运行sh脚本在Beanstalk部署之后。

huangapple
go评论59阅读模式
英文:

How to run sh script after beanstalk deploy

问题

我有一个在Beanstalk上运行的Spring Boot应用程序。

由于它连接到Keycloak服务器,我需要安装它的证书。

我已经在EC2实例上直接完成了这个过程,但由于环境是临时的,我需要在每次新部署或实例初始化后自动完成。

如果.ebextensions可以实现这一点,该如何做呢?

英文:

I have a spring boot application that runs on beanstalk.

Since it's conencted to a keycloak server, i need to install it's certificate.

i've done it directly in the ec2 instance, but since the environement is transient, i need to make it automatic after each new deploy or instance initialisation.

How can i do that, if .ebextensions makes this possible, how to do it?

答案1

得分: 1

是的,使用.ebextensions 应该可以工作。

根据使用配置文件进行高级环境定制(.ebextensions),如果你在项目仓库的根目录创建.ebextensions 并在其中放置以.config 结尾的配置脚本,Beanstalk 将在每次部署时运行这些脚本。

注意:

  1. .config 脚本必须使用 Beanstalk 特定的配置语法。

  2. Beanstalk 按字母顺序运行脚本,不关心你使用的文件名,只要它们以.config 结尾。

  3. Beanstalk 在每次部署的一部分作为启动应用程序之前运行脚本... 这恰好是你想要的,以避免在证书创建之前启动 Spring Boot 应用程序时出现“文件未找到”异常。

Beanstalk 在 Beanstalk 配置文件中支持多种不同的指令,但我认为你只需要files:command: 就可以使事情正常运作。

我为你创建了下面的示例配置文件:

# .ebextensions/01_install_keycloak_cert.config

files:
  "/etc/pki/ca-trust/source/anchors/keycloak.crt":
    mode: "000644"
    owner: "root"
    group: "root"
    content: |
      -----BEGIN CERTIFICATE-----
      <insert certificate here>
      -----END CERTIFICATE-----      

commands:
  01_update_ca_trust:
    command: update-ca-trust extract

请注意,我没有使用 Keycloak 或测试此解决方案,但我基于以下信息创建了它:

英文:

Yes, using .ebextensions should work.

Per the Advanced environment customization with configuration files (.ebextensions), if you create .ebextensions at the root of your project repository and place configuration scripts in it with names ending in .config, Beanstalk will run these scripts as part of each deployment.

Note that:

  1. A .config script must use the Beanstalk-specific configuration syntax.

  2. Beanstalk runs scripts in alphabetical order an doesn't care what file names you use as long as they end in .config

  3. Beanstalk runs the scripts as part of each deployment before it launches your application... which I think is exactly what you want in order to avoid a "file not found" exception from your Spring Boot app being started before the certificate has been created.

Beanstalk supports a number of different directives in a Beanstalk config file, but I think you'll only need files: and command: to get things working.

I created the example config file below for you:

# .ebextensions/01_install_keycloak_cert.config

files:
  &quot;/etc/pki/ca-trust/source/anchors/keycloak.crt&quot;:
    mode: &quot;000644&quot;
    owner: &quot;root&quot;
    group: &quot;root&quot;
    content: |
      -----BEGIN CERTIFICATE-----
      &lt;insert certificate here&gt;
      -----END CERTIFICATE-----      

commands:
  01_update_ca_trust:
    command: update-ca-trust extract

Note that I have not worked with Keycloak or tested this solution, but I did base it off of the information below:

huangapple
  • 本文由 发表于 2023年5月7日 04:36:29
  • 转载请务必保留本文链接:https://go.coder-hub.com/76191021.html
  • amazon-elastic-beanstalk
  • amazon-web-services
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定