From 10b7459754b4e0e1562f08d94a9b46d16d3d1f68 Mon Sep 17 00:00:00 2001
From: JT <975824+Hawxy@users.noreply.github.com>
Date: Sun, 29 Sep 2024 13:53:52 +0800
Subject: [PATCH] fix: Spinwait tailscale install to protect against SSM
 conflicts (#24)

Co-authored-by: JT <Hawxy@users.noreply.github.com>
---
 src/index.ts           |  4 +---
 test/construct.test.ts | 12 +++---------
 test/routes.test.ts    |  2 +-
 3 files changed, 5 insertions(+), 13 deletions(-)

diff --git a/src/index.ts b/src/index.ts
index ef054bf..a33bde3 100644
--- a/src/index.ts
+++ b/src/index.ts
@@ -148,9 +148,7 @@ export class TailscaleBastion extends Construct {
         // Install Tailscale
         InitCommand.shellCommand('dnf config-manager --add-repo https://pkgs.tailscale.com/stable/amazon-linux/2023/tailscale.repo'),
         // Protect against a potential conflict with AWS activity
-        InitCommand.shellCommand('sleep 10'),
-        InitCommand.shellCommand('dnf -y install jq'),
-        InitCommand.shellCommand('dnf -y install tailscale'),
+        InitCommand.shellCommand('until dnf -y install tailscale ; do sleep 10s ; done'),
         InitCommand.shellCommand('systemctl enable --now tailscaled'),
         InitCommand.shellCommand(`echo TS_AUTHKEY=${authKeyCommand} >> /etc/environment`),
         InitCommand.shellCommand(`source /etc/environment && tailscale up --authkey $TS_AUTHKEY --advertise-routes=${advertiseRoute ?? vpc.vpcCidrBlock} --accept-routes --accept-dns=false`),
diff --git a/test/construct.test.ts b/test/construct.test.ts
index 72753a0..0cb005f 100644
--- a/test/construct.test.ts
+++ b/test/construct.test.ts
@@ -68,18 +68,12 @@ test('Bastion host should be created', () => {
               command: 'dnf config-manager --add-repo https://pkgs.tailscale.com/stable/amazon-linux/2023/tailscale.repo',
             },
             '007': {
-              command: 'sleep 10',
+              command: 'until dnf -y install tailscale ; do sleep 10s ; done',
             },
             '008': {
-              command: 'dnf -y install jq',
-            },
-            '009': {
-              command: 'dnf -y install tailscale',
-            },
-            '010': {
               command: 'systemctl enable --now tailscaled',
             },
-            '011': {
+            '009': {
               command: {
                 'Fn::Join': [
                   '',
@@ -97,7 +91,7 @@ test('Bastion host should be created', () => {
                 ],
               },
             },
-            '012': {
+            '010': {
               command: {
                 'Fn::Join': [
                   '',
diff --git a/test/routes.test.ts b/test/routes.test.ts
index e8f70fc..d6ffa84 100644
--- a/test/routes.test.ts
+++ b/test/routes.test.ts
@@ -49,7 +49,7 @@ test('Bastion host should have routing set up', () => {
       'AWS::CloudFormation::Init': {
         config: {
           commands: {
-            '012': {
+            '010': {
               command: 'source /etc/environment && tailscale up --authkey $TS_AUTHKEY --advertise-routes=fd7a:115c:a1e0:b1a:0:7:a01:100/120 --accept-routes --accept-dns=false',
             },
           },