Skip to content

Merge updates from main to topic-release #215

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
RLIndia merged 19 commits into from
Jun 1, 2026
Merged

Merge updates from main to topic-release #215

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
19 commits
Select commit Hold shift + click to select a range
715aa2b
Bump jupyterlab in /tools/Dockerfiles/Jupyterlab-3.5.0
dependabot[bot] Mar 12, 2024
655dd1b
Merge pull request #175 from RLOpenCatalyst/dependabot/pip/tools/Dock…
RLIndia Jun 20, 2024
9fdfe6a
Bump jupyterlab
dependabot[bot] Aug 29, 2024
efc767d
Update postinstall.sh before breaking change
Sep 9, 2024
e9d8ae9
Merge pull request #186 from RLOpenCatalyst/topic-release
ravigurram8 Jan 15, 2025
2d44c3a
Merge pull request #185 from stephenmsachs/main
RLIndia Apr 16, 2025
94e50b0
Merge pull request #184 from RLOpenCatalyst/dependabot/pip/tools/Dock…
RLIndia May 9, 2025
2ebaef2
Attach AmazonSSMManagedInstanceCore managed policy to IAM roles for a…
RLIndia Jul 8, 2025
b7327fb
Fix BlockDeviceMapping errors and linting issues
RLIndia Jul 18, 2025
52d3397
Linting issues
RLIndia Jul 18, 2025
94044f0
Merge pull request #203 from RLOpenCatalyst/ssm-managed-policy-ec2
RLIndia Jul 18, 2025
8b1f108
Fix issues from coderabbit comments
RLIndia Jul 18, 2025
8f2e31f
Merge pull request #204 from RLOpenCatalyst/ssm-managed-policy-ec2
RLIndia Sep 10, 2025
8a29eac
Bump @smithy/config-resolver
dependabot[bot] Jan 8, 2026
a414282
Merge pull request #207 from RLOpenCatalyst/dependabot/npm_and_yarn/l…
RLIndia Jan 30, 2026
ef6def0
Bump the npm_and_yarn group across 1 directory with 2 updates
dependabot[bot] Feb 18, 2026
0966796
Merge pull request #210 from RLOpenCatalyst/dependabot/npm_and_yarn/l…
RLIndia May 14, 2026
3a0fa56
Bump fast-xml-parser
dependabot[bot] May 14, 2026
af56d84
Merge pull request #214 from RLOpenCatalyst/dependabot/npm_and_yarn/l…
RLIndia Jun 1, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 25 additions & 23 deletions cft-templates/Rstudio.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,14 +20,14 @@ Parameters:
EBSVolumeSize:
Description: The initial size of the volume (in GBs) EBS will use for storage.
Type: Number
Default: 8
Default: 8
InstanceType:
Type: String
Description: Choose the instance type e.g t3.medium (2vCPU , 2GiB RAM), t3.large (2vCPU, 8GiB RAM), t3.xlarge(4vCPU, 16GiB RAM)
AllowedValues:
- t3.medium
- t3.large
- t3.xlarge
- t3.large
- t3.xlarge
ConstraintDescription: Valid instance type in the t3 families
Default: t3.medium
InitialUser:
Expand All @@ -39,8 +39,8 @@ Parameters:
Description: Name of an existing EC2 KeyPair to enable SSH access to the instance. If no key pairs exist, please create one from the button next to the dropdown. Please contact your Administrator if you are unable to create one.
AvailabilityZone:
Description: Select the availability zone in which to create the instance. If you plan to attach a secondary volume to the instance, create this instance in the same AvailabilityZone as the volume you created.
Type: AWS::EC2::AvailabilityZone::Name
Type: AWS::EC2::AvailabilityZone::Name

Conditions:
IamPolicyEmpty: !Equals [!Ref IamPolicyDocument, '{}']

Expand All @@ -59,6 +59,8 @@ Resources:
- 'ec2.amazonaws.com'
Action:
- 'sts:AssumeRole'
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore
Policies:
- !If
- IamPolicyEmpty
Expand All @@ -73,7 +75,7 @@ Resources:
Action:
- 'ssm:GetParameter'
- 'ssm:PutParameter'
Resource: !Sub 'arn:${AWS::Partition}:ssm:${AWS::Region}:${AWS::AccountId}:parameter/*'
Resource: !Sub 'arn:${AWS::Partition}:ssm:${AWS::Region}:${AWS::AccountId}:parameter/*'

