ami_spec 1.4.0 → 1.8.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 87eebf7f488963ef90dec3e34678f6c75bd36eaf896467edaeb1651271ad8d8a
-  data.tar.gz: 6425586e1732b2e78cb4099047f1ba6e5e99d08deb0dbd5aa4031daa24beb597
+  metadata.gz: a2a7a5034e02deb64f10fae91426c5771688bbae9c8e56764c6af2faa13ebe7c
+  data.tar.gz: b006c1eeeae2d04e63d077717fabf1aa0ebe29a8361f88c6958d92401866ff7f
 SHA512:
-  metadata.gz: 93dd91143f960c39da8cfdf24522a9daf271d4aaf3a69db345d4621e40c9a10ca43158abe19a0e2268cca9bbc699267fe9c54b954275d5e7bccb404eb2e487f7
-  data.tar.gz: 7e1a7762ed90bfd5266ab9a869fe1a78af16e065fe8d5c8ac0663376195e9029d7b23c8d8d7ab818cba7fdf5d2ee821eab723b8b176459880685851e4a055ebe
+  metadata.gz: c9e66fea702fe7f9edf9aa8679ec2c386e1c46079c9371b5cbae2964b25b9d84eb60ed65a54b34e54d123ab27e7bc2756dd4c9ee2fefffdd751187802d74976a
+  data.tar.gz: 1aaf85899a5269204bc817680c83c386e1b8132727712c49145cfa52627b72ea7301c8be6d08b28ae143daab2aa67aa0a61ec07854fb6b4a896c230b5843ccde

data/README.md

@@ -1,5 +1,9 @@
 # AmiSpec
 
+[![License MIT](https://img.shields.io/badge/license-MIT-brightgreen.svg)](https://github.com/envato/ami-spec/blob/master/LICENSE.txt)
+[![Gem Version](https://badge.fury.io/rb/ami_spec.svg)](https://badge.fury.io/rb/ami_spec)
+[![Build Status](https://github.com/envato/ami-spec/workflows/tests/badge.svg?branch=master)](https://github.com/envato/ami-spec/actions?query=branch%3Amaster+workflow%3Atests)
+
 Acceptance testing your AMIs.
 
