Skip to main content

Add Concourse to a test cluster


  • A test cluster. For this guide, we’ll assume it’s called david-test1
  • You must have fly installed


  node_groups_count = {
    live    = "64"
    live-2  = "7"
    manager = "4"
    default = "3" > "4"
  node_size = {
    live    = ["r6i.2xlarge", "r6i.xlarge", "r5.2xlarge"]
    live-2  = ["r6i.2xlarge", "r6i.xlarge", "r5.2xlarge"]
    manager = ["m6a.xlarge", "m6a.2xlarge", "m6i.xlarge"]
    default = ["m6a.large", "m6a.xlarge", "m6i.large"] > ["m6a.xlarge", "m6a.2xlarge", "m6i.xlarge"]
  • Apply the changes using below terraform workflow:
terraform init
terraform workspace select <WorkspaceName>
terraform plan -var "enable_oidc_associate=false"
terraform apply -var "enable_oidc_associate=false"
terraform init
terraform workspace select <WorkspaceName>
terraform plan
terraform apply -target=module.concourse
  • Clone the Concourse repository.

  • Login to Concourse

For this step you will need to authenticate to Concourse using your instance’s local username and password. These are stored in the kubernete secret concourse-web in the concourse namespace, and can be obtained using the cloud-platform cli tool:

cloud-platform decode-secret -n concourse -s concourse-web

Username and password are stored in the local-users key-value pair:

"local-users": "[local-username]:[local-password]"
  • Once you have these values to hand, login to Concourse with fly
fly --target david-test1 login \
    --team-name main \

Follow the URL this command outputs, choose to login with Username/Password, and enter your local username credentials.

  • Apply your pipeline

Please do not deploy the bootstrap pipeline in the Concourse repository into your test cluster. It is for production level deployment and may trigger false alarms to our Slack Channel.

To ensure an isolated testing environment, please create a new folder on your local machine and start with a simple pipeline. You may use this link as reference to deploy the first pipeline into your test cluster and not the one under manager/main.

fly --target david-test1 set-pipeline \
    --pipeline plan-pipeline \
    --config pipelines/david-test1/main/plan-environments.yaml

Repeat this command whenever you make changes to the pipeline yaml file.

  • Set up secrets

If your pipeline requires secrets, such as AWS credentials, you need to define those as kubernetes secrets in the concourse-main namespace (or concourse-<team name> if you’re using a different concourse team, rather than main)

This page was last reviewed on 18 April 2024. It needs to be reviewed again on 18 October 2024 by the page owner #cloud-platform .
This page was set to be reviewed before 18 October 2024 by the page owner #cloud-platform. This might mean the content is out of date.