chef-provisioning-aws 1.4.1 → 1.5.0

data/lib/chef/provider/aws_vpc.rb

@@ -5,7 +5,7 @@ require 'retryable'
 
 class Chef::Provider::AwsVpc < Chef::Provisioning::AWSDriver::AWSProvider
   include Chef::Provisioning::AWSDriver::TaggingStrategy::EC2ConvergeTags
-  
+
   provides :aws_vpc
 
   class NeverObtainedExistence < RuntimeError; end
@@ -134,12 +134,13 @@ class Chef::Provider::AwsVpc < Chef::Provisioning::AWSDriver::AWSProvider
     # Detach or destroy the internet gateway
     ig = vpc.internet_gateway
     if ig
-      converge_by "detach Internet gateway #{ig.id} in #{region} from #{new_resource.to_s}" do
-        ig.detach(vpc.id)
-      end
-      if ig.tags['OwnedByVPC'] == vpc.id
-        converge_by "destroy Internet gateway #{ig.id} in #{region} (owned by #{new_resource.to_s})" do
-          ig.delete
+      Cheffish.inline_resource(self, action) do
+        aws_internet_gateway ig do
+          if ig.tags['OwnedByVPC'] == vpc.id
+            action :purge
+          else
+            action :detach
+          end
         end
       end
     end
@@ -179,47 +180,49 @@ class Chef::Provider::AwsVpc < Chef::Provisioning::AWSDriver::AWSProvider
   def update_internet_gateway(vpc)
     current_ig = vpc.internet_gateway
     case new_resource.internet_gateway
-    when String, Chef::Resource::AwsInternetGateway, AWS::EC2::InternetGateway
-      new_ig = Chef::Resource::AwsInternetGateway.get_aws_object(new_resource.internet_gateway, resource: new_resource)
-      if !current_ig
-        converge_by "attach Internet gateway #{new_resource.internet_gateway} to VPC #{vpc.id}" do
-          new_ig.attach(vpc.id)
-        end
-      elsif current_ig != new_ig
-        converge_by "replace Internet gateway #{current_ig.id} on VPC #{vpc.id} with new Internet gateway #{new_ig.id}" do
-          current_ig.detach(vpc.id)
-          new_ig.attach(vpc.id)
-        end
-        if current_ig.tags['OwnedByVPC'] == vpc.id
-          converge_by "destroy Internet gateway #{current_ig.id} in #{region} (owned by VPC #{vpc.id})" do
-            current_ig.delete
+      when String, Chef::Resource::AwsInternetGateway, AWS::EC2::InternetGateway
+        new_ig = Chef::Resource::AwsInternetGateway.get_aws_object(new_resource.internet_gateway, resource: new_resource)
+        if !current_ig
+          Cheffish.inline_resource(self, action) do
+            aws_internet_gateway new_ig do
+              vpc vpc.id
+            end
           end
-        end
-      end
-    when true
-      if !current_ig
-        converge_by "attach Internet gateway to VPC #{vpc.id}" do
-          current_ig = AWS.ec2(config: vpc.config).internet_gateways.create
-          retry_with_backoff(NeverObtainedExistence) do
-            raise NeverObtainedExistence.new("Internet gateway for VPC #{vpc.id} never obtained existence") unless current_ig.exists?
+        elsif current_ig != new_ig
+          Cheffish.inline_resource(self, action) do
+            aws_internet_gateway current_ig do
+              if current_ig.tags['OwnedByVPC'] == vpc.id
+                action :destroy
+              else
+                action :detach
+              end
+            end
+            aws_internet_gateway new_ig do
+              vpc vpc.id
+            end
           end
-          action_handler.report_progress "create Internet gateway #{current_ig.id}"
-          current_ig.tags['OwnedByVPC'] = vpc.id
-          action_handler.report_progress "tag Internet gateway #{current_ig.id} as OwnedByVpc: #{vpc.id}"
-          vpc.internet_gateway = current_ig
         end
-      end
-    when false
-      if current_ig
-        converge_by "detach Internet gateway #{current_ig.id} from VPC #{vpc.id}" do
-          current_ig.detach(vpc.id)
+      when true
+        if !current_ig
+          Cheffish.inline_resource(self, action) do
+            aws_internet_gateway "igw-managed-by-#{vpc.id}" do
+              vpc vpc.id
+              aws_tags 'OwnedByVPC' => vpc.id
+            end
+          end
         end
-        if current_ig.tags['OwnedByVPC'] == vpc.id
-          converge_by "destroy Internet gateway #{current_ig.id} in #{region} (owned by VPC #{vpc.id})" do
-            current_ig.delete
+      when false
+        if current_ig
+          Cheffish.inline_resource(self, action) do
+            aws_internet_gateway current_ig.id do
+              if current_ig.tags['OwnedByVPC'] == vpc.id
+                action :destroy
+              else
+                action :detach
+              end
+            end
           end
         end
-      end
     end
   end
 
