diff --git a/.travis.yml b/.travis.yml index 7ae2f28..41aa6d6 100644 --- a/.travis.yml +++ b/.travis.yml @@ -1,8 +1,8 @@ language: python python: - - '3.6' +- '3.6' install: - - pip install awscli cfn-lint +- pip install awscli cfn-lint script: - cfn-lint -f json *.yaml - aws cloudformation validate-template --template-body file://main.yaml @@ -16,16 +16,12 @@ env: global: - AWS_DEFAULT_REGION=us-east-1 # AWS_ACCESS_KEY_ID - - secure: "McXO5ZJKxDbfQYoAPiRGsm/UppTovtOcvrntEEIt53vulQS5beeo3c82tcJ8qxkUoKudreWv9E05j8wAIyOA5kKenlmapQYkgNMb1ROZXlklJOh5urhqvYn6mi0nv4MiOidPBvOPgXOm/mkr4tvo40YWa3950sjjrmcDqNugsSl0rsX5tF6/RzJ27xH4AuX8Pp8VqNKNiv9Gkjfy3+b+HPIgmw1esNxTetpjFtstZdz2OHQU6IPcg6tUhu9BbUWaLm7S/iO+E32vgKRheOOh6QWQKF1KFQNvjVQhJHXuAA60HFNrk506rm4y2do4CR8COqMcbjcOILF0CWYG15oMA5+zttUzcicPiXs2de0v0i0y9msAkXwxJuMRFu59p33KnXfEgRAUEwKawefYA7NnLHCWuC4XDmzR163Q7qSZ9aNsMMEvs2dmHe4jtepVXmBQOm6J0eCwh3WZTGZ1oEs5R6Kcoy3RhihUvuxIqp9ZBm6QHJMfoffqCm4ua31coee/H3BNMzQn+eZ6cH7eKy4Kp8LoIFHLzZu+O5f8fx/y5vtMZuc5g45mt7IARe82wGGZrap/gIFLkHO7o+WhoYs9YQtpDBn/S4MlpDbB+ySdCVQc/EtqpxhA7PcpjVSUWHfB0Ik/SfevBlCpl/9DvQI9VxcUPHeTHT4g/heZELxf0Mw=" + - secure: O4bh1lexhxAWfUkrUGIUTf8u71uX7KHBs7CAe4tIO3htQTFe6Z8k8PrdI3gdfXOR2OPy5uRW4j8CZR7srf+nF6vMgb39OYqBsmzsXWpL+fOC6d3cWgAaftCWxmqBEI/2v3khxdXrK0q/VrRgp+O/xjvi0+OSk4Kp/zekHeoqoHsgYx0bkx8M3aY9TJFL034x2r1pjy9mj7Eo6haTF5Nm3AdpUwvOIOfAfTDP5RbOgm/COEji9OqZUg35tDl4bty23tsK+15Eu2zuheOLjb2iRfww/shJGk6z5vLiiG/hh+RQf/XT43iShVUYyY0l/2L1m+HE1dawOm3hSqS/GO8FG3KujEJYEGLenwzaaGVj55IjYW0E0QY6KQE8ql4gOt2CHAzK/S6U/0llgnZ2ZKCBoGL9t+CFe75S9ZSZJsLhl8LkGbDyEmR+T6ANif70kRLqiPSMLH5xHTfpf7/PjW9bL+XDJzOO0eF7G++0jLinXst72kbPms1IwOzkrXi625GI9yUPhpS8fU5b/u6fi6dhnizZ6JyYEHF7aVXx+NQ1h2cycCkTwq4KDUv49VC9aixtZiZB2l65TduQw95BZ8hOzQl5uE39892GzKSYAs0gJ2q/72KdsXr7spoT/rlUpwu4JluUQvSkglPQ35uoFjd6WE/5U0NHsixUVlfAriNRiHc= # AWS_SECRET_ACCESS_KEY - - secure: "NRTvDe1Eii9iZ0A9SVzN02C5Ud9Gd5F7YOALRoO4+PHTq8+yjuaaQbk9BlsC2yMWqlLNbnClJ0HHR4RjuM84mKIS3Wy8koi9ZJa43D7ZEqjqGf/GbBxF3oJ7ThEXqWuL8UcxmXarHIE+joUxMtWjNh2n+9//9YIgCELL2QnQ5duEkkNpeXlzPsgkLpeUVTnTLD5n1xPsGhr2ffAss1ktHoYQakyu+/8OWV1SmAjN/i1i3BCYfRZBWE/8HsIu5CMQPb95rUTANtlJVmcrEuKBs3I0TQIWFlWrREpREX1Ggh0zqX3za+3khJoSWMXS5ZcSsNQoz2YieMTANU1bEFGaFm+d7oZbj8LX9Xn/VeVOjCoBE85VSKkalFfrQ25lJCYVHxmpkQWUom73fMJqgBdI/QuS7EtV5w9imy5fnAvRAYvv4R+UVonwFJ2GVzMIWaZcFag4V035j6fhV36E2iFZdWGtXWS0eMR+77+vXxqy79rS34uuyEYLJp0CMJj/S4uqLlqbl7T7+Law4dlSYXJW5+vchN/wbuTx6jXUGnjQ91crxTMR4akMSXttt01MLdjJcS9qgelV51oEKiElo6T/sAF4LennB09E5csl5wvphwKxEq1QZgxrVPoR3HZ3obOJylYwENTREFxYVtBtuK1nxYBc73pcgBnA38N9vxnxFdQ=" + - secure: