chef-provisioning-aws 1.3.1 → 1.4.0
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/README.md +70 -69
- data/Rakefile +22 -2
- data/lib/chef/provider/aws_auto_scaling_group.rb +3 -2
- data/lib/chef/provider/aws_cache_cluster.rb +3 -2
- data/lib/chef/provider/aws_cache_replication_group.rb +5 -4
- data/lib/chef/provider/aws_cache_subnet_group.rb +5 -4
- data/lib/chef/provider/aws_cloudsearch_domain.rb +163 -0
- data/lib/chef/provider/aws_dhcp_options.rb +9 -6
- data/lib/chef/provider/aws_ebs_volume.rb +7 -3
- data/lib/chef/provider/aws_eip_address.rb +8 -7
- data/lib/chef/provider/aws_image.rb +8 -3
- data/lib/chef/provider/aws_instance.rb +14 -2
- data/lib/chef/provider/aws_key_pair.rb +2 -1
- data/lib/chef/provider/aws_launch_configuration.rb +4 -2
- data/lib/chef/provider/aws_load_balancer.rb +18 -0
- data/lib/chef/provider/aws_network_acl.rb +6 -2
- data/lib/chef/provider/aws_network_interface.rb +11 -24
- data/lib/chef/provider/aws_rds_instance.rb +66 -0
- data/lib/chef/provider/aws_rds_subnet_group.rb +89 -0
- data/lib/chef/provider/aws_route_table.rb +42 -23
- data/lib/chef/provider/aws_s3_bucket.rb +32 -8
- data/lib/chef/provider/aws_security_group.rb +11 -4
- data/lib/chef/provider/aws_server_certificate.rb +23 -0
- data/lib/chef/provider/aws_sns_topic.rb +4 -3
- data/lib/chef/provider/aws_sqs_queue.rb +3 -2
- data/lib/chef/provider/aws_subnet.rb +10 -7
- data/lib/chef/provider/aws_vpc.rb +54 -21
- data/lib/chef/provider/aws_vpc_peering_connection.rb +88 -0
- data/lib/chef/provisioning/aws_driver.rb +8 -0
- data/lib/chef/provisioning/aws_driver/aws_provider.rb +45 -76
- data/lib/chef/provisioning/aws_driver/aws_rds_resource.rb +11 -0
- data/lib/chef/provisioning/aws_driver/aws_resource.rb +14 -2
- data/lib/chef/provisioning/aws_driver/aws_resource_with_entry.rb +2 -8
- data/lib/chef/provisioning/aws_driver/aws_taggable.rb +18 -0
- data/lib/chef/provisioning/aws_driver/aws_tagger.rb +61 -0
- data/lib/chef/provisioning/aws_driver/credentials2.rb +51 -0
- data/lib/chef/provisioning/aws_driver/driver.rb +214 -162
- data/lib/chef/provisioning/aws_driver/tagging_strategy/ec2.rb +64 -0
- data/lib/chef/provisioning/aws_driver/tagging_strategy/elb.rb +39 -0
- data/lib/chef/provisioning/aws_driver/tagging_strategy/rds.rb +92 -0
- data/lib/chef/provisioning/aws_driver/tagging_strategy/s3.rb +41 -0
- data/lib/chef/provisioning/aws_driver/version.rb +1 -1
- data/lib/chef/resource/aws_cache_cluster.rb +1 -2
- data/lib/chef/resource/aws_cloudsearch_domain.rb +46 -0
- data/lib/chef/resource/aws_dhcp_options.rb +2 -0
- data/lib/chef/resource/aws_ebs_volume.rb +3 -1
- data/lib/chef/resource/aws_eip_address.rb +0 -3
- data/lib/chef/resource/aws_image.rb +3 -0
- data/lib/chef/resource/aws_instance.rb +7 -2
- data/lib/chef/resource/aws_internet_gateway.rb +2 -0
- data/lib/chef/resource/aws_load_balancer.rb +3 -0
- data/lib/chef/resource/aws_network_acl.rb +2 -0
- data/lib/chef/resource/aws_network_interface.rb +3 -1
