kitchen-azurerm 1.2.0 → 1.5.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 8615b3c50c7c88dc0167c2b0daebd1c66c1fec9bd05d1c169223c30fc00a7cc2
-  data.tar.gz: 769a0df10ad7af7a1215066955eba46717e16358f83ad176df6954d4f2e43d49
+  metadata.gz: 20aa37ca60b29d9b0902d8741de326baa5fbe19fde0d37a9874dac2191b97b1f
+  data.tar.gz: f219f48b5b966faf7033fe0f78d8dd2f7638c77118c66f8c6bbae7c53e9f939c
 SHA512:
-  metadata.gz: 48a2d37a873c8d2b842dc20e0c2e40cc9b349faed29d0c1f9bbc12ccb53097e0df0a06884f29c840b2e2f72a3deef6a0ab2244ef037a9c1aa24397524f756747
-  data.tar.gz: b3538aa314c217566e22a359655aee67eedb88cff3d2ea2f35e17445db4fe5821b57d5beb183f8ec77ac077ed58f88f275fd011fbdaa162a3b17def168c2c99e
+  metadata.gz: 1ca9ed3f8eb461263d65f752299e46aded16a7e9b4fd3b73a06f66bacabd7ad5c7e566be1bfc299ed9abb0514ad386807b713bdf3740969883595a64a6afb7a0
+  data.tar.gz: 95988ebe08533122dc27d847cc817e799f07b72e4e13666170d6515bd9b9db5e37d6568722892f30388713ce9227653e04b72899c8d7f8d657fc83f078ca12b9

data/README.md

@@ -1,6 +1,7 @@
 # kitchen-azurerm
 
-[![Gem Version](https://badge.fury.io/rb/kitchen-azurerm.svg)](http://badge.fury.io/rb/kitchen-azurerm) ![CI](https://github.com/test-kitchen/kitchen-azurerm/workflows/CI/badge.svg?branch=master)
+[![Gem Version](https://badge.fury.io/rb/kitchen-azurerm.svg)](https://badge.fury.io/rb/kitchen-azurerm) 
+![CI](https://github.com/test-kitchen/kitchen-azurerm/workflows/CI/badge.svg?branch=master)
 
 **kitchen-azurerm** is a driver for the popular test harness [Test Kitchen](http://kitchen.ci) that allows Microsoft Azure resources to be provisioned before testing. This driver uses the new Microsoft Azure Resource Management REST API via the [azure-sdk-for-ruby](https://github.com/azure/azure-sdk-for-ruby).
 
@@ -259,7 +260,45 @@ suites:
     attributes:
 ```
 
-### .kitchen.yml example 5 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios) with Private Managed Image
+### .kitchen.yml example 5 - deploy VM to existing virtual network/subnet with a Standard SKU public IP (use for ExpressRoute/VPN scenarios)
+
+The following example introduces the ```vnet_id``` and ```subnet_id``` properties under "driver" in the configuration file. This can be applied at the top level, or per platform.
+You can use this capability to create the VM on an existing virtual network and subnet created in a different resource group.
+
+This enables scenarios that require a Standard SKU public IP resource, for example when a NAT gateway is present on the target subnet.
+
+
+```yaml
+---
+driver:
+  name: azurerm
+  subscription_id: 'your-azure-subscription-id-here'
+  location: 'West Europe'
+  machine_size: 'Standard_D1'
+
+transport:
+  ssh_key: ~/.ssh/id_kitchen-azurerm
+
+provisioner:
+  name: chef_zero
+
+platforms:
+  - name: ubuntu-1404
+    driver:
+      image_urn: Canonical:UbuntuServer:14.04.4-LTS:latest
+      vnet_id: /subscriptions/b6e7eee9-YOUR-GUID-HERE-03ab624df016/resourceGroups/pendrica-infrastructure/providers/Microsoft.Network/virtualNetworks/pendrica-arm-vnet
+      subnet_id: subnet-10.1.0
+	  public_ip: true
+	  public_ip_sku: Standard
+
+suites:
+  - name: default
+    run_list:
+      - recipe[kitchen-azurerm-demo::default]
+    attributes:
+```
+
+### .kitchen.yml example 6 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios) with Private Managed Image
 
 This example is the same as above, but uses a private managed image to provision the vm.
 
@@ -294,7 +333,7 @@ suites:
     attributes:
 ```
 
-### .kitchen.yml example 6 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios) with Private Classic OS Image
+### .kitchen.yml example 7 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios) with Private Classic OS Image
 
 This example a classic Custom VM Image (aka a VHD file) is used. As the Image VHD must be in the same storage account then the disk of the instance, the os disk is created in an existing image account.
 
