fix(variants): use service containers "latest" image tag (vault, GCP & AWS)

README.md

@@ -571,7 +571,7 @@ In order to be able to communicate with the Vault server, the variant requires t
 
 | Input / Variable  | Description                            | Default value     |
 | ----------------- | -------------------------------------- | ----------------- |
-| `TBC_VAULT_IMAGE` | The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use (can be overridden) | `registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:master` |
+| `TBC_VAULT_IMAGE` | The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use (can be overridden) | `registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest` |
 | `vault-base-url` / `VAULT_BASE_URL` | The Vault server base API url          | _none_ |
 | `vault-oidc-aud` / `VAULT_OIDC_AUD` | The `aud` claim for the JWT | `$CI_SERVER_URL` |
 | :lock: `VAULT_ROLE_ID`   | The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID | **must be defined** |
@@ -630,7 +630,7 @@ List of requirements before using this variant for publishing your container ima
 
 | Input / Variable         | Description                            | Default value     |
 | ------------------------ | -------------------------------------- | ----------------- |
-| `TBC_GCP_PROVIDER_IMAGE` | The [GCP Auth Provider](https://gitlab.com/to-be-continuous/tools/gcp-auth-provider) image to use (can be overridden) | `registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:main` |
+| `TBC_GCP_PROVIDER_IMAGE` | The [GCP Auth Provider](https://gitlab.com/to-be-continuous/tools/gcp-auth-provider) image to use (can be overridden) | `registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:latest` |
 | `gcp-oidc-aud` / `GCP_OIDC_AUD` | The `aud` claim for the JWT token      | `$CI_SERVER_URL` |
 | `gcp-oidc-provider` / `GCP_OIDC_PROVIDER` | Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) | _none_ |
 | `gcp-oidc-account` / `GCP_OIDC_ACCOUNT` | Default Service Account to which impersonate with OpenID Connect authentication | _none_ |
@@ -684,7 +684,7 @@ In order to use the AWS APIs, the variant supports two authentication methods:
 
 | Input / Variable         | Description                            | Default value     |
 | ------------------------ | -------------------------------------- | ----------------- |
-| `TBC_AWS_PROVIDER_IMAGE` | The [AWS Auth Provider](https://gitlab.com/to-be-continuous/tools/aws-auth-provider) image to use (can be overridden) | `registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:master` |
+| `TBC_AWS_PROVIDER_IMAGE` | The [AWS Auth Provider](https://gitlab.com/to-be-continuous/tools/aws-auth-provider) image to use (can be overridden) | `registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:latest` |
 | `aws-region` / `AWS_REGION` | Default region (where the ECR registry is located) | _none_ |
 | `aws-snapshot-region` / `AWS_SNAPSHOT_REGION` | Region of the ECR registry for the snapshot image _(only define to override default)_ | _none_ |
 | `aws-release-region` / `AWS_RELEASE_REGION` | Region of the ECR registry for the release image _(only define to override default)_ | _none_ |

kicker.json

@@ -237,7 +237,7 @@
         {
           "name": "TBC_VAULT_IMAGE",
           "description": "The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use",
-          "default": "registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:master",
+          "default": "registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest",
           "advanced": true
         },
         {
@@ -273,7 +273,7 @@
         {
           "name": "TBC_GCP_PROVIDER_IMAGE",
           "description": "The [GCP Auth Provider](https://gitlab.com/to-be-continuous/tools/gcp-auth-provider) image to use",
-          "default": "registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:main",
+          "default": "registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:latest",
           "advanced": true
         },
         {
@@ -321,7 +321,7 @@
         {
           "name": "TBC_AWS_PROVIDER_IMAGE",
           "description": "The [AWS Auth Provider](https://gitlab.com/to-be-continuous/tools/aws-auth-provider) image to use",
-          "default": "registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:master",
+          "default": "registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:latest",
           "advanced": true
         },
         {

templates/gitlab-ci-docker-ecr.yml

@@ -33,7 +33,7 @@ spec:
       default: ''
 ---
 variables:
-  TBC_AWS_PROVIDER_IMAGE: registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:master
+  TBC_AWS_PROVIDER_IMAGE: registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:latest
   AWS_OIDC_AUD: $[[ inputs.aws-oidc-aud ]]
   AWS_REGION: $[[ inputs.aws-region ]]
   AWS_SNAPSHOT_REGION: $[[ inputs.aws-snapshot-region ]]

templates/gitlab-ci-docker-gcp.yml

@@ -32,7 +32,7 @@ spec:
       default: ''
 ---
 variables:
-  TBC_GCP_PROVIDER_IMAGE: registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:main
+  TBC_GCP_PROVIDER_IMAGE: registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:latest
   GCP_OIDC_AUD: $[[ inputs.gcp-oidc-aud ]]
   GCP_OIDC_ACCOUNT: $[[ inputs.gcp-oidc-account ]]
   GCP_OIDC_PROVIDER: $[[ inputs.gcp-oidc-provider ]]

templates/gitlab-ci-docker-vault.yml

@@ -12,7 +12,7 @@ spec:
 ---
 variables:
   # variabilized vault-secrets-provider image
-  TBC_VAULT_IMAGE: registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:master
+  TBC_VAULT_IMAGE: registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest
   VAULT_BASE_URL: $[[ inputs.vault-base-url ]]
   # variables have to be explicitly declared in the YAML to be exported to the service
   VAULT_ROLE_ID: "$VAULT_ROLE_ID"