- data/lib/chef/resource/aws_rds_instance.rb +42 -0
- data/lib/chef/resource/aws_rds_subnet_group.rb +29 -0
- data/lib/chef/resource/aws_route_table.rb +7 -5
- data/lib/chef/resource/aws_s3_bucket.rb +3 -0
- data/lib/chef/resource/aws_security_group.rb +2 -7
- data/lib/chef/resource/aws_server_certificate.rb +21 -0
- data/lib/chef/resource/aws_subnet.rb +2 -0
- data/lib/chef/resource/aws_vpc.rb +4 -1
- data/lib/chef/resource/aws_vpc_peering_connection.rb +73 -0
- data/spec/acceptance/aws_ebs_volume/nodes/ettores-mbp.lan.json +3 -0
- data/spec/aws_support.rb +25 -8
- data/spec/aws_support/aws_resource_run_wrapper.rb +5 -1
- data/spec/aws_support/deep_matcher/match_values_failure_messages.rb +19 -0
- data/spec/aws_support/matchers/create_an_aws_object.rb +1 -1
- data/spec/aws_support/matchers/destroy_an_aws_object.rb +1 -1
- data/spec/aws_support/matchers/have_aws_object_tags.rb +9 -15
- data/spec/aws_support/matchers/match_an_aws_object.rb +1 -1
- data/spec/aws_support/matchers/update_an_aws_object.rb +1 -1
- data/spec/integration/aws_cloudsearch_domain_spec.rb +31 -0
- data/spec/integration/aws_dhcp_options_spec.rb +73 -0
- data/spec/integration/aws_ebs_volume_spec.rb +97 -0
- data/spec/integration/aws_network_acl_spec.rb +51 -0
- data/spec/integration/aws_network_interface_spec.rb +89 -0
- data/spec/integration/aws_rds_instance_spec.rb +150 -0
- data/spec/integration/aws_rds_subnet_group_spec.rb +105 -0
- data/spec/integration/aws_route_table_spec.rb +94 -7
- data/spec/integration/aws_s3_bucket_spec.rb +88 -0
- data/spec/integration/aws_security_group_spec.rb +47 -0
- data/spec/integration/aws_server_certificate_spec.rb +24 -0
- data/spec/integration/aws_subnet_spec.rb +51 -2
- data/spec/integration/aws_vpc_peering_connection_spec.rb +99 -0
- data/spec/integration/aws_vpc_spec.rb +73 -0
- data/spec/integration/load_balancer_spec.rb +101 -0
- data/spec/integration/machine_image_spec.rb +61 -6
- data/spec/integration/machine_spec.rb +26 -0
- data/spec/spec_helper.rb +3 -0
- data/spec/unit/{aws_driver → chef/provisioning/aws_driver}/credentials_spec.rb +0 -0
- data/spec/unit/chef/provisioning/aws_driver/driver_spec.rb +88 -0
- metadata +63 -20
- data/spec/integration/aws_tagged_items_spec.rb +0 -166
@@ -0,0 +1,105 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'aws'
|
3
|
+
require 'set'
|
4
|
+
|
5
|
+
describe Chef::Resource::AwsRdsSubnetGroup do
|
6
|
+
extend AWSSupport
|
7
|
+
|
8
|
+
when_the_chef_12_server "exists", organization: 'foo', server_scope: :context do
|
9
|
+
with_aws "with a VPC with an internet gateway and subnet" do
|
10
|
+
|
11
|
+
#region = ENV['AWS_TEST_DRIVER'][5..-1]
|
12
|
+
|
13
|
+
azs = []
|
14
|
+
driver.ec2.availability_zones.each do |az|
|
15
|
+
azs << az
|
16
|
+
end
|
17
|
+
az_1 = azs[0].name
|
18
|
+
az_2 = azs[1].name
|
19
|
+
|
20
|
+
aws_vpc "test_vpc" do
|
21
|
+
cidr_block '10.0.0.0/24'
|
22
|
+
internet_gateway true
|
23
|
+
end
|
24
|
+