@@ -337,7 +376,7 @@ suites:
     attributes:
 ```
 
-### .kitchen.yml example 7 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios) with Private Classic OS Image and providing custom data and extra large os disk
+### .kitchen.yml example 8 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios) with Private Classic OS Image and providing custom data and extra large os disk
 
 This is the same as above, but uses custom data to customize the instance.
 
@@ -382,7 +421,7 @@ suites:
     attributes:
 ```
 
-### .kitchen.yml example 8 - Windows 2016 VM with additional data disks
+### .kitchen.yml example 9 - Windows 2016 VM with additional data disks
 
 This example demonstrates how to add 3 additional Managed data disks to a Windows Server 2016 VM. Not supported with legacy (pre-managed disk) storage accounts.
 
@@ -419,7 +458,7 @@ suites:
     attributes:
 ```
 
-### .kitchen.yml example 9 - "post-deployment" ARM template with MSI authentication
+### .kitchen.yml example 10 - "post-deployment" ARM template with MSI authentication
 
 The following example introduces the ```post_deployment_template``` and ```post_deployment_parameters``` properties in the configuration file.
 You can use this capability to execute an ARM template containing Azure resources to provision after the system under test is created.
@@ -505,7 +544,7 @@ Example postdeploy.json to enable MSI extention on VM:
 }
 ```
 
-### .kitchen.yml example 10 - Enabling Managed Service Identities
+### .kitchen.yml example 11 - Enabling Managed Service Identities
 
 This example demonstrates how to enable a System Assigned Identity and User Assigned Identities on a Kitchen VM.
 Any combination of System and User assigned identities may be enabled, and multiple User Assigned Identities can be supplied.
@@ -541,7 +580,7 @@ suites:
     attributes:
 ```
 
-### .kitchen.yml example 11 - deploy VM with key vault certificate
+### .kitchen.yml example 12 - deploy VM with key vault certificate
 
 This following example introduces ```secret_url```, ```vault_name```, and ```vault_resource_group``` properties under "driver" in the configuration file. You can use this capability to create a VM with a specified key vault certificate.
 
@@ -670,11 +709,11 @@ info:    vm image list command OK
 
 * The ```azure_resource_group_prefix``` and ```azure_resource_group_suffix``` can be used to further disambiguate Azure resource group names created by the driver.
 
-* The ```explicit_resource_group_name``` and ```destroy_explicit_resource_group``` (default: "true") parameters can be used in scenarios where you are provided a pre-created Resource Group. Example usage: ```explicit_resource_group_name: kitchen-<%= ENV["USERNAME"] %>```
+* The ```explicit_resource_group_name``` and ```destroy_explicit_resource_group``` (default: "true") parameters can be used in scenarios where you are provided a pre-created Resource Group. Example usage: ```explicit_resource_group_name: kitchen-<%= ENV["USERNAME"] %>```. The ```destroy_explicit_resource_group``` option can now be used after using the ```destroy_resource_group_contents``` option creates an empty resource group to destroy the resource group previously created.
 
-* The ```destroy_resource_group_contents``` (default: "false") parameter can be used when you want to destroy the resources within a resource group without destroying the resource group itself. For example, the following configuration options used in combination would use an existing resource group (or create one if it doesn't exist) and will destroy the contents of the resource group in the ```kitchen destroy``` phase.
+* The ```destroy_resource_group_contents``` (default: "false") parameter can be used when you want to destroy the resources within a resource group without destroying the resource group itself. For example, the following configuration options used in combination would use an existing resource group (or create one if it doesn't exist) and will destroy the contents of the resource group in the ```kitchen destroy``` phase. If you wish to destroy the empty resource group created after you empty the resource group with this flag you can now set the ```destroy_explicit_resource_group``` to "true" to destroy the empty resource group. 
 
-* The ```destroy_explicit_resource_group_tags``` (default: "true") parameter can be used when you want to remove tags associated with an explicit resource group. The default setting is set to `true` to remain consistent with previous behavior. This should be used in combination with an explicitly named resource group and will be honored during the ```kitchen destroy``` phase.
+* The ```destroy_explicit_resource_group_tags``` (default: "true") parameter can be used when you want to remove tags associated with an explicit resource group. The default setting is set to "true" to remain consistent with previous behavior. This should be used in combination with an ```explicit_resource_group_name``` and will be honored during the ```kitchen destroy``` phase.
 
