provision: fix ec2 region assignment, key perms (#527)

* bump aws-sdk-go version * instantiate new client on region change * create key under perm 0400
ubclaunchpad · Feb 3, 2019 · 8d45be4 · 8d45be4
1 parent 9b07803
commit 8d45be4
Show file tree

Hide file tree

Showing 4 changed files with 35 additions and 29 deletions.
diff --git a/Gopkg.lock b/Gopkg.lock
diff --git a/Gopkg.toml b/Gopkg.toml
@@ -33,7 +33,7 @@
 
 [[constraint]]
   name = "github.com/aws/aws-sdk-go"
-  version = "1.15.9"
+  version = "1.16.26"
 
 [[constraint]]
   name = "github.com/docker/docker"

diff --git a/local/storage.go b/local/storage.go
@@ -86,5 +86,5 @@ func GetProjectConfigFromDisk(relPath string) (*cfg.Config, string, error) {
 
 // SaveKey writes a key to given path
 func SaveKey(keyMaterial string, path string) error {
-	return ioutil.WriteFile(path, []byte(keyMaterial), 0644)
+	return ioutil.WriteFile(path, []byte(keyMaterial), 0400)
 }
diff --git a/provision/ec2.go b/provision/ec2.go
@@ -60,7 +60,7 @@ func (p *EC2Provisioner) GetUser() string { return p.user }
 // ListImageOptions lists available Amazon images for your given region
 func (p *EC2Provisioner) ListImageOptions(region string) ([]string, error) {
 	// Set requested region
-	p.client.Config.WithRegion(region)
+	p.WithRegion(region)
 
 	// Query for easily supported images
 	output, err := p.client.DescribeImages(&ec2.DescribeImagesInput{
@@ -139,7 +139,7 @@ type EC2CreateInstanceOptions struct {
 // CreateInstance creates an EC2 instance with given properties
 func (p *EC2Provisioner) CreateInstance(opts EC2CreateInstanceOptions) (*cfg.RemoteVPS, error) {
 	// Set requested region
-	p.client.Config.WithRegion(opts.Region)
+	p.WithRegion(opts.Region)
 
 	// Generate authentication
 	var keyName = fmt.Sprintf("%s_%s_inertia_key_%d", opts.Name, p.user, time.Now().UnixNano())
@@ -301,6 +301,12 @@ func (p *EC2Provisioner) CreateInstance(opts EC2CreateInstanceOptions) (*cfg.Rem
 	}, nil
 }
 
+// WithRegion assigns a region to the client
+func (p *EC2Provisioner) WithRegion(region string) {
+	p.client.Config.WithRegion(region)
+	p.client = ec2.New(p.session, &p.client.Config)
+}
+
 // exposePorts updates the security rules of given security group to expose
 // given ports
 func (p *EC2Provisioner) exposePorts(securityGroupID string, daemonPort int64, ports []int64) error {