|
25
|
+
aws_subnet "test_subnet" do
|
26
|
+
vpc 'test_vpc'
|
27
|
+
cidr_block "10.0.0.0/26"
|
28
|
+
availability_zone az_1
|
29
|
+
end
|
30
|
+
|
31
|
+
aws_subnet "test_subnet_2" do
|
32
|
+
vpc 'test_vpc'
|
33
|
+
cidr_block "10.0.0.64/26"
|
34
|
+
availability_zone az_2
|
35
|
+
end
|
36
|
+
|
37
|
+
it "creates a database subnet group containing multiple subnets" do
|
38
|
+
expect_recipe {
|
39
|
+
aws_rds_subnet_group "test-db-subnet-group" do
|
40
|
+
description "some_description"
|
41
|
+
subnets ["test_subnet", test_subnet_2.aws_object.id]
|
42
|
+
end
|
43
|
+
}.to create_an_aws_rds_subnet_group("test-db-subnet-group",
|
44
|
+
:db_subnet_group_description => "some_description",
|
45
|
+
:subnets => Set.new([ {:subnet_status => "Active",
|
46
|
+
:subnet_identifier => test_subnet_2.aws_object.id,
|
47
|
+
:subnet_availability_zone => {:name => az_2}},
|
48
|
+
{:subnet_status => "Active",
|
49
|
+
:subnet_identifier => test_subnet.aws_object.id,
|
50
|
+
:subnet_availability_zone => {:name => az_1}}])
|
51
|
+
).and be_idempotent
|
52
|
+
end
|
53
|
+
|
54
|
+
it "creates aws_rds_subnet_group tags" do
|
55
|
+
expect_recipe {
|
56
|
+
aws_rds_subnet_group "test-db-subnet-group" do
|
57
|
+
description "some_description"
|
58
|
+
subnets ["test_subnet", test_subnet_2.aws_object.id]
|
59
|
+
aws_tags key1: 'value'
|
60
|
+
end
|
61
|
+
}.to create_an_aws_rds_subnet_group("test-db-subnet-group")
|
62
|
+
.and have_aws_rds_subnet_group_tags("test-db-subnet-group",
|
63
|
+
{
|
64
|
+
'key1' => 'value'
|
65
|
+
}
|
66
|
+
).and be_idempotent
|
67
|
+
end
|
68
|
+
|
69
|
+
context "with existing tags" do
|
70
|
+
aws_rds_subnet_group "test-db-subnet-group" do
|
71
|
+
description "some_description"
|
72
|
+
subnets ["test_subnet", test_subnet_2.aws_object.id]
|
73
|
+
aws_tags key1: 'value'
|
74
|
+
end
|
75
|
+
|
76
|
+
it "updates aws_rds_subnet_group tags" do
|
77
|
+
expect_recipe {
|
78
|
+
aws_rds_subnet_group "test-db-subnet-group" do
|
79
|
+
description "some_description"
|
80
|
+
subnets ["test_subnet", test_subnet_2.aws_object.id]
|
81
|
+
aws_tags key1: "value2", key2: nil
|
82
|
+
end
|
83
|
+
}.to have_aws_rds_subnet_group_tags("test-db-subnet-group",
|
84
|
+
{
|
85
|
+
'key1' => 'value2',
|
86
|
+
'key2' => nil
|
87
|
+
}
|
88
|
+
).and be_idempotent
|
89
|
+
end
|
90
|
+
|
91
|
+
it "removes all aws_rds_subnet_group tags" do
|
92
|
+
expect_recipe {
|
93
|
+
aws_rds_subnet_group "test-db-subnet-group" do
|
94
|
+
description "some_description"
|
95
|
+
subnets ["test_subnet", test_subnet_2.aws_object.id]
|
96
|
+
aws_tags {}
|
97
|
+
end
|
98
|
+
}.to have_aws_rds_subnet_group_tags("test-db-subnet-group", {}
|
99
|
+
).and be_idempotent
|
100
|
+
end
|
101
|
+
end
|
102
|
+
|
103
|
+
end
|
104
|
+
end
|
105
|
+
end
|
@@ -17,7 +17,7 @@ describe Chef::Resource::AwsRouteTable do
|
|
17
17
|
end
|
18
18
|
}.to create_an_aws_route_table('test_route_table',
|
19
19
|
routes: [