 ```yaml
 ---
@@ -688,6 +727,8 @@ driver:
 
 * The ```secret_url```, ```vault_name```, and ```vault_resource_group``` parameters can be used to deploy VM with specified key vault certificate.
 
+* The ```use_fqdn_hostname``` (default: "false") parameter can be used to determine how kitchen communicates with the Virtual Machine. When true, Kitchen will use the FQDN that is assigned to the Virtual Machine. When false, kitchen will use the public IP address of the machine. This may overcome issues with Corporate firewalls or VPNs blocking Public IP addresses.
+
 ## Enabling alternative WinRM configurations
 
 * By default on Windows machines, a PowerShell script runs that enables WinRM over the SSL transport, for Basic, Negotiate and CredSSP connections. To supply your own PowerShell script (e.g. to enable HTTP), use the `winrm_powershell_script` parameter. Windows 2008 R2 example:

data/lib/kitchen/driver/azure_credentials.rb

@@ -1,5 +1,6 @@
 require "inifile"
 require "kitchen/logging"
+autoload :MsRest, "ms_rest"
 
 module Kitchen
   module Driver
@@ -60,7 +61,7 @@ module Kitchen
           if File.file?(config_path)
             IniFile.load(config_path)
           else
-            warn "#{config_path} was not found or not accessible. Will attempt to use Managed Identity."
+            warn "#{config_path} was not found or not accessible."
             {}
           end
         end
@@ -71,7 +72,7 @@ module Kitchen
       end
 
       def tenant_id!
-        tenant_id || raise("Must provide tenant id. Use AZURE_TENANT_ID environment variable or set it in credentials file (#{config_path})")
+        tenant_id || warn("(#{config_path}) does not contain tenant_id neither is the AZURE_TENANT_ID environment variable set.")
       end
 
       def tenant_id
@@ -86,13 +87,37 @@ module Kitchen
         ENV["AZURE_CLIENT_SECRET"] || credentials_property("client_secret")
       end
 
+      # Retrieve a token based upon the preferred authentication method.
+      #
+      # @return [::MsRest::TokenProvider] A new token provider object.
       def token_provider
-        if client_id && client_secret
+        # Login with a credentials file or setting the environment variables
+        #
+        # Typically used with a service principal.
+        #
+        # SPN with client_id, client_secret and tenant_id
+        if client_id && client_secret && tenant_id
           ::MsRestAzure::ApplicationTokenProvider.new(tenant_id, client_id, client_secret, ad_settings)
-        elsif client_id
+        # Login with a Managed Service Identity.
+        #
+        # Typically used with a Managed Service Identity when you have a particular object registered in a tenant.
+        #
+        # MSI with client_id and tenant_id (aka User Assigned Identity).
+        elsif client_id && tenant_id
           ::MsRestAzure::MSITokenProvider.new(50342, ad_settings, { client_id: client_id })
-        else
+        # Default approach to inheriting existing object permissions (application or device this code is running on).
+        #
+        # Typically used when you want to inherit the permissions of the system you're running on that are in a tenant.
+        #
+        # MSI with just tenant_id (aka System Assigned Identity).
+        elsif tenant_id
           ::MsRestAzure::MSITokenProvider.new(50342, ad_settings)
+        # Login using the Azure CLI
+        #
+        # Typically used when you want to rely upon `az login` as your preferred authentication method.
+        else
+          warn("Using tenant id set through `az login`.")
+          ::MsRestAzure::AzureCliTokenProvider.new(ad_settings)
         end
       end
 

