- ci/create-diego-cell-iso-seg.yml | 9 -- ci/create-diego-platform-cell.yml | 9 -- ci/create-router-logstash.yml | 9 -- ci/create-router-main.yml | 9 -- ci/enable-cf-features.yml | 9 -- ci/pipeline.yml | 123 +++++++++++++++++- ci/terraform-secrets.yml | 9 -- ci/test-headers/task-clean-test-env.yml | 9 -- ci/test-headers/task-deploy-test-env.yml | 9 -- ci/test-headers/task-run-tests.yml | 9 -- ci/test-space-egress/task-clean-test-env.yml | 9 -- ci/test-space-egress/task-deploy-test-env.yml | 9 -- ci/test-space-egress/task-run-tests.yml | 9 -- ci/tic-smoke-tests.yml | 9 -- ci/uaa-client-audit.yml | 9 -- ci/uaa-monitor-account-creation.yml | 9 -- terraform/terraform-apply.yml | 9 -- 19 files changed, 117 insertions(+), 168 deletions(-) diff --git a/ci/acceptance-tests-config.yml b/ci/acceptance-tests-config.yml index efd18e25..a08ce67c 100644 --- a/ci/acceptance-tests-config.yml +++ b/ci/acceptance-tests-config.yml @@ -1,15 +1,6 @@ --- platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-manifests outputs: diff --git a/ci/check-deployment-was-zdt.yml b/ci/check-deployment-was-zdt.yml index a90aa26a..283aa3c5 100644 --- a/ci/check-deployment-was-zdt.yml +++ b/ci/check-deployment-was-zdt.yml @@ -1,15 +1,6 @@ --- platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-manifests - name: timestamp diff --git a/ci/create-diego-cell-iso-seg.yml b/ci/create-diego-cell-iso-seg.yml index aa14a8cb..a7d52f32 100644 --- a/ci/create-diego-cell-iso-seg.yml +++ b/ci/create-diego-cell-iso-seg.yml @@ -1,14 +1,5 @@ platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-deployment - name: cf-manifests diff --git a/ci/create-diego-platform-cell.yml b/ci/create-diego-platform-cell.yml index 9b66ed02..9c82fcf1 100644 --- a/ci/create-diego-platform-cell.yml +++ b/ci/create-diego-platform-cell.yml @@ -1,14 +1,5 @@ platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-deployment - name: cf-manifests diff --git a/ci/create-router-logstash.yml b/ci/create-router-logstash.yml index 4ab1176d..554892a5 100644 --- a/ci/create-router-logstash.yml +++ b/ci/create-router-logstash.yml @@ -1,14 +1,5 @@ platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-deployment - name: cf-manifests diff --git a/ci/create-router-main.yml b/ci/create-router-main.yml index 6be479a9..dbcd03a9 100644 --- a/ci/create-router-main.yml +++ b/ci/create-router-main.yml @@ -1,14 +1,5 @@ platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-deployment - name: cf-manifests diff --git a/ci/enable-cf-features.yml b/ci/enable-cf-features.yml index 2c3e5b32..6d366ba4 100644 --- a/ci/enable-cf-features.yml +++ b/ci/enable-cf-features.yml @@ -1,15 +1,6 @@ --- platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-manifests diff --git a/ci/pipeline.yml b/ci/pipeline.yml index 0f433b69..ddd7174f 100644 --- a/ci/pipeline.yml +++ b/ci/pipeline.yml @@ -21,15 +21,21 @@ jobs: trigger: true - get: cg-s3-secureproxy-release trigger: true + - get: general-task - task: terraform-secrets + image: general-task file: cf-manifests/ci/terraform-secrets.yml - task: router-main + image: general-task file: cf-manifests/ci/create-router-main.yml - task: router-logstash + image: general-task file: cf-manifests/ci/create-router-logstash.yml - task: diego-platform-cell + image: general-task file: cf-manifests/ci/create-diego-platform-cell.yml - task: diego-cell-iso-seg + image: general-task file: cf-manifests/ci/create-diego-cell-iso-seg.yml params: ISO_SEG_NAMES: "" #((names_of_iso_segs_development)) # Value in credhub @@ -101,6 +107,7 @@ jobs: - terraform-secrets/terraform.yml - task: enable-cf-features + image: general-task file: cf-manifests/ci/enable-cf-features.yml params: CF_API_URL: ((cf-api-url-development)) @@ -154,7 +161,9 @@ jobs: resource: terraform-config trigger: true - get: pipeline-tasks + - get: general-task - task: terraform-plan + image: general-task file: terraform-templates/terraform/terraform-apply.yml params: &tf-development TERRAFORM_ACTION: plan @@ -187,7 +196,9 @@ jobs: passed: [terraform-plan-development] trigger: true - get: pipeline-tasks + - get: general-task - task: terraform-apply + image: general-task file: terraform-templates/terraform/terraform-apply.yml params: <<: *tf-development @@ -241,7 +252,9 @@ jobs: passed: [deploy-cf-development] - get: tests-timer trigger: true + - get: general-task - task: uaa-client-audit + image: general-task file: cf-manifests/ci/uaa-client-audit.yml params: UAA_URL: ((uaa-url-development)) @@ -259,7 +272,9 @@ jobs: passed: [deploy-cf-development] - get: hourly-timer trigger: true + - get: general-task - task: uaa-monitor-account-creation + image: general-task file: cf-manifests/ci/uaa-monitor-account-creation.yml params: UAA_URL: ((uaa-url-development)) @@ -291,7 +306,9 @@ jobs: - get: cg-s3-secureproxy-release trigger: true passed: [deploy-cf-development] + - get: general-task - task: smoke-tests + image: general-task file: cf-manifests/ci/tic-smoke-tests.yml params: CI: true @@ -382,9 +399,9 @@ jobs: source: aws_access_key_id: ((ecr_aws_key)) aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task + repository: general-task aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) + tag: latest inputs: - name: common run: @@ -425,7 +442,9 @@ jobs: passed: [deploy-cf-development] - get: cf-stemcell-jammy passed: [deploy-cf-development] + - get: general-task - task: deploy-test-env + image: general-task file: cf-manifests/ci/test-space-egress/task-deploy-test-env.yml params: &test-space-egress-development-params CF_API_URL: ((cf-api-url-development)) @@ -436,10 +455,12 @@ jobs: CF_APP_DOMAIN: dev.us-gov-west-1.aws-us-gov.cloud.gov on_failure: &test-space-egress-development-clean-tasks task: clean-test-env + image: general-task file: cf-manifests/ci/test-space-egress/task-clean-test-env.yml params: <<: *test-space-egress-development-params - task: run-tests + image: general-task file: cf-manifests/ci/test-space-egress/task-run-tests.yml params: <<: *test-space-egress-development-params @@ -479,7 +500,9 @@ jobs: passed: [deploy-cf-development] - get: cf-stemcell-jammy passed: [deploy-cf-development] + - get: general-task - task: deploy-test-env + image: general-task file: cf-manifests/ci/test-headers/task-deploy-test-env.yml params: &test-headers-development-params CF_API_URL: ((cf-api-url-development)) @@ -490,10 +513,12 @@ jobs: CF_APP_DOMAIN: dev.us-gov-west-1.aws-us-gov.cloud.gov on_failure: &test-headers-development-clean-tasks task: clean-test-env + image: general-task file: cf-manifests/ci/test-headers/task-clean-test-env.yml params: <<: *test-headers-development-params - task: run-tests + image: general-task file: cf-manifests/ci/test-headers/task-run-tests.yml params: <<: *test-headers-development-params @@ -544,16 +569,22 @@ jobs: - get: cg-s3-secureproxy-release trigger: true passed: [smoke-tests-development] + - get: general-task - put: timestamp - task: terraform-secrets + image: general-task file: cf-manifests/ci/terraform-secrets.yml - task: router-main + image: general-task file: cf-manifests/ci/create-router-main.yml - task: router-logstash + image: general-task file: cf-manifests/ci/create-router-logstash.yml - task: diego-platform-cell + image: general-task file: cf-manifests/ci/create-diego-platform-cell.yml - task: diego-cell-iso-seg + image: general-task file: cf-manifests/ci/create-diego-cell-iso-seg.yml