diff --git a/aws_deprecated/aws/main.tf b/aws_deprecated/aws/main.tf
index 88383e2..34d750a 100644
--- a/aws_deprecated/aws/main.tf
+++ b/aws_deprecated/aws/main.tf
@@ -8,7 +8,7 @@ terraform {
}
-# Should be updated
+# Should be updated
variable "region" {
type = string
@@ -80,7 +80,7 @@ variable "tags" {
variable "finalize_cmd" {
type = string
description = "Finalize command"
- default = "sudo /home/admin/processor/release/finalize.sh --main"
+ default = "sudo /home/admin/processor/release/finalize.sh"
}
variable "proxy" {
diff --git a/aws_deprecated/aws_combined/main.tf b/aws_deprecated/aws_combined/main.tf
index e6ad141..195075e 100644
--- a/aws_deprecated/aws_combined/main.tf
+++ b/aws_deprecated/aws_combined/main.tf
@@ -5,10 +5,10 @@ terraform {
version = "~> 4.45"
}
}
- # Optional: add a backend to store tf state in AWS. Otherwise, make sure to keep you tfstate!
+ # Optional: add a backend to store tf state in AWS. Otherwise, make sure to keep you tfstate!
}
-# Should be updated
+# Should be updated
variable "region" {
type = string
@@ -61,7 +61,7 @@ variable "certificate_arn" {
variable "finalize_cmd" {
type = string
description = "Finalize command"
- default = "sudo /home/admin/processor/release/finalize.sh --main"
+ default = "sudo /home/admin/processor/release/finalize.sh"
}
variable "proxy" {
diff --git a/aws_deprecated/aws_combined_ha/main.tf b/aws_deprecated/aws_combined_ha/main.tf
index fb5cd64..d2672f8 100644
--- a/aws_deprecated/aws_combined_ha/main.tf
+++ b/aws_deprecated/aws_combined_ha/main.tf
@@ -5,10 +5,10 @@ terraform {
version = "~> 4.45"
}
}
- # Optional: add a backend to store tf state in AWS. Otherwise, make sure to keep you tfstate!
+ # Optional: add a backend to store tf state in AWS. Otherwise, make sure to keep you tfstate!
}
-# Should be updated
+# Should be updated
variable "region" {
type = string
@@ -67,7 +67,7 @@ variable "certificate_arn" {
variable "finalize_cmd" {
type = string
description = "Finalize command"
- default = "sudo /home/admin/processor/release/finalize.sh --main"
+ default = "sudo /home/admin/processor/release/finalize.sh"
}
# Configure the AWS Provider
diff --git a/aws_v2/README.md b/aws_v2/README.md
index 079fc66..adff284 100644
--- a/aws_v2/README.md
+++ b/aws_v2/README.md
@@ -1,10 +1,10 @@
```
- ____ _ ____ _ _
- / ___|__ _ __| | ___ / ___| ___ ___ _ _ _ __(_) |_ _ _
+ ____ _ ____ _ _
+ / ___|__ _ __| | ___ / ___| ___ ___ _ _ _ __(_) |_ _ _
| | / _` |/ _` |/ _ \ \___ \ / _ \/ __| | | | '__| | __| | | |
| |__| (_| | (_| | (_) | ___) | __/ (__| |_| | | | | |_| |_| |
\____\__,_|\__,_|\___/ |____/ \___|\___|\__,_|_| |_|\__|\__, |
- |___/
+ |___/
```
# CadoResponse AWS Terraform CLI Deployment
## Table of Contents
@@ -32,8 +32,8 @@ This Terraform package contains instructions to configure and deploy CadoRespons
## Deploy
* Inside this directory, deploy with these commands:
1. initialize terraform and required modules: `terraform init`
- 2. Confirm configuration and view deployment plan: `terraform plan -var-file="awsVars.tfvars"`
- 3. Deploy: `terraform apply -var-file="awsVars.tfvars"`
+ 2. Confirm configuration and view deployment plan: `terraform plan -var-file="awsVars.tfvars"`
+ 3. Deploy: `terraform apply -var-file="awsVars.tfvars"`
To teardown the deployed stack: `terraform destroy -var-file="awsVars.tfvars"`
@@ -70,7 +70,7 @@ No resources.