data/lib/kitchen/driver/azurerm.rb

@@ -1,21 +1,27 @@
 require "kitchen"
+
+autoload :MsRestAzure, "ms_rest_azure"
 require_relative "azure_credentials"
 require "securerandom" unless defined?(SecureRandom)
-require "azure_mgmt_resources"
-require "azure_mgmt_network"
+module Azure
+  autoload :Resources, "azure_mgmt_resources"
+  autoload :Network, "azure_mgmt_network"
+end
 require "base64" unless defined?(Base64)
-require "sshkey"
+autoload :SSHKey, "sshkey"
 require "fileutils" unless defined?(FileUtils)
 require "erb" unless defined?(Erb)
 require "ostruct" unless defined?(OpenStruct)
 require "json" unless defined?(JSON)
-require "faraday" unless defined?(Faraday)
+autoload :Faraday, "faraday"
 
 module Kitchen
   module Driver
     #
     # Azurerm
+    # Create a new resource group object and set the location and tags attributes then return it.
     #
+    # @return [::Azure::Resources::Profiles::Latest::Mgmt::Models::ResourceGroup] A new resource group object.
     class Azurerm < Kitchen::Driver::Base
       attr_accessor :resource_management_client
       attr_accessor :network_management_client
@@ -202,10 +208,18 @@ module Kitchen
         ENV["AZURE_SUBSCRIPTION_ID"]
       end
 
+      default_config(:public_ip_sku) do |_config|
+        "Basic"
+      end
+
       default_config(:azure_api_retries) do |_config|
         5
       end
 
+      default_config(:use_fqdn_hostname) do |_config|
+        false
+      end
+
       def create(state)
         state = validate_state(state)
         deployment_parameters = {
@@ -214,7 +228,7 @@ module Kitchen
           storageAccountType: config[:storage_account_type],
           bootDiagnosticsEnabled: config[:boot_diagnostics_enabled],
           newStorageAccountName: "storage#{state[:uuid]}",
-          adminUsername: state[:username],
+          adminUsername: config[:username],
           dnsNameForPublicIP: "kitchen-#{state[:uuid]}",
           vmName: state[:vm_name],
           systemAssignedIdentity: config[:system_assigned_identity],
@@ -225,7 +239,13 @@ module Kitchen
         }
 
         if instance.transport[:ssh_key].nil?
-          deployment_parameters["adminPassword"] = state[:password]
+          deployment_parameters[:adminPassword] = config[:password]
+        end
+
+        deployment_parameters[:publicIPSKU] = config[:public_ip_sku]
+
+        if config[:public_ip_sku] == "Standard"
+          deployment_parameters[:publicIPAddressType] = "Static"
         end
 
         if config[:subscription_id].to_s == ""
@@ -301,6 +321,9 @@ module Kitchen
           info "Creating deployment: #{deployment_name}"
           create_deployment_async(state[:azure_resource_group_name], deployment_name, deployment(deployment_parameters)).value!
           follow_deployment_until_end_state(state[:azure_resource_group_name], deployment_name)
+          state[:username] = deployment_parameters[:adminUsername] unless existing_state_value?(state, :username)
+          state[:password] = deployment_parameters[:adminPassword] unless existing_state_value?(state, :password) && instance.transport[:ssh_key].nil?
+
           if File.file?(config[:post_deployment_template])
             post_deployment_name = "post-deploy-#{state[:uuid]}"
             info "Creating deployment: #{post_deployment_name}"
@@ -326,6 +349,10 @@ module Kitchen
           result = get_public_ip(state[:azure_resource_group_name], "publicip")
           info "IP Address is: #{result.ip_address} [#{result.dns_settings.fqdn}]"
           state[:hostname] = result.ip_address
+          if config[:use_fqdn_hostname]
+            info "Using FQDN to communicate instead of IP"
+            state[:hostname] = result.dns_settings.fqdn
+          end
         else
           # Retrieve the internal IP from the resource group:
           result = get_network_interface(state[:azure_resource_group_name], vmnic.to_s)
@@ -334,15 +361,24 @@ module Kitchen
         end
       end
 
