From 92bc821891c8e436abaa1321f5e545e2133b2b00 Mon Sep 17 00:00:00 2001 From: Dominik Przybyl Date: Fri, 15 Dec 2023 18:13:52 +0100 Subject: [PATCH] Implement 'aws_ssm' connection type #26 --- examples/aws_ssm/aem.tf | 19 +++++++++---------- examples/aws_ssm/aws.tf | 2 +- examples/aws_ssm/main.tf | 3 +-- internal/client/connection_aws_ssm.go | 3 ++- internal/provider/instance/systemd.conf | 6 +++--- internal/provider/instance_client.go | 5 ++++- 6 files changed, 20 insertions(+), 18 deletions(-) diff --git a/examples/aws_ssm/aem.tf b/examples/aws_ssm/aem.tf index 332828e..d6cf5bc 100644 --- a/examples/aws_ssm/aem.tf +++ b/examples/aws_ssm/aem.tf @@ -2,7 +2,7 @@ resource "aem_instance" "single" { depends_on = [aws_instance.aem_single, aws_volume_attachment.aem_single_data] client { - type = "aws_ssm" + type = "aws-ssm" settings = { instance_id = aws_instance.aem_single.id region = "eu-central-1" // TODO infer from AWS provider config @@ -17,21 +17,13 @@ resource "aem_instance" "single" { "sudo mkfs -t ext4 ${local.aem_single_data_device}", "sudo mkdir -p ${local.aem_single_data_dir}", "sudo mount ${local.aem_single_data_device} ${local.aem_single_data_dir}", - "sudo chown -R ${local.ssh_user} ${local.aem_single_data_dir}", + "sudo chown -R ${local.ssm_user} ${local.aem_single_data_dir}", "echo '${local.aem_single_data_device} ${local.aem_single_data_dir} ext4 defaults 0 0' | sudo tee -a /etc/fstab", - // installing AWS CLI: https://docs.aws.amazon.com/cli/latest/userguide/getting-started-install.html - "sudo yum install -y unzip", - "curl 'https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip' -o 'awscliv2.zip'", - "unzip -q awscliv2.zip", - "sudo ./aws/install --update", - // installing AWS SSM agent: https://docs.aws.amazon.com/systems-manager/latest/userguide/agent-install-rhel-8-9.html - "sudo dnf install -y https://s3.amazonaws.com/ec2-downloads-windows/SSMAgent/latest/linux_amd64/amazon-ssm-agent.rpm", ] } } compose { - config = file("aem.yml") // use templating here if needed: https://developer.hashicorp.com/terraform/language/functions/templatefile create = { inline = [ "mkdir -p '${local.aem_single_compose_dir}/aem/home/lib'", @@ -40,6 +32,13 @@ resource "aem_instance" "single" { "sh aemw instance create", ] } + configure = { + inline = [ + "sh aemw osgi config save --pid 'org.apache.sling.jcr.davex.impl.servlets.SlingDavExServlet' --input-string 'alias: /crx/server'", + "sh aemw repl agent setup -A --location 'author' --name 'publish' --input-string '{enabled: true, transportUri: \"http://localhost:4503/bin/receive?sling:authRequestLogin=1\", transportUser: admin, transportPassword: admin, userId: admin}'", + "sh aemw package deploy --file 'aem/home/lib/aem-service-pkg-6.5.