kitchen-azurerm 1.1.0 → 1.5.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: c53c5b50e83af16c56722ecbc2baa30b5a28621cc17f4edde82a59b22420812f
-  data.tar.gz: cd39338fdf0d29d39780e93b6a9fc8c27cd955daf59b6fc79f3be56801c7d891
+  metadata.gz: 83ff621acb68f00027da706be0a8cbcc9d1913ea0972a57596180d9d2cadc399
+  data.tar.gz: e32b5481b1ca6bec77dbe2f1da1f2be2d4c7236c8d35d6dd676e06979cdd69db
 SHA512:
-  metadata.gz: d62cae11a2fa2a679657fc9c81e6b03547802cd7773f6b801b644388beb09b6fe44de2f0d5f2e9a1601cf3eee92b7a2d86e1f29e7dd86b09e3e6445fdceaebd5
-  data.tar.gz: 8bbccc8d27fef365420257f9a11d89cd8b326cf6e60c97e737c1fe304b14f28ee543793c314e9e638096b606c6ccc64986e7d4db94345d53463981b84eadc931
+  metadata.gz: 6dd5a780356dc995c62ebc6f8cd91038b8c02a670af1de28e43090011df9e48d2a96c59702353802b4f9719c3722dba9f83a30af0545305b966df4c7bc7f76c8
+  data.tar.gz: 5e69a4e0b62d614c4aab4d86e46a4ab18e4aba6366bdc0f92d6afa8e0e466c1ac57911b4cf1787b4f68294ab674916dbc6b5621a8603f3ab5a00a286f6d131d3

data/README.md

@@ -1,6 +1,7 @@
 # kitchen-azurerm
 
-[![Gem Version](https://badge.fury.io/rb/kitchen-azurerm.svg)](http://badge.fury.io/rb/kitchen-azurerm) ![CI](https://github.com/test-kitchen/kitchen-azurerm/workflows/CI/badge.svg?branch=master)
+[![Gem Version](https://badge.fury.io/rb/kitchen-azurerm.svg)](https://badge.fury.io/rb/kitchen-azurerm) 
+![CI](https://github.com/test-kitchen/kitchen-azurerm/workflows/CI/badge.svg?branch=master)
 
 **kitchen-azurerm** is a driver for the popular test harness [Test Kitchen](http://kitchen.ci) that allows Microsoft Azure resources to be provisioned before testing. This driver uses the new Microsoft Azure Resource Management REST API via the [azure-sdk-for-ruby](https://github.com/azure/azure-sdk-for-ruby).
 
@@ -259,7 +260,45 @@ suites:
     attributes:
 ```
 
-### .kitchen.yml example 5 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios) with Private Managed Image
+### .kitchen.yml example 5 - deploy VM to existing virtual network/subnet with a Standard SKU public IP (use for ExpressRoute/VPN scenarios)
+
+The following example introduces the ```vnet_id``` and ```subnet_id``` properties under "driver" in the configuration file. This can be applied at the top level, or per platform.
+You can use this capability to create the VM on an existing virtual network and subnet created in a different resource group.
+
+This enables scenarios that require a Standard SKU public IP resource, for example when a NAT gateway is present on the target subnet.
+
+
+```yaml
+---
+driver:
+  name: azurerm
+  subscription_id: 'your-azure-subscription-id-here'
+  location: 'West Europe'
+  machine_size: 'Standard_D1'
+
+transport:
+  ssh_key: ~/.ssh/id_kitchen-azurerm
+
+provisioner:
+  name: chef_zero
+
+platforms:
+  - name: ubuntu-1404
+    driver:
+      image_urn: Canonical:UbuntuServer:14.04.4-LTS:latest
+      vnet_id: /subscriptions/b6e7eee9-YOUR-GUID-HERE-03ab624df016/resourceGroups/pendrica-infrastructure/providers/Microsoft.Network/virtualNetworks/pendrica-arm-vnet
+      subnet_id: subnet-10.1.0
+	  public_ip: true
+	  public_ip_sku: Standard
+
+suites:
+  - name: default
+    run_list:
+      - recipe[kitchen-azurerm-demo::default]
+    attributes:
+```
+
+### .kitchen.yml example 6 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios) with Private Managed Image
 
 This example is the same as above, but uses a private managed image to provision the vm.
 
@@ -294,7 +333,7 @@ suites:
     attributes:
 ```
 
-### .kitchen.yml example 6 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios) with Private Classic OS Image
+### .kitchen.yml example 7 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios) with Private Classic OS Image
 
 This example a classic Custom VM Image (aka a VHD file) is used. As the Image VHD must be in the same storage account then the disk of the instance, the os disk is created in an existing image account.
 
