From b5c784120a0c01d19e64129b8dfd93812bddeed1 Mon Sep 17 00:00:00 2001 From: Guillaume Coré <gucore@redhat.com> Date: Mon, 03 Sep 2018 14:10:46 +0200 Subject: [PATCH] bucket name must be unique across all AWS account --- ansible/roles/infra-ec2-template-generate/tasks/main.yml | 21 ++++++++++++++++++--- ansible/roles/infra-ec2-template-create/tasks/main.yml | 2 +- 2 files changed, 19 insertions(+), 4 deletions(-) diff --git a/ansible/roles/infra-ec2-template-create/tasks/main.yml b/ansible/roles/infra-ec2-template-create/tasks/main.yml index a58289b..a41fe44 100644 --- a/ansible/roles/infra-ec2-template-create/tasks/main.yml +++ b/ansible/roles/infra-ec2-template-create/tasks/main.yml @@ -64,7 +64,7 @@ region: "{{ aws_region_loop | d(aws_region) | d(region) | d('us-east-1')}}" # rollback is unreliable, it can make this task hang forever. disable_rollback: true - template_url: "https://s3.amazonaws.com/redhat-gpe-cloudformation-templates/{{env_type}}.{{guid}}.{{cloud_provider}}_cloud_template" + template_url: "https://s3.amazonaws.com/{{bucket_templates}}/{{env_type}}.{{guid}}.{{cloud_provider}}_cloud_template" tags: "{{ cf_tags | combine(cloud_tags_final)}}" tags: - aws_infrastructure_deployment diff --git a/ansible/roles/infra-ec2-template-generate/tasks/main.yml b/ansible/roles/infra-ec2-template-generate/tasks/main.yml index ebb4295..83b2565 100644 --- a/ansible/roles/infra-ec2-template-generate/tasks/main.yml +++ b/ansible/roles/infra-ec2-template-generate/tasks/main.yml @@ -45,12 +45,27 @@ AWS_SECRET_ACCESS_KEY: "{{aws_secret_access_key}}" AWS_DEFAULT_REGION: "{{aws_region_final|d(aws_region)}}" block: + - name: Get user name + command: aws iam get-user + register: rget_user + ignore_errors: yes + + # Bucket name must be globally unique. Use the userID to define the bucketname. + # Otherwise when we use the code in another account it fails because the bucket + # already exists. + - set_fact: + aws_account_user: "{{rget_user.stdout|from_json|json_query('User.UserId')}}" + ignore_errors: yes + + - set_fact: + bucket_templates: "cloudformation-templates-{{aws_account_user|default('user')}}" + - name: Create bucket s3_bucket: - name: redhat-gpe-cloudformation-templates + name: "{{bucket_templates}}" - name: Copy Template to S3 aws_s3: - bucket: redhat-gpe-cloudformation-templates + bucket: "{{bucket_templates}}" object: "{{ env_type }}.{{ guid }}.{{cloud_provider}}_cloud_template" src: "{{ANSIBLE_REPO_PATH}}/workdir/{{ env_type }}.{{ guid }}.{{cloud_provider}}_cloud_template" mode: put @@ -83,7 +98,7 @@ command: >- aws cloudformation validate-template --region {{ aws_region_final | d(aws_region) | default(region) | default('us-east-1')}} - --template-url https://s3.amazonaws.com/redhat-gpe-cloudformation-templates/{{env_type}}.{{guid}}.{{cloud_provider}}_cloud_template + --template-url https://s3.amazonaws.com/{{bucket_templates}}/{{env_type}}.{{guid}}.{{cloud_provider}}_cloud_template changed_when: false register: cloudformation_validation until: cloudformation_validation is succeeded -- Gitblit v1.9.3