AWS ElasticBeanstalk custom environment variables

As a holiday project I’ve been looking into using Jenkins to deploy code updates from GitHub into an Amazon AWS ElasticBeanstalk instance[1] as an early attempt at some sort of continuous delivery.

One of the features of the Flask application is that it tries to get the SECRET_KEY from an environment variable (although the code for a failsafe value doesn’t work: FIXME). The intention is that the web server environment provides the key at runtime so that different values can be used in each environment.

Now, this AWS page describes the format of the options to apply custom environment settings to an application (the name of the actual file doesn’t matter so long as it is called .config and is found in the .ebextensions directory in the uploaded code):

option_settings:
  aws:elasticbeanstalk:application:environment:
    SECRET_KEY: ChangeMe
  aws:elasticbeanstalk:container:python:
    WSGIPath: crossword_hints.py

Setting the WSGIPath variable means that I can continue to use the original application source file rather than change to the default application.py.

This file can safely be kept in the GitHub repo and setup as a simple shell build step in Jenkins prior to the code upload, thus:

SECRET_KEY=`openssl rand -base64 12`; sed -ie "s/ChangeMe/${SECRET_KEY}/" .ebextensions/options.config

Jenkins has a great AWS EB deploy plugin that uses stored credentials to mange the source bundling, upload and deployment of the application; it’s kinda strange seeing the AWS console page spring into life in response to the Jenkins job running. To save having to include the build shell step, I’m thinking of creating my own version of the plugin that allows the inclusion of custom variables.

[1] – As a development instance the application will be mostly terminated (and offline) because AWS is a very expensive way of running a bit of demo code.

References

• https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/Welcome.html – official AWS documentation; a bit hard to use at first
• http://blog.uptill3.com/2012/08/25/python-on-elastic-beanstalk.html has a simple list of things to watch out for with Flask applications in EB.

Advertisements

Pastry – handle with care

Finally, I’m getting to understand what it means to handle shortcrust pastry as little as possible.

So there has been plenty of practice making Bakewell tarts and some with homemade lemon curd. The next batch will include some of the homemade jam.

But the best creation so far has been a lemon meringue pie for the first time ever.

It’s the first time I’ve been able to make that size of pastry in one piece and the first go ever at making the meringue. Delicious.

 

Git: stop tracking a tracked file

There are times when a project needs to include the default version of a file in the git repository that will subsequently change to support development (e.g., secret application key or sqlite3 database).

After committing the safe  default copy, any subsequent changes to the files will appear as a modified file in ‘git status’ reports and will also prevent any git flow feature finish operations if the files are not staged for commit.

Adding the files to .gitignore makes no difference.

There is a way, however, to tell git to stop tracking the file,

$ git rm --cached file1 file2

Taken from a StackOverflow posting.

Arch Linuxdeveloper signature errors

Every now and then when applying updates to my Antergos (Arch) Linux desktop I get an error like

$ sudo pacman -Syyu
...
error: libvirt: signature from "Christian Rebischke (Arch Linux Security Team-Member) <Chris.Rebischke@archlinux.org>" is unknown trust
:: File /var/cache/pacman/pkg/libvirt-4.6.0-3-x86_64.pkg.tar.xz is corrupted (invalid or corrupted package (PGP signature)).
Do you want to delete it? [Y/n]

Accepting the default option means the update fails. If using the GUI client there’s just a message saying the update failed with no further explanation

It is fixed by

$ sudo pacman -S archlinux-keyring

This kind of error is one reason why I’d never consider using Arch in a work environment.

Reference: https://www.reddit.com/r/archlinux/comments/900cxa/upgrading/

 

World Cup Preview- France

Jumpers for wickets

In terms of squad depth and world class players, there are very few teams competing at this years World Cup that can match up with France. The last 10 years have been crucial for French football in bringing through and developing their youngsters into top class talent, after some disappointing tournament results. They come into this tournament having finished runner’s up in Euro 2016 in a final that everybody expected them to win.

In goal, France have their captain and most experienced player in the squad Hugo Lloris, who is coming off a decent season with Tottenham. In years gone by, Lloris has been seen as one of the most reliable goalkeepers in the world, but this season, he has shown that he is well capable of mistakes and has started to look slightly error prone. He is still a world class goalkeeper, but France will need their captain to…

View original post 1,077 more words

Twitterbotterglory

I’m too lazy and disinterested to do a lot of tweeting but since my job is about automating processes, I’m minded to improve my “social media” presence programmatically with a simple bot to do my posting for me.

Nice buns!

I’ve been looking for a recipe for Belgian buns and I can across this recipe

Now, I prefer to use bread flour and dried yeast and take a bit more time with the rising, and I’m not a big fan of the icing so these are just rather nice fruit buns but that’s all right by me.