From 7f216b24bf4414d0e5271f673ad99c67ccc05261 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Kacper=20Ma=C5=82achowski?= <38684517+KacperMalachowski@users.noreply.github.com> Date: Fri, 11 Oct 2024 08:42:48 +0200 Subject: [PATCH] Rename autobump token secret for github (#12128) --- .../environments/prod/kyma-bots-secrets-variables.tf | 7 +++---- configs/terraform/environments/prod/kyma-bots-secrets.tf | 6 +++--- 2 files changed, 6 insertions(+), 7 deletions(-) diff --git a/configs/terraform/environments/prod/kyma-bots-secrets-variables.tf b/configs/terraform/environments/prod/kyma-bots-secrets-variables.tf index 56592290b10d..8a15e7645941 100644 --- a/configs/terraform/environments/prod/kyma-bots-secrets-variables.tf +++ b/configs/terraform/environments/prod/kyma-bots-secrets-variables.tf @@ -9,14 +9,13 @@ variable "kyma_autobump_bot_github_token_secret_name" { default = "kyma-autobump-bot-github-token" } -# TODO(kacpermalachowski): Rename to kyma_autobump_bot_github_token_secret_name after Prow removal -variable "kyma_autobump_bot_github_token_sm_secret_name" { +variable "kyma_bot_github_sap_token_secret_name" { type = string description = "Name of the kyma-autobump-bot-github-token secret in the Google's Secret Manager. This secret is used by automatic bumpers to interact with GitHub." - default = "workloads_default_kyma-autobump-bot-github-token" + default = "kyma-autobump-bot-github-token" } -variable "kyma_bot_github_sap_token_secret_name" { +variable "kyma_bot_github_sap_token_prow_k8s_secret_name" { type = string description = "Name of the kyma-bot-github-sap-token secret. This is used by automation to interact with SAP GitHub instance." default = "kyma-bot-github-sap-token" diff --git a/configs/terraform/environments/prod/kyma-bots-secrets.tf b/configs/terraform/environments/prod/kyma-bots-secrets.tf index dd7e64b316df..0fb6a79723a1 100644 --- a/configs/terraform/environments/prod/kyma-bots-secrets.tf +++ b/configs/terraform/environments/prod/kyma-bots-secrets.tf @@ -12,7 +12,7 @@ resource "kubernetes_cluster_role" "access_kyma_bot_github_tokens_trusted_worklo rule { api_groups = [""] resources = ["secrets"] - resource_names = [var.kyma_autobump_bot_github_token_secret_name, var.kyma_bot_github_token_secret_name, var.kyma_bot_github_sap_token_secret_name, var.kyma_guard_bot_github_token_secret_name] + resource_names = [var.kyma_autobump_bot_github_token_secret_name, var.kyma_bot_github_token_secret_name, var.kyma_bot_github_sap_token_prow_k8s_secret_name, var.kyma_guard_bot_github_token_secret_name] verbs = ["update", "get", "list", "watch", "patch", "create", "delete"] } } @@ -27,7 +27,7 @@ resource "kubernetes_cluster_role" "access_kyma_bot_github_tokens_untrusted_work rule { api_groups = [""] resources = ["secrets"] - resource_names = [var.kyma_autobump_bot_github_token_secret_name, var.kyma_bot_github_token_secret_name, var.kyma_bot_github_sap_token_secret_name, var.kyma_guard_bot_github_token_secret_name] + resource_names = [var.kyma_autobump_bot_github_token_secret_name, var.kyma_bot_github_token_secret_name, var.kyma_bot_github_sap_token_prow_k8s_secret_name, var.kyma_guard_bot_github_token_secret_name] verbs = ["update", "get", "list", "watch", "patch", "create", "delete"] } } @@ -72,5 +72,5 @@ resource "github_actions_variable" "kyma_autobump_bot_github_token_secret_name" provider = github.kyma_project repository = data.github_repository.test_infra.name variable_name = "KYMA_AUTOBUMP_BOT_GITHUB_SECRET_NAME" - value = var.kyma_autobump_bot_github_token_sm_secret_name + value = var.kyma_bot_github_sap_token_secret_name }