From f69672c9913cfc68d0f821f0f74d8fde601402d3 Mon Sep 17 00:00:00 2001 From: Yong Wen Chua Date: Wed, 5 Dec 2018 10:26:06 +0800 Subject: [PATCH 1/3] Remove boto and pip installation c.f. https://github.com/hashicorp/terraform-aws-vault/issues/116 --- modules/install-vault/install-vault | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/modules/install-vault/install-vault b/modules/install-vault/install-vault index 9d463ad9..8582167e 100755 --- a/modules/install-vault/install-vault +++ b/modules/install-vault/install-vault @@ -174,9 +174,8 @@ function install_dependencies { if $(has_apt_get); then sudo apt-get update -y - sudo apt-get install -y awscli curl unzip jq python-pip + sudo apt-get install -y awscli curl unzip jq install_supervisord_debian - LC_ALL=C && sudo pip install boto3 elif $(has_yum); then sudo yum update -y sudo yum install -y awscli curl unzip jq From 9ca5e368034f4fe4add4deee9c64b73aeda4852a Mon Sep 17 00:00:00 2001 From: Yong Wen Chua Date: Tue, 18 Dec 2018 09:51:02 +0800 Subject: [PATCH 2/3] Add Pip and boto installation to Packer template --- examples/vault-consul-ami/vault-consul.json | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/examples/vault-consul-ami/vault-consul.json b/examples/vault-consul-ami/vault-consul.json index 1bca7deb..4a6a6c8e 100644 --- a/examples/vault-consul-ami/vault-consul.json +++ b/examples/vault-consul-ami/vault-consul.json @@ -98,7 +98,8 @@ },{ "type": "shell", "inline": [ - "sudo apt-get install -y git" + "sudo apt-get install -y git python-pip", + "LC_ALL=C && sudo pip install boto3" ], "only": ["ubuntu16-ami"] },{ From 097ee950a32bf123e0881663958fe1777b810024 Mon Sep 17 00:00:00 2001 From: Yong Wen Chua Date: Tue, 18 Dec 2018 13:09:47 +0800 Subject: [PATCH 3/3] Make install conditional --- examples/vault-consul-ami/vault-consul.json | 12 ++++++++++-- examples/vault-iam-auth/README.md | 3 ++- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/examples/vault-consul-ami/vault-consul.json b/examples/vault-consul-ami/vault-consul.json index 4a6a6c8e..d5dbc200 100644 --- a/examples/vault-consul-ami/vault-consul.json +++ b/examples/vault-consul-ami/vault-consul.json @@ -7,6 +7,7 @@ "consul_version": "1.3.1", "consul_download_url": "{{env `CONSUL_DOWNLOAD_URL`}}", "vault_download_url": "{{env `VAULT_DOWNLOAD_URL`}}", + "install_auth_signing_script": "true", "ca_public_key_path": null, "tls_public_key_path": null, "tls_private_key_path": null @@ -86,7 +87,11 @@ },{ "type": "shell", "inline": [ + "if [ '{{user `install_auth_signing_script`}}' = 'true' ]; then", "sudo mv /tmp/sign-request.py /opt/vault/scripts/", + "else", + "sudo rm /tmp/sign-request.py", + "fi", "sudo mv /tmp/ca.crt.pem /opt/vault/tls/", "sudo mv /tmp/vault.crt.pem /opt/vault/tls/", "sudo mv /tmp/vault.key.pem /opt/vault/tls/", @@ -98,8 +103,11 @@ },{ "type": "shell", "inline": [ - "sudo apt-get install -y git python-pip", - "LC_ALL=C && sudo pip install boto3" + "sudo apt-get install -y git", + "if [ '{{user `install_auth_signing_script`}}' = 'true' ]; then", + "sudo apt-get install -y python-pip", + "LC_ALL=C && sudo pip install boto3", + "fi" ], "only": ["ubuntu16-ami"] },{ diff --git a/examples/vault-iam-auth/README.md b/examples/vault-iam-auth/README.md index 1c7cbcb8..e6b11bea 100644 --- a/examples/vault-iam-auth/README.md +++ b/examples/vault-iam-auth/README.md @@ -36,7 +36,8 @@ of the Vault nodes. 1. `git clone` this repo to your computer. 1. Build a Vault and Consul AMI. See the [vault-consul-ami example][vault_consul_ami] documentation for - instructions. Make sure to note down the ID of the AMI. + instructions. Make sure the `install_auth_signing_script` variable is `true`. + Make sure to note down the ID of the AMI. 1. Install [Terraform](https://www.terraform.io/). 1. Open `vars.tf`, set the environment variables specified at the top of the file, and fill in any other variables that don't have a default. Put the AMI ID you previously took note into the `ami_id` variable.