|
20
|
-
{ destination_cidr_block: '10.0.0.0/24',
|
20
|
+
{ destination_cidr_block: '10.0.0.0/24', gateway_id: 'local', state: "active" }
|
21
21
|
]
|
22
22
|
).and be_idempotent
|
23
23
|
end
|
@@ -30,8 +30,8 @@ describe Chef::Resource::AwsRouteTable do
|
|
30
30
|
end
|
31
31
|
}.to create_an_aws_route_table('test_route_table',
|
32
32
|
routes: [
|
33
|
-
{ destination_cidr_block: '10.0.0.0/24',
|
34
|
-
{ destination_cidr_block: '0.0.0.0/0',
|
33
|
+
{ destination_cidr_block: '10.0.0.0/24', gateway_id: 'local', state: "active" },
|
34
|
+
{ destination_cidr_block: '0.0.0.0/0', gateway_id: test_vpc.aws_object.internet_gateway.id, state: "active" }
|
35
35
|
]
|
36
36
|
).and be_idempotent
|
37
37
|
end
|
@@ -54,7 +54,7 @@ describe Chef::Resource::AwsRouteTable do
|
|
54
54
|
'172.31.0.0/16' => eni
|
55
55
|
)
|
56
56
|
end
|
57
|
-
|
57
|
+
|
58
58
|
aws_route_table 'test_route_table' do
|
59
59
|
vpc 'test_vpc'
|
60
60
|
routes '0.0.0.0/0' => :internet_gateway
|
@@ -62,12 +62,99 @@ describe Chef::Resource::AwsRouteTable do
|
|
62
62
|
end
|
63
63
|
}.to create_an_aws_route_table('test_route_table',
|
64
64
|
routes: [
|
65
|
-
{ destination_cidr_block: '10.0.0.0/24',
|
66
|
-
{ destination_cidr_block: '172.31.0.0/16',
|
67
|
-
{ destination_cidr_block: '0.0.0.0/0',
|
65
|
+
{ destination_cidr_block: '10.0.0.0/24', gateway_id: 'local', state: "active" },
|
66
|
+
{ destination_cidr_block: '172.31.0.0/16', network_interface_id: eni.aws_object.id, state: "blackhole" },
|
67
|
+
{ destination_cidr_block: '0.0.0.0/0', gateway_id: test_vpc.aws_object.internet_gateway.id, state: "active" },
|
68
68
|
]
|
69
69
|
).and be_idempotent
|
70
70
|
end
|
71
|
+
|
72
|
+
it "creates aws_route_table tags" do
|
73
|
+
expect_recipe {
|
74
|
+
aws_route_table 'test_route_table' do
|
75
|
+
vpc 'test_vpc'
|
76
|
+
aws_tags key1: "value"
|
77
|
+
end
|
78
|
+
}.to create_an_aws_route_table('test_route_table')
|
79
|
+
.and have_aws_route_table_tags('test_route_table',
|
80
|
+
{
|
81
|
+
'Name' => 'test_route_table',
|
82
|
+
'key1' => 'value'
|
83
|
+
}
|
84
|
+
).and be_idempotent
|
85
|
+
end
|
86
|
+
|
87
|
+
context "with existing tags" do
|
88
|
+
aws_route_table 'test_route_table' do
|
89
|
+
vpc 'test_vpc'
|
90
|
+
aws_tags key1: "value"
|
91
|
+
end
|
92
|
+
|
93
|
+
it "updates aws_route_table tags" do
|
94
|
+
expect_recipe {
|
95
|
+
aws_route_table 'test_route_table' do
|
96
|
+
vpc 'test_vpc'
|
97
|
+
aws_tags key1: "value2", key2: nil
|
98
|
+
end
|
99
|
+
}.to have_aws_route_table_tags('test_route_table',
|
100
|
+
{
|
101
|
+
'Name' => 'test_route_table',
|
102
|
+
'key1' => 'value2',
|
103
|
+
'key2' => ''
|
104
|
+
}
|
105
|
+
).and be_idempotent
|
106
|
+
end
|
107
|
+
|
108
|
+
it "removes all aws_route_table tags except Name" do
|
109
|
+
expect_recipe {
|
110
|
+
aws_route_table 'test_route_table' do
|
111
|
+
vpc 'test_vpc'
|
112
|
+
aws_tags {}
|
113
|
+
end
|
114
|
+
