search

awslabs / harmonix

A developer portal to meet your Enterprise needs. Fast, secure, and at-scale.
https://harmonixonaws.io/
Apache License 2.0
207 stars 42 forks source link

Changes needed to build on own AWS account. #113

Open awsandy opened 1 month ago

awsandy commented 1 month ago

All,

I needed to change a few things for my self build on my AWS account to get this to work I thought I'd report:

I had to change the user_data script for the gitlab server:

  1. to call apt_wait just before the gitlab-ce install
    (as other agents in my environment try to jump in and install security tooling when a new EC2 instance comes up)

  2. change all occurrences of gitlab-rails to: /opt/gitlab/bin/gitlab-rails. As the script could not find gitlab-rails.

Also - later in the build. I had to change the secret values for authServerId & idp - as they both had 4x double quotes:

"authServerId": """", "idp": """"

This meant the ECS tasks failed to start with an error about failing to access a value in secretsmanager

I changed these values to:

"authServerId": "", "idp": ""

and everything came up ok then

So what should the placeholders for these be set to in the ".env" file - presumably not "" ?

z-sourcecode commented 1 month ago

Hi @awsandy thanks for your feedback!

  1. would you consider submitting MR with these changes? We yet to encounter it but perhaps others have, and it will be a good idea to add additional wait step.
  2. Interesting. We never encounter this in our various automated tests or workshop provisioning. can you share which version of GitLab CE? / and build image you are using?
  3. the quadruple quotes is a mistake, kindly consider adding them to the MR. Having example values will also help with editing the .env file.