From 0b2ba9dc5b0d877dc616b457e6983f77d3290a07 Mon Sep 17 00:00:00 2001 From: Seth Vargo Date: Wed, 13 Jan 2021 12:08:27 -0500 Subject: [PATCH] Add Binauthz envvars to Terraform builder --- terraform/main.tf | 3 +++ 1 file changed, 3 insertions(+) diff --git a/terraform/main.tf b/terraform/main.tf index 3bb56ba86..19c65d1af 100644 --- a/terraform/main.tf +++ b/terraform/main.tf @@ -117,6 +117,9 @@ resource "null_resource" "build" { REGION = var.region SERVICES = "all" TAG = "initial" + + BINAUTHZ_ATTESTOR = "${google_binary_authorization_attestor.built-by-ci.id}" + BINAUTHZ_KEY_VERSION = "${trimprefix(data.google_kms_crypto_key_version.binauthz-built-by-ci-signer-version.id, "//cloudkms.googleapis.com/v1/")}" } command = "${path.module}/../scripts/build"