CI: remove single-use YTT functions

[aramprice]

NOTE: this repository uses a "Merge Forward" strategy

Changes should be made in the earliest applicable branch, and
merged forward through subsequent branches.

1. PR should be created against the oldest stemcell branch, ex: ubuntu-<short_name-N>
2. After this PR has been merged create a PR to merge ubuntu-<short_name-N> into ubuntu-<short_name-N+1>
3. Repeat as needed for subsequent stemcell line branches

[coderabbitai]

Caution

Review failed

The pull request is closed.

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 6f4f543d-071d-4395-ab0a-2fd786e67601

📥 Commits

Reviewing files that changed from the base of the PR and between 77bcff4 and 1b4ba97.

📒 Files selected for processing (3)

• ci/pipelines/builder.yml
• ci/pipelines/publisher.yml
• ci/pipelines/vars.yml

---

Walkthrough

This PR consolidates CI identity management in the builder pipeline and refactors light stemcell orchestration in the publisher pipeline. In ci/pipelines/vars.yml, bot identity values (bot_email and bot_name) are added to stemcell_details. The builder pipeline relocates ytt helper definitions to the top of the file and replaces hardcoded CI bot identity anchors with values from the new configuration, introducing a shared bats-director-tag YAML anchor that propagates through multiple task definitions. In ci/pipelines/publisher.yml, the build_light_aws_stemcell_new(...) macro is rewritten to inline stemcell and builder source fetching directly into the macro body, eliminating indirection through removed helper functions. Helper signatures are updated to use (prefix, region) instead of name parameters. The Google light stemcell build job replaces a helper call with explicit parallel get steps, and the Google OSS skeletal deployment is replaced with an explicit do/ensure/on_failure sequence covering terraform apply, skeletal deploy, guaranteed teardown, and a failure handler with remediation instructions.

Suggested reviewers

• mkocher
• ystros
• selzoc

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Title check	✅ Passed	The title accurately summarizes the main change: removing single-use YTT functions from CI configuration, which aligns with the raw summary showing removal of two helper functions.
Description check	✅ Passed	The description matches the template and includes the repository's Merge Forward strategy guidance, which is the expected content for this repository.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch less-ytt

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[Copilot]

Pull request overview

This PR simplifies the Concourse publisher pipeline YTT template by removing single-use helper functions and inlining their YAML directly into the affected job plan.

Changes:

• Removes the single-use get_google_light_inputs function by inlining its in_parallel get steps in the build-light-google-* job.
• Inlines the previously function-generated “deploy skeletal + ensure destroy + on_failure instructions” step into the build-light-google-* job.
• Removes an extra YAML document separator / directive block around the start of the pipeline config.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[coderabbitai]

Actionable comments posted: 2

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In `@ci/pipelines/publisher.yml`:
- Around line 365-376: The do block containing the terraform step with
light-google-environment-oss resource and the deploy-skeletal task has been
uncommented, activating a previously disabled OSS deployment. Determine if this
PR intentionally re-enables the OSS skeletal environment deployment. If this was
an unintended change while refactoring, keep the entire do block disabled by
commenting it out again. If this PR intentionally re-enables OSS deployment,
ensure the PR summary and commit messages clearly document this intentional
change to avoid unexpected cloud deployment work.
- Line 400: The line containing the gcloud auth activate-service-account command
with the ((gcp_json_key)) variable will expose the actual GCP service account
credentials in the build logs when Concourse interpolates this variable. Replace
the ((gcp_json_key)) placeholder with a non-secret string placeholder that
indicates where credentials should be provided (such as <gcp_json_key>) so that
the actual secret value is not interpolated and logged.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: ASSERTIVE

Plan: Pro

Run ID: 894bd465-8f6b-49cc-89b0-52ac9d52cc01

📥 Commits

Reviewing files that changed from the base of the PR and between 54a637d and c6300da.

📒 Files selected for processing (1)

• ci/pipelines/publisher.yml

[Copilot]

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated 1 comment.

[Copilot]

Pull request overview

Copilot reviewed 1 out of 1 changed files in this pull request and generated no new comments.

[Copilot]

Copilot was unable to review this pull request because the user who requested the review has reached their quota limit.