 AmiSpec is a RubyGem used to launch an Amazon Machine Image (AMI) and run ServerSpecs against it. It wraps around the AWS API and ServerSpec to spin up, test and tear down instances.
@@ -29,36 +33,40 @@ Run `bundle install`
 ```cli
 $ bundle exec ami_spec --help
 Options:
-  -r, --role=<s>                        The role to test, this should map to a directory in the spec
-                                        folder
-  -a, --ami=<s>                         The ami ID to run tests against
-  -o, --role-ami-file=<s>               A file containing comma separated roles and amis. i.e.
-                                        web_server,ami-id.
-  -s, --specs=<s>                       The directory to find ServerSpecs
-  -u, --subnet-id=<s>                   The subnet to start the instance in
-  -k, --key-name=<s>                    The SSH key name to assign to instances. If not provided a
-                                        temporary key pair will be generated in AWS
-  -e, --key-file=<s>                    The SSH private key file associated to the key_name
-  -h, --ssh-user=<s>                    The user to ssh to the instance as
-  -w, --aws-region=<s>                  The AWS region, defaults to AWS_DEFAULT_REGION environment
-                                        variable
-  -i, --aws-instance-type=<s>           The ec2 instance type, defaults to t2.micro (default:
-                                        t2.micro)
-  -c, --aws-security-groups=<s>         Security groups to associate to the launched instances. May be
-                                        specified multiple times. If not provided a temporary security
-                                        group will be generated in AWS
-  -p, --aws-public-ip                   Launch instances with a public IP
-  -t, --ssh-retries=<i>                 The number of times we should try sshing to the ec2 instance
-                                        before giving up. Defaults to 30 (default: 30)
-  -g, --tags=<s>                        Additional tags to add to launched instances in the form of
-                                        comma separated key=value pairs. i.e. Name=AmiSpec (default: )
-  -d, --debug                           Don't terminate instances on exit
-  -b, --buildkite                       Output section separators for buildkite
-  -f, --wait-for-rc                     Wait for oldschool SystemV scripts to run before conducting
-                                        tests. Currently only supports Ubuntu with upstart
-  -l, --user-data-file=<s>              File path for aws ec2 user data
-  -m, --iam-instance-profile-arn=<s>    IAM instance profile to use
-  --help                                Show this message
+  -r, --role=<s>                            The role to test, this should map to a directory in the spec
+                                            folder
+  -a, --ami=<s>                             The ami ID to run tests against
+  -o, --role-ami-file=<s>                   A file containing comma separated roles and amis. i.e.
+                                            web_server,ami-id.
+  -s, --specs=<s>                           The directory to find ServerSpecs
+  -u, --subnet-id=<s>                       The subnet to start the instance in. If not provided a subnet
+                                            will be chosen from the default VPC
+  -k, --key-name=<s>                        The SSH key name to assign to instances. If not provided a
+                                            temporary key pair will be generated in AWS
+  -e, --key-file=<s>                        The SSH private key file associated to the key_name
+  -h, --ssh-user=<s>                        The user to ssh to the instance as
+  -w, --aws-region=<s>                      The AWS region, defaults to AWS_DEFAULT_REGION environment
+                                            variable
+  -i, --aws-instance-type=<s>               The ec2 instance type, defaults to t2.micro (default:
+                                            t2.micro)
+  -c, --aws-security-groups=<s>             Security groups IDs to associate to the launched instances. May be
+                                            specified multiple times. If not provided a temporary security
+                                            group will be generated in AWS
+  -n, --allow-any-temporary-security-group  The temporary security group will allow SSH connections 
+                                            from any IP address (0.0.0.0/0), otherwise allow the subnet's block
+  -p, --aws-public-ip                       Launch instances with a public IP and use that IP for SSH
+  -q, --associate-public-ip                 Launch instances with a public IP and use the Private IP for SSH
+  -t, --ssh-retries=<i>                     The number of times we should try sshing to the ec2 instance
+                                            before giving up. Defaults to 30 (default: 30)
+  -g, --tags=<s>                            Additional tags to add to launched instances in the form of
+                                            comma separated key=value pairs. i.e. Name=AmiSpec (default: )
+  -d, --debug                               Don't terminate instances on exit
+  -b, --buildkite                           Output section separators for buildkite
+  -f, --wait-for-rc                         Wait for oldschool SystemV scripts to run before conducting
+                                            tests. Currently only supports Ubuntu with upstart
+  -l, --user-data-file=<s>                  File path for aws ec2 user data
+  -m, --iam-instance-profile-arn=<s>        IAM instance profile to use
+  --help                                    Show this message
 
 ```
 
@@ -68,6 +76,41 @@ When the instances becomes reachable it will run all Specs inside the role spec
 
 Alternative to the `--ami` and `--role` variables, a file of comma separated roles and AMIs (`ROLE,AMI\n`) can be supplied to `--role-ami-file`.
 
+## ServerSpec test layout
+
+AmiSpec expects the usual ServerSpec configuration layout as generated by "serverspec-init":
+
+    spec/
+    ├── webserver
+    │   └── webserver_spec.rb
+    └── spec_helper.rb
+
+The \*\_spec.rb files under the role (e.g. webserver) contain the ServerSpec
+tests that you want to run. The spec_helper.rb file can be very simple:
+
+    require 'serverspec'
+
+    set :backend, :ssh
+
+Note that the backend *needs* to be :ssh or ami_spec might run the tests on
+your local machine, not in EC2.
+
+## Example usage
+
+To test a custom AMI using a pre-created security group that allows SSH from anywhere:
+
+```cli
+ami_spec --role webserver\
+ --specs spec\
+ --aws-region us-east-1\
+ --ami ami-0123456789abcdef0\
+ --key-name default\
+ --key-file ~/.ssh/default.pem\
+ --ssh-user ubuntu\
+ --aws-public-ip\
+ --aws-security-groups sg-0123456789abcdef0
+```
+
 ## Known caveats
 
