Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

salt masterless provisioner cannot be run more than once #20323

Open
azban opened this issue Feb 13, 2019 · 1 comment

Comments

@azban
Copy link
Contributor

commented Feb 13, 2019

Terraform Version

Terraform v0.11.11

Terraform Configuration Files

resource "null_resource" "provisioner" {
  provisioner "salt-masterless" {
    local_state_tree = "${path.root}/../../salt/srv/salt"
    local_pillar_roots = "${path.root}/../../salt/srv/pillar"
    minion_config_file = "${path.root}/../../salt/etc/salt/studio-minion-${terraform.workspace}"
    log_level = "warning"
    connection = {
      host = "${aws_instance.main.public_ip}"
      type = "ssh"
      user = "ubuntu"
      # requires near-prod.pem to be symlinked
      # into top level of ops
      private_key = "${file("${path.root}/../../near-prod.pem")}"
    }
  }
}

Debug Output

null_resource.provisioner (salt-masterless): Uploading local state tree: /home/azban/near/ops/studio/terraform/../../salt/srv/salt
null_resource.provisioner (salt-masterless): Creating directory: /tmp/salt/states
null_resource.provisioner (salt-masterless): Removing directory: /srv/salt

Error: Error applying plan:

1 error(s) occurred:

* null_resource.provisioner: Unable to clear salt tree: error executing "rm -rf '/srv/salt'": Process exited with status 1

Expected Behavior

The provisioner should be able to run more than once. These files were moved with sudo and thus need to be removed with sudo.

Actual Behavior

The provisioner fails on subsequent runs because it doesn't have permission to remove dirs it created previously with sudo.

Steps to Reproduce

  1. add salt-masterless provisioner in null resource to config
  2. apply
  3. taint provisioner resource
  4. apply

Workaround

Adding the following provisioner block unblocked me

  provisioner "remote-exec" {
    inline = [
      "sudo rm -rf /srv/salt /srv/pillar",
    ]
    connection = {
      host = "${aws_instance.main.public_ip}"
      type = "ssh"
      user = "ubuntu"
      # requires near-prod.pem to be symlinked
      # into top level of ops
      private_key = "${file("${path.root}/../../near-prod.pem")}"
    }
  }
@azban

This comment has been minimized.

Copy link
Contributor Author

commented Feb 13, 2019

this fixes the issue, but unsure how to test

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
2 participants
You can’t perform that action at this time.