@@ -337,7 +376,7 @@ suites:
     attributes:
 ```
 
-### .kitchen.yml example 7 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios) with Private Classic OS Image and providing custom data and extra large os disk
+### .kitchen.yml example 8 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios) with Private Classic OS Image and providing custom data and extra large os disk
 
 This is the same as above, but uses custom data to customize the instance.
 
@@ -382,7 +421,7 @@ suites:
     attributes:
 ```
 
-### .kitchen.yml example 8 - Windows 2016 VM with additional data disks
+### .kitchen.yml example 9 - Windows 2016 VM with additional data disks
 
 This example demonstrates how to add 3 additional Managed data disks to a Windows Server 2016 VM. Not supported with legacy (pre-managed disk) storage accounts.
 
@@ -419,7 +458,7 @@ suites:
     attributes:
 ```
 
-### .kitchen.yml example 9 - "post-deployment" ARM template with MSI authentication
+### .kitchen.yml example 10 - "post-deployment" ARM template with MSI authentication
 
 The following example introduces the ```post_deployment_template``` and ```post_deployment_parameters``` properties in the configuration file.
 You can use this capability to execute an ARM template containing Azure resources to provision after the system under test is created.
@@ -505,7 +544,7 @@ Example postdeploy.json to enable MSI extention on VM:
 }
 ```
 
-### .kitchen.yml example 10 - Enabling Managed Service Identities
+### .kitchen.yml example 11 - Enabling Managed Service Identities
 
 This example demonstrates how to enable a System Assigned Identity and User Assigned Identities on a Kitchen VM.
 Any combination of System and User assigned identities may be enabled, and multiple User Assigned Identities can be supplied.
@@ -541,7 +580,7 @@ suites:
     attributes:
 ```
 
-### .kitchen.yml example 11 - deploy VM with key vault certificate
+### .kitchen.yml example 12 - deploy VM with key vault certificate
 
 This following example introduces ```secret_url```, ```vault_name```, and ```vault_resource_group``` properties under "driver" in the configuration file. You can use this capability to create a VM with a specified key vault certificate.
 
@@ -670,9 +709,11 @@ info:    vm image list command OK
 
 * The ```azure_resource_group_prefix``` and ```azure_resource_group_suffix``` can be used to further disambiguate Azure resource group names created by the driver.
 
-* The ```explicit_resource_group_name``` and ```destroy_explicit_resource_group``` (default: "true") parameters can be used in scenarios where you are provided a pre-created Resource Group. Example usage: ```explicit_resource_group_name: kitchen-<%= ENV["USERNAME"] %>```
+* The ```explicit_resource_group_name``` and ```destroy_explicit_resource_group``` (default: "true") parameters can be used in scenarios where you are provided a pre-created Resource Group. Example usage: ```explicit_resource_group_name: kitchen-<%= ENV["USERNAME"] %>```. The ```destroy_explicit_resource_group``` option can now be used after using the ```destroy_resource_group_contents``` option creates an empty resource group to destroy the resource group previously created.
 
-* The ```destroy_resource_group_contents``` (default: "false") parameter can be used when you want to destroy the resources within a resource group without destroying the resource group itself. For example, the following configuration options used in combination would use an existing resource group (or create one if it doesn't exist) and will destroy the contents of the resource group in the ```kitchen destroy``` phase.
+* The ```destroy_resource_group_contents``` (default: "false") parameter can be used when you want to destroy the resources within a resource group without destroying the resource group itself. For example, the following configuration options used in combination would use an existing resource group (or create one if it doesn't exist) and will destroy the contents of the resource group in the ```kitchen destroy``` phase. If you wish to destroy the empty resource group created after you empty the resource group with this flag you can now set the ```destroy_explicit_resource_group``` to "true" to destroy the empty resource group. 
+
+* The ```destroy_explicit_resource_group_tags``` (default: "true") parameter can be used when you want to remove tags associated with an explicit resource group. The default setting is set to "true" to remain consistent with previous behavior. This should be used in combination with an ```explicit_resource_group_name``` and will be honored during the ```kitchen destroy``` phase.
 
