From 6d1273c91780279a855dd0e0c8866ffda2bf95b5 Mon Sep 17 00:00:00 2001 From: Kim Date: Sun, 31 Dec 2023 09:18:43 +0200 Subject: [PATCH 1/3] move aws-sts-role-with-web-identity to use quay image --- .../aws-sts-assume-role-with-web-identity/step.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/incubating/aws-sts-assume-role-with-web-identity/step.yaml b/incubating/aws-sts-assume-role-with-web-identity/step.yaml index b8a265d98..3b5f955e2 100644 --- a/incubating/aws-sts-assume-role-with-web-identity/step.yaml +++ b/incubating/aws-sts-assume-role-with-web-identity/step.yaml @@ -1,7 +1,7 @@ version: '1.0' kind: step-type metadata: - version: 1.0.0 + version: 1.1.0 name: aws-sts-assume-role-with-web-identity description: >- Obtain AWS STS credentials using OIDC ID token and export them as environment variables @@ -42,7 +42,7 @@ metadata: ROLE_SESSION_NAME: session-name s3_list_objects: title: List S3 Objects - image: amazon/aws-cli + image: quay.io/jland/aws-cli:2.8.12 commands: - aws s3 ls "s3://bucket-name/" - description: example-with-id-token-from-environment-variable @@ -58,7 +58,7 @@ metadata: WEB_IDENTITY_TOKEN: ${{ID_TOKEN}} s3_list_objects: title: List S3 Objects - image: amazon/aws-cli + image: quay.io/jland/aws-cli:2.8.12 commands: - aws s3 ls "s3://bucket-name/" spec: @@ -121,7 +121,7 @@ spec: stepsTemplate: |- main: name: aws-sts-assume-role-with-web-identity - image: mikesir87/aws-cli + image: quay.io/jland/aws-cli:2.8.12 environment: [[ range $key, $val := .Arguments ]] - '[[ $key ]]=[[ $val ]]' From 220dd4489dc09084bf3e86b1ae9908d30a8c36ec Mon Sep 17 00:00:00 2001 From: Kim Date: Sun, 31 Dec 2023 09:27:28 +0200 Subject: [PATCH 2/3] obtain oidc token to use quay image --- incubating/aws-sts-assume-role-with-web-identity/step.yaml | 4 ++-- incubating/obtain-oidc-id-token/step.yaml | 5 ++--- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/incubating/aws-sts-assume-role-with-web-identity/step.yaml b/incubating/aws-sts-assume-role-with-web-identity/step.yaml index 3b5f955e2..5a1924da4 100644 --- a/incubating/aws-sts-assume-role-with-web-identity/step.yaml +++ b/incubating/aws-sts-assume-role-with-web-identity/step.yaml @@ -42,7 +42,7 @@ metadata: ROLE_SESSION_NAME: session-name s3_list_objects: title: List S3 Objects - image: quay.io/jland/aws-cli:2.8.12 + image: amazon/aws-cli commands: - aws s3 ls "s3://bucket-name/" - description: example-with-id-token-from-environment-variable @@ -58,7 +58,7 @@ metadata: WEB_IDENTITY_TOKEN: ${{ID_TOKEN}} s3_list_objects: title: List S3 Objects - image: quay.io/jland/aws-cli:2.8.12 + image: amazon/aws-cli commands: - aws s3 ls "s3://bucket-name/" spec: diff --git a/incubating/obtain-oidc-id-token/step.yaml b/incubating/obtain-oidc-id-token/step.yaml index 31e59d7df..4691a03d4 100644 --- a/incubating/obtain-oidc-id-token/step.yaml +++ b/incubating/obtain-oidc-id-token/step.yaml @@ -107,13 +107,12 @@ spec: steps: main: name: obtain-oidc-id-token - image: quay.io/curl/curl-base + image: quay.io/ferdi/ci-utils:latest environment: - 'AUDIENCE=${{AUDIENCE}}' commands: - | - apk add jq - + URL="$CF_OIDC_REQUEST_URL" # This means that audience was provided by the user From fe9c49d31dd0ff42ca0987bc7ea9f6ebd153910b Mon Sep 17 00:00:00 2001 From: Kim Date: Sun, 31 Dec 2023 09:27:46 +0200 Subject: [PATCH 3/3] obtain oidc token to use quay image bump --- incubating/obtain-oidc-id-token/step.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/incubating/obtain-oidc-id-token/step.yaml b/incubating/obtain-oidc-id-token/step.yaml index 4691a03d4..97fcb9f1f 100644 --- a/incubating/obtain-oidc-id-token/step.yaml +++ b/incubating/obtain-oidc-id-token/step.yaml @@ -1,7 +1,7 @@ version: '1.0' kind: step-type metadata: - version: 1.1.2 + version: 1.2.0 name: obtain-oidc-id-token description: >- Obtain ID token from Codefresh OIDC Provider