From d1c7287d23a5f7a20b703237a2dce06520ea8df3 Mon Sep 17 00:00:00 2001 From: Travis Bellenfant Date: Mon, 3 Oct 2022 20:17:21 -0500 Subject: [PATCH 1/3] Vagrant AWS Eventstream Attempted Fix 1 --- recipes/fetch_data_bags.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/recipes/fetch_data_bags.rb b/recipes/fetch_data_bags.rb index 03b9147..ed40cd3 100644 --- a/recipes/fetch_data_bags.rb +++ b/recipes/fetch_data_bags.rb @@ -1,6 +1,6 @@ IS_VAGRANT = `grep -q '^vagrant:' /etc/passwd >/dev/null&& echo '1'` -if IS_VAGRANT == '1' +if IS_VAGRANT == '2' chef_gem "aws-sdk-sso" do action :nothing source 'https://rubygems.org/' From 8adf125a31940282611b639c5dd372d9426ef5d9 Mon Sep 17 00:00:00 2001 From: Travis Bellenfant Date: Mon, 3 Oct 2022 20:22:53 -0500 Subject: [PATCH 2/3] Update 2 --- recipes/fetch_data_bags.rb | 85 ++++++-------------------------------- 1 file changed, 12 insertions(+), 73 deletions(-) diff --git a/recipes/fetch_data_bags.rb b/recipes/fetch_data_bags.rb index ed40cd3..b6f9c3e 100644 --- a/recipes/fetch_data_bags.rb +++ b/recipes/fetch_data_bags.rb @@ -1,78 +1,17 @@ -IS_VAGRANT = `grep -q '^vagrant:' /etc/passwd >/dev/null&& echo '1'` - -if IS_VAGRANT == '2' - chef_gem "aws-sdk-sso" do - action :nothing - source 'https://rubygems.org/' - end.run_action(:install) - chef_gem("aws-sdk") { action :nothing }.run_action(:install) - - require 'aws-sdk' - require 'fileutils' - FileUtils.mkdir_p "/etc/chef" - - # https://github.com/aws/aws-sdk-core-ruby/issues/166 - ::Aws.use_bundled_cert! - - begin - puts "attempting to load from instance role\n"; - # try w/o creds first, assuming instance role on ec2 - s3 = ::Aws::S3::Client.new(region:"us-east-1") - rescue - puts "loading from instance role failed. use inputs\n"; - # fall back to using provided creds (vagrant) - s3 = ::Aws::S3::Client.new( - :region => "us-east-1", - :credentials => ::Aws::Credentials.new( - node[:raven_deploy][:aws_key], - node[:raven_deploy][:aws_secret] - ) - ) - end - - secret_path = "/etc/chef/encrypted_data_bag_secret" - if not ::File.exists?(secret_path) - s3.get_object( - response_target: secret_path, - bucket: node[:raven_deploy][:keys_bucket], - key: ".chef/encrypted_data_bag_secret" - ) - end - - data_bags_path = "/var/chef" - s3.list_objects( - bucket: node[:raven_deploy][:keys_bucket], - prefix: "data_bags/" - ).contents.each do |o| - - target_path = "#{data_bags_path}/#{o.key}" - obj_dir = ::File.dirname(target_path) - - if not ::File.exists?(obj_dir) - ::Dir.mkdir(obj_dir) - end - - s3.get_object( - key: o.key, - bucket: node[:raven_deploy][:keys_bucket], - response_target: target_path - ) - end -else - execute "fetch_data_bags" do - command <<-EOH - # Fetch .chef/encrypted_data_bag_secret - mkdir -pm 0755 /etc/chef - aws s3 cp s3://#{node[:raven_deploy][:keys_bucket]}/.chef/encrypted_data_bag_secret /etc/chef/encrypted_data_bag_secret - chmod 0644 /etc/chef/encrypted_data_bag_secret - - # Fetch data_bags - mkdir -pm 0755 /var/chef/data_bags - aws s3 sync s3://#{node[:raven_deploy][:keys_bucket]}/data_bags/ /var/chef/data_bags/ - EOH - end +execute "fetch_data_bags" do + command <<-EOH + # Fetch .chef/encrypted_data_bag_secret + mkdir -pm 0755 /etc/chef + aws s3 cp s3://#{node[:raven_deploy][:keys_bucket]}/.chef/encrypted_data_bag_secret /etc/chef/encrypted_data_bag_secret + chmod 0644 /etc/chef/encrypted_data_bag_secret + + # Fetch data_bags + mkdir -pm 0755 /var/chef/data_bags + aws s3 sync s3://#{node[:raven_deploy][:keys_bucket]}/data_bags/ /var/chef/data_bags/ + EOH end + # vagrant overrides the default data bag location. set it back Chef::Config[:data_bag_path] = "/var/chef/data_bags" From f97c3b75d5479367efee1cc56418eaa411cf3b9b Mon Sep 17 00:00:00 2001 From: Travis Bellenfant Date: Mon, 3 Oct 2022 20:49:13 -0500 Subject: [PATCH 3/3] Update 3 --- metadata.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/metadata.rb b/metadata.rb index 4dd962b..93afeaf 100644 --- a/metadata.rb +++ b/metadata.rb @@ -7,7 +7,6 @@ version '0.1.2' depends "build-essential" -depends "aws" depends "s3_file" depends "apache2" depends "raven-dev"