InstanceProfile:
Type: 'AWS::IAM::InstanceProfile'
Expand Down Expand Up @@ -109,14 +111,14 @@ Resources:
- config1
- config2
config1:
files:
files:
'/root/mount_study.sh':
mode: '000755'
owner: 'root'
group: 'root'
content: !Sub |
#!/bin/sh
su - ${InitialUser} -c "env PATH=$PATH:/usr/local/bin mount_s3.sh" 2>&1 >> /root/mount_s3.log
su - ${InitialUser} -c "env PATH=$PATH:/usr/local/bin mount_s3.sh" 2>&1 >> /root/mount_s3.log
'/root/set_user_token.sh':
mode: '000755'
owner: 'root'
Expand All @@ -125,11 +127,11 @@ Resources:
#!/usr/bin/env bash
# Get the session token
TOKEN=$(curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")

# Get the region to build the parameter name
instance_region=$(curl -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/placement/region)
echo "Retrieved region ${region} from metadata service"
echo "Retrieved region ${instance_region} from metadata service"

# Get the instance id to build the parameter name
instance_id=$(curl -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/instance-id)

Expand All @@ -138,11 +140,11 @@ Resources:
password=$(echo -n "$instance_id$secret" | sha256sum | awk '{print $1}')
echo "${InitialUser}:$password" | /usr/sbin/chpasswd
echo "Set rstudio-user password"

sleep 10
public_key=$(curl http://localhost:8787/auth-public-key)

aws ssm put-parameter --name "/RL/RG/rstudio/public-key/$instance_id" --value '{"secret":"'$secret'","public_key":"'$public_key'"}' --region $instance_region --type SecureString --overwrite
aws ssm put-parameter --name "/RL/RG/rstudio/public-key/$instance_id" --value '{"secret":"'$secret'","public_key":"'$public_key'"}' --region $instance_region --type SecureString --overwrite
echo "Stored rstudio public key in SSM"
'/var/log/rstudio.log':
content: "\n"
Expand All @@ -154,7 +156,7 @@ Resources:
commands:
01_mount_study:
cwd: '/root'
command: '/root/mount_study.sh'
command: '/root/mount_study.sh'
02_set_user_token:
cwd: '/root'
command: '/root/set_user_token.sh'
Expand All @@ -179,23 +181,23 @@ Resources:
Value: EC2 linux based Rstudio server
- Key: cost_resource
Value: !Sub ${AWS::StackName}
UserData:
UserData:
Fn::Base64: !Sub |
#!/bin/bash
#!/bin/bash
exec > >(tee /var/log/user-data.log|logger -t user-data -s 2>/dev/console) 2>&1
trap '/opt/aws/bin/cfn-signal --exit-code 1 --resource RstudioEC2Instance --region ${AWS::Region} --stack ${AWS::StackName}' ERR
sudo yum update -y --security

#add user(s)
sudo useradd -m -s /bin/bash ${InitialUser}
#Add user to the sudo group
sudo usermod -a -G wheel ${InitialUser}
sudo usermod -a -G wheel ${InitialUser}

#Download and execute bootstrap script
aws s3 cp "${EnvironmentInstanceFiles}/get_bootstrap.sh" "/tmp"
chmod 500 "/tmp/get_bootstrap.sh"
/tmp/get_bootstrap.sh "${EnvironmentInstanceFiles}" '${S3Mounts}' "${InitialUser}"

# Add command to start on reboot
crontab -l 2>/dev/null > "/tmp/crontab"
echo '@reboot su - ${InitialUser} -c "env PATH=$PATH:/usr/local/bin mount_s3.sh" 2>&1 >> /root/mount_s3.log' >> "/tmp/crontab"
Expand All @@ -211,12 +213,12 @@ Outputs:
InstanceDNSName:
Value: !GetAtt RstudioEC2Instance.PublicDnsName
Description: Public DNS Name
InstanceIPAddress:
InstanceIPAddress:
Value: !GetAtt RstudioEC2Instance.PublicIp
InstanceId:
Value: !Ref 'RstudioEC2Instance'
ApplicationPort:
Value: '443'
AvailabilityZone:
AvailabilityZone:
Description: AvailabilityZone of newly created Rstudio EC2Instance
Value: !Ref AvailabilityZone
Value: !Ref AvailabilityZone
12 changes: 7 additions & 5 deletions cft-templates/ec2-EIP.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,7 @@ Parameters:
EBSVolumeSize:
Description: The initial size of the volume (in GBs) EBS will use for storage.
Type: Number
Default: 8
Default: 8
KeyPair:
Description: Name of an existing EC2 KeyPair to enable SSH access to the instance. If no key pairs exist, please create one from the button next to the dropdown. Please contact your Administrator if you are unable to create one.
Type: AWS::EC2::KeyPair::KeyName
Expand All @@ -47,12 +47,12 @@ Parameters:
Default: '/aws/service/ami-amazon-linux-latest/amzn2-ami-hvm-x86_64-gp2'
AvailabilityZone:
Description: Select the availability zone in which to create the instance. If you plan to attach a secondary volume to the instance, create this instance in the same AvailabilityZone as the volume you created.
Type: AWS::EC2::AvailabilityZone::Name
Type: AWS::EC2::AvailabilityZone::Name

