From 7e359950ffa0079052e680f6a541ceec88b46f53 Mon Sep 17 00:00:00 2001 From: Tom Downes Date: Fri, 2 Aug 2024 21:14:05 +0000 Subject: [PATCH] Enable local SSD formatting solution to set POSIX permissions --- modules/scripts/startup-script/README.md | 2 +- modules/scripts/startup-script/main.tf | 1 + modules/scripts/startup-script/variables.tf | 15 +++++++++++---- 3 files changed, 13 insertions(+), 5 deletions(-) diff --git a/modules/scripts/startup-script/README.md b/modules/scripts/startup-script/README.md index d4d8cd87db..dbfb3f8e4c 100644 --- a/modules/scripts/startup-script/README.md +++ b/modules/scripts/startup-script/README.md @@ -298,7 +298,7 @@ No modules. | [install\_docker](#input\_install\_docker) | Install Docker command line tool and daemon. | `bool` | `false` | no | | [install\_stackdriver\_agent](#input\_install\_stackdriver\_agent) | Run Google Stackdriver Agent installation script if set to true. Preferred over ops agent for performance. | `bool` | `false` | no | | [labels](#input\_labels) | Labels for the created GCS bucket. Key-value pairs. | `map(string)` | n/a | yes | -| [local\_ssd\_filesystem](#input\_local\_ssd\_filesystem) | Create and mount a filesystem from local SSD disks (data will be lost if VMs are powered down without enabling migration); enable by setting mountpoint field to a valid directory path. | 
object({
    fs_type    = optional(string, "ext4")
    mountpoint = optional(string, "")
  })
| 
{
  "fs_type": "ext4",
  "mountpoint": ""
}
| no | +| [local\_ssd\_filesystem](#input\_local\_ssd\_filesystem) | Create and mount a filesystem from local SSD disks (data will be lost if VMs are powered down without enabling migration); enable by setting mountpoint field to a valid directory path. | 
object({
    fs_type     = optional(string, "ext4")
    mountpoint  = optional(string, "")
    permissions = optional(string, "0755")
  })
| 
{
  "fs_type": "ext4",
  "mountpoint": "",
  "permissions": "0755"
}
| no | | [prepend\_ansible\_installer](#input\_prepend\_ansible\_installer) | DEPRECATED. Use `install_ansible=false` to prevent ansible installation. | `bool` | `null` | no | | [project\_id](#input\_project\_id) | Project in which the HPC deployment will be created | `string` | n/a | yes | | [region](#input\_region) | The region to deploy to | `string` | n/a | yes | diff --git a/modules/scripts/startup-script/main.tf b/modules/scripts/startup-script/main.tf index 25e403dc09..8a6c1dd6cb 100644 --- a/modules/scripts/startup-script/main.tf +++ b/modules/scripts/startup-script/main.tf @@ -107,6 +107,7 @@ locals { args = join(" ", [ "-e mountpoint=${var.local_ssd_filesystem.mountpoint}", "-e fs_type=${var.local_ssd_filesystem.fs_type}", + "-e mode=${var.local_ssd_filesystem.permissions}", ]) }, ] diff --git a/modules/scripts/startup-script/variables.tf b/modules/scripts/startup-script/variables.tf index 2b78d96c06..3975a69614 100644 --- a/modules/scripts/startup-script/variables.tf +++ b/modules/scripts/startup-script/variables.tf @@ -129,8 +129,9 @@ variable "install_docker" { variable "local_ssd_filesystem" { description = "Create and mount a filesystem from local SSD disks (data will be lost if VMs are powered down without enabling migration); enable by setting mountpoint field to a valid directory path." type = object({ - fs_type = optional(string, "ext4") - mountpoint = optional(string, "") + fs_type = optional(string, "ext4") + mountpoint = optional(string, "") + permissions = optional(string, "0755") }) validation { @@ -143,9 +144,15 @@ variable "local_ssd_filesystem" { error_message = "To enable local SSD filesystems, var.local_ssd_filesystem.mountpoint must be set to an absolute path to a mountpoint." } + validation { + condition = length(regexall("^[0-7]{3,4}$", var.local_ssd_filesystem.permissions)) > 0 + error_message = "The POSIX permissions for the mountpoint must be represented as a 3 or 4-digit octal" + } + default = { - fs_type = "ext4" - mountpoint = "" + fs_type = "ext4" + mountpoint = "" + permissions = "0755" } nullable = false