 ### RSpec conditions in examples

data/lib/ami_spec/aws_default_vpc.rb

@@ -0,0 +1,10 @@
+require 'aws-sdk-ec2'
+
+module AmiSpec
+  class AwsDefaultVpc
+    def self.find_subnet(ec2: Aws::EC2::Resource.new)
+      default_vpc = ec2.vpcs(filters: [{name: 'isDefault', values: ['true']}]).first
+      default_vpc && default_vpc.subnets.first
+    end
+  end
+end

data/lib/ami_spec/aws_instance.rb

@@ -19,6 +19,7 @@ module AmiSpec
       @key_name = options.fetch(:key_name)
       @instance_type = options.fetch(:aws_instance_type)
       @public_ip = options.fetch(:aws_public_ip)
+      @associate_public_ip = options.fetch(:associate_public_ip)
       @region = options.fetch(:aws_region)
       @security_group_ids = options.fetch(:aws_security_groups)
       @tags = ec2ify_tags(options.fetch(:tags))
@@ -61,7 +62,7 @@ module AmiSpec
         key_name: @key_name,
         network_interfaces: [{
           device_index: 0,
-          associate_public_ip_address: @public_ip,
+          associate_public_ip_address: @public_ip || @associate_public_ip,
           subnet_id: @subnet_id,
         }]
       }

data/lib/ami_spec/aws_instance_options.rb

@@ -12,6 +12,7 @@ module AmiSpec
     property :aws_public_ip
     property :aws_region
     property :aws_security_groups
+    property :associate_public_ip
     property :tags
     property :user_data_file
     property :iam_instance_profile_arn

data/lib/ami_spec/version.rb

@@ -1,3 +1,3 @@
 module AmiSpec
-  VERSION = '1.4.0'
+  VERSION = '1.8.0'
 end

data/lib/ami_spec/wait_for_cloud_init.rb

@@ -0,0 +1,11 @@
+require 'net/ssh'
+
+module AmiSpec
+  class WaitForCloudInit
+    def self.wait(ip_address, user, key, port=22)
+      Net::SSH.start(ip_address, user, keys: [key], :verify_host_key => :never, port: port) do |ssh|
+        ssh.exec! '/usr/bin/cloud-init status --wait'
+      end
+    end
+  end
+end

data/lib/ami_spec/wait_for_ssh.rb

@@ -9,7 +9,7 @@ module AmiSpec
       while retries < max_retries
         begin
           Net::SSH.start(ip_address, user, keys: [key], :verify_host_key => :never) { |ssh| ssh.exec 'echo boo!' }
-        rescue Errno::ETIMEDOUT, Errno::ECONNREFUSED, Timeout::Error => error
+        rescue Errno::ETIMEDOUT, Errno::ECONNREFUSED, Timeout::Error, Net::SSH::Exception => error
           last_error = error
           sleep 1
         else

data/lib/ami_spec.rb

@@ -1,11 +1,13 @@
 require 'ami_spec/aws_instance'
 require 'ami_spec/aws_instance_options'
+require 'ami_spec/aws_default_vpc'
 require 'ami_spec/aws_key_pair'
 require 'ami_spec/aws_security_group'
 require 'ami_spec/server_spec'
 require 'ami_spec/server_spec_options'
 require 'ami_spec/wait_for_ssh'
 require 'ami_spec/wait_for_rc'
+require 'ami_spec/wait_for_cloud_init'
 require 'optimist'
 require 'logger'
 
@@ -36,7 +38,9 @@ module AmiSpec
   # aws_instance_type::
   #   AWS ec2 instance type
   # aws_public_ip::
-  #   Should the instances get a public IP address
+  #   Should the instances get a public IP address and use that IP for SSH
+  # associate_public_ip::
+  #   Launch instances with a public IP but don't use that IP for SSH
   # ssh_user::
   #   The username to SSH to the AMI with.
   # ssh_retries::
@@ -54,6 +58,13 @@ module AmiSpec
 
     ec2 = Aws::EC2::Resource.new(options[:aws_region] ? {region: options[:aws_region]} : {})
 
+    if options[:subnet_id].nil?
+      default_vpc_subnet = AwsDefaultVpc.find_subnet(ec2: ec2)
+      raise 'No default VPC subnet found. Please specify a subnet id.' if default_vpc_subnet.nil?
+      options[:subnet_id] = default_vpc_subnet.id
+      logger.info("Using subnet #{options[:subnet_id]} from the default VPC")
+    end
+
     unless options[:key_name]
       key_pair = AwsKeyPair.create(ec2: ec2, logger: logger)
       options[:key_name] = key_pair.key_name
@@ -81,6 +92,7 @@ module AmiSpec
       ip_address = options[:aws_public_ip] ? instance.public_ip_address : instance.private_ip_address
       WaitForSSH.wait(ip_address, options[:ssh_user], options[:key_file], options[:ssh_retries])
       WaitForRC.wait(ip_address, options[:ssh_user], options[:key_file]) if options[:wait_for_rc]
+      WaitForCloudInit.wait(ip_address, options[:ssh_user], options[:key_file]) if options[:wait_for_cloud_init]
 
       server_spec_options = ServerSpecOptions.new(options.merge(instance: instance))
       results << ServerSpec.new(server_spec_options).run
@@ -94,7 +106,7 @@ module AmiSpec
   end
 
   def self.stop_instances(instances, debug)
-    instances.each do |instance|
+    instances && instances.each do |instance|
       begin
         if debug
           puts "EC2 instance ##{instance.instance_id} has not been stopped due to debug mode."
@@ -111,30 +123,45 @@ module AmiSpec
 