Conditions:
IamPolicyEmpty: !Equals [!Ref IamPolicyDocument, '{}']

Resources:
Resources:
IAMRole:
Type: 'AWS::IAM::Role'
Properties:
Expand All @@ -67,6 +67,8 @@ Resources:
- 'ec2.amazonaws.com'
Action:
- 'sts:AssumeRole'
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore
Policies:
- !If
- IamPolicyEmpty
Expand Down Expand Up @@ -115,7 +117,7 @@ Resources:
Value: EC2 workspace instance
- Key: cost_resource
Value: !Sub ${AWS::StackName}

InstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
Expand All @@ -138,4 +140,4 @@ Outputs:
Value: !GetAtt [EC2Instance, PublicDnsName]
AvailabilityZone:
Description: AvailabilityZone of newly created EC2 instance
Value: !Ref AvailabilityZone
Value: !Ref AvailabilityZone
56 changes: 28 additions & 28 deletions cft-templates/ec2-dcv.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
Metadata:
Metadata:
License: Apache-2.0
AWSTemplateFormatVersion: '2010-09-09'
Description: 'AWS CloudFormation Template to create an GPU based EC2 instance with NICE DCV pre installed.'
Expand Down Expand Up @@ -27,14 +27,13 @@ Parameters:
[
t3.medium,
t3.large,
t3.xlarge,

t3.xlarge
]
ConstraintDescription: must be a valid EC2 instance type.
EBSVolumeSize:
Description: The initial size of the volume (in GBs) EBS will use for storage.
Type: Number
Default: 32
Default: 32
KeyPair:
Description: Name of an existing EC2 KeyPair to enable SSH access to the instance. If no key pairs exist, please create one from the button next to the dropdown. Please contact your Administrator if you are unable to create one.
Type: AWS::EC2::KeyPair::KeyName
Expand All @@ -49,12 +48,12 @@ Parameters:
ConstraintDescription: must be a valid IP CIDR range of the form x.x.x.x/x.
AvailabilityZone:
Description: Select the availability zone in which to create the instance. If you plan to attach a secondary volume to the instance, create this instance in the same AvailabilityZone as the volume you created.
Type: AWS::EC2::AvailabilityZone::Name
Type: AWS::EC2::AvailabilityZone::Name

Conditions:
IamPolicyEmpty: !Equals [!Ref IamPolicyDocument, '{}']

Resources:
Resources:
SSMPolicy:
Type: AWS::IAM::ManagedPolicy
Properties:
Expand Down Expand Up @@ -90,6 +89,7 @@ Resources:
PolicyDocument: !Ref IamPolicyDocument
ManagedPolicyArns:
- Ref: SSMPolicy
- arn:aws:iam::aws:policy/AmazonSSMManagedInstanceCore

InstanceProfile:
Type: 'AWS::IAM::InstanceProfile'
Expand Down Expand Up @@ -133,7 +133,7 @@ Resources:
content: |
[Desktop Entry]
Type=Application
Exec="/home/ec2-user/jupyter.sh"
Exec="/home/ec2-user/Jupyter.sh"
Hidden=false
NoDisplay=false
X-GNOME-Autostart-enabled=true
Expand All @@ -153,9 +153,9 @@ Resources:
X-GNOME-Autostart-enabled=true
Terminal=true
Name=rstudio-server
Comment=Icon for rstudio
Comment=Icon for rstudio


