cleanup(get.jenkins.io): remove long-lived SAS token and related outp…

…uts (#654) This PR removes `mirrorbits` file share long-lived SAS token and related outputs, replaced by the use of a storage key stored in jenkins-infra hieradata & charts-secrets. Verification procedure after merging this PR: ensure update_center job still passes on trusted.ci.jenkins.io (file share used in sync.sh & sync-recent-releases.sh scripts) Ref: - jenkins-infra/helpdesk#3414 (comment)
jenkins-infra · Apr 4, 2024 · 1f0274f · 1f0274f
1 parent 751ac5d
commit 1f0274f
Showing 1 changed file with 0 additions and 44 deletions.
diff --git a/get.jenkins.io.tf b/get.jenkins.io.tf
@@ -49,47 +49,3 @@ resource "azurerm_storage_share" "get_jenkins_io_website" {
   storage_account_name = azurerm_storage_account.get_jenkins_io.name
   quota                = 100 # Minimal size, 1.6GiB used in 2020
 }
-
-data "azurerm_storage_account_sas" "get_jenkins_io" {
-  connection_string = azurerm_storage_account.get_jenkins_io.primary_connection_string
-  signed_version    = "2022-11-02"
-
-  resource_types {
-    service   = true # Ex: list Share
-    container = true # Ex: list Files and Directories
-    object    = true # Ex: create File
-  }
-
-  services {
-    blob  = false
-    queue = false
-    table = false
-    file  = true
-  }
-
-  start  = "2024-01-25T00:00:00Z"
-  expiry = "2024-04-25T00:00:00Z"
-
-  # https://learn.microsoft.com/en-us/rest/api/storageservices/create-account-sas#file-service
-  permissions {
-    read    = true
-    write   = true
-    delete  = true
-    list    = true
-    add     = false
-    create  = true
-    update  = false
-    process = false
-    tag     = false
-    filter  = false
-  }
-}
-
-output "get_jenkins_io_share_url" {
-  value = azurerm_storage_share.get_jenkins_io.url
-}
-
-output "get_jenkins_io_sas_query_string" {
-  sensitive = true
-  value     = data.azurerm_storage_account_sas.get_jenkins_io.sas
-}