Skip to content

Commit

Permalink
Update provisioners examples to use Command package (pulumi#1141)
Browse files Browse the repository at this point in the history
  • Loading branch information
@lukehoban
lukehoban committed Dec 31, 2021
1 parent 856a8f2 commit aed0e7a
Show file tree
Hide file tree
Showing 22 changed files with 112 additions and 1,005 deletions.
13 changes: 2 additions & 11 deletions aws-py-ec2-provisioners/README.md
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,9 @@
# AWS WebServer with Manual Provisioning (in Python)

This demonstrates using Pulumi dynamic providers to accomplish post-provisioning configuration steps.
This demonstrates using the [`pulumi_command`](https://www.pulumi.com/registry/packages/command/) package to accomplish post-provisioning configuration steps.

Using these building blocks, one can accomplish much of the same as Terraform provisioners.

https://github.com/pulumi/pulumi/issues/1691 tracks designing and developing a complete replacement for provisioners.

## Running the Example

First, create a stack, using `pulumi stack init`.
Expand All @@ -26,14 +24,7 @@ $ cat rsa.pub | pulumi config set publicKey --
$ cat rsa | pulumi config set privateKey --secret --
```

If your key is protected by a passphrase, add that too:

```
$ pulumi config set privateKeyPassphrase --secret [yourPassphraseHere]
```

Notice that we've used `--secret` for both `privateKey` and `privateKeyPassphrase`. This ensures their are
stored in encrypted form in the Pulumi secrets system.
Notice that we've used `--secret` for `privateKey`. This ensures their are stored in encrypted form in the Pulumi secrets system.

Also set your desired AWS region:

Expand Down
32 changes: 12 additions & 20 deletions aws-py-ec2-provisioners/__main__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

import pulumi
import pulumi_aws as aws
import provisioners
import pulumi_command as command
import base64

# Get the config ready to go.
Expand All @@ -13,24 +13,17 @@
key_name = config.get('keyName')
public_key = config.get('publicKey')


# The privateKey associated with the selected key must be provided (either directly or base64 encoded),
# along with an optional passphrase if needed.
# The privateKey associated with the selected key must be provided (either directly or base64 encoded)
def decode_key(key):

try:
key = base64.b64decode(key.encode('ascii')).decode('ascii')
except:
pass

if key.startswith('-----BEGIN RSA PRIVATE KEY-----'):
return key

return key.encode('ascii')


private_key = config.require_secret('privateKey').apply(decode_key)
private_key_passphrase = config.get_secret('privateKeyPassphrase')

# Create a new security group that permits SSH and web access.
secgrp = aws.ec2.SecurityGroup('secgrp',
Expand Down Expand Up @@ -62,29 +55,28 @@ def decode_key(key):
key_name=key_name,
vpc_security_group_ids=[ secgrp.id ],
)
conn = provisioners.ConnectionArgs(
connection = command.remote.ConnectionArgs(
host=server.public_ip,
username='ec2-user',
user='ec2-user',
private_key=private_key,
private_key_passphrase=private_key_passphrase,
)

# Copy a config file to our server.
cp_config = provisioners.CopyFile('config',
conn=conn,
src='myapp.conf',
dest='myapp.conf',
cp_config = command.remote.CopyFile('config',
connection=connection,
local_path='myapp.conf',
remote_path='myapp.conf',
opts=pulumi.ResourceOptions(depends_on=[server]),
)

# Execute a basic command on our server.
cat_config = provisioners.RemoteExec('cat-config',
conn=conn,
commands=['cat myapp.conf'],
cat_config = command.remote.Command('cat-config',
connection=connection,
create='cat myapp.conf',
opts=pulumi.ResourceOptions(depends_on=[cp_config]),
)

# Export the server's IP/host and stdout from the command.
pulumi.export('publicIp', server.public_ip)
pulumi.export('publicHostName', server.public_dns)
pulumi.export('catConfigStdout', cat_config.results[0]['stdout'])
pulumi.export('catConfigStdout', cat_config.stdout)
188 changes: 0 additions & 188 deletions aws-py-ec2-provisioners/provisioners.py
View file

This file was deleted.

3 changes: 1 addition & 2 deletions aws-py-ec2-provisioners/requirements.txt
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,3 @@
pulumi>=3.5.1,<4.0.0
pulumi-aws>=4.0.0,<5.0.0
paramiko>=2.7.1
typing_extensions>=3.7.4
pulumi-command>=0.0.3
13 changes: 2 additions & 11 deletions aws-ts-ec2-provisioners/README.md
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,9 @@
# AWS WebServer with Manual Provisioning

This demonstrates using Pulumi dynamic providers to accomplish post-provisioning configuration steps.
This demonstrates using the [`@pulumi/command`](https://www.pulumi.com/registry/packages/command/) package to accomplish post-provisioning configuration steps.

Using these building blocks, one can accomplish much of the same as Terraform provisioners.

https://github.com/pulumi/pulumi/issues/1691 tracks designing and developing a complete replacement for provisioners.

## Running the Example

First, create a stack, using `pulumi stack init`.
Expand All @@ -32,14 +30,7 @@ $ cat rsa.pub | pulumi config set publicKey --
$ cat rsa | pulumi config set privateKey --secret --
```

If your key is protected by a passphrase, add that too:

```
$ pulumi config set privateKeyPassphrase --secret [yourPassphraseHere]
```

Notice that we've used `--secret` for both `privateKey` and `privateKeyPassphrase`. This ensures their are
stored in encrypted form in the Pulumi secrets system.
Notice that we've used `--secret` for `privateKey`. This ensures their are stored in encrypted form in the Pulumi secrets system.

Also set your desired AWS region:

Expand Down
Loading

0 comments on commit aed0e7a

Please sign in to comment.