}.to have_aws_route_table_tags('test_route_table',
|
115
|
+
{
|
116
|
+
'Name' => 'test_route_table'
|
117
|
+
}
|
118
|
+
).and be_idempotent
|
119
|
+
end
|
120
|
+
end
|
121
|
+
|
122
|
+
end
|
123
|
+
|
124
|
+
with_aws "with two VPC's with an internet gateway" do
|
125
|
+
aws_vpc "test_vpc" do
|
126
|
+
cidr_block '10.0.0.0/24'
|
127
|
+
internet_gateway true
|
128
|
+
end
|
129
|
+
|
130
|
+
aws_vpc "test_vpc_2" do
|
131
|
+
cidr_block '11.0.0.0/24'
|
132
|
+
internet_gateway false
|
133
|
+
end
|
134
|
+
|
135
|
+
it "aws_route_table 'test_route_table' with routes to differents targets creates a route table" do
|
136
|
+
pcx = nil
|
137
|
+
expect_recipe {
|
138
|
+
pcx = aws_vpc_peering_connection 'test_peering_connection' do
|
139
|
+
vpc 'test_vpc'
|
140
|
+
peer_vpc 'test_vpc_2'
|
141
|
+
end
|
142
|
+
|
143
|
+
aws_route_table 'test_route_table' do
|
144
|
+
vpc 'test_vpc'
|
145
|
+
routes(
|
146
|
+
'100.100.0.0/16' => pcx,
|
147
|
+
'0.0.0.0/0' => :internet_gateway
|
148
|
+
)
|
149
|
+
end
|
150
|
+
}.to create_an_aws_route_table('test_route_table',
|
151
|
+
routes: [
|
152
|
+
{ destination_cidr_block: '10.0.0.0/24', gateway_id: 'local', state: "active" },
|
153
|
+
{ destination_cidr_block: '100.100.0.0/16', vpc_peering_connection_id: pcx.aws_object.id, state: "active" },
|
154
|
+
{ destination_cidr_block: '0.0.0.0/0', gateway_id: test_vpc.aws_object.internet_gateway.id, state: "active" }
|
155
|
+
]
|
156
|
+
).and be_idempotent
|
157
|
+
end
|
71
158
|
end
|
72
159
|
end
|
73
160
|
end
|
@@ -0,0 +1,88 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
require 'securerandom'
|
3
|
+
|
4
|
+
def mk_bucket_name
|
5
|
+
bucket_postfix = SecureRandom.hex(8)
|
6
|
+
"chef_provisioning_test_bucket_#{bucket_postfix}"
|
7
|
+
end
|
8
|
+
|
9
|
+
describe Chef::Resource::AwsS3Bucket do
|
10
|
+
extend AWSSupport
|
11
|
+
|
12
|
+
when_the_chef_12_server "exists", organization: "foo", server_scope: :context do
|
13
|
+
with_aws "when connected to AWS" do
|
14
|
+
bucket_name = mk_bucket_name
|
15
|
+
|
16
|
+
it "aws_s3_bucket '#{bucket_name}' creates a bucket" do
|
17
|
+
expect_recipe {
|
18
|
+
aws_s3_bucket bucket_name
|
19
|
+
}.to create_an_aws_s3_bucket(bucket_name).and be_idempotent
|
20
|
+
end
|
21
|
+
|
22
|
+
it "creates aws_s3_bucket tags" do
|
23
|
+
expect_recipe {
|
24
|
+
aws_s3_bucket bucket_name do
|
25
|
+
aws_tags key1: "value"
|
26
|
+
end
|
27
|
+
}.to create_an_aws_s3_bucket(bucket_name)
|
28
|
+
.and have_aws_s3_bucket_tags(bucket_name,
|
29
|
+
{
|
30
|
+
'key1' => 'value'
|
31
|
+
}
|
32
|
+
).and be_idempotent
|
33
|
+
end
|
34
|
+
|
35
|
+
context "with existing tags" do
|
36
|
+
aws_s3_bucket bucket_name do
|
37
|
+
aws_tags key1: "value"
|
38
|
+
end
|
39
|
+
|
40
|
+
it "updates aws_s3_bucket tags" do
|
41
|
+
expect_recipe {
|
42
|
+
aws_s3_bucket bucket_name do
|
43
|
+
aws_tags key1: "value2", key2: nil
|
44
|
+
end
|
45
|
+
}.to have_aws_s3_bucket_tags(bucket_name,