UgSuLr08ONqGJ5W5BLfVGC47P8AHh8/4u89GQEaR36Z1UdEo2e1buFOdMjZuBccsidB721LRCgn4yn+QafswTD7PvF7K/KoybUmseu3yR8LTf1HXInvYhqDnzI463i79B9A99GHFfjl/gZe4rNWYjCaJwIrAPkpsc11YOZU59BErL8RVwP8mCLXVlH4bEMUQFXHIddmDBBVV4M7+Dc1UBWc+ntHJPPoMpuzYJl7Lq32c5JPKs9Q3eEJuSnS3mAKCISobAG84Ck2VvcCxMfYJ/OARMl5eNmBZkLTAV3alSlrhhbwRzpAKc4YnmaWz6WJ49tNhZSwABPl+Om6LYiMVJg2a35Ocg7ru/5nz5VhaNUPCQeSOMmV2cM49MIdL4ZH/1hoB4StST4/vjcWQ5+HSIQEuEpEJx43J+oklIu8mgac9TpblgeoI50kryadFwgTqiAqMepsEvG9JKTIgcTOhb1ijAl+IVoKWLns04t2+oHuTFbqUrC6IlEi+5nATXUng65e1yiySZVgWuLwQyLa1Sajmgi9TiAKiUlTxt2eIzT7ok5SRSJxFZX3yGKXSw1SYi0knazQ2BUvcWsDbwLrp/SkQkzDh9ALjdT2027vtdIJviR+nyfzpKgx2PAmY5/JhzGK5pEZtE25XmOs1QLLC/XVKeDOp9t7Atgpl0QVW5x8= deploy: - provider: s3 - access_key_id: - secure: oNPkZAaz4bJaXDZxYq/PrudDy7VGMok9pPpfO3B7au68ieOlFKZQr5e93hoH4/ekDspL7ZlquudLyh4pVvv3a6wvRLp7bOmyvfVBPWdzvMhuFGcUaKgft+YU5/xlVamR8tK9ntVOWY1wmJg3NJ1D+1MbxIG980uu4bKfm8BhbZhCDbTl5vH41YlF1c4YCWaFxVFHE5prDDIWIUR8iiTcQKbzVSmIPJOFzx/ym1FK3ipLcNE5aKuB0lWEGF87CWvAQAwMtqhJpxIG9HLjkAjZ/e9TGRkTpndQD3M0zT4XDgQIHUsEl/inVeMC0lIrndFabv9MOLsz7tGv9fNpugtOT/sSa2kYVAFWHYEes+Lk+6ilnpxhf+VsVY0Y59igAlsP0BJexy0Qo9LkxUe79vmlEWFVp0wnc0DC3EQdxlYugXjUqSRRQx3zOs6zSygUOvGnwJmrXlm0f+FkpKfr3jKPjlcuWNL+hKWVpQtBwAYmBLsVE5pi+454MDwhQs498og921qE0ujBV1/snVUu3KCUjsxWyRYYd1Q6QPhBh1ch3lApFelAjuFlXDnUCukwYmQjdZpmky2aLqngHsGyWN9WyCPVic6nAgR9lZpblr+yEEoqZKGwyq2owBl7U2mhmyOnZ+hxCBrunuTPhVenKSZCQ21rt2Yt0pgp71ICSU3AP4g= - secret_access_key: - secure: PWviiizhR1S7RcrCpWke2kw8hWjUbF63jtvE7G0JnwO8l1+D30LqYml2jyhcpZFzQlh3WludBajrb9XDaEzyhGNLa06FcwxilHIHbtOIRfsKT9i5YKq6kHwVI/7Vvewigd0joWoihcmK5QQSBtE1P/yOq6+qBPz6DOIhfImQHIYloaTd0fbeRw552pSviol/JmuJFMrUNDUzhwBqZ4Sz1UgY5z0y3sKTNKPY4HoEObb+vX+vdynd89WqwNP32NjmE2vPlalMFtcbrk+gXrc+arurv9XYyJ3sIHxRPdrVBnIc1ZcscOq1UVasbvcU+IPwssXM/xxKvfPhtlZCeg+TGxlqCrFKPVlf0k4ESqVNQX6DsR+8PmaAbHESfW3lLRQmuWCn0ZvmyaHfOWZWoq0FtJByvnarAaC672x3ZbNyyBzfhndv4qbb+struFjOCacjGa2JfCCeflu8FsqoRVm89hDoU5DQ+cQ58kDzA7g/Zb1cvxD7k3K/Wxdlre2B5EPhKxtbfZfdXB6JXdgZbI+oIDrCO9X9gGbKo4CsHQgZVSQ7JR4do9P4BRIvA2bxUUcMUxJ4h+ZSNYs8/eUFks6EYUqGRyIZ6UP3g8/tdmhGNjgW03lnB9HqX17rc1HLV1p1hy2KPL4t7FB/ydC4cd/Ct5jpn3x4TwOEm5GJ370XUCM= - bucket: aws-native-chef-server - acl: public_read + provider: script + script: aws s3 sync . s3://aws-native-chef-server/ --exclude "*" --include "*.yaml" --include "files/*" + skip_cleanup: true on: branch: master diff --git a/README.md b/README.md index 0b7f61f..697cc8d 