Implement 'aws_ssm' connection type #26

wttech · Dec 19, 2023 · 92bc821 · 92bc821
1 parent 7f88afd
commit 92bc821
Show file tree

Hide file tree

Showing 6 changed files with 20 additions and 18 deletions.
diff --git a/examples/aws_ssm/aem.tf b/examples/aws_ssm/aem.tf
@@ -2,7 +2,7 @@ resource "aem_instance" "single" {
   depends_on = [aws_instance.aem_single, aws_volume_attachment.aem_single_data]
 
   client {
-    type = "aws_ssm"
+    type = "aws-ssm"
     settings = {
       instance_id = aws_instance.aem_single.id
       region      = "eu-central-1" // TODO infer from AWS provider config
@@ -17,21 +17,13 @@ resource "aem_instance" "single" {
         "sudo mkfs -t ext4 ${local.aem_single_data_device}",
         "sudo mkdir -p ${local.aem_single_data_dir}",
         "sudo mount ${local.aem_single_data_device} ${local.aem_single_data_dir}",
-        "sudo chown -R ${local.ssh_user} ${local.aem_single_data_dir}",
+        "sudo chown -R ${local.ssm_user} ${local.aem_single_data_dir}",
         "echo '${local.aem_single_data_device} ${local.aem_single_data_dir} ext4 defaults 0 0' | sudo tee -a /etc/fstab",
-        // installing AWS CLI: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html
-        "sudo yum install -y unzip",
-        "curl 'https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip' -o 'awscliv2.zip'",
-        "unzip -q awscliv2.zip",
-        "sudo ./aws/install --update",
-        // installing AWS SSM agent: https://docs.aws.amazon.com/systems-manager/latest/userguide/agent-install-rhel-8-9.html
-        "sudo dnf install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm",
       ]
     }
   }
 
   compose {
-    config = file("aem.yml") // use templating here if needed: https://developer.hashicorp.com/terraform/language/functions/templatefile
     create = {
       inline = [
         "mkdir -p '${local.aem_single_compose_dir}/aem/home/lib'",
@@ -40,6 +32,13 @@ resource "aem_instance" "single" {
         "sh aemw instance create",
       ]
     }
+    configure = {
+      inline = [
+        "sh aemw osgi config save --pid 'org.apache.sling.jcr.davex.impl.servlets.SlingDavExServlet' --input-string 'alias: /crx/server'",
+        "sh aemw repl agent setup -A --location 'author' --name 'publish' --input-string '{enabled: true, transportUri: \"http://localhost:4503/bin/receive?sling:authRequestLogin=1\", transportUser: admin, transportPassword: admin, userId: admin}'",
+        "sh aemw package deploy --file 'aem/home/lib/aem-service-pkg-6.5.*.0.zip'",
+      ]
+    }
   }
 }
 

diff --git a/examples/aws_ssm/aws.tf b/examples/aws_ssm/aws.tf
@@ -1,5 +1,5 @@
 resource "aws_instance" "aem_single" {
-  ami                  = "ami-043e06a423cbdca17" // RHEL 8
+  ami                  = "ami-064e3c165b1ba0bb3" // Amazon Linux 2 AMI (HVM), SSD Volume Type
   instance_type        = "m5.xlarge"
   iam_instance_profile = aws_iam_instance_profile.aem_ec2.name
   tags                 = local.tags

diff --git a/examples/aws_ssm/main.tf b/examples/aws_ssm/main.tf
@@ -18,8 +18,7 @@ locals {
   env_type  = "aem-single"
   host      = "aem_single"
 
-  ssh_user        = "ec2-user"
-  ssh_private_key = abspath("ec2-key.cer")
+  ssm_user = "ssm-user"
 
   tags = {
     Workspace = "aemc"

diff --git a/internal/client/connection_aws_ssm.go b/internal/client/connection_aws_ssm.go
@@ -66,11 +66,12 @@ func (a *AWSSSMConnection) Disconnect() error {
 
 func (a *AWSSSMConnection) Command(cmdLine []string) ([]byte, error) {
 	// Execute command on the remote instance
+	command := aws.String(strings.Join(cmdLine, " "))
 	runCommandInput := &ssm.SendCommandInput{
 		DocumentName: aws.String("AWS-RunShellScript"),
 		InstanceIds:  []*string{aws.String(a.instanceId)},
 		Parameters: map[string][]*string{
-			"commands": {aws.String(strings.Join(cmdLine, " "))},
+			"commands": {command},
 		},
 	}
 

diff --git a/internal/provider/instance/systemd.conf b/internal/provider/instance/systemd.conf
@@ -7,9 +7,9 @@ After=cloud-final.service
 Type=forking
 User=[[.USER]]
 
-ExecStart=sh -c ". /etc/profile && cd [[.DATA_DIR]] && sh aemw instance start"
-ExecStop=sh -c ". /etc/profile && cd [[.DATA_DIR]] && sh aemw instance stop"
-ExecReload=sh -c ". /etc/profile && cd [[.DATA_DIR]] && sh aemw instance restart"
+ExecStart=sudo sh -c ". /etc/profile && cd [[.DATA_DIR]] && sh aemw instance start"
+ExecStop=sudo sh -c ". /etc/profile && cd [[.DATA_DIR]] && sh aemw instance stop"
+ExecReload=sudo sh -c ". /etc/profile && cd [[.DATA_DIR]] && sh aemw instance restart"
 KillMode=process
 RemainAfterExit=yes
 TimeoutStartSec=1810

diff --git a/internal/provider/instance_client.go b/internal/provider/instance_client.go
@@ -42,7 +42,7 @@ func (ic *InstanceClient) installComposeCLI() error {
 	}
 	if !exists {
 		tflog.Info(ic.ctx, "Downloading AEM Compose CLI wrapper")
-		out, err := ic.cl.RunShellCommand("curl -s 'https://raw.githubusercontent.com/wttech/aemc/main/pkg/project/common/aemw' -o 'aemw'", ic.dataDir())
+		out, err := ic.cl.RunShellCommand("curl -s 'https://raw.githubusercontent.com/wttech/aemc/main/pkg/project/common/aemw' -o 'aemw' && chmod +x 'aemw'", ic.dataDir())
 		tflog.Info(ic.ctx, string(out))
 		if err != nil {
 			return fmt.Errorf("cannot download AEM Compose CLI wrapper: %w", err)
@@ -126,6 +126,9 @@ func (ic *InstanceClient) configureService() error {
 	if err := ic.cl.FileWrite(serviceFile, serviceTemplated); err != nil {
 		return fmt.Errorf("unable to write AEM system service definition '%s': %w", serviceFile, err)
 	}
+	if err := ic.cl.FileMakeExecutable(serviceFile); err != nil {
+		return fmt.Errorf("unable to make executable AEM system service definition '%s': %w", serviceFile, err)
+	}
 
 	if err := ic.runServiceAction("enable"); err != nil {
 		return err