@@ -247,9 +250,11 @@ class Chef::Provider::AwsVpc < Chef::Provisioning::AWSDriver::AWSProvider
     # creating the VPC
     main_route_table ||= vpc.route_tables.main_route_table
     main_routes = new_resource.main_routes
-    aws_route_table main_route_table.id do
-      vpc vpc
-      routes main_routes
+    Cheffish.inline_resource(self, action) do
+      aws_route_table main_route_table.id do
+        vpc vpc
+        routes main_routes
+      end
     end
     main_route_table
   end

data/lib/chef/provisioning/aws_driver.rb

@@ -9,6 +9,8 @@ require "chef/resource/aws_cloudsearch_domain"
 require "chef/resource/aws_dhcp_options"
 require "chef/resource/aws_ebs_volume"
 require "chef/resource/aws_eip_address"
+require "chef/resource/aws_iam_role"
+require "chef/resource/aws_iam_instance_profile"
 require "chef/resource/aws_image"
 require "chef/resource/aws_instance"
 require "chef/resource/aws_internet_gateway"
@@ -17,10 +19,10 @@ require "chef/resource/aws_launch_configuration"
 require "chef/resource/aws_load_balancer"
 require "chef/resource/aws_network_acl"
 require "chef/resource/aws_network_interface"
-require "chef/resource/aws_route_table"
 require "chef/resource/aws_rds_instance"
 require "chef/resource/aws_rds_subnet_group"
 require "chef/resource/aws_route_table"
+require "chef/resource/aws_route53_hosted_zone"
 require "chef/resource/aws_s3_bucket"
 require "chef/resource/aws_security_group"
 require "chef/resource/aws_server_certificate"
@@ -30,3 +32,22 @@ require "chef/resource/aws_subnet"
 require "chef/resource/aws_vpc"
 require "chef/resource/aws_vpc_peering_connection"
 
+module NoResourceCloning
+  def prior_resource
+    if resource_class <= Chef::Provisioning::AWSDriver::AWSResource
+      Chef::Log.debug "Canceling resource cloning for #{resource_class}"
+      nil
+    else
+      super
+    end
+  end
+  def emit_cloned_resource_warning; end
+  def emit_harmless_cloning_debug; end
+end
+
+# Chef 12.2 changed `load_prior_resource` logic to be in the Chef::ResourceBuilder class
+# but that class only exists in 12.2 and up
+if defined? Chef::ResourceBuilder
+  # Ruby 2.0.0 has prepend as a protected method
+  Chef::ResourceBuilder.send(:prepend, NoResourceCloning)
+end

data/lib/chef/provisioning/aws_driver/aws_provider.rb

@@ -269,11 +269,11 @@ class AWSProvider < Chef::Provider::LWRPBase
     sleep = opts[:sleep] || 5
 
     Retryable.retryable(:tries => tries, :sleep => sleep) do |retries, exception|
-      action_handler.report_progress "waited #{retries*sleep}/#{tries*sleep}s for #{aws_object.id} state to change to #{expected_responses.inspect}..."
-      Chef::Log.debug("Current exception is #{exception.inspect}")
+      action_handler.report_progress "waited #{retries*sleep}/#{tries*sleep}s for <#{aws_object.class}:#{aws_object.id}>##{query_method} state to change to #{expected_responses.inspect}..."
+      Chef::Log.debug("Current exception in wait_for is #{exception.inspect}")
       begin
         current_response = aws_object.send(query_method)
-        Chef::Log.debug("Current response from [#{query_method}] is #{current_response}")
+        Chef::Log.debug("Current response in wait_for from [#{query_method}] is #{current_response}")
         unless expected_responses.include?(current_response)
           raise StatusTimeoutError.new(aws_object, current_response, expected_responses)
         end
@@ -285,8 +285,16 @@ class AWSProvider < Chef::Provider::LWRPBase
   # Retry a block with an doubling backoff time (maximum wait of 10 seconds).
   # @param retry_on [Exception] An exception to retry on, defaults to RuntimeError
   #
-  def retry_with_backoff(retry_on = RuntimeError, &block)
-    Retryable.retryable(:tries => 10, :sleep => lambda { |n| [2**n, 16].min }, :on => retry_on, &block)
+  def self.retry_with_backoff(*retry_on)
+    retry_on ||= [RuntimeError]
+    Retryable.retryable(:tries => 10, :sleep => lambda { |n| [2**n, 16].min }, :on => retry_on) do |retries, exception|
+      Chef::Log.debug("Current exception in retry_with_backoff is #{exception.inspect}")
+      yield
+    end
+  end
+
+  def retry_with_backoff(*retry_on, &block)
+    self.class.retry_with_backoff(*retry_on, &block)
   end
 
 end

data/lib/chef/provisioning/aws_driver/aws_resource.rb

@@ -5,199 +5,207 @@ require 'chef/provisioning/chef_managed_entry_store'
 require 'chef/provisioning/aws_driver/aws_taggable'
 
 # Common AWS resource - contains metadata that all AWS resources will need
-module Chef::Provisioning::AWSDriver
-class AWSResource < Chef::Provisioning::AWSDriver::SuperLWRP
-  actions :create, :destroy, :purge, :nothing
-  default_action :create
-
-  def initialize(name, run_context=nil)
-    name = name.public_send(self.class.aws_sdk_class_id) if name.is_a?(self.class.aws_sdk_class)
-    super
-    if run_context
-      driver run_context.chef_provisioning.current_driver
-      chef_server run_context.cheffish.current_chef_server
+class Chef
+module Provisioning
+module AWSDriver
+  class AWSResource < Chef::Provisioning::AWSDriver::SuperLWRP
+    actions :create, :destroy, :purge, :nothing
+    default_action :create
+
+    def initialize(name, run_context=nil)
+      name = name.public_send(self.class.aws_sdk_class_id) if name.is_a?(self.class.aws_sdk_class)
+      super
+      if run_context
+        driver run_context.chef_provisioning.current_driver
+        chef_server run_context.cheffish.current_chef_server
+      end
     end
-  end
 
-  # Backwards compatibility for action :destroy
-  def action(*args)
-    if args == [ :delete ]
-      super(:destroy)
-    else
-      super
+    # Backwards compatibility for action :destroy
+    def action(*args)
+      if args == [ :delete ]
+        super(:destroy)
+      else
+        super
+      end
     end
-  end
 
-  # In Chef < 12.4 we need to define this method.  In > 12.4 this method is
-  # already defined for us so we don't need to overwrite it.
-  unless defined?(:action=)
-    def action=(value)
-      action(value)
+    # In Chef < 12.4 we need to define this method.  In > 12.4 this method is
+    # already defined for us so we don't need to overwrite it.
+    unless defined?(:action=)
+      def action=(value)
+        action(value)
+      end
     end
-  end
 
-  #
-  # The desired driver.
-  #
-  attribute :driver, kind_of: Chef::Provisioning::Driver,
-                     coerce: (proc do |value|
-                               case value
-                               when nil, Chef::Provisioning::Driver
-                                 value
-                               else
-                                 run_context.chef_provisioning.driver_for(value)
-                               end
-                             end)
-
-  #
-  # The Chef server on which any IDs should be looked up.
-  #
-  attribute :chef_server, kind_of: Hash
-
-  #
-  # The managed entry store.
-  #
-  attribute :managed_entry_store, kind_of: Chef::Provisioning::ManagedEntryStore,
-                              lazy_default: proc { Chef::Provisioning::ChefManagedEntryStore.new(chef_server) }
-
-  #
-  # Get the current AWS object.  This should return the aws_object even if it has
-  # a status like 'deleted' or 'inactive'.  If there is an aws_object, we return it.
-  # Callers will need to check the status if they care.
-  #
-  def aws_object
-    raise NotImplementedError, :aws_object
-  end
+    #
+    # The desired driver.
+    #
+    attribute :driver, kind_of: Chef::Provisioning::Driver,
+                       coerce: (proc do |value|
+                                 case value
+                                 when nil, Chef::Provisioning::Driver
+                                   value
+                                 else
+                                   run_context.chef_provisioning.driver_for(value)
+                                 end
+                               end)
+
+    #
+    # The Chef server on which any IDs should be looked up.
+    #
+    attribute :chef_server, kind_of: Hash
+
+    #
+    # The managed entry store.
+    #
+    attribute :managed_entry_store, kind_of: Chef::Provisioning::ManagedEntryStore,
+                                default: lazy { Chef::Provisioning::ChefManagedEntryStore.new(chef_server) }
+
+    #
+    # Get the current AWS object.  This should return the aws_object even if it has
+    # a status like 'deleted' or 'inactive'.  If there is an aws_object, we return it.
+    # Callers will need to check the status if they care.
+    #
+    def aws_object
+      raise NotImplementedError, :aws_object
+    end
 
