kitchen-azurerm 1.0.0 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 1bddd20bd82c0fb19e06a74cd69a93e1ee640eb07f791253fe9a15851f1b6130
-  data.tar.gz: ed27bd9192b4ec9ebc0b4e57f1ec0dbe4bf846b0d92364e0b61ec4e74f2e1331
+  metadata.gz: c53c5b50e83af16c56722ecbc2baa30b5a28621cc17f4edde82a59b22420812f
+  data.tar.gz: cd39338fdf0d29d39780e93b6a9fc8c27cd955daf59b6fc79f3be56801c7d891
 SHA512:
-  metadata.gz: 69f357bfd30b8c5b53cde84ce691f2193a2d00fb0baa133d6150d85b6d4f0ee40525bdac780cac9cb66a241ce2be59ad3e73aec78c01b451da3a80cd0d50e13e
-  data.tar.gz: aa96b2f9d5a80515971e46999614224a2b674be6789255eb59b10980636a8f17c8535fab61dd738e13571224a21fe3847dd08313c23a058a09ac853473824257
+  metadata.gz: d62cae11a2fa2a679657fc9c81e6b03547802cd7773f6b801b644388beb09b6fe44de2f0d5f2e9a1601cf3eee92b7a2d86e1f29e7dd86b09e3e6445fdceaebd5
+  data.tar.gz: 8bbccc8d27fef365420257f9a11d89cd8b326cf6e60c97e737c1fe304b14f28ee543793c314e9e638096b606c6ccc64986e7d4db94345d53463981b84eadc931

data/README.md

@@ -10,15 +10,34 @@ This version has been tested on Windows, macOS, and Ubuntu. If you encounter a p
 
 ### Installation
 
-This plugin is distributed as a [Ruby Gem](https://rubygems.org/gems/kitchen-azurerm). To install it, run:
+This plugin ships in Chef Workstation out of the box so there is no need to install it when using Chef Workstation[https://downloads.chef.io/products/workstation].
 
-```$ gem install kitchen-azurerm```
+If you're not using Chef Workstation and need to install the plugin as a gem run:
 
-Note if you are running the ChefDK you may need to prefix the command with chef, i.e. ```$ chef gem install kitchen-azurerm```
+```$ gem install kitchen-azurerm```
 
 ### Configuration
 
-For the driver to interact with the Microsoft Azure Resource management REST API, a Service Principal needs to be configured with Contributor rights against the specific subscription being targeted. Using an Organizational (AAD) account and related password is no longer supported. To create a Service Principal and apply the correct permissions, you will need to [create and authenticate a service principal](https://azure.microsoft.com/en-us/documentation/articles/resource-group-authenticate-service-principal/#authenticate-service-principal-with-password---azure-cli) using the [Azure CLI](https://azure.microsoft.com/en-us/documentation/articles/xplat-cli-install/). Make sure you stay within the section titled 'Authenticate service principal with password - Azure CLI'.
+For the driver to interact with the Microsoft Azure Resource management REST API, a Service Principal needs to be configured with Contributor rights against the specific subscription being targeted. Using an Organizational (AAD) account and related password is no longer supported. To create a Service Principal and apply the correct permissions, you will need to [create an Azure service principal with the Azure CLI](https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli?view=azure-cli-latest#create-a-service-principal) using the [Azure CLI](https://azure.microsoft.com/en-us/documentation/articles/xplat-cli-install/). Make sure you stay within the section titled 'Authenticate service principal with password - Azure CLI'.
+
+If the above is TLDR then try this after `az login` using your target subscription ID and the desired SP name:
+
+```bash
+# Create a Service Principal using the desired subscription id from the command above
+az ad sp create-for-rbac --name="kitchen-azurerm" --role="Contributor" --scopes="/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+
+#Output
+#
+#{
+#  "appId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",    <- Also known as the Client ID
+#  "displayName": "azure-cli-2018-12-12-14-15-39",
+#  "name": "http://azure-cli-2018-12-12-14-15-39",
+#  "password": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
+#  "tenant": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
+#}
+```
+
+NOTE: Don't forget to save the values from the output -- most importantly the `password`.
 
 You will also need to ensure you have an active Azure subscription (you can get started [for free](https://azure.microsoft.com/en-us/free/) or use your [MSDN Subscription](https://azure.microsoft.com/en-us/pricing/member-offers/msdn-benefits/)).
 