 ```yaml
 ---
@@ -686,6 +727,8 @@ driver:
 
 * The ```secret_url```, ```vault_name```, and ```vault_resource_group``` parameters can be used to deploy VM with specified key vault certificate.
 
+* The ```use_fqdn_hostname``` (default: "false") parameter can be used to determine how kitchen communicates with the Virtual Machine. When true, Kitchen will use the FQDN that is assigned to the Virtual Machine. When false, kitchen will use the public IP address of the machine. This may overcome issues with Corporate firewalls or VPNs blocking Public IP addresses.
+
 ## Enabling alternative WinRM configurations
 
 * By default on Windows machines, a PowerShell script runs that enables WinRM over the SSL transport, for Basic, Negotiate and CredSSP connections. To supply your own PowerShell script (e.g. to enable HTTP), use the `winrm_powershell_script` parameter. Windows 2008 R2 example:

data/lib/kitchen/driver/azure_credentials.rb

@@ -1,5 +1,6 @@
 require "inifile"
 require "kitchen/logging"
+autoload :MsRest, "ms_rest"
 
 module Kitchen
   module Driver
@@ -60,7 +61,7 @@ module Kitchen
           if File.file?(config_path)
             IniFile.load(config_path)
           else
-            warn "#{config_path} was not found or not accessible. Will attempt to use Managed Identity."
+            warn "#{config_path} was not found or not accessible."
             {}
           end
         end
@@ -71,7 +72,7 @@ module Kitchen
       end
 
       def tenant_id!
-        tenant_id || raise("Must provide tenant id. Use AZURE_TENANT_ID environment variable or set it in credentials file (#{config_path})")
+        tenant_id || warn("(#{config_path}) does not contain tenant_id neither is the AZURE_TENANT_ID environment variable set.")
       end
 
       def tenant_id
@@ -86,13 +87,37 @@ module Kitchen
         ENV["AZURE_CLIENT_SECRET"] || credentials_property("client_secret")
       end
 
+      # Retrieve a token based upon the preferred authentication method.
+      #
+      # @return [::MsRest::TokenProvider] A new token provider object.
       def token_provider
-        if client_id && client_secret
+        # Login with a credentials file or setting the environment variables
+        #
+        # Typically used with a service principal.
+        #
+        # SPN with client_id, client_secret and tenant_id
+        if client_id && client_secret && tenant_id
           ::MsRestAzure::ApplicationTokenProvider.new(tenant_id, client_id, client_secret, ad_settings)
-        elsif client_id
+        # Login with a Managed Service Identity.
+        #
+        # Typically used with a Managed Service Identity when you have a particular object registered in a tenant.
+        #
+        # MSI with client_id and tenant_id (aka User Assigned Identity).
+        elsif client_id && tenant_id
           ::MsRestAzure::MSITokenProvider.new(50342, ad_settings, { client_id: client_id })
-        else
+        # Default approach to inheriting existing object permissions (application or device this code is running on).
+        #
+        # Typically used when you want to inherit the permissions of the system you're running on that are in a tenant.
+        #
+        # MSI with just tenant_id (aka System Assigned Identity).
+        elsif tenant_id
           ::MsRestAzure::MSITokenProvider.new(50342, ad_settings)
+        # Login using the Azure CLI
+        #
+        # Typically used when you want to rely upon `az login` as your preferred authentication method.
+        else
+          warn("Using tenant id set through `az login`.")
+          ::MsRestAzure::AzureCliTokenProvider.new(ad_settings)
         end
       end
 

data/lib/kitchen/driver/azurerm.rb

@@ -1,21 +1,27 @@
 require "kitchen"
+
+autoload :MsRestAzure, "ms_rest_azure"
 require_relative "azure_credentials"
-require "securerandom"
-require "azure_mgmt_resources"
-require "azure_mgmt_network"
-require "base64"
-require "sshkey"
-require "fileutils"
-require "erb"
-require "ostruct"
-require "json"
-require "faraday"
+require "securerandom" unless defined?(SecureRandom)
+module Azure
+  autoload :Resources, "azure_mgmt_resources"
+  autoload :Network, "azure_mgmt_network"
+end
+require "base64" unless defined?(Base64)
+autoload :SSHKey, "sshkey"
+require "fileutils" unless defined?(FileUtils)
+require "erb" unless defined?(Erb)
+require "ostruct" unless defined?(OpenStruct)
+require "json" unless defined?(JSON)
+autoload :Faraday, "faraday"
 