   def self.invoke
     options = Optimist::options do
-      opt :role, "The role to test, this should map to a directory in the spec folder", type: :string
-      opt :ami, "The ami ID to run tests against", type: :string
-      opt :role_ami_file, "A file containing comma separated roles and amis. i.e.\nweb_server,ami-id.",
-          type: :string
-      opt :specs, "The directory to find ServerSpecs", type: :string, required: true
-      opt :subnet_id, "The subnet to start the instance in", type: :string, required: true
-      opt :key_name, "The SSH key name to assign to instances. If not provided a temporary key pair will be generated in AWS",
-          type: :string
-      opt :key_file, "The SSH private key file associated to the key_name", type: :string
-      opt :ssh_user, "The user to ssh to the instance as", type: :string, required: true
-      opt :aws_region, "The AWS region, defaults to AWS_DEFAULT_REGION environment variable", type: :string
-      opt :aws_instance_type, "The ec2 instance type, defaults to t2.micro", type: :string, default: 't2.micro'
-      opt :aws_security_groups, "Security groups to associate to the launched instances. May be specified multiple times. If not provided a temporary security group will be generated in AWS",
-          type: :string, default: nil, multi: true
-      opt :allow_any_temporary_security_group, "The temporary security group will allow SSH connections from any IP address (0.0.0.0/0)"
-      opt :aws_public_ip, "Launch instances with a public IP"
-      opt :ssh_retries, "The number of times we should try sshing to the ec2 instance before giving up. Defaults to 30",
-          type: :int, default: 30
-      opt :tags, "Additional tags to add to launched instances in the form of comma separated key=value pairs. i.e. Name=AmiSpec", type: :string, default: ""
-      opt :debug, "Don't terminate instances on exit"
-      opt :buildkite, "Output section separators for buildkite"
-      opt :wait_for_rc, "Wait for oldschool SystemV scripts to run before conducting tests. Currently only supports Ubuntu with upstart"
-      opt :user_data_file, "File path for aws ec2 user data", type: :string, default: nil
-      opt :iam_instance_profile_arn, "IAM instance profile to use", type: :string
+      opt :role,
+          'The role to test, this should map to a directory in the spec folder',
+          type: :string, short: :r
+      opt :ami, 'The ami ID to run tests against', type: :string, short: :a
+      opt :role_ami_file,
+          'A file containing comma separated roles and amis. i.e.
+web_server,ami-id.',
+          type: :string, short: :o
+      opt :specs, 'The directory to find ServerSpecs',
+          type: :string, required: true, short: :s
+      opt :subnet_id,
+          'The subnet to start the instance in. If not provided a subnet will be chosen from the default VPC',
+          type: :string, short: :u
+      opt :key_name, 'The SSH key name to assign to instances. If not provided a temporary key pair will be generated in AWS',
+          type: :string, short: :k
+      opt :key_file, 'The SSH private key file associated to the key_name', type: :string, short: :e
+      opt :ssh_user, 'The user to ssh to the instance as', type: :string, required: true, short: :h
+      opt :aws_region, 'The AWS region, defaults to AWS_DEFAULT_REGION environment variable',
+          type: :string, short: :w
+      opt :aws_instance_type, 'The ec2 instance type, defaults to t2.micro',
+          type: :string, default: 't2.micro', short: :i
+      opt :aws_security_groups,
+          'Security groups to associate to the launched instances. May be specified multiple times. If not provided a temporary security group will be generated in AWS',
+          type: :string, default: nil, multi: true, short: :c
+      opt :allow_any_temporary_security_group, 'The temporary security group will allow SSH connections from any IP address (0.0.0.0/0)',
+          short: :n
+      opt :aws_public_ip, 'Launch instances with a public IP and use that IP for SSH', short: :p
+      opt :associate_public_ip, "Launch instances with a public IP but don't use that IP for SSH", short: :q
+      opt :ssh_retries, 'The number of times we should try sshing to the ec2 instance before giving up. Defaults to 30',
+          type: :int, default: 30, short: :t
+      opt :tags, 'Additional tags to add to launched instances in the form of comma separated key=value pairs. i.e. Name=AmiSpec',
+          type: :string, default: '', short: :g
+      opt :debug, "Don't terminate instances on exit", short: :d
+      opt :buildkite, 'Output section separators for buildkite', short: :b
+      opt :wait_for_rc, 'Wait for oldschool SystemV scripts to run before conducting tests. Currently only supports Ubuntu with upstart',
+          short: :f
+      opt :wait_for_cloud_init, 'Wait for Cloud Init to complete before running tests'
+      opt :user_data_file, 'File path for aws ec2 user data', type: :string, default: nil, short: :l
+      opt :iam_instance_profile_arn, 'IAM instance profile to use', type: :string, short: :m
     end
 
     if options[:role] && options[:ami]

metadata

@@ -1,15 +1,15 @@
 --- !ruby/object:Gem::Specification
 name: ami_spec
 version: !ruby/object:Gem::Version
-  version: 1.4.0
+  version: 1.8.0
 platform: ruby
 authors:
 - Patrick Robinson
 - Martin Jagusch
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2019-07-29 00:00:00.000000000 Z
+date: 2021-11-25 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-ec2
@@ -120,6 +120,7 @@ files:
 - README.md
 - bin/ami_spec
 - lib/ami_spec.rb
+- lib/ami_spec/aws_default_vpc.rb
 - lib/ami_spec/aws_instance.rb
 - lib/ami_spec/aws_instance_options.rb
 - lib/ami_spec/aws_key_pair.rb
@@ -127,12 +128,13 @@ files:
 - lib/ami_spec/server_spec.rb
 - lib/ami_spec/server_spec_options.rb
 - lib/ami_spec/version.rb
+- lib/ami_spec/wait_for_cloud_init.rb
 - lib/ami_spec/wait_for_rc.rb
 - lib/ami_spec/wait_for_ssh.rb
 homepage: https://github.com/envato/ami-spec
 licenses: []
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -148,7 +150,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.0.4
-signing_key: 
+signing_key:
 specification_version: 4
 summary: Acceptance testing your AMIs
 test_files: []