terraform 配置程序 - 本地执行 bin/sh 目录不存在错误

发布于 2025-01-12 11:33:49 字数 1405 浏览 4 评论 0原文

使用 terraform 为 hashiVault 创建一些自签名 tlf 证书，我的模块中主要有问题的 terraform 位如下，我尝试了 2 种方法来使其工作。

第一种方式，从理论上讲，我认为应该有效：

      provisioner "local-exec" {
    command = "echo '${self.cert_pem}' > ../tls/ca.pem && chmod 0600 ../tls/ca.pem"
  }
}

  provisioner "local-exec" {
    command = "echo '${self.cert_pem}' > ../tls/vault.pem && echo '${tls_self_signed_cert.vault-ca.cert_pem}' >> ../tls/vault.pem && chmod 0600 ../tls/vault.pem"
  }

这会引发此错误：

│ ' > ../tls/ca.pem && chmod 0600 ../tls/ca.pem': exit status 2. Output:
│ /bin/sh: 1: cannot create ../tls/ca.pem: Directory nonexistent

如果我用硬编码路径替换 .. ，即：

      provisioner "local-exec" {
    command = "echo '${self.cert_pem}' > /etc/vault/tls/ca.pem && chmod 0600 /etc/vault/tls/ca.pem"
  }
}

  provisioner "local-exec" {
    command = "echo '${self.cert_pem}' > /etc/vault/tls/vault.pem && echo '${tls_self_signed_cert.vault-ca.cert_pem}' >> /etc/vault/tls/vault.pem && chmod 0600 /etc/vault/tls/vault.pem"
  }

我得到相同的错误，但显然显示了路径：

> /etc/vault/tls/ca.pem && chmod 0600 /etc/vault/tls/ca.pem': exit status
│ 2. Output: /bin/sh: 1: cannot create /etc/vault/tls/ca.pem: Directory
│ nonexistent

如果我继续看我自己的容器，路径 /etc/vault/tls 就在那里......

原文

Using terraform to create some self signed tlf certs for hashi vault, the main problematic terraform bits in my module is as follows, I have tried 2 ways to get this to work.

First way, which in theory, I think should work:

      provisioner "local-exec" {
    command = "echo '${self.cert_pem}' > ../tls/ca.pem && chmod 0600 ../tls/ca.pem"
  }
}

  provisioner "local-exec" {
    command = "echo '${self.cert_pem}' > ../tls/vault.pem && echo '${tls_self_signed_cert.vault-ca.cert_pem}' >> ../tls/vault.pem && chmod 0600 ../tls/vault.pem"
  }

Which throws this error:

│ ' > ../tls/ca.pem && chmod 0600 ../tls/ca.pem': exit status 2. Output:
│ /bin/sh: 1: cannot create ../tls/ca.pem: Directory nonexistent

And if I replace the .. with a hardcoded path i.e. this:

      provisioner "local-exec" {
    command = "echo '${self.cert_pem}' > /etc/vault/tls/ca.pem && chmod 0600 /etc/vault/tls/ca.pem"
  }
}

  provisioner "local-exec" {
    command = "echo '${self.cert_pem}' > /etc/vault/tls/vault.pem && echo '${tls_self_signed_cert.vault-ca.cert_pem}' >> /etc/vault/tls/vault.pem && chmod 0600 /etc/vault/tls/vault.pem"
  }

I get the same error but obviously showing the path instead:

> /etc/vault/tls/ca.pem && chmod 0600 /etc/vault/tls/ca.pem': exit status
│ 2. Output: /bin/sh: 1: cannot create /etc/vault/tls/ca.pem: Directory
│ nonexistent

If I go on and look at the container for myself, the path /etc/vault/tls is there....

分享到QQ

分享到微博

如果你对这篇内容有疑问，欢迎到本站社区发帖提问参与讨论，获取更多帮助，或者扫码二维码加入 Web 技术交流群。

发布评论

需要登录才能够评论，你可以免费注册一个本站的账号。

书信已泛黄 2025-01-19 11:33:49

您必须确保 /etc/vault/tls/ 存在，然后才能向其中写入文件：

 provisioner "local-exec" {
    command = "sudo mkdir -p /etc/vault/tls && sudo echo '${self.cert_pem}' > /etc/vault/tls/ca.pem && sudo chmod 0600 /etc/vault/tls/ca.pem"
  }

You have to ensure that /etc/vault/tls/ exists before you can write a file into it:

 provisioner "local-exec" {
    command = "sudo mkdir -p /etc/vault/tls && sudo echo '${self.cert_pem}' > /etc/vault/tls/ca.pem && sudo chmod 0600 /etc/vault/tls/ca.pem"
  }

回复收藏 0 原文

~没有更多了~