 module Kitchen
   module Driver
     #
     # Azurerm
+    # Create a new resource group object and set the location and tags attributes then return it.
     #
+    # @return [::Azure::Resources::Profiles::Latest::Mgmt::Models::ResourceGroup] A new resource group object.
     class Azurerm < Kitchen::Driver::Base
       attr_accessor :resource_management_client
       attr_accessor :network_management_client
@@ -174,6 +180,10 @@ module Kitchen
         true
       end
 
+      default_config(:destroy_explicit_resource_group_tags) do |_config|
+        true
+      end
+
       default_config(:destroy_resource_group_contents) do |_config|
         false
       end
@@ -198,10 +208,18 @@ module Kitchen
         ENV["AZURE_SUBSCRIPTION_ID"]
       end
 
+      default_config(:public_ip_sku) do |_config|
+        "Basic"
+      end
+
       default_config(:azure_api_retries) do |_config|
         5
       end
 
+      default_config(:use_fqdn_hostname) do |_config|
+        false
+      end
+
       def create(state)
         state = validate_state(state)
         deployment_parameters = {
@@ -210,7 +228,7 @@ module Kitchen
           storageAccountType: config[:storage_account_type],
           bootDiagnosticsEnabled: config[:boot_diagnostics_enabled],
           newStorageAccountName: "storage#{state[:uuid]}",
-          adminUsername: state[:username],
+          adminUsername: config[:username],
           dnsNameForPublicIP: "kitchen-#{state[:uuid]}",
           vmName: state[:vm_name],
           systemAssignedIdentity: config[:system_assigned_identity],
@@ -221,7 +239,13 @@ module Kitchen
         }
 
         if instance.transport[:ssh_key].nil?
-          deployment_parameters["adminPassword"] = state[:password]
+          deployment_parameters[:adminPassword] = config[:password]
+        end
+
+        deployment_parameters[:publicIPSKU] = config[:public_ip_sku]
+
+        if config[:public_ip_sku] == "Standard"
+          deployment_parameters[:publicIPAddressType] = "Static"
         end
 
         if config[:subscription_id].to_s == ""
@@ -277,12 +301,9 @@ module Kitchen
         @resource_management_client = ::Azure::Resources::Profiles::Latest::Mgmt::Client.new(options)
 
         # Create Resource Group
-        resource_group = ::Azure::Resources::Profiles::Latest::Mgmt::Models::ResourceGroup.new
-        resource_group.location = config[:location]
-        resource_group.tags = config[:resource_group_tags]
         begin
           info "Creating Resource Group: #{state[:azure_resource_group_name]}"
-          create_resource_group(state[:azure_resource_group_name], resource_group)
+          create_resource_group(state[:azure_resource_group_name], get_resource_group)
         rescue ::MsRestAzure::AzureOperationError => operation_error
           error operation_error.body
           raise operation_error
@@ -300,6 +321,9 @@ module Kitchen
           info "Creating deployment: #{deployment_name}"
           create_deployment_async(state[:azure_resource_group_name], deployment_name, deployment(deployment_parameters)).value!
           follow_deployment_until_end_state(state[:azure_resource_group_name], deployment_name)
+          state[:username] = deployment_parameters[:adminUsername] unless existing_state_value?(state, :username)
+          state[:password] = deployment_parameters[:adminPassword] unless existing_state_value?(state, :password) && instance.transport[:ssh_key].nil?
+
           if File.file?(config[:post_deployment_template])
             post_deployment_name = "post-deploy-#{state[:uuid]}"
             info "Creating deployment: #{post_deployment_name}"
@@ -325,6 +349,10 @@ module Kitchen
           result = get_public_ip(state[:azure_resource_group_name], "publicip")
           info "IP Address is: #{result.ip_address} [#{result.dns_settings.fqdn}]"
           state[:hostname] = result.ip_address
+          if config[:use_fqdn_hostname]
+            info "Using FQDN to communicate instead of IP"
+            state[:hostname] = result.dns_settings.fqdn
+          end
         else
           # Retrieve the internal IP from the resource group:
           result = get_network_interface(state[:azure_resource_group_name], vmnic.to_s)
@@ -333,15 +361,24 @@ module Kitchen
         end
       end
 