+      # Return a True of False if the state is already stored for a particular property.
+      #
+      # @param [Hash] Hash of existing state values.
+      # @param [String] A property to check
+      # @return [Boolean]
       def existing_state_value?(state, property)
         state.key?(property) && !state[property].nil?
       end
 
+      # Leverage existing state values or bring state into existence from a configuration file.
+      #
+      # @param [Hash] Existing Hash of state values.
+      # @return [Hash] Updated Hash of state values.
       def validate_state(state = {})
         state[:uuid] = SecureRandom.hex(8) unless existing_state_value?(state, :uuid)
         state[:server_id] = "vm#{state[:uuid]}" unless existing_state_value?(state, :server_id)
         state[:azure_resource_group_name] = azure_resource_group_name unless existing_state_value?(state, :azure_resource_group_name)
-        %i{subscription_id username password vm_name azure_environment use_managed_disks}.each do |config_element|
+        %i{subscription_id vm_name azure_environment use_managed_disks}.each do |config_element|
           state[config_element] = config[config_element] unless existing_state_value?(state, config_element)
         end
         state.delete(:password) unless instance.transport[:ssh_key].nil?
@@ -523,11 +559,38 @@ module Kitchen
       end
 
       def destroy(state)
-        return if state[:server_id].nil?
+        # TODO: We have some not so fun state issues we need to clean up
+        state[:azure_environment] = config[:azure_environment] unless state[:azure_environment]
+        state[:subscription_id] = config[:subscription_id] unless state[:subscription_id]
 
+        # Setup our authentication components for the SDK
         options = Kitchen::Driver::AzureCredentials.new(subscription_id: state[:subscription_id],
-                                                        environment: state[:azure_environment]).azure_options
+          environment: state[:azure_environment]).azure_options
         @resource_management_client = ::Azure::Resources::Profiles::Latest::Mgmt::Client.new(options)
+
+        # If we don't have any instances, let's check to see if the user wants to delete a resource group and if so let's delete!
+        if state[:server_id].nil? && state[:azure_resource_group_name].nil? && !config[:explicit_resource_group_name].nil? && config[:destroy_explicit_resource_group]
+          if resource_group_exists?(config[:explicit_resource_group_name])
+            info "This instance doesn't exist but you asked to delete the resource group."
+            begin
+              info "Destroying Resource Group: #{config[:explicit_resource_group_name]}"
+              delete_resource_group_async(config[:explicit_resource_group_name])
+              info "Destroy operation accepted and will continue in the background."
+              return
+            rescue ::MsRestAzure::AzureOperationError => operation_error
+              error operation_error.body
+              raise operation_error
+            end
+          end
+        end
+
+        # Our working environment
+        info "Azure environment: #{state[:azure_environment]}"
+
+        # Skip if we don't have any instances
+        return if state[:server_id].nil?
+
+        # Destroy resource group contents
         if config[:destroy_resource_group_contents] == true
           info "Destroying individual resources within the Resource Group."
           empty_deployment_name = "empty-deploy-#{state[:uuid]}"
@@ -536,32 +599,20 @@ module Kitchen
             create_deployment_async(state[:azure_resource_group_name], empty_deployment_name, empty_deployment).value!
             follow_deployment_until_end_state(state[:azure_resource_group_name], empty_deployment_name)
 