| [custom\_networking](#input\_custom\_networking) | Custom networking configuration. Set to null to create new resources. | object({
vpc_id = string
public_subnet_id = string
private_subnet_id = string
public_subnet_b_id = string
}) | `null` | no |
| [deploy\_nfs](#input\_deploy\_nfs) | Deploy NFS for storing files after processing. Setting to false will disable the re-running of analysis pipelines and downloading files. | `bool` | `true` | no |
| [feature\_flag\_platform\_upgrade](#input\_feature\_flag\_platform\_upgrade) | n/a | `bool` | `false` | no |
-| [finalize\_cmd](#input\_finalize\_cmd) | Finalize command | `string` | `"sudo /home/admin/processor/release/finalize.sh --main"` | no |
+| [finalize\_cmd](#input\_finalize\_cmd) | Finalize command | `string` | `"sudo /home/admin/processor/release/finalize.sh"` | no |
| [http\_location](#input\_http\_location) | IP address to allow http access from | `list(string)` | n/a | yes |
| [instance\_worker\_type](#input\_instance\_worker\_type) | Set Worker instance type | `string` | `"i4i.2xlarge"` | no |
| [key\_name](#input\_key\_name) | n/a | `string` | n/a | yes |
diff --git a/aws_v2/variables.tf b/aws_v2/variables.tf
index efcdf49..068ef31 100644
--- a/aws_v2/variables.tf
+++ b/aws_v2/variables.tf
@@ -101,7 +101,7 @@ variable "proxy_whitelist" {
variable "finalize_cmd" {
type = string
description = "Finalize command"
- default = "sudo /home/admin/processor/release/finalize.sh --main"
+ default = "sudo /home/admin/processor/release/finalize.sh"
}
diff --git a/azure/azure_transient/main.tf b/azure/azure_transient/main.tf
index d0be8e6..618ad06 100644
--- a/azure/azure_transient/main.tf
+++ b/azure/azure_transient/main.tf
@@ -62,7 +62,7 @@ variable "ssh_key_private" {
variable "finalize_cmd" {
type = string
description = "Finalize command"
- default = "sudo /home/admin/processor/release/finalize.sh --main"
+ default = "sudo /home/admin/processor/release/finalize.sh"
}
variable "proxy" {
diff --git a/azure/cado/main.tf b/azure/cado/main.tf
index a81bbdb..f3b2504 100644
--- a/azure/cado/main.tf
+++ b/azure/cado/main.tf
@@ -103,7 +103,7 @@ variable "ssh_key_private" {
variable "finalize_cmd" {
type = string
description = "Finalize command"
- default = "sudo /home/admin/processor/release/finalize.sh --main" # Do not change
+ default = "sudo /home/admin/processor/release/finalize.sh" # Do not change
}
variable "proxy" {
diff --git a/gcp/README.md b/gcp/README.md
index b43eeca..49471ef 100644
--- a/gcp/README.md
+++ b/gcp/README.md
@@ -1,10 +1,10 @@
```
- ____ _ ____ _ _
- / ___|__ _ __| | ___ / ___| ___ ___ _ _ _ __(_) |_ _ _
+ ____ _ ____ _ _
+ / ___|__ _ __| | ___ / ___| ___ ___ _ _ _ __(_) |_ _ _
| | / _` |/ _` |/ _ \ \___ \ / _ \/ __| | | | '__| | __| | | |
| |__| (_| | (_| | (_) | ___) | __/ (__| |_| | | | | |_| |_| |
\____\__,_|\__,_|\___/ |____/ \___|\___|\__,_|_| |_|\__|\__, |
- |___/
+ |___/
```
# CadoResponse GCP Terraform CLI Deployment
## Table of Contents
@@ -62,7 +62,7 @@ No resources.