|
46
|
+
{
|
47
|
+
'key1' => 'value2',
|
48
|
+
'key2' => ''
|
49
|
+
}
|
50
|
+
).and be_idempotent
|
51
|
+
end
|
52
|
+
|
53
|
+
it "removes all aws_s3_bucket tags" do
|
54
|
+
expect_recipe {
|
55
|
+
aws_s3_bucket bucket_name do
|
56
|
+
aws_tags {}
|
57
|
+
end
|
58
|
+
}.to have_aws_s3_bucket_tags(bucket_name, {}
|
59
|
+
).and be_idempotent
|
60
|
+
end
|
61
|
+
end
|
62
|
+
|
63
|
+
end
|
64
|
+
|
65
|
+
with_aws "when a bucket with content exists" do
|
66
|
+
bucket_name = mk_bucket_name
|
67
|
+
with_converge {
|
68
|
+
aws_s3_bucket bucket_name
|
69
|
+
|
70
|
+
ruby_block "upload s3 object" do
|
71
|
+
block do
|
72
|
+
AWS::S3.new.buckets[bucket_name].objects["test-object"].write("test-content")
|
73
|
+
end
|
74
|
+
end
|
75
|
+
}
|
76
|
+
|
77
|
+
it "aws_s3_bucket '#{bucket_name}' with recursive_delete set to true, deletes the bucket" do
|
78
|
+
r = recipe {
|
79
|
+
aws_s3_bucket bucket_name do
|
80
|
+
recursive_delete true
|
81
|
+
action :delete
|
82
|
+
end
|
83
|
+
}
|
84
|
+
expect(r).to destroy_an_aws_s3_bucket(bucket_name)
|
85
|
+
end
|
86
|
+
end
|
87
|
+
end
|
88
|
+
end
|
@@ -56,6 +56,52 @@ describe Chef::Resource::AwsSecurityGroup do
|
|
56
56
|
}.to raise_error(RuntimeError, /Chef::Resource::AwsSecurityGroup\[sg-12345678\] does not exist!/)
|
57
57
|
end
|
58
58
|
|
59
|
+
it "creates aws_security_group tags" do
|
60
|
+
expect_recipe {
|
61
|
+
aws_security_group 'test_sg' do
|
62
|
+
aws_tags key1: "value"
|
63
|
+
end
|
64
|
+
}.to create_an_aws_security_group('test_sg')
|
65
|
+
.and have_aws_security_group_tags('test_sg',
|
66
|
+
{
|
67
|
+
'Name' => 'test_sg',
|
68
|
+
'key1' => 'value'
|
69
|
+
}
|
70
|
+
).and be_idempotent
|
71
|
+
end
|
72
|
+
|
73
|
+
context "with existing tags" do
|
74
|
+
aws_security_group 'test_sg' do
|
75
|
+
aws_tags key1: "value"
|
76
|
+
end
|
77
|
+
|
78
|
+
it "updates aws_security_group tags" do
|
79
|
+
expect_recipe {
|
80
|
+
aws_security_group 'test_sg' do
|
81
|
+
aws_tags key1: "value2", key2: nil
|
82
|
+
end
|
83
|
+
}.to have_aws_security_group_tags('test_sg',
|
84
|
+
{
|
85
|
+
'Name' => 'test_sg',
|
86
|
+
'key1' => 'value2',
|
87
|
+
'key2' => ''
|
88
|
+
}
|
89
|
+
).and be_idempotent
|
90
|
+
end
|
91
|
+
|
92
|
+
it "removes all aws_security_group tags except Name" do
|
93
|
+
expect_recipe {
|
94
|
+
aws_security_group 'test_sg' do
|
95
|
+
aws_tags {}
|
96
|
+
end
|
97
|
+
}.to have_aws_security_group_tags('test_sg',
|
98
|
+
{
|
99
|
+
'Name' => 'test_sg'
|
100
|
+
}
|
101
|
+
).and be_idempotent
|
102
|
+
end
|
103
|
+
end
|
104
|
+
|
59
105
|
end
|
60
106
|
|
61
107
|
with_aws "in a VPC" do
|
@@ -155,5 +201,6 @@ describe Chef::Resource::AwsSecurityGroup do
|
|
155
201
|
expect(aws_obj.vpc.tags['Name']).to eq('test_vpc1')
|
156
202
|
end
|
157
203
|
end
|
204
|
+
|
158
205
|
end
|
159
206
|
end
|
@@ -0,0 +1,24 @@
|
|
1
|
+
require 'spec_helper'
|
2
|
+
|
3
|
+
describe Chef::Resource::AwsServerCertificate do