-            # Maintain tags on the resource group
-            if config[:destroy_explicit_resource_group_tags] == false
-              warn 'The "destroy_explicit_resource_group_tags" setting value is set to "false". The tags on the resource group will NOT be removed.'
-              # NOTE: We are using the internal wrapper function create_resource_group() which wraps the API
-              # method of create_or_update().
-              begin
-                create_resource_group(state[:azure_resource_group_name], get_resource_group)
-              rescue ::MsRestAzure::AzureOperationError => operation_error
-                error operation_error.body
-                raise operation_error
-              end
-            end
-
-            # Corner case where we want to use kitchen to remove the tags
-            if config[:destroy_explicit_resource_group_tags] == true
-              warn 'The "destroy_explicit_resource_group_tags" setting value is set to "true". The tags on the resource group will be removed.'
-              # NOTE: We are using the internal wrapper function create_resource_group() which wraps the API
-              # method of create_or_update().
+            # NOTE: We are using the internal wrapper function create_resource_group() which wraps the API
+            # method of create_or_update()
+            begin
+              # Maintain tags on the resource group
+              create_resource_group(state[:azure_resource_group_name], get_resource_group) unless config[:destroy_explicit_resource_group_tags] == true
+              warn 'The "destroy_explicit_resource_group_tags" setting value is set to "false". The tags on the resource group will NOT be removed.' unless config[:destroy_explicit_resource_group_tags] == true
+              # Corner case where we want to use kitchen to remove the tags
               resource_group = get_resource_group
               resource_group.tags = {}
-              begin
-                create_resource_group(state[:azure_resource_group_name], resource_group)
-              rescue ::MsRestAzure::AzureOperationError => operation_error
-                error operation_error.body
-                raise operation_error
-              end
+              create_resource_group(state[:azure_resource_group_name], resource_group) unless config[:destroy_explicit_resource_group_tags] == false
+              warn 'The "destroy_explicit_resource_group_tags" setting value is set to "true". The tags on the resource group will be removed.' unless config[:destroy_explicit_resource_group_tags] == false
+            rescue ::MsRestAzure::AzureOperationError => operation_error
+              error operation_error.body
+              raise operation_error
             end
 
           rescue ::MsRestAzure::AzureOperationError => operation_error
@@ -569,20 +620,27 @@ module Kitchen
             raise operation_error
           end
         end
+
+        # Do not remove the explicitly named resource group
         if config[:destroy_explicit_resource_group] == false && !config[:explicit_resource_group_name].nil?
           warn 'The "destroy_explicit_resource_group" setting value is set to "false". The resource group will not be deleted.'
           warn 'Remember to manually destroy resources, or set "destroy_resource_group_contents: true" to save costs!' unless config[:destroy_resource_group_contents] == true
-          return
+          return state
         end
-        info "Azure environment: #{state[:azure_environment]}"
+
+        # Destroy the world
         begin
           info "Destroying Resource Group: #{state[:azure_resource_group_name]}"
           delete_resource_group_async(state[:azure_resource_group_name])
           info "Destroy operation accepted and will continue in the background."
+          # Remove resource group name from driver state
+          state.delete(:azure_resource_group_name)
         rescue ::MsRestAzure::AzureOperationError => operation_error
           error operation_error.body
           raise operation_error
         end
+
+        # Clear state of components
         state.delete(:server_id)
         state.delete(:hostname)
         state.delete(:username)
@@ -679,10 +737,10 @@ module Kitchen
 
       def virtual_machine_deployment_template
         if config[:vnet_id] == ""
-          virtual_machine_deployment_template_file("public.erb", vm_tags: vm_tag_string(config[:vm_tags]), use_managed_disks: config[:use_managed_disks], image_url: config[:image_url], existing_storage_account_blob_url: config[:existing_storage_account_blob_url], image_id: config[:image_id], existing_storage_account_container: config[:existing_storage_account_container], custom_data: config[:custom_data], os_disk_size_gb: config[:os_disk_size_gb], data_disks_for_vm_json: data_disks_for_vm_json, use_ephemeral_osdisk: config[:use_ephemeral_osdisk], ssh_key: instance.transport[:ssh_key], plan_json: plan_json)
+          virtual_machine_deployment_template_file("public.erb", vm_tags: vm_tag_string(config[:vm_tags]), use_managed_disks: config[:use_managed_disks], image_url: config[:image_url], storage_account_type: config[:storage_account_type], existing_storage_account_blob_url: config[:existing_storage_account_blob_url], image_id: config[:image_id], existing_storage_account_container: config[:existing_storage_account_container], custom_data: config[:custom_data], os_disk_size_gb: config[:os_disk_size_gb], data_disks_for_vm_json: data_disks_for_vm_json, use_ephemeral_osdisk: config[:use_ephemeral_osdisk], ssh_key: instance.transport[:ssh_key], plan_json: plan_json)
         else
           info "Using custom vnet: #{config[:vnet_id]}"
-          virtual_machine_deployment_template_file("internal.erb", vnet_id: config[:vnet_id], subnet_id: config[:subnet_id], public_ip: config[:public_ip], vm_tags: vm_tag_string(config[:vm_tags]), use_managed_disks: config[:use_managed_disks], image_url: config[:image_url], existing_storage_account_blob_url: config[:existing_storage_account_blob_url], image_id: config[:image_id], existing_storage_account_container: config[:existing_storage_account_container], custom_data: config[:custom_data], os_disk_size_gb: config[:os_disk_size_gb], data_disks_for_vm_json: data_disks_for_vm_json, use_ephemeral_osdisk: config[:use_ephemeral_osdisk], ssh_key: instance.transport[:ssh_key], plan_json: plan_json)
+          virtual_machine_deployment_template_file("internal.erb", vnet_id: config[:vnet_id], subnet_id: config[:subnet_id], public_ip: config[:public_ip], vm_tags: vm_tag_string(config[:vm_tags]), use_managed_disks: config[:use_managed_disks], image_url: config[:image_url], storage_account_type: config[:storage_account_type], existing_storage_account_blob_url: config[:existing_storage_account_blob_url], image_id: config[:image_id], existing_storage_account_container: config[:existing_storage_account_container], custom_data: config[:custom_data], os_disk_size_gb: config[:os_disk_size_gb], data_disks_for_vm_json: data_disks_for_vm_json, use_ephemeral_osdisk: config[:use_ephemeral_osdisk], ssh_key: instance.transport[:ssh_key], public_ip_sku: config[:public_ip_sku], plan_json: plan_json)
         end
       end
 
@@ -746,6 +804,26 @@ module Kitchen
         resource_group
       end
 
+      # Checks whether a resource group exists.
+      #
+      # @param resource_group_name [String] The name of the resource group to check.
+      # The name is case insensitive.
+      #
+      # @return [Boolean] operation results.
+      #
+      def resource_group_exists?(resource_group_name)
+        retries = config[:azure_api_retries]
+        begin
+          resource_management_client.resource_groups.check_existence(resource_group_name)
+        rescue Faraday::TimeoutError, Faraday::ClientError => exception
+          send_exception_message(exception, "while checking if resource group '#{resource_group_name}' exists. #{retries} retries left.")
+          raise if retries == 0
+
+          retries -= 1
+          retry
+        end
+      end
+
       def create_resource_group(resource_group_name, resource_group)
         retries = config[:azure_api_retries]
         begin