| [deploy\_acquisition\_permissions](#input\_deploy\_acquisition\_permissions) | Deploy instance with permissions needed for same project acquisitions | `bool` | `true` | no |
| [deploy\_nfs](#input\_deploy\_nfs) | Deploy NFS for storing files after processing. Setting to false will disable the re-running of analysis pipelines and downloading files. | `bool` | `true` | no |
| [enable\_platform\_updates](#input\_enable\_platform\_updates) | Enable platform updates, False requires updates via Terraform | `bool` | `true` | no |
-| [finalize\_cmd](#input\_finalize\_cmd) | Command to run on the VM after deployment | `string` | `"sudo /home/admin/processor/release/finalize.sh --main"` | no |
+| [finalize\_cmd](#input\_finalize\_cmd) | Command to run on the VM after deployment | `string` | `"sudo /home/admin/processor/release/finalize.sh"` | no |
| [image](#input\_image) | Cado Response VM image path | `string` | `"projects/cado-public/global/images/cadoresponse"` | no |
| [inbound\_ports](#input\_inbound\_ports) | The list of ports to open | `list(string)` | [
"22",
"443"
]
| no |
| [instance\_worker\_type](#input\_instance\_worker\_type) | Set Worker instance type | `string` | `"n2-highmem-8"` | no |
diff --git a/gcp/modules/deploy/main.tf b/gcp/modules/deploy/main.tf
index bb4583b..f9ed0a5 100644
--- a/gcp/modules/deploy/main.tf
+++ b/gcp/modules/deploy/main.tf
@@ -32,39 +32,42 @@ resource "google_compute_instance" "vm_instance" {
scopes = ["cloud-platform"] # TODO This gives default perms, revisit this if we're having auth issues
}
- metadata_startup_script = join("\n", concat([
- "#!/bin/bash -x",
- "storage_bucket=${google_storage_bucket.bucket.name}",
- "echo [FIRST_RUN] > /home/admin/processor/first_run.cfg",
- var.deploy_nfs ? "echo filestore_ip = ${google_filestore_instance.filestore_instance[0].networks[0].ip_addresses[0]} >> /home/admin/processor/first_run.cfg" : "",
- var.deploy_nfs ? "echo filestore_name = ${google_filestore_instance.filestore_instance[0].file_shares[0].name} >> /home/admin/processor/first_run.cfg" : "",
- "echo bucket = $storage_bucket >> /home/admin/processor/first_run.cfg",
- "echo service_account_email = ${var.service_account} >> /home/admin/processor/first_run.cfg",
- "echo deployment_mode = terraform >> /home/admin/processor/first_run.cfg",
- "echo feature_flag_platform_upgrade = ${var.enable_platform_updates} >> /home/admin/processor/first_run.cfg",
- "echo PROXY_url = ${var.proxy} >> /home/admin/processor/first_run.cfg",
- "echo PROXY_cert_url = ${var.proxy_cert_url} >> /home/admin/processor/first_run.cfg",
- "echo PROXY_whitelist = ${join(",", var.proxy_whitelist)} >> /home/admin/processor/first_run.cfg",
- "echo worker_instance = ${var.instance_worker_type} >> /home/admin/processor/first_run.cfg",
- "echo local_workers = ${var.local_workers} >> /home/admin/processor/first_run.cfg",
- "echo minimum_role_deployment = ${!var.deploy_acquisition_permissions} >> /home/admin/processor/first_run.cfg",
- "echo -n ${var.use_secrets_manager} > /home/admin/processor/envars/USE_SECRETS_MANAGER",
- ],
- [
- for k, v in var.tags :
- "echo CUSTOM_TAG_${k} = ${v} | sudo tee -a /home/admin/processor/first_run.cfg"