|
4
|
+
extend AWSSupport
|
5
|
+
|
6
|
+
when_the_chef_12_server "exists", organization: 'foo', server_scope: :context do
|
7
|
+
with_aws "without a VPC" do
|
8
|
+
|
9
|
+
cert_string = "-----BEGIN CERTIFICATE-----\nMIIDejCCAmICCQCpupMy/LKfLTANBgkqhkiG9w0BAQUFADB/MQswCQYDVQQGEwJV\nUzETMBEGA1UECBMKV2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTENMAsGA1UE\nChMEQ2hlZjEMMAoGA1UECxMDRGV2MQ4wDAYDVQQDEwVUeWxlcjEcMBoGCSqGSIb3\nDQEJARYNdHlsZXJAY2hlZi5pbzAeFw0xNTA4MDQwMDI1NDFaFw0xNjA4MDMwMDI1\nNDFaMH8xCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpXYXNoaW5ndG9uMRAwDgYDVQQH\nEwdTZWF0dGxlMQ0wCwYDVQQKEwRDaGVmMQwwCgYDVQQLEwNEZXYxDjAMBgNVBAMT\nBVR5bGVyMRwwGgYJKoZIhvcNAQkBFg10eWxlckBjaGVmLmlvMIIBIjANBgkqhkiG\n9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz4gFxNSzwwwYrYTTOCNVQL/agpIXmQKKtkE7\n+Up+waOdSR2iZvgc4fowAqQQ5dtVtur6LEA2LDlLILE+7MhlBxPc3V99lhi5p/Pv\neGCPI7k9sYT0iPJwiqvW+/nCo93QoNpUUDgb6WpT/RENFESn99nTE5NjxNx560aq\nSxAPHTogJEz3wC8c6mQQoANOuXzNb41wvOCUI7Tku76AQ9uECFUjtYpXpx8komaY\nAPtwzr87LGdSysE75roagews2MzAJgGG16oUBsJzT45MlIyQorN3AjoZ3fze6kop\nOhAWeYUM61rwTq7JtLXtBG/9yJzTd/eWU8c4cSK8zePx48X9TQIDAQABMA0GCSqG\nSIb3DQEBBQUAA4IBAQBXJQSpDkjxyljnSWjBur4XikLlFuEpdAdu0MILM3GnS3rT\ntoCVPG2U1d+KkhYG0Y9TBxHpK+3lDGYNyFYJN0STzL4cFzMgQlmZKFhVi/YJWKYO\nj9baIB3dy2k8b2XdDe3WxyycQpHjHhFPqpOTMGNV/1PwJNZGQEjc/svr8EalxvZB\neMb3Kk94K7yohvhT+Ze//rr4ArlM1zvEv3QMwSuyJBA2gtH7FgFKWohZnubW+3uc\n9W/Ux/3O1+BKDWp6zyqn/b2SSF51Jt3tSCF+hIMKYeJnJojY/AF9tQ+DtE8EKYRD\n/qzXX2MQLbhm1AzLt4PN63r96ADYlHhOJGNa9ocS\n-----END CERTIFICATE-----"
|
10
|
+
private_key_string = "-----BEGIN RSA PRIVATE KEY-----\nMIIEowIBAAKCAQEAz4gFxNSzwwwYrYTTOCNVQL/agpIXmQKKtkE7+Up+waOdSR2i\nZvgc4fowAqQQ5dtVtur6LEA2LDlLILE+7MhlBxPc3V99lhi5p/PveGCPI7k9sYT0\niPJwiqvW+/nCo93QoNpUUDgb6WpT/RENFESn99nTE5NjxNx560aqSxAPHTogJEz3\nwC8c6mQQoANOuXzNb41wvOCUI7Tku76AQ9uECFUjtYpXpx8komaYAPtwzr87LGdS\nysE75roagews2MzAJgGG16oUBsJzT45MlIyQorN3AjoZ3fze6kopOhAWeYUM61rw\nTq7JtLXtBG/9yJzTd/eWU8c4cSK8zePx48X9TQIDAQABAoIBAA8teoaHq9Hy+4cN\nNMlhRCXlIhz0hEdLeUuU/8benOCaj7E+OpdfQ/V+763xw86buOwUyVEdLRkU45qz\ne8+jZEgdOsTx6+RjUIio/XWHUlChhpKKD7xIRtTNdn6dKJAFc/GfphTr1Za/kP7s\nFVHLJ6Gny5kd6WkHWt9LHr84oHJZoSjR6YDYdSTL+NtVTwqsKj4EfNY8JAPJI/xI\n9A9t57pvXzwdiya/vXPGytgwkHC/HHWp2sgFvKtJUzuGH0ETDlys9mvXoVQeZ0d9\njhzwIwWAoyvTY9FsUBTCD0aO8r2ylsDVIo2b2cEAZ0Z77OGMUt4sock88sDIICnO\nZVjhV50CgYEA8hKTHpI5ENFvYrTckrc+PnPw7B7xHCCB84ut/CiwzawYRjUx/mtm\nCYYR1xAXdEFrBC21i4Ri8LAIrAQiFGydg2oh4ZQcnEMGKZ0F2VXlsidVNN2tW/50\n8kEaPHPVeP6Trt2kPtpQnhDcuQXbPmOgPBIY2j6nu/Go25e8eICkfhsCgYEA23iy\n8Og1SWZlV5b3ZFyolZiZ9kp0cwyXUGWxUZyw33gBmK6BFkscflI1vfNutxnTDjNl\nALLRoAeIApvXTMFOMUPJsDk90pO7rdlfLznU27lKPyCDkvDGmjCvGGDXrnvi+cc3\ngB3ERfrLJCMoMk9lyg7/KEzzsIjvtTRO79atCLcCgYAGT/+wI2YDj0KVU1wRI2An\nJsTYk3H8Jsjcvf66faEmq98yLX7xQIG3q9xZPF0wNeiBgmOikMA3wI9pVO5ClBaD\nb8gUZtVcKc9GVIbrhPbpb2ckasdzh64rBxGVE/w0HIdjXvpCfVTu2ke3N3ThKp3q\nExq8zjd3ijS6DTnn9orTkwKBgQCxVwpgl4HXWaIx8I7ezfB7UN+3n9oQzO/HyyRI\n6fAR4oqHsRolxXO0rwE2B+pCkd907hqDQfsY8Hz6fqquHtTsAfaLKvXFnhJdG/RJ\n2NUi5soT0FYA+gXAue4CKN6e4wQ5CLzUDTl3wns7LB1i6b06VHvhOK0AzOXE6guO\nyUzwaQKBgDCrGz6IrxEUWl6C14xNNRZBvYTY9oCQpUnup1gMxATJZm4KelKvtKz2\nU1MXpc1i395e+E+tjNAQg0JcBmwkHOMl8c/oAESWPxi11ezalGtUXjIgjBkqqNUE\n/uFqRpNFGwI09JolIqhBTgPWFq6MuuPDJ9IIGJZDQoGEBKmu0k2r\n-----END RSA PRIVATE KEY-----"
