diff --git a/README.md b/README.md index ef7cfc342e5ffac7c3dea527608b6fd45b9ec957..c6bfa8a543880ac8c26532d0f026bc6c69bca375 100644 --- a/README.md +++ b/README.md @@ -571,7 +571,7 @@ In order to be able to communicate with the Vault server, the variant requires t | Input / Variable | Description | Default value | | ----------------- | -------------------------------------- | ----------------- | -| `TBC_VAULT_IMAGE` | The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use (can be overridden) | `registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:master` | +| `TBC_VAULT_IMAGE` | The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use (can be overridden) | `registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest` | | `vault-base-url` / `VAULT_BASE_URL` | The Vault server base API url | _none_ | | `vault-oidc-aud` / `VAULT_OIDC_AUD` | The `aud` claim for the JWT | `$CI_SERVER_URL` | | :lock: `VAULT_ROLE_ID` | The [AppRole](https://www.vaultproject.io/docs/auth/approle) RoleID | **must be defined** | @@ -630,7 +630,7 @@ List of requirements before using this variant for publishing your container ima | Input / Variable | Description | Default value | | ------------------------ | -------------------------------------- | ----------------- | -| `TBC_GCP_PROVIDER_IMAGE` | The [GCP Auth Provider](https://gitlab.com/to-be-continuous/tools/gcp-auth-provider) image to use (can be overridden) | `registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:main` | +| `TBC_GCP_PROVIDER_IMAGE` | The [GCP Auth Provider](https://gitlab.com/to-be-continuous/tools/gcp-auth-provider) image to use (can be overridden) | `registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:latest` | | `gcp-oidc-aud` / `GCP_OIDC_AUD` | The `aud` claim for the JWT token | `$CI_SERVER_URL` | | `gcp-oidc-provider` / `GCP_OIDC_PROVIDER` | Default Workload Identity Provider associated with GitLab to [authenticate with OpenID Connect](https://docs.gitlab.com/ee/ci/cloud_services/google_cloud/) | _none_ | | `gcp-oidc-account` / `GCP_OIDC_ACCOUNT` | Default Service Account to which impersonate with OpenID Connect authentication | _none_ | @@ -684,7 +684,7 @@ In order to use the AWS APIs, the variant supports two authentication methods: | Input / Variable | Description | Default value | | ------------------------ | -------------------------------------- | ----------------- | -| `TBC_AWS_PROVIDER_IMAGE` | The [AWS Auth Provider](https://gitlab.com/to-be-continuous/tools/aws-auth-provider) image to use (can be overridden) | `registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:master` | +| `TBC_AWS_PROVIDER_IMAGE` | The [AWS Auth Provider](https://gitlab.com/to-be-continuous/tools/aws-auth-provider) image to use (can be overridden) | `registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:latest` | | `aws-region` / `AWS_REGION` | Default region (where the ECR registry is located) | _none_ | | `aws-snapshot-region` / `AWS_SNAPSHOT_REGION` | Region of the ECR registry for the snapshot image _(only define to override default)_ | _none_ | | `aws-release-region` / `AWS_RELEASE_REGION` | Region of the ECR registry for the release image _(only define to override default)_ | _none_ | diff --git a/kicker.json b/kicker.json index 78f79b4984a37499f1c9af09c02a731a49fc6e4a..ffd0a499fa19f983b2e6285e286d4889afcaca72 100644 --- a/kicker.json +++ b/kicker.json @@ -237,7 +237,7 @@ { "name": "TBC_VAULT_IMAGE", "description": "The [Vault Secrets Provider](https://gitlab.com/to-be-continuous/tools/vault-secrets-provider) image to use", - "default": "registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:master", + "default": "registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest", "advanced": true }, { @@ -273,7 +273,7 @@ { "name": "TBC_GCP_PROVIDER_IMAGE", "description": "The [GCP Auth Provider](https://gitlab.com/to-be-continuous/tools/gcp-auth-provider) image to use", - "default": "registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:main", + "default": "registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:latest", "advanced": true }, { @@ -321,7 +321,7 @@ { "name": "TBC_AWS_PROVIDER_IMAGE", "description": "The [AWS Auth Provider](https://gitlab.com/to-be-continuous/tools/aws-auth-provider) image to use", - "default": "registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:master", + "default": "registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:latest", "advanced": true }, { diff --git a/templates/gitlab-ci-docker-ecr.yml b/templates/gitlab-ci-docker-ecr.yml index 87583d58b21acfff7aa16be06452bbb7547aa2b9..fb4be9af7969bdc0cc6459c2f8accc438b007044 100644 --- a/templates/gitlab-ci-docker-ecr.yml +++ b/templates/gitlab-ci-docker-ecr.yml @@ -33,7 +33,7 @@ spec: default: '' --- variables: - TBC_AWS_PROVIDER_IMAGE: registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:master + TBC_AWS_PROVIDER_IMAGE: registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:latest AWS_OIDC_AUD: $[[ inputs.aws-oidc-aud ]] AWS_REGION: $[[ inputs.aws-region ]] AWS_SNAPSHOT_REGION: $[[ inputs.aws-snapshot-region ]] diff --git a/templates/gitlab-ci-docker-gcp.yml b/templates/gitlab-ci-docker-gcp.yml index 7da4f379fd2bd5b439a01c92108eebd7264c7a19..a0cbd3d7425b6b964b6a02e1a2fe04249a295a8b 100644 --- a/templates/gitlab-ci-docker-gcp.yml +++ b/templates/gitlab-ci-docker-gcp.yml @@ -32,7 +32,7 @@ spec: default: '' --- variables: - TBC_GCP_PROVIDER_IMAGE: registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:main + TBC_GCP_PROVIDER_IMAGE: registry.gitlab.com/to-be-continuous/tools/gcp-auth-provider:latest GCP_OIDC_AUD: $[[ inputs.gcp-oidc-aud ]] GCP_OIDC_ACCOUNT: $[[ inputs.gcp-oidc-account ]] GCP_OIDC_PROVIDER: $[[ inputs.gcp-oidc-provider ]] diff --git a/templates/gitlab-ci-docker-vault.yml b/templates/gitlab-ci-docker-vault.yml index 78c2c8fd7e1e62cf1e6d6d246b990639a46c66e2..4c5e1acbb6b82a624f019e0ed884cd07b0113e57 100644 --- a/templates/gitlab-ci-docker-vault.yml +++ b/templates/gitlab-ci-docker-vault.yml @@ -12,7 +12,7 @@ spec: --- variables: # variabilized vault-secrets-provider image - TBC_VAULT_IMAGE: registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:master + TBC_VAULT_IMAGE: registry.gitlab.com/to-be-continuous/tools/vault-secrets-provider:latest VAULT_BASE_URL: $[[ inputs.vault-base-url ]] # variables have to be explicitly declared in the YAML to be exported to the service VAULT_ROLE_ID: "$VAULT_ROLE_ID"