- ],
- [
- join(" ", concat([
- "${var.finalize_cmd}",
- var.proxy != "" ? " --proxy ${var.proxy}" : "",
- var.proxy_cert_url != "" ? " --proxy-cert-url ${var.proxy_cert_url}" : "",
- length(var.proxy_whitelist) > 0 ? " --proxy-whitelist ${join(",", var.proxy_whitelist)}" : "",
- "2>&1 | sudo tee /home/admin/processor/init_out"
- ]))
- ],
+ metadata = {
+ user-data = join("\n", concat([
+ "#!/bin/bash -x",
+ "storage_bucket=${google_storage_bucket.bucket.name}",
+ "echo [FIRST_RUN] > /home/admin/processor/first_run.cfg",
+ var.deploy_nfs ? "echo filestore_ip = ${google_filestore_instance.filestore_instance[0].networks[0].ip_addresses[0]} >> /home/admin/processor/first_run.cfg" : "",
+ var.deploy_nfs ? "echo filestore_name = ${google_filestore_instance.filestore_instance[0].file_shares[0].name} >> /home/admin/processor/first_run.cfg" : "",
+ "echo bucket = $storage_bucket >> /home/admin/processor/first_run.cfg",
+ "echo service_account_email = ${var.service_account} >> /home/admin/processor/first_run.cfg",
+ "echo deployment_mode = terraform >> /home/admin/processor/first_run.cfg",
+ "echo feature_flag_platform_upgrade = ${var.enable_platform_updates} >> /home/admin/processor/first_run.cfg",
+ "echo PROXY_url = ${var.proxy} >> /home/admin/processor/first_run.cfg",
+ "echo PROXY_cert_url = ${var.proxy_cert_url} >> /home/admin/processor/first_run.cfg",
+ "echo PROXY_whitelist = ${join(",", var.proxy_whitelist)} >> /home/admin/processor/first_run.cfg",
+ "echo worker_instance = ${var.instance_worker_type} >> /home/admin/processor/first_run.cfg",
+ "echo local_workers = ${var.local_workers} >> /home/admin/processor/first_run.cfg",
+ "echo minimum_role_deployment = ${!var.deploy_acquisition_permissions} >> /home/admin/processor/first_run.cfg",
+ "echo -n ${var.use_secrets_manager} > /home/admin/processor/envars/USE_SECRETS_MANAGER",
+ ],
+ [
+ for k, v in var.tags :
+ "echo CUSTOM_TAG_${k} = ${v} | sudo tee -a /home/admin/processor/first_run.cfg"
+ ],
+ [
+ join(" ", concat([
+ "${var.finalize_cmd}",
+ var.proxy != "" ? " --proxy ${var.proxy}" : "",
+ var.proxy_cert_url != "" ? " --proxy-cert-url ${var.proxy_cert_url}" : "",
+ length(var.proxy_whitelist) > 0 ? " --proxy-whitelist ${join(",", var.proxy_whitelist)}" : "",
+ "2>&1 | sudo tee /home/admin/processor/init_out"
+ ]))
+ ],
+ )
)
- )
+ }
+
}
resource "google_compute_address" "ip" {
diff --git a/gcp/modules/iam/main.tf b/gcp/modules/iam/main.tf
index 91adbdb..87803a6 100644
--- a/gcp/modules/iam/main.tf
+++ b/gcp/modules/iam/main.tf
@@ -38,6 +38,7 @@ locals {
"compute.networks.get",
"compute.networks.list",
"compute.instances.setTags",
+ "compute.instances.get",
// Adjusting Settings
"compute.machineTypes.get",
diff --git a/gcp/variables.tf b/gcp/variables.tf
index 5d94412..06997fa 100644
--- a/gcp/variables.tf
+++ b/gcp/variables.tf
@@ -53,7 +53,7 @@ variable "vol_size" {
variable "finalize_cmd" {
description = "Command to run on the VM after deployment"
type = string
- default = "sudo /home/admin/processor/release/finalize.sh --main"
+ default = "sudo /home/admin/processor/release/finalize.sh"
}
# Networking options