https://pulumi.com logo
#google-cloud
Title
# google-cloud
a

ancient-chef-75106

12/27/2023, 9:45 PM
Hi, I am creating a VM in Compute Engine and I'm using this startup script:
Copy code
const startupScript = `#!/bin/bash
# Set working directory
cd /opt/

# Download backup
git clone <https://github.com/diavrank/${projectName}>
cd ${projectName}

# Install Docker
${installDocker}

# Install Docker Compose
${installDockerCompose}

# Install Doppler
${installDoppler}


# Create Docker Compose Yaml file
cat <<EOF > docker-compose.yml
${dockerComposeYaml}
EOF

# Prepare mongo server volume
mkdir data
sudo chown -R 1001 data

# Configure doppler service token
export HISTIGNORE='doppler*'
echo '${serviceToken}' | doppler configure set token --scope /opt/${projectName}

# Run mongo servers
doppler run -- docker-compose up -d mongo-primary mongo-secondary mongo-arbiter

# Load initial backup
docker exec -ti mongo-primary bash -c 'cd /opt/database && sh restore-db.sh'

`;
For some reason, it's executing until
sudo chown -R 1001 data
command and I'm not sure why. I have to do the rest of the commands manually from the VM. Does anyone know what could be the reason? I am executing the pulumi program with Doppler (a secrets manager):
Copy code
doppler run -- pulumi up
this is the Instance configuration:
Copy code
const computeInstance = new gcp.compute.Instance("pulumi-instance", {
    machineType: "e2-medium",
    metadataStartupScript: startupScript,
    bootDisk: {
        initializeParams: {
            image: "ubuntu-os-cloud/ubuntu-2004-lts", // get list names with command: gcloud compute images list
        },
    },
    networkInterfaces: [{
        network: computeNetwork.id,
        accessConfigs: [{}], // must be empty to request an ephemeral IP
    }],
    serviceAccount: {
        scopes: ["<https://www.googleapis.com/auth/cloud-platform>"],
    },
    tags: ["http-server"]
}, { dependsOn: [computeFirewall] });
g

glamorous-jelly-86558

12/27/2023, 10:38 PM
This is just a guess… but does
sudo chown -R 1001 data
require some type of interactive input (e.g. a password)?
a

ancient-chef-75106

12/28/2023, 5:40 AM
good question, supposedly the VM is not configured with a password but I'm gonna try by removing sudo command to see if it works. Thanks for the tip 👍