+      # Return a True of False if the state is already stored for a particular property.
+      #
+      # @param [Hash] Hash of existing state values.
+      # @param [String] A property to check
+      # @return [Boolean]
       def existing_state_value?(state, property)
         state.key?(property) && !state[property].nil?
       end
 
+      # Leverage existing state values or bring state into existence from a configuration file.
+      #
+      # @param [Hash] Existing Hash of state values.
+      # @return [Hash] Updated Hash of state values.
       def validate_state(state = {})
         state[:uuid] = SecureRandom.hex(8) unless existing_state_value?(state, :uuid)
         state[:server_id] = "vm#{state[:uuid]}" unless existing_state_value?(state, :server_id)
         state[:azure_resource_group_name] = azure_resource_group_name unless existing_state_value?(state, :azure_resource_group_name)
-        %i{subscription_id username password vm_name azure_environment use_managed_disks}.each do |config_element|
+        %i{subscription_id vm_name azure_environment use_managed_disks}.each do |config_element|
           state[config_element] = config[config_element] unless existing_state_value?(state, config_element)
         end
         state.delete(:password) unless instance.transport[:ssh_key].nil?
@@ -522,11 +559,38 @@ module Kitchen
       end
 
       def destroy(state)
-        return if state[:server_id].nil?
+        # TODO: We have some not so fun state issues we need to clean up
+        state[:azure_environment] = config[:azure_environment] unless state[:azure_environment]
+        state[:subscription_id] = config[:subscription_id] unless state[:subscription_id]
 
