What does it take to run Concourse? The tl;dr here is that in order to run Concourse for one or more teams, you will need: A secrets manager (e.g. Vault) A container registry (e.g. Harbor) Let’s dig into why you need these two types of applications if you choose to run Concourse. A Secrets Manager # Secrets managers, like Vault, securely store your secrets. Setup correctly, you can trust them to safely store and retrieve your secrets.

Writing Concourse resource-types in bash can be fairly fast, especially if you’re relying on external tools to do some of the heavy lifting for you. I think a lot of us in this space are also use to do writing up quick bash scripts to do things, so writing up a quick and dirty resource-type in bash feels natural. Here are some tips for writing resource-types in bash. I’m not going to explain how resource-types work in Concourse.

I’m currently running Concourse for my team at work. It’s a two instance deployment, one web and one worker EC2 instance. Most of the pipelines we write do stuff that require permissions to various AWS services. We needed to figure out a way to grant permissions to these AWS services to our pipelines. Our first thought was to create an IAM role and assign that role to the Concourse Worker’s EC2 instance.

A request I’ve seen from Concourse users every so often is that they want a way for a Concourse Job to stop what it’s doing and wait for approval from a human. They want what I call a “manual approval” step in their jobs. A more concrete example that I’ve seen is when users are running terraform apply in their pipelines. They usually end up wanting a Concourse Job that looks like: