search

sborenst / ansible_aws_deployer

20 stars 20 forks source link

Example secret vars file needs to indicate aws information is needed #29

Open gnunn1 opened 7 years ago

gnunn1 commented 7 years ago

The file hosts.bu-workshop.j2 requires the awssecret* variables be defined, should the example_secret_vars.yml be updated to include these or is the expectation that they should be read from ~/.aws/credentials and something is not working for me?

thoraxe commented 7 years ago

From the documentation:

-- Each "environment" has two vars files _vars and _secret_vars in the Environment folder. The example_secret_vars file shows the format for what to put in your bu-workshop_secret_vars file, if you were using the bu-workshop playbook.

The bu-workshop_vars file contains most of the configuration settings to use in the environment. Really the only ones you should expect to modify are the domain-related and number of (workshop) user options. All AMIs and sizing is preconfigured and automatic for the AWS region you deploy into.

gnunn1 commented 7 years ago

It's quite possible I'm misunderstanding what you are getting at being very new to ansible, all I was suggesting is that the file example_secret_vars.yml, which is acting as a template, be updated to include aws_access_key_id and aws_secret_access_key so someone trying this out knows he has to fill them in.

thoraxe commented 7 years ago

No worries --

If you're using -e config=bu-workshop and the bu-workshop playbooks, the stuff is written so that it expects to look for a vars file that is called bu-workshop_secret_vars. You correctly interpreted the next part -- copy the example_secret_vars.yml to bu-workshop_secret_vars and put in the necessary "secret" information.

gnunn1 commented 7 years ago

I think all I'm getting at is that the only way I knew I had to populate the aws_secret variables specifically was to actually run the script and watch it fail. While the documentation as you point out says to copy the example_secret_vars.yml that file only has placeholders for the Red Hat subscription variables in it so there is no way for the user to know in advance about the need for the aws_secret variables.

That's why I'm saying to populate the example file with placeholder versions of the aws_secret variables, so the user knows he has to do this. That file already has placeholders for the Red Hat subscription credentials, just add this as well to make it a more user friendly experience, i.e.:

rhel_subscription_user: rhn-user
rhel_subscription_pass: 'Password'
rhel_pool_id:
  - "POOLID"
aws_access_key_id: aws-key-id
aws_secret_access_key: aws-secret-key

If the variables required are going to vary by config and you don't think other configs are very likely to need the aws_secret variables, then maybe update the workshop section in Readme.MD to mention these variables specifically.

thoraxe commented 7 years ago

OK, I understand what you're saying now.

The example file needs to be updated. I'll reopen this issue and change the subject.

thoraxe commented 7 years ago

@gnunn1 let me know if you think the subject is more appropriate/accurate now?

gnunn1 commented 7 years ago

That's fine, thanks for your patience

johannes-cabal commented 7 years ago

I'll take a look at this. On first run, you can do a check to see if the credential files exists. If it does not, prompt the user to generate and provide aws credentials.