+        # Setup our authentication components for the SDK
         options = Kitchen::Driver::AzureCredentials.new(subscription_id: state[:subscription_id],
-                                                        environment: state[:azure_environment]).azure_options
+          environment: state[:azure_environment]).azure_options
         @resource_management_client = ::Azure::Resources::Profiles::Latest::Mgmt::Client.new(options)
+
+        # If we don't have any instances, let's check to see if the user wants to delete a resource group and if so let's delete!
+        if state[:server_id].nil? && state[:azure_resource_group_name].nil? && !config[:explicit_resource_group_name].nil? && config[:destroy_explicit_resource_group]
+          if resource_group_exists?(config[:explicit_resource_group_name])
+            info "This instance doesn't exist but you asked to delete the resource group."
+            begin
+              info "Destroying Resource Group: #{config[:explicit_resource_group_name]}"
+              delete_resource_group_async(config[:explicit_resource_group_name])
+              info "Destroy operation accepted and will continue in the background."
+              return
+            rescue ::MsRestAzure::AzureOperationError => operation_error
+              error operation_error.body
+              raise operation_error
+            end
+          end
+        end
+
+        # Our working environment
+        info "Azure environment: #{state[:azure_environment]}"
+
+        # Skip if we don't have any instances
+        return if state[:server_id].nil?
+
+        # Destroy resource group contents
         if config[:destroy_resource_group_contents] == true
           info "Destroying individual resources within the Resource Group."
           empty_deployment_name = "empty-deploy-#{state[:uuid]}"
@@ -534,25 +598,49 @@ module Kitchen
             info "Creating deployment: #{empty_deployment_name}"
             create_deployment_async(state[:azure_resource_group_name], empty_deployment_name, empty_deployment).value!
             follow_deployment_until_end_state(state[:azure_resource_group_name], empty_deployment_name)
+
+            # NOTE: We are using the internal wrapper function create_resource_group() which wraps the API
+            # method of create_or_update()
+            begin
+              # Maintain tags on the resource group
+              create_resource_group(state[:azure_resource_group_name], get_resource_group) unless config[:destroy_explicit_resource_group_tags] == true
+              warn 'The "destroy_explicit_resource_group_tags" setting value is set to "false". The tags on the resource group will NOT be removed.' unless config[:destroy_explicit_resource_group_tags] == true
+              # Corner case where we want to use kitchen to remove the tags
+              resource_group = get_resource_group
+              resource_group.tags = {}
+              create_resource_group(state[:azure_resource_group_name], resource_group) unless config[:destroy_explicit_resource_group_tags] == false
+              warn 'The "destroy_explicit_resource_group_tags" setting value is set to "true". The tags on the resource group will be removed.' unless config[:destroy_explicit_resource_group_tags] == false
+            rescue ::MsRestAzure::AzureOperationError => operation_error
+              error operation_error.body
+              raise operation_error
+            end
+
           rescue ::MsRestAzure::AzureOperationError => operation_error
             error operation_error.body
             raise operation_error
           end
         end
+
+        # Do not remove the explicitly named resource group
         if config[:destroy_explicit_resource_group] == false && !config[:explicit_resource_group_name].nil?
           warn 'The "destroy_explicit_resource_group" setting value is set to "false". The resource group will not be deleted.'
           warn 'Remember to manually destroy resources, or set "destroy_resource_group_contents: true" to save costs!' unless config[:destroy_resource_group_contents] == true
-          return
+          return state
         end
-        info "Azure environment: #{state[:azure_environment]}"
+
+        # Destroy the world
         begin
           info "Destroying Resource Group: #{state[:azure_resource_group_name]}"
           delete_resource_group_async(state[:azure_resource_group_name])
           info "Destroy operation accepted and will continue in the background."
+          # Remove resource group name from driver state
+          state.delete(:azure_resource_group_name)
         rescue ::MsRestAzure::AzureOperationError => operation_error
           error operation_error.body
           raise operation_error
         end
+
+        # Clear state of components
         state.delete(:server_id)
         state.delete(:hostname)
         state.delete(:username)
@@ -652,7 +740,7 @@ module Kitchen
           virtual_machine_deployment_template_file("public.erb", vm_tags: vm_tag_string(config[:vm_tags]), use_managed_disks: config[:use_managed_disks], image_url: config[:image_url], existing_storage_account_blob_url: config[:existing_storage_account_blob_url], image_id: config[:image_id], existing_storage_account_container: config[:existing_storage_account_container], custom_data: config[:custom_data], os_disk_size_gb: config[:os_disk_size_gb], data_disks_for_vm_json: data_disks_for_vm_json, use_ephemeral_osdisk: config[:use_ephemeral_osdisk], ssh_key: instance.transport[:ssh_key], plan_json: plan_json)
         else
           info "Using custom vnet: #{config[:vnet_id]}"
-          virtual_machine_deployment_template_file("internal.erb", vnet_id: config[:vnet_id], subnet_id: config[:subnet_id], public_ip: config[:public_ip], vm_tags: vm_tag_string(config[:vm_tags]), use_managed_disks: config[:use_managed_disks], image_url: config[:image_url], existing_storage_account_blob_url: config[:existing_storage_account_blob_url], image_id: config[:image_id], existing_storage_account_container: config[:existing_storage_account_container], custom_data: config[:custom_data], os_disk_size_gb: config[:os_disk_size_gb], data_disks_for_vm_json: data_disks_for_vm_json, use_ephemeral_osdisk: config[:use_ephemeral_osdisk], ssh_key: instance.transport[:ssh_key], plan_json: plan_json)
+          virtual_machine_deployment_template_file("internal.erb", vnet_id: config[:vnet_id], subnet_id: config[:subnet_id], public_ip: config[:public_ip], vm_tags: vm_tag_string(config[:vm_tags]), use_managed_disks: config[:use_managed_disks], image_url: config[:image_url], existing_storage_account_blob_url: config[:existing_storage_account_blob_url], image_id: config[:image_id], existing_storage_account_container: config[:existing_storage_account_container], custom_data: config[:custom_data], os_disk_size_gb: config[:os_disk_size_gb], data_disks_for_vm_json: data_disks_for_vm_json, use_ephemeral_osdisk: config[:use_ephemeral_osdisk], ssh_key: instance.transport[:ssh_key], public_ip_sku: config[:public_ip_sku], plan_json: plan_json)
         end
       end
 
@@ -706,6 +794,36 @@ module Kitchen
       # Wrapper methods for the Azure API calls to retry the calls when getting timeouts.
       #
 