|
11
|
+
|
12
|
+
it "creates a cert" do
|
13
|
+
expect_recipe {
|
14
|
+
aws_server_certificate "test-cert" do
|
15
|
+
certificate_body cert_string
|
16
|
+
private_key private_key_string
|
17
|
+
end
|
18
|
+
}.to create_an_aws_server_certificate("test-cert",
|
19
|
+
:certificate_body => cert_string#.delete("\n")
|
20
|
+
).and be_idempotent
|
21
|
+
end
|
22
|
+
end
|
23
|
+
end
|
24
|
+
end
|
@@ -18,7 +18,7 @@ describe Chef::Resource::AwsSubnet do
|
|
18
18
|
vpc 'test_vpc'
|
19
19
|
end
|
20
20
|
|
21
|
-
it "aws_subnet 'test_subnet' with no parameters except VPC creates a
|
21
|
+
it "aws_subnet 'test_subnet' with no parameters except VPC creates a subnet" do
|
22
22
|
expect_recipe {
|
23
23
|
aws_subnet 'test_subnet' do
|
24
24
|
vpc 'test_vpc'
|
@@ -29,7 +29,7 @@ describe Chef::Resource::AwsSubnet do
|
|
29
29
|
).and be_idempotent
|
30
30
|
end
|
31
31
|
|
32
|
-
it "aws_subnet 'test_subnet' with all parameters creates a
|
32
|
+
it "aws_subnet 'test_subnet' with all parameters creates a subnet" do
|
33
33
|
az = driver.ec2.availability_zones.first.name
|
34
34
|
expect_recipe {
|
35
35
|
aws_subnet 'test_subnet' do
|
@@ -48,6 +48,55 @@ describe Chef::Resource::AwsSubnet do
|
|
48
48
|
'network_acl.id' => test_network_acl.aws_object.id
|
49
49
|
).and be_idempotent
|
50
50
|
end
|
51
|
+
|
52
|
+
it "creates aws_subnet tags" do
|
53
|
+
expect_recipe {
|
54
|
+
aws_subnet 'test_subnet' do
|
55
|
+
vpc 'test_vpc'
|
56
|
+
aws_tags key1: "value"
|
57
|
+
end
|
58
|
+
}.to create_an_aws_subnet('test_subnet')
|
59
|
+
.and have_aws_subnet_tags('test_subnet',
|
60
|
+
{
|
61
|
+
'Name' => 'test_subnet',
|
62
|
+
'key1' => 'value'
|
63
|
+
}
|
64
|
+
).and be_idempotent
|
65
|
+
end
|
66
|
+
|
67
|
+
context "with existing tags" do
|
68
|
+
aws_subnet 'test_subnet' do
|
69
|
+
vpc 'test_vpc'
|
70
|
+
aws_tags key1: "value"
|
71
|
+
end
|
72
|
+
|
73
|
+
it "updates aws_subnet tags" do
|
74
|
+
expect_recipe {
|
75
|
+
aws_subnet 'test_subnet' do
|
76
|
+
aws_tags key1: "value2", key2: nil
|
77
|
+
end
|
78
|
+
}.to have_aws_subnet_tags('test_subnet',
|
79
|
+
{
|
80
|
+
'Name' => 'test_subnet',
|
81
|
+
'key1' => 'value2',
|
82
|
+
'key2' => ''
|
83
|
+
}
|
84
|
+
).and be_idempotent
|
85
|
+
end
|
86
|
+
|
87
|
+
it "removes all aws_subnet tags except Name" do
|
88
|
+
expect_recipe {
|
89
|
+
aws_subnet 'test_subnet' do
|
90
|
+
aws_tags {}
|
91
|
+
end
|
92
|
+
}.to have_aws_subnet_tags('test_subnet',
|
93
|
+
{
|
94
|
+
'Name' => 'test_subnet'
|
95
|
+
}
|
96
|
+
).and be_idempotent
|
97
|
+
end
|
98
|
+
end
|
99
|
+
|
51
100
|
end
|
52
101
|
end
|
53
102
|
end
|