-  def aws_object_id
-    @aws_object_id ||= begin
-      o = aws_object
-      o.public_send(self.class.aws_sdk_class_id) if o
+    def aws_object_id
+      @aws_object_id ||= begin
+        o = aws_object
+        o.public_send(self.class.aws_sdk_class_id) if o
+      end
     end
-  end
 
-  #
-  # Look up an AWS options list, translating standard names using the appropriate
-  # classes.
-  #
-  # For example, `load_balancer_options` is passed into `lookup_options`, and if
-  # it looks like this: `{ subnets: `[ 'subnet1', 'subnet2' ] }`, then
-  # `AWSResource.lookup_options` will translate each ID with
-  # `AwsSubnet.get_aws_object('subnet1')`, which supports Chef names
-  # (`mysubnet`) as well as AWS subnet Ids (`subnet-1234abcd`) or AWS objects
-  # (`AWS::EC2::Subnet`).
-  #
-  # Keys that represent non-AWS-objects (such as `timeout`) are left alone.
-  #
-  def self.lookup_options(options, **handler_options)
-    options = options.dup
-    options.each do |name, value|
-      if name.to_s.end_with?('s')
-        handler_name = :"#{name[0..-2]}"
-        if aws_option_handlers[handler_name]
-          options[name] = [options[name]].flatten.map { |value| aws_option_handlers[handler_name].get_aws_object_id(value, **handler_options) }
-        end
-      else
-        if aws_option_handlers[name]
-          options[name] = aws_option_handlers[name].get_aws_object_id(value, **handler_options)
+    #
+    # Look up an AWS options list, translating standard names using the appropriate
+    # classes.
+    #
+    # For example, `load_balancer_options` is passed into `lookup_options`, and if
+    # it looks like this: `{ subnets: `[ 'subnet1', 'subnet2' ] }`, then
+    # `AWSResource.lookup_options` will translate each ID with
+    # `AwsSubnet.get_aws_object('subnet1')`, which supports Chef names
+    # (`mysubnet`) as well as AWS subnet Ids (`subnet-1234abcd`) or AWS objects
+    # (`AWS::EC2::Subnet`).
+    #
+    # Keys that represent non-AWS-objects (such as `timeout`) are left alone.
+    #
+    def self.lookup_options(options = Hash.new, **handler_options)
+      options = options.dup
+      options.each do |name, value|
+        if name.to_s.end_with?('s')
+          handler_name = :"#{name[0..-2]}"
+          if aws_option_handlers[handler_name]
+            options[name] = [options[name]].flatten.map { |value| aws_option_handlers[handler_name].get_aws_object_id(value, **handler_options) }
+          end
+        else
+          if aws_option_handlers[name]
+            options[name] = aws_option_handlers[name].get_aws_object_id(value, **handler_options)
+          end
         end
       end
+      options
     end
-    options
-  end
 
-  def self.get_aws_object(value, resource: nil, run_context: nil, driver: nil, managed_entry_store: nil, required: true)
-    return nil if value.nil?
+    def self.get_aws_object(value, resource: nil, run_context: nil, driver: nil, managed_entry_store: nil, required: true)
+      return nil if value.nil?
 
-    if resource
-      run_context         ||= resource.run_context
-      driver              ||= resource.driver
-      managed_entry_store ||= resource.managed_entry_store
-    end
-    if value.is_a?(self)
-      resource = value
-    else
-      resource = new(value, run_context)
-      resource.driver driver if driver
-      resource.managed_entry_store managed_entry_store if managed_entry_store
-    end
+      if resource
+        run_context         ||= resource.run_context
+        driver              ||= resource.driver
+        managed_entry_store ||= resource.managed_entry_store
+      end
+      if value.is_a?(self)
+        resource = value
+      else
+        resource = new(value, run_context)
+        resource.driver driver if driver
+        resource.managed_entry_store managed_entry_store if managed_entry_store
+      end
 
-    result = resource.aws_object
-    if required && result.nil?
-      raise "#{self}[#{value}] does not exist!"
+      result = resource.aws_object
+      if required && result.nil?
+        raise "#{self}[#{value}] does not exist!"
+      end
+      result
     end
-    result
-  end
 