data/templates/internal.erb

@@ -40,6 +40,22 @@
                 "description": "Unique DNS Name for the Public IP used to access the Virtual Machine."
             }
         },
+        <%- if public_ip_sku %>
+        "publicIPSKU": {
+            "type": "string",
+            "defaultValue": "Standard",
+            "metadata": {
+                "description": "SKU name for the Public IP used to access the Virtual Machine."
+            }
+        },
+        "publicIPAddressType": {
+            "type": "string",
+            "defaultValue": "Dynamic",
+            "metadata": {
+                "description": "SKU name for the Public IP used to access the Virtual Machine."
+            }
+        },
+        <%- end %>
         <%- unless os_disk_size_gb.to_s.empty?  -%>
         "osDiskSizeGb": {
             "type": "int",
@@ -165,7 +181,7 @@
         },
         "storageAccountType": {
             "type": "string",
-            "defaultValue": "Standard_LRS",
+            "defaultValue": "<%= storage_account_type %>",
             "metadata": {
                 "description": "The type of storage to use (e.g. Standard_LRS or Premium_LRS)."
             }
@@ -201,7 +217,6 @@
         "subnetPrefix": "10.0.0.0/24",
         "storageAccountType": "[parameters('storageAccountType')]",
         "publicIPAddressName": "publicip",
-        "publicIPAddressType": "Dynamic",
         "vmStorageAccountContainerName": "vhds",
         "vmName": "[parameters('vmName')]",
         "vmSize": "[parameters('vmSize')]",
@@ -242,12 +257,15 @@
         <%- end -%>
         <%- if public_ip -%>
         {
-            "apiVersion": "2015-05-01-preview",
+            "apiVersion": "2017-08-01",
             "type": "Microsoft.Network/publicIPAddresses",
             "name": "[variables('publicIPAddressName')]",
             "location": "[variables('location')]",
+	    "sku": {
+	    	"name": "[parameters('publicIPSKU')]"
+	    },
             "properties": {
-                "publicIPAllocationMethod": "[variables('publicIPAddressType')]",
+                "publicIPAllocationMethod": "[parameters('publicIPAddressType')]",
                 "dnsSettings": {
                     "domainNameLabel": "[parameters('dnsNameForPublicIP')]"
                 }
@@ -343,12 +361,12 @@
                     },
                     <%- end -%>
                     <%- if use_ephemeral_osdisk -%>
-                    "osDisk": { 
-                        "diffDiskSettings": { 
-                             "option": "Local" 
-                        }, 
-                        "caching": "ReadOnly", 
-                        "createOption": "FromImage" 
+                    "osDisk": {
+                        "diffDiskSettings": {
+                             "option": "Local"
+                        },
+                        "caching": "ReadOnly",
+                        "createOption": "FromImage"
                     }
                     <%- elsif use_managed_disks -%>
                     "osDisk": {
@@ -356,6 +374,9 @@
                         <%- unless os_disk_size_gb.to_s.empty? -%>
                         "diskSizeGB": "[parameters('osDiskSizeGB')]",
                         <%- end -%>
+                        "managedDisk": {
+                            "storageAccountType": "[parameters('storageAccountType')]"
+                        },
                         "createOption": "FromImage"
                     }
                     <%- else -%>

data/templates/public.erb

@@ -165,7 +165,7 @@
         },
         "storageAccountType": {
             "type": "string",
-            "defaultValue": "Standard_LRS",
+            "defaultValue": "<%= storage_account_type %>",
             "metadata": {
                 "description": "The type of storage to use (e.g. Standard_LRS or Premium_LRS)."
             }
@@ -375,6 +375,9 @@
                         <%- unless os_disk_size_gb.to_s.empty? -%>
                         "diskSizeGB": "[parameters('osDiskSizeGB')]",
                         <%- end -%>
+                        "managedDisk": {
+                            "storageAccountType": "[parameters('storageAccountType')]"
+                        },
                         "createOption": "FromImage"
                     }
                     <%- else -%>

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kitchen-azurerm
 version: !ruby/object:Gem::Version
-  version: 1.2.0
+  version: 1.5.2
 platform: ruby
 authors:
 - Stuart Preston
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-08-20 00:00:00.000000000 Z
+date: 2021-02-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: azure_mgmt_network
@@ -110,90 +110,6 @@ dependencies:
     - - "<"
       - !ruby/object:Gem::Version
         version: '3.0'
-- !ruby/object:Gem::Dependency
-  name: rake
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '11.0'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: '11.0'
-- !ruby/object:Gem::Dependency
-  name: chefstyle
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.2.1
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - '='
-      - !ruby/object:Gem::Version
-        version: 1.2.1
-- !ruby/object:Gem::Dependency
-  name: rspec
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-- !ruby/object:Gem::Dependency
-  name: rspec-mocks
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-- !ruby/object:Gem::Dependency
-  name: rspec-expectations
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: '3.5'
-- !ruby/object:Gem::Dependency
-  name: rspec-its
-  requirement: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.3.0
-  type: :development
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    requirements:
-    - - "~>"
-      - !ruby/object:Gem::Version
-        version: 1.3.0
 description: Test Kitchen driver for the Microsoft Azure Resource Manager (ARM) API
 email:
 - stuart@chef.io
@@ -220,14 +136,14 @@ required_ruby_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
-      version: '0'
+      version: '2.5'
 required_rubygems_version: !ruby/object:Gem::Requirement
   requirements:
   - - ">="
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubygems_version: 3.1.2
+rubygems_version: 3.1.4
 signing_key:
 specification_version: 4
 summary: Test Kitchen driver for Azure Resource Manager.