"/home/ec2-user/rstudio.sh":
mode: "000755"
owner: "ec2-user"
Expand All @@ -174,19 +174,19 @@ Resources:
URL=$url
Icon=$custom_icon
EOL
chmod +x "$desktop_file"
chmod +x "$desktop_file"
"/home/ec2-user/Jupyter.sh":
mode: "000755"
owner: "ec2-user"
group: "ec2-user"
content: !Sub |
#!/bin/bash

sleep 2
jtoken=$(docker exec jupyterlab /bin/bash -c "jupyter server list" 2>&1 | grep token | awk '{print $2}' | sed 's/.*=//')

if [ -n "$jtoken" ]; then

echo "Token value: $jtoken"
else
echo "Error: Unable to retrieve the Jupyter token."
Expand All @@ -203,7 +203,7 @@ Resources:
URL=$url
Icon=$custom_icon
EOL
chmod +x "$desktop_file"
chmod +x "$desktop_file"
"/home/ec2-user/mount_study.sh":
mode: "000755"
owner: "ec2-user"
Expand All @@ -220,15 +220,15 @@ Resources:
group: "ec2-user"
content: !Sub |
#!/bin/bash
# trap '/opt/aws/bin/cfn-signal --exit-code 1 --resource EC2Instance --region ${AWS::Region} --stack ${AWS::StackName}' ERR
trap '/opt/aws/bin/cfn-signal --exit-code 1 --resource EC2Instance --region ${AWS::Region} --stack ${AWS::StackName}' ERR

# Get the session token
TOKEN=$(curl -X PUT "http://169.254.169.254/latest/api/token" -H "X-aws-ec2-metadata-token-ttl-seconds: 21600")

# Get the region to build the parameter name
region=$(curl -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/placement/region)
echo "Retrieved region ${region} from metadata service"
instance_region=$(curl -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/placement/region)
echo "Retrieved region ${instance_region} from metadata service"

# Get the instance id to build the parameter name
instance_id=$(curl -H "X-aws-ec2-metadata-token: $TOKEN" http://169.254.169.254/latest/meta-data/instance-id)
echo "Retrieved instance_id $instance_id from metadata service"
Expand Down Expand Up @@ -304,7 +304,7 @@ Resources:
02_set_user_token:
cwd: "/home/ec2-user"
command: "/home/ec2-user/set_user_token.sh"

Properties:
UserData:
Fn::Base64: !Sub |
Expand All @@ -314,14 +314,14 @@ Resources:
# Download and execute bootstrap script
aws s3 cp --region "${AWS::Region}" "${EnvironmentInstanceFiles}/get_bootstrap.sh" "/tmp"
chmod 500 "/tmp/get_bootstrap.sh"
/tmp/get_bootstrap.sh "${EnvironmentInstanceFiles}" '${S3Mounts}' "${AWS::Region}"
/tmp/get_bootstrap.sh "${EnvironmentInstanceFiles}" '${S3Mounts}' "${AWS::Region}"

# Install supervisor and start on boot
pip3 install supervisor crudini

# Route auth request to external authenticator and restart dcv
/usr/local/bin/crudini --set /etc/dcv/dcv.conf security auth-token-verifier \"http://127.0.0.1:8445\"
#/usr/local/bin/crudini --set /etc/dcv/dcv.conf clipboard primary-selection-copy false
#/usr/local/bin/crudini --set /etc/dcv/dcv.conf clipboard primary-selection-copy false
systemctl restart dcvserver

# Create dcv session start script
Expand Down Expand Up @@ -361,7 +361,7 @@ Resources:
# # Download and execute bootstrap script
# aws s3 cp --region "${AWS::Region}" "${EnvironmentInstanceFiles}/get_bootstrap.sh" "/tmp"
# chmod 500 "/tmp/get_bootstrap.sh"
# /tmp/get_bootstrap.sh "${EnvironmentInstanceFiles}" '${S3Mounts}' "${AWS::Region}"
# /tmp/get_bootstrap.sh "${EnvironmentInstanceFiles}" '${S3Mounts}' "${AWS::Region}"

sleep 5
docker run -d --restart always -e PASSWORD=Pass@123 -v /home/ec2-user:/home/ec2-user -p 8787:8787 relevancelab/rstudio_4.2.1:1.0.3
Expand Down Expand Up @@ -405,8 +405,8 @@ Resources:
Ebs:
VolumeSize: !Ref EBSVolumeSize
Encrypted: true



PropagateTagsToVolumeOnCreation: true
Tags:
Expand All @@ -416,7 +416,7 @@ Resources:
Value: EC2 workspace instance
- Key: cost_resource
Value: !Sub ${AWS::StackName}

InstanceSecurityGroup:
Type: AWS::EC2::SecurityGroup
Properties:
Expand Down Expand Up @@ -444,6 +444,6 @@ Outputs:
ApplicationPort:
Description: The Port in which the application is running
Value: '8443'
AvailabilityZone:
AvailabilityZone:
Description: AvailabilityZone of newly created EC2 instance
Value: !Ref AvailabilityZone
Value: !Ref AvailabilityZone
Loading