-  def self.get_aws_object_id(value, **options)
-    aws_object = get_aws_object(value, **options)
-    aws_object.public_send(aws_sdk_class_id) if aws_object
-  end
-
-  protected
-
-  NOT_PASSED = Object.new
-
-  def self.aws_sdk_type(sdk_class,
-                        option_names: nil,
-                        option_name: NOT_PASSED,
-                        load_provider: true,
-                        id: :name,
-                        aws_id_prefix: nil)
-    self.resource_name = convert_to_snake_case(self.name.split('::')[-1])
-    @aws_sdk_class = sdk_class
-    @aws_sdk_class_id = id
-    @aws_id_prefix = aws_id_prefix
-
-    # Go ahead and require the provider since we're here anyway ...
-    require "chef/provider/#{resource_name}" if load_provider
+    def self.get_aws_object_id(value, **options)
+      aws_object = get_aws_object(value, **options)
+      aws_object.public_send(aws_sdk_class_id) if aws_object
+    end
 
-    option_name = :"#{resource_name[4..-1]}" if option_name == NOT_PASSED
-    @aws_sdk_option_name = option_name
+    protected
+
+    # This supports the introduction of the NOT_PASSED chef constant
+    # in chef 12.5
+    # TODO remove when we make 12.5 and higher a dependency
+    NOT_PASSED = Object.new unless defined?(NOT_PASSED)
+
+    def self.aws_sdk_type(sdk_class,
+                          option_names: nil,
+                          option_name: NOT_PASSED,
+                          load_provider: true,
+                          id: :name,
+                          aws_id_prefix: nil)
+      self.resource_name = convert_to_snake_case(self.name.split('::')[-1])
+      @aws_sdk_class = sdk_class
+      @aws_sdk_class_id = id
+      @aws_id_prefix = aws_id_prefix
+
+      # Go ahead and require the provider since we're here anyway ...
+      require "chef/provider/#{resource_name}" if load_provider
+
+      option_name = :"#{resource_name[4..-1]}" if option_name == NOT_PASSED
+      @aws_sdk_option_name = option_name
+
+      option_names ||= begin
+        option_names = []
+        option_names << aws_sdk_option_name
+        option_names << :"#{option_name}_#{aws_sdk_class_id}" if aws_sdk_class_id
+        option_names
+      end
+      option_names.each do |option_name|
+        aws_option_handlers[option_name] = self
+      end
 
-    option_names ||= begin
-      option_names = []
-      option_names << aws_sdk_option_name
-      option_names << :"#{option_name}_#{aws_sdk_class_id}" if aws_sdk_class_id
-      option_names
-    end
-    option_names.each do |option_name|
-      aws_option_handlers[option_name] = self
+      name = self.name.split('::')[-1]
+      eval("Chef::Provisioning::AWSDriver::Resources::#{name} = self", binding, __FILE__, __LINE__)
     end
 
-    name = self.name.split('::')[-1]
-    eval("Chef::Provisioning::AWSDriver::Resources::#{name} = self", binding, __FILE__, __LINE__)
-  end
+    def self.aws_sdk_class
+      @aws_sdk_class
+    end
 
-  def self.aws_sdk_class
-    @aws_sdk_class
-  end
+    def self.aws_sdk_class_id
+      @aws_sdk_class_id
+    end
 
-  def self.aws_sdk_class_id
-    @aws_sdk_class_id
-  end
+    def self.aws_id_prefix
+      @aws_id_prefix
+    end
 
-  def self.aws_id_prefix
-    @aws_id_prefix
-  end
+    def self.aws_sdk_option_name
+      @aws_sdk_option_name
+    end
 
-  def self.aws_sdk_option_name
-    @aws_sdk_option_name
-  end
+    @@aws_option_handlers = {}
+    def self.aws_option_handlers
+      @@aws_option_handlers
+    end
 
-  @@aws_option_handlers = {}
-  def self.aws_option_handlers
-    @@aws_option_handlers
-  end
+    # Add support for aws_id_attribute: true
+    def self.attribute(name, aws_id_attribute: false, **validation_opts)
+      @aws_id_attribute = name if aws_id_attribute
+      super(name, validation_opts)
+    end
 
-  # Add support for aws_id_attribute: true
-  def self.attribute(name, aws_id_attribute: false, **validation_opts)
-    @aws_id_attribute = name if aws_id_attribute
-    super(name, validation_opts)
+    def self.aws_id_attribute
+      @aws_id_attribute
+    end
   end
 
-  def self.aws_id_attribute
-    @aws_id_attribute
-  end
+end
 end
 end