params: ISO_SEG_NAMES: "" #((names_of_iso_segs_staging)) # Value in credhub @@ -616,6 +647,7 @@ jobs: - terraform-secrets/terraform.yml - task: enable-cf-features + image: general-task file: cf-manifests/ci/enable-cf-features.yml params: CF_API_URL: ((cf-api-url-staging)) @@ -641,6 +673,7 @@ jobs: user_org_creation hide_marketplace_from_unauthenticated_users - task: validate-zdt + image: general-task file: cf-manifests/ci/check-deployment-was-zdt.yml params: HEALTH_CHECK_ID: ((staging-route53-healthcheck-id)) @@ -712,7 +745,9 @@ jobs: passed: [deploy-cf-staging] - get: tests-timer trigger: true + - get: general-task - task: uaa-client-audit + image: general-task file: cf-manifests/ci/uaa-client-audit.yml params: UAA_URL: ((uaa-url-staging)) @@ -730,7 +765,9 @@ jobs: passed: [deploy-cf-staging] - get: hourly-timer trigger: true + - get: general-task - task: uaa-monitor-account-creation + image: general-task file: cf-manifests/ci/uaa-monitor-account-creation.yml params: UAA_URL: ((uaa-url-staging)) @@ -759,7 +796,9 @@ jobs: passed: [terraform-apply-staging] trigger: true - get: master-bosh-root-cert + - get: general-task - task: smoke-tests + image: general-task file: cf-manifests/ci/tic-smoke-tests.yml params: CI: true @@ -799,7 +838,9 @@ jobs: trigger: true passed: [terraform-apply-development] - get: pipeline-tasks + - get: general-task - task: terraform-plan + image: general-task file: terraform-templates/terraform/terraform-apply.yml params: &tf-staging TERRAFORM_ACTION: plan @@ -832,7 +873,9 @@ jobs: trigger: true passed: [terraform-plan-staging] - get: pipeline-tasks + - get: general-task - task: terraform-apply + image: general-task file: terraform-templates/terraform/terraform-apply.yml params: <<: *tf-staging @@ -953,7 +996,9 @@ jobs: - uaa-smoke-tests-staging - test-space-egress-staging - smoke-tests-staging + - get: general-task - task: test-config + image: general-task file: cf-manifests/ci/acceptance-tests-config.yml params: API_URL: api.fr-stage.cloud.gov @@ -1007,7 +1052,9 @@ jobs: - get: terraform-config passed: [terraform-apply-staging] trigger: true + - get: general-task - task: deploy-test-env + image: general-task file: cf-manifests/ci/test-space-egress/task-deploy-test-env.yml params: &test-space-egress-staging-params CF_API_URL: ((cf-api-url-staging)) @@ -1018,10 +1065,12 @@ jobs: CF_APP_DOMAIN: fr-stage.cloud.gov on_failure: &test-space-egress-staging-clean-tasks task: clean-test-env + image: general-task file: cf-manifests/ci/test-space-egress/task-clean-test-env.yml params: <<: *test-space-egress-staging-params - task: run-tests + image: general-task file: cf-manifests/ci/test-space-egress/task-run-tests.yml params: <<: *test-space-egress-staging-params @@ -1070,15 +1119,21 @@ jobs: passed: [acceptance-tests-staging] - get: cg-s3-secureproxy-release passed: [acceptance-tests-staging] + - get: general-task - task: terraform-secrets + image: general-task file: cf-manifests/ci/terraform-secrets.yml - task: router-main + image: general-task file: cf-manifests/ci/create-router-main.yml - task: router-logstash + image: general-task file: cf-manifests/ci/create-router-logstash.yml - task: diego-platform-cell + image: general-task file: cf-manifests/ci/create-diego-platform-cell.yml - task: diego-cell-iso-seg + image: general-task file: cf-manifests/ci/create-diego-cell-iso-seg.yml params: ISO_SEG_NAMES: "" #((names_of_iso_segs_production)) # Value in credhub @@ -1177,15 +1232,21 @@ jobs: passed: [plan-cf-production] - get: cg-s3-secureproxy-release passed: [plan-cf-production] + - get: general-task - task: terraform-secrets + image: general-task file: cf-manifests/ci/terraform-secrets.yml - task: router-main + image: general-task file: cf-manifests/ci/create-router-main.yml - task: router-logstash + image: general-task file: cf-manifests/ci/create-router-logstash.yml - task: diego-platform-cell + image: general-task file: cf-manifests/ci/create-diego-platform-cell.yml - task: diego-cell-iso-seg + image: general-task file: cf-manifests/ci/create-diego-cell-iso-seg.yml params: ISO_SEG_NAMES: "" #((names_of_iso_segs_production)) # Value in credhub @@ -1195,6 +1256,7 @@ jobs: dry_run: false - task: enable-cf-features + image: general-task file: cf-manifests/ci/enable-cf-features.yml params: CF_API_URL: ((cf-api-url-production)) @@ -1269,7 +1331,9 @@ jobs: passed: [deploy-cf-production] - get: tests-timer trigger: true + - get: general-task - task: uaa-client-audit + image: general-task file: cf-manifests/ci/uaa-client-audit.yml params: UAA_URL: ((uaa-url-production)) @@ -1287,7 +1351,9 @@ jobs: passed: [deploy-cf-production] - get: hourly-timer trigger: true + - get: general-task - task: uaa-monitor-account-creation + image: general-task file: cf-manifests/ci/uaa-monitor-account-creation.yml params: UAA_URL: ((uaa-url-production)) @@ -1304,7 +1370,9 @@ jobs: passed: [deploy-cf-production] trigger: true - get: master-bosh-root-cert + - get: general-task - task: smoke-tests + image: general-task file: cf-manifests/ci/tic-smoke-tests.yml params: CI: true @@ -1344,7 +1412,9 @@ jobs: passed: [acceptance-tests-staging] trigger: true - get: pipeline-tasks + - get: general-task - task: terraform-plan + image: general-task file: terraform-templates/terraform/terraform-apply.yml params: &tf-production TERRAFORM_ACTION: plan @@ -1377,7 +1447,9 @@ jobs: passed: [terraform-plan-production] - get: pipeline-tasks + - get: general-task - task: terraform-apply + image: general-task file: terraform-templates/terraform/terraform-apply.yml params: <<: *tf-production @@ -1431,7 +1503,9 @@ jobs: - get: cf-manifests trigger: true passed: [deploy-cf-production] + - get: general-task - task: deploy-test-env + image: general-task file: cf-manifests/ci/test-space-egress/task-deploy-test-env.yml params: &test-space-egress-production-params CF_API_URL: ((cf-api-url-production)) @@ -1442,10 +1516,12 @@ jobs: CF_APP_DOMAIN: app.cloud.gov on_failure: &test-space-egress-production-clean-tasks task: clean-test-env + image: general-task file: cf-manifests/ci/test-space-egress/task-clean-test-env.yml params: <<: *test-space-egress-production-params - task: run-tests + image: general-task file: cf-manifests/ci/test-space-egress/task-run-tests.yml params: <<: *test-space-egress-production-params @@ -1612,6 +1688,15 @@ resources: - name: timestamp type: time +- name: general-task + type: registry-image + source: + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: general-task + aws_region: us-gov-west-1 + tag: latest + resource_types: - name: registry-image type: registry-image @@ -1632,14 +1717,40 @@ resource_types: tag: latest - name: bosh-deployment - type: docker-image + type: registry-image source: - repository: cloudfoundry/bosh-deployment-resource + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: bosh-deployment-resource + aws_region: us-gov-west-1 + tag: latest - name: s3-iam - type: docker-image + type: registry-image source: - repository: 18fgsa/s3-resource + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: s3-resource + aws_region: us-gov-west-1 + tag: latest + +- name: time + type: registry-image + source: + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: time-resource + aws_region: us-gov-west-1 + tag: latest + +- name: bosh-io-stemcell + type: registry-image + source: + aws_access_key_id: ((ecr_aws_key)) + aws_secret_access_key: ((ecr_aws_secret)) + repository: bosh-io-release-resource + aws_region: us-gov-west-1 + tag: latest groups: - name: all diff --git a/ci/terraform-secrets.yml b/ci/terraform-secrets.yml index 0a01e66c..bf358ef5 100644 --- a/ci/terraform-secrets.yml +++ b/ci/terraform-secrets.yml @@ -1,15 +1,6 @@ --- platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-manifests - name: terraform-yaml diff --git a/ci/test-headers/task-clean-test-env.yml b/ci/test-headers/task-clean-test-env.yml index e604344d..cb552816 100644 --- a/ci/test-headers/task-clean-test-env.yml +++ b/ci/test-headers/task-clean-test-env.yml @@ -1,15 +1,6 @@ --- platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-manifests diff --git a/ci/test-headers/task-deploy-test-env.yml b/ci/test-headers/task-deploy-test-env.yml index 83f86aa9..e04b4ee7 100644 --- a/ci/test-headers/task-deploy-test-env.yml +++ b/ci/test-headers/task-deploy-test-env.yml @@ -1,15 +1,6 @@ --- platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-manifests diff --git a/ci/test-headers/task-run-tests.yml b/ci/test-headers/task-run-tests.yml index a1a28c81..3930b148 100644 --- a/ci/test-headers/task-run-tests.yml +++ b/ci/test-headers/task-run-tests.yml @@ -1,15 +1,6 @@ --- platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-manifests diff --git a/ci/test-space-egress/task-clean-test-env.yml b/ci/test-space-egress/task-clean-test-env.yml index 204d3853..1136f9ac 100644 --- a/ci/test-space-egress/task-clean-test-env.yml +++ b/ci/test-space-egress/task-clean-test-env.yml @@ -1,15 +1,6 @@ --- platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-manifests diff --git a/ci/test-space-egress/task-deploy-test-env.yml b/ci/test-space-egress/task-deploy-test-env.yml index bcc2e2d3..5a970983 100644 --- a/ci/test-space-egress/task-deploy-test-env.yml +++ b/ci/test-space-egress/task-deploy-test-env.yml @@ -1,15 +1,6 @@ --- platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-manifests diff --git a/ci/test-space-egress/task-run-tests.yml b/ci/test-space-egress/task-run-tests.yml index 1abdcf63..d8636e64 100644 --- a/ci/test-space-egress/task-run-tests.yml +++ b/ci/test-space-egress/task-run-tests.yml @@ -1,15 +1,6 @@ --- platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-manifests diff --git a/ci/tic-smoke-tests.yml b/ci/tic-smoke-tests.yml index 1e308b07..b6ef438b 100644 --- a/ci/tic-smoke-tests.yml +++ b/ci/tic-smoke-tests.yml @@ -1,15 +1,6 @@ --- platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-manifests - name: master-bosh-root-cert diff --git a/ci/uaa-client-audit.yml b/ci/uaa-client-audit.yml index 80481725..14457c46 100644 --- a/ci/uaa-client-audit.yml +++ b/ci/uaa-client-audit.yml @@ -1,15 +1,6 @@ --- platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-manifests - name: cf-deployment diff --git a/ci/uaa-monitor-account-creation.yml b/ci/uaa-monitor-account-creation.yml index f835db62..7ff90869 100644 --- a/ci/uaa-monitor-account-creation.yml +++ b/ci/uaa-monitor-account-creation.yml @@ -1,15 +1,6 @@ --- platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: cf-manifests - name: cf-deployment diff --git a/terraform/terraform-apply.yml b/terraform/terraform-apply.yml index c21baf12..a575569f 100644 --- a/terraform/terraform-apply.yml +++ b/terraform/terraform-apply.yml @@ -1,15 +1,6 @@ --- platform: linux -image_resource: - type: registry-image - source: - aws_access_key_id: ((ecr_aws_key)) - aws_secret_access_key: ((ecr_aws_secret)) - repository: harden-concourse-task - aws_region: us-gov-west-1 - tag: ((harden-concourse-task-tag)) - inputs: - name: terraform-templates - name: pipeline-tasks