+      # Create a new resource group object and set the location and tags attributes then return it.
+      #
+      # @return [::Azure::Resources::Profiles::Latest::Mgmt::Models::ResourceGroup] A new resource group object.
+      def get_resource_group
+        resource_group = ::Azure::Resources::Profiles::Latest::Mgmt::Models::ResourceGroup.new
+        resource_group.location = config[:location]
+        resource_group.tags = config[:resource_group_tags]
+        resource_group
+      end
+
+      # Checks whether a resource group exists.
+      #
+      # @param resource_group_name [String] The name of the resource group to check.
+      # The name is case insensitive.
+      #
+      # @return [Boolean] operation results.
+      #
+      def resource_group_exists?(resource_group_name)
+        retries = config[:azure_api_retries]
+        begin
+          resource_management_client.resource_groups.check_existence(resource_group_name)
+        rescue Faraday::TimeoutError, Faraday::ClientError => exception
+          send_exception_message(exception, "while checking if resource group '#{resource_group_name}' exists. #{retries} retries left.")
+          raise if retries == 0
+
+          retries -= 1
+          retry
+        end
+      end
+
       def create_resource_group(resource_group_name, resource_group)
         retries = config[:azure_api_retries]
         begin

data/templates/internal.erb

@@ -40,6 +40,22 @@
                 "description": "Unique DNS Name for the Public IP used to access the Virtual Machine."
             }
         },
+        <%- if public_ip_sku %>
+        "publicIPSKU": {
+            "type": "string",
+            "defaultValue": "Standard",
+            "metadata": {
+                "description": "SKU name for the Public IP used to access the Virtual Machine."
+            }
+        },
+        "publicIPAddressType": {
+            "type": "string",
+            "defaultValue": "Dynamic",
+            "metadata": {
+                "description": "SKU name for the Public IP used to access the Virtual Machine."
+            }
+        },
+        <%- end %>
         <%- unless os_disk_size_gb.to_s.empty?  -%>
         "osDiskSizeGb": {
             "type": "int",
@@ -201,7 +217,6 @@
         "subnetPrefix": "10.0.0.0/24",
         "storageAccountType": "[parameters('storageAccountType')]",
         "publicIPAddressName": "publicip",
-        "publicIPAddressType": "Dynamic",
         "vmStorageAccountContainerName": "vhds",
         "vmName": "[parameters('vmName')]",
         "vmSize": "[parameters('vmSize')]",
@@ -242,12 +257,15 @@
         <%- end -%>
         <%- if public_ip -%>
         {
-            "apiVersion": "2015-05-01-preview",
+            "apiVersion": "2017-08-01",
             "type": "Microsoft.Network/publicIPAddresses",
             "name": "[variables('publicIPAddressName')]",
             "location": "[variables('location')]",
+	    "sku": {
+	    	"name": "[parameters('publicIPSKU')]"
+	    },
             "properties": {
-                "publicIPAllocationMethod": "[variables('publicIPAddressType')]",
+                "publicIPAllocationMethod": "[parameters('publicIPAddressType')]",
                 "dnsSettings": {
                     "domainNameLabel": "[parameters('dnsNameForPublicIP')]"
                 }
@@ -343,12 +361,12 @@
                     },
                     <%- end -%>
                     <%- if use_ephemeral_osdisk -%>
-                    "osDisk": { 
-                        "diffDiskSettings": { 
-                             "option": "Local" 
-                        }, 
-                        "caching": "ReadOnly", 
-                        "createOption": "FromImage" 
+                    "osDisk": {
+                        "diffDiskSettings": {
+                             "option": "Local"
+                        },
+                        "caching": "ReadOnly",
+                        "createOption": "FromImage"
                     }
                     <%- elsif use_managed_disks -%>
                     "osDisk": {

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kitchen-azurerm
 version: !ruby/object:Gem::Version
-  version: 1.1.0
+  version: 1.5.1
 platform: ruby
 authors:
 - Stuart Preston
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-08-20 00:00:00.000000000 Z
+date: 2021-02-18 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: azure_mgmt_network
@@ -110,90 +110,6 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '3.0'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '11.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '11.0'
-- !ruby/object:Gem::Dependency
-  name: chefstyle
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '0'
-- !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-- !ruby/object:Gem::Dependency
-  name: rspec-mocks
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-- !ruby/object:Gem::Dependency
-  name: rspec-expectations
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-- !ruby/object:Gem::Dependency
-  name: rspec-its
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.3.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.3.0
 description: Test Kitchen driver for the Microsoft Azure Resource Manager (ARM) API
 email:
 - stuart@chef.io
@@ -220,14 +136,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.5'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.1.4
 signing_key:
 specification_version: 4
 summary: Test Kitchen driver for Azure Resource Manager.