*.0.zip'", + ] + } } } diff --git a/examples/aws_ssm/aws.tf b/examples/aws_ssm/aws.tf index d0d6fb9..5bf3381 100644 --- a/examples/aws_ssm/aws.tf +++ b/examples/aws_ssm/aws.tf @@ -1,5 +1,5 @@ resource "aws_instance" "aem_single" { - ami = "ami-043e06a423cbdca17" // RHEL 8 + ami = "ami-064e3c165b1ba0bb3" // Amazon Linux 2 AMI (HVM), SSD Volume Type instance_type = "m5.xlarge" iam_instance_profile = aws_iam_instance_profile.aem_ec2.name tags = local.tags diff --git a/examples/aws_ssm/main.tf b/examples/aws_ssm/main.tf index e0eba14..b1ab01e 100644 --- a/examples/aws_ssm/main.tf +++ b/examples/aws_ssm/main.tf @@ -18,8 +18,7 @@ locals { env_type = "aem-single" host = "aem_single" - ssh_user = "ec2-user" - ssh_private_key = abspath("ec2-key.cer") + ssm_user = "ssm-user" tags = { Workspace = "aemc" diff --git a/internal/client/connection_aws_ssm.go b/internal/client/connection_aws_ssm.go index 5b53fcd..d9de852 100644 --- a/internal/client/connection_aws_ssm.go +++ b/internal/client/connection_aws_ssm.go @@ -66,11 +66,12 @@ func (a *AWSSSMConnection) Disconnect() error { func (a *AWSSSMConnection) Command(cmdLine []string) ([]byte, error) { // Execute command on the remote instance + command := aws.String(strings.Join(cmdLine, " ")) runCommandInput := &ssm.SendCommandInput{ DocumentName: aws.String("AWS-RunShellScript"), InstanceIds: []*string{aws.String(a.instanceId)}, Parameters: map[string][]*string{ - "commands": {aws.String(strings.Join(cmdLine, " "))}, + "commands": {command}, }, } diff --git a/internal/provider/instance/systemd.conf b/internal/provider/instance/systemd.conf index 489215b..ff5bafd 100644 --- a/internal/provider/instance/systemd.conf +++ b/internal/provider/instance/systemd.conf @@ -7,9 +7,9 @@ After=cloud-final.service Type=forking User=[[.USER]] -ExecStart=sh -c ". /etc/profile && cd [[.DATA_DIR]] && sh aemw instance start" -ExecStop=sh -c ". /etc/profile && cd [[.DATA_DIR]] && sh aemw instance stop" -ExecReload=sh -c ". /etc/profile && cd [[.DATA_DIR]] && sh aemw instance restart" +ExecStart=sudo sh -c ". /etc/profile && cd [[.DATA_DIR]] && sh aemw instance start" +ExecStop=sudo sh -c ". /etc/profile && cd [[.DATA_DIR]] && sh aemw instance stop" +ExecReload=sudo sh -c ". /etc/profile && cd [[.DATA_DIR]] && sh aemw instance restart" KillMode=process RemainAfterExit=yes TimeoutStartSec=1810 diff --git a/internal/provider/instance_client.go b/internal/provider/instance_client.go index fab7aa9..0b29396 100644 --- a/internal/provider/instance_client.go +++ b/internal/provider/instance_client.go @@ -42,7 +42,7 @@ func (ic *InstanceClient) installComposeCLI() error { } if !exists { tflog.Info(ic.ctx, "Downloading AEM Compose CLI wrapper") - out, err := ic.cl.RunShellCommand("curl -s 'https://raw.githubusercontent.com/wttech/aemc/main/pkg/project/common/aemw' -o 'aemw'", ic.dataDir()) + out, err := ic.cl.RunShellCommand("curl -s 'https://raw.githubusercontent.com/wttech/aemc/main/pkg/project/common/aemw' -o 'aemw' && chmod +x 'aemw'", ic.dataDir()) tflog.Info(ic.ctx, string(out)) if err != nil { return fmt.Errorf("cannot download AEM Compose CLI wrapper: %w", err) @@ -126,6 +126,9 @@ func (ic *InstanceClient) configureService() error { if err := ic.cl.FileWrite(serviceFile, serviceTemplated); err != nil { return fmt.Errorf("unable to write AEM system service definition '%s': %w", serviceFile, err) } + if err := ic.cl.FileMakeExecutable(serviceFile); err != nil { + return fmt.Errorf("unable to make executable AEM system service definition '%s': %w", serviceFile, err) + } if err := ic.runServiceAction("enable"); err != nil { return err