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,5 @@ +[![Build Status](https://travis-ci.org/chef-customers/aws_native_chef_server.svg?branch=master)](https://travis-ci.org/chef-customers/aws_native_chef_server) + # AWS Native Chef Stack A complete Chef Stack including: - Chef Automate 2 server, using EC2 Auto-Recovery @@ -118,7 +120,6 @@ Yes, it is significantly more robust and easier to operate. - Support for restoring from an RDS Snapshot and existing secrets bucket - Investigate better secrets handling (AWS secrets service?) - Investigate alternatives to AWS Postgres RDS, namely AWS Aurora's Postgres mode and/or RedShift -- Add Chef Automate as part of the deployment ([WIP](https://github.com/chef-customers/aws_native_chef_server/pull/37)) Contributions are welcomed! diff --git a/automate.yaml b/automate.yaml index 4b8474d..72ebd47 100644 --- a/automate.yaml +++ b/automate.yaml @@ -4,7 +4,7 @@ Description: AWS Native Automate 2 (auto-recovering standalone) v4.0.0 Parameters: # Required Parameters AutomationBucket: - Default: 'sce-pub' + Default: 'aws-native-chef-server' Type: String Description: AWS S3 bucket name that contains all of the cloudformation templates and scripts for this stack VPC: @@ -209,7 +209,7 @@ Resources: # attempt to fetch the script first as a signed request (private bucket), then unsigned, then fallback aws s3 cp s3://${AutomationBucket}/files/before.sh /root/before.sh || \ curl -s https://${AutomationBucket}.s3.amazonaws.com/files/before.sh -o /root/before.sh || \ - curl -s https://sce-pub.s3.amazonaws.com/files/before.sh -o /root/before.sh + curl -s https://aws-native-chef-server.s3.amazonaws.com/files/before.sh -o /root/before.sh bash -ex /root/before.sh # Execute AWS::CloudFormation::Init /opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource AutomateServer --region ${AWS::Region} diff --git a/boneyard/supermarket_ha.yaml b/boneyard/supermarket_ha.yaml index a8f724f..163bfff 100644 --- a/boneyard/supermarket_ha.yaml +++ b/boneyard/supermarket_ha.yaml @@ -4,7 +4,7 @@ Description: AWS Native Chef Server v4.0.0-alpha1 (not working yet) Parameters: # Required Parameters AutomationBucket: - Default: 'sce-pub' + Default: 'aws-native-chef-server' Type: String Description: AWS S3 bucket name that contains all of the cloudformation templates and scripts for this stack VPC: diff --git a/chef_server_ha.yaml b/chef_server_ha.yaml index 70c73a8..b361d5e 100644 --- a/chef_server_ha.yaml +++ b/chef_server_ha.yaml @@ -4,7 +4,7 @@ Description: