fix: Check existence of correct bucket for bucketrepo (#341)

* fix: Check existence of correct bucket for bucketrepo * chore: Adding myself to OWNERS
jenkins-x · Mar 30, 2022 · 4240b95 · 4240b95
1 parent 49d859b
commit 4240b95
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 4 deletions.
diff --git a/OWNERS b/OWNERS
@@ -8,6 +8,7 @@ approvers:
 - rawlingsj
 - jstrachan
 - MarckK
+- msvticket
 reviewers:
 - cagiti
 - daveconde
@@ -18,3 +19,4 @@ reviewers:
 - rawlingsj
 - jstrachan
 - MarckK
+- msvticket
diff --git a/modules/cluster/irsa.tf b/modules/cluster/irsa.tf
@@ -351,7 +351,7 @@ module "iam_assumable_role_pipeline_visualizer" {
 
 // Bucketrepo
 data "aws_iam_policy_document" "bucketrepo-policy" {
-  count = var.create_bucketrepo_role && length(aws_s3_bucket.logs_jenkins_x) > 0 ? 1 : 0
+  count = var.create_bucketrepo_role && length(aws_s3_bucket.repository_jenkins_x) > 0 ? 1 : 0
   statement {
     sid    = "BucketRepoPolicy"
     effect = "Allow"
@@ -363,7 +363,7 @@ data "aws_iam_policy_document" "bucketrepo-policy" {
 }
 
 resource "aws_iam_policy" "bucketrepo" {
-  count       = var.create_bucketrepo_role && length(aws_s3_bucket.logs_jenkins_x) > 0 ? 1 : 0
+  count       = var.create_bucketrepo_role && length(aws_s3_bucket.repository_jenkins_x) > 0 ? 1 : 0
   name_prefix = "jx-bucketrepo"
   description = "bucketrepo policy for cluster ${var.cluster_name}"
   policy      = data.aws_iam_policy_document.bucketrepo-policy[count.index].json
@@ -372,10 +372,10 @@ resource "aws_iam_policy" "bucketrepo" {
 module "iam_assumable_role_bucketrepo" {
   source                        = "terraform-aws-modules/iam/aws//modules/iam-assumable-role-with-oidc"
   version                       = "~> v3.8.0"
-  create_role                   = var.create_bucketrepo_role && length(aws_s3_bucket.logs_jenkins_x) > 0
+  create_role                   = var.create_bucketrepo_role && length(aws_s3_bucket.repository_jenkins_x) > 0
   role_name                     = "${local.cluster_trunc}-jx-bucketrepo"
   provider_url                  = local.oidc_provider_url
-  role_policy_arns              = [var.create_bucketrepo_role && length(aws_s3_bucket.logs_jenkins_x) > 0 ? aws_iam_policy.bucketrepo[0].arn : ""]
+  role_policy_arns              = [var.create_bucketrepo_role && length(aws_s3_bucket.repository_jenkins_x) > 0 ? aws_iam_policy.bucketrepo[0].arn : ""]
   oidc_fully_qualified_subjects = ["system:serviceaccount:${local.jenkins-x-namespace}:bucketrepo-bucketrepo"]
 }