Extend remote_object resource with owner, group and mode

This allows to have a single action to download an item from S3 and assign it an owner, a group or a permission mode, without the need to specify a separate `file` action, which could generate an empty file in case the intended remote file does not exist. Signed-off-by: Jacopo De Amicis <jdamicis@amazon.it>
jdeamicis · Feb 5, 2024 · 9394fab · 9394fab
1 parent 219cd72
commit 9394fab
Show file tree

Hide file tree

Showing 2 changed files with 32 additions and 3 deletions.
diff --git a/cookbooks/aws-parallelcluster-slurm/recipes/config/retrieve_slurmdbd_config_from_s3.rb b/cookbooks/aws-parallelcluster-slurm/recipes/config/retrieve_slurmdbd_config_from_s3.rb
@@ -29,9 +29,6 @@
     destination "#{node['cluster']['slurm']['install_dir']}/etc/#{config_file}"
     sensitive true
     ignore_failure true
-  end
-
-  file "#{node['cluster']['slurm']['install_dir']}/etc/#{config_file}" do
     mode '0600'
     owner node['cluster']['slurm']['user']
     group node['cluster']['slurm']['group']

diff --git a/cookbooks/aws-parallelcluster-slurm/resources/remote_object/remote_object.rb b/cookbooks/aws-parallelcluster-slurm/resources/remote_object/remote_object.rb
@@ -20,6 +20,12 @@
 property :sensitive, [true, false],
          default: false,
          description: 'mark the resource as senstive'
+property :owner, required: false,
+         description: 'Owner of the file'
+property :group, required: false,
+         description: 'Group of the file'
+property :mode, required: false,
+         description: 'Permissions mode of the file (e.g. 0600)'
 
 default_action :get
 
@@ -29,6 +35,9 @@
     local_path = new_resource.destination
     # if running a test skip credential check
     no_sign_request = kitchen_test? ? "--no-sign-request" : ""
+    file_owner = new_resource.owner
+    file_group = new_resource.group
+    file_mode = new_resource.mode
 
     if source_url.start_with?("s3")
       Chef::Log.debug("Retrieving remote Object from #{source_url} to #{local_path} using S3 protocol")
@@ -45,6 +54,26 @@
         retries 3
         retry_delay 5
       end
+
+      # Change ownership
+      if file_owner
+        execute "change_file_owner" do
+          command "chown #{file_owner} #{local_path}"
+        end
+      end
+      if file_group
+        execute "change_file_group" do
+          command "chown :#{file_group} #{local_path}"
+        end
+      end
+
+      # Change permissions
+      if file_mode
+        execute "change_file_mode" do
+          command "chmod #{file_mode} #{local_path}"
+        end
+      end
+
     else
       Chef::Log.debug("Retrieving remote Object from #{source_url} to #{local_path}")
 
@@ -53,6 +82,9 @@
         path local_path
         source source_url
         sensitive new_resource.sensitive
+        owner file_owner if file_owner
+        group file_group if file_group
+        mode file_mode if file_mode
         retries 3
         retry_delay 5
       end