AWS Native Chef Server (auto-scaling HA) v4.0.0 Parameters: # Required Parameters AutomationBucket: - Default: 'sce-pub' + Default: 'aws-native-chef-server' Type: String Description: AWS S3 bucket name that contains all of the cloudformation templates and scripts for this stack VPC: @@ -437,7 +437,7 @@ Resources: # attempt to fetch the script first as a signed request (private bucket), then unsigned (public bucket) aws s3 cp s3://${AutomationBucket}/files/before.sh /root/before.sh || \ curl -s https://${AutomationBucket}.s3.amazonaws.com/files/before.sh -o /root/before.sh || \ - curl -s https://sce-pub.s3.amazonaws.com/files/before.sh -o /root/before.sh + curl -s https://aws-native-chef-server.s3.amazonaws.com/files/before.sh -o /root/before.sh bash -ex /root/before.sh # Execute AWS::CloudFormation::Init /opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource ServerLaunchConfig --region ${AWS::Region} diff --git a/main.yaml b/main.yaml index e182a67..0aa55be 100644 --- a/main.yaml +++ b/main.yaml @@ -1,10 +1,10 @@ AWSTemplateFormatVersion: '2010-09-09' -Description: AWS Native Chef Stack v4.0.0-beta1 +Description: AWS Native Chef Stack v4.0.0 Parameters: # Required Parameters AutomationBucket: - Default: 'sce-pub' + Default: 'aws-native-chef-server' Type: String Description: AWS S3 bucket name that contains all of the cloudformation templates and scripts for this stack VPC: diff --git a/supermarket.yaml b/supermarket.yaml index 842be6b..4753f0a 100644 --- a/supermarket.yaml +++ b/supermarket.yaml @@ -4,7 +4,7 @@ Description: AWS Native Supermarket (auto-recovering standalone) v4.0.0 Parameters: # Required Parameters AutomationBucket: - Default: 'sce-pub' + Default: 'aws-native-chef-server' Type: String Description: AWS S3 bucket name that contains all of the cloudformation templates and scripts for this stack VPC: @@ -221,7 +221,7 @@ Resources: # attempt to fetch the script first as a signed request (private bucket), then unsigned (public bucket) aws s3 cp s3://${AutomationBucket}/files/before.sh /root/before.sh || \ curl -s https://${AutomationBucket}.s3.amazonaws.com/files/before.sh -o /root/before.sh || \ - curl -s https://sce-pub.s3.amazonaws.com/files/before.sh -o /root/before.sh + curl -s https://aws-native-chef-server.s3.amazonaws.com/files/before.sh -o /root/before.sh bash -ex /root/before.sh # Execute AWS::CloudFormation::Init /opt/aws/bin/cfn-init -v --stack ${AWS::StackName} --resource SupermarketServer --region ${AWS::Region}