@@ -32,22 +51,31 @@ You are now ready to configure kitchen-azurerm to use the credentials from the s
 Using a text editor, open or create the file ```~/.azure/credentials``` and add the following section, noting there is one section per Subscription ID. **Make sure you save the file with UTF-8 encoding**
 
 ```ruby
-[abcd1234-YOUR-SUBSCRIPTION-ID-HERE-abcdef123456]
-client_id = "48b9bba3-YOUR-GUID-HERE-90f0b68ce8ba"
+[ADD-YOUR-AZURE-SUBSCRIPTION-ID-HERE-IN-SQUARE-BRACKET]
+client_id = "your-azure-client-id-here"
 client_secret = "your-client-secret-here"
-tenant_id = "9c117323-YOUR-GUID-HERE-9ee430723ba3"
+tenant_id = "your-azure-tenant-id-here"
 ```
 
 If preferred, you may also set the following environment variables, however this would be incompatible with supporting multiple Azure subscriptions.
 
 ```ruby
-AZURE_CLIENT_ID="48b9bba3-YOUR-GUID-HERE-90f0b68ce8ba"
+AZURE_CLIENT_ID="your-azure-client-id-here"
 AZURE_CLIENT_SECRET="your-client-secret-here"
-AZURE_TENANT_ID="9c117323-YOUR-GUID-HERE-9ee430723ba3"
+AZURE_TENANT_ID="your-azure-tenant-id-here"
 ```
 
 Note that the environment variables, if set, take preference over the values in a configuration file.
 
+After adjusting your ```~/.azure/credentials``` file you will need to adjust your ```kitchen.yml``` file to leverage the azurerm driver. Use the following examples to achieve this, then check your configuration with standard kitchen commands. For example,
+
+```bash
+% kitchen list
+Instance            Driver   Provisioner  Verifier  Transport  Last Action    Last Error
+wsus-windows-2019   Azurerm  ChefZero     Inspec    Winrm      <Not Created>  <None>
+wsus-windows-2016   Azurerm  ChefZero     Inspec    Winrm      <Not Created>  <None>
+```
+
 ### .kitchen.yml example 1 - Linux/Ubuntu
 
 Here's an example ```.kitchen.yml``` file that provisions an Ubuntu Server, using Chef Zero as the provisioner and SSH as the transport. Note that if the key does not exist at the specified location, it will be created. Also note that if ```ssh_key``` is supplied, Test Kitchen will use this in preference to any default/configured passwords that are supplied.
@@ -56,7 +84,7 @@ Here's an example ```.kitchen.yml``` file that provisions an Ubuntu Server, usin
 ---
 driver:
   name: azurerm
-  subscription_id: '4801fa9d-YOUR-GUID-HERE-b265ff49ce21'
+  subscription_id: 'your-azure-subscription-id-here'
   location: 'West Europe'
   machine_size: 'Standard_D1'
 
@@ -71,9 +99,6 @@ platforms:
     driver:
       image_urn: Canonical:UbuntuServer:14.04.4-LTS:latest
       vm_name: trusty-vm
-      vm_tags:
-        ostype: linux
-        distro: ubuntu
 
 suites:
   - name: default
@@ -98,7 +123,7 @@ Here's a further example ```.kitchen.yml``` file that will provision a Windows S
 ---
 driver:
   name: azurerm
-  subscription_id: '4801fa9d-YOUR-GUID-HERE-b265ff49ce21'
+  subscription_id: 'your-subscription-id-here'
   location: 'West Europe'
   machine_size: 'Standard_DS2_v2'
 
@@ -113,6 +138,9 @@ platforms:
       resource_group_tags:
         project: 'My Cool Project'
         contact: 'me@somewhere.com'
+      vm_tags:
+        my_tag: its value
+        another_tag: its awesome value
     transport:
       name: winrm
 suites:
@@ -134,7 +162,7 @@ These resources will be created in the same Azure Resource Group as the VM under
 ---
 driver:
   name: azurerm
-  subscription_id: '4801fa9d-YOUR-GUID-HERE-b265ff49ce21'
+  subscription_id: 'your-azure-subscription-id-here'
   location: 'West Europe'
   machine_size: 'Standard_D1'
   pre_deployment_template: predeploy.json
@@ -207,7 +235,7 @@ In this case, the public IP address is not used unless ```public_ip``` is set to
 ---
 driver:
   name: azurerm
-  subscription_id: '4801fa9d-YOUR-GUID-HERE-b265ff49ce21'
+  subscription_id: 'your-azure-subscription-id-here'
   location: 'West Europe'
   machine_size: 'Standard_D1'
 
@@ -241,7 +269,7 @@ Note: The image must be available first. On deletion the disk and everything is
 ---
 driver:
   name: azurerm
-  subscription_id: '4801fa9d-YOUR-GUID-HERE-b265ff49ce21'
+  subscription_id: 'your-azure-subscription-id-here'
   location: 'West Europe'
   machine_size: 'Standard_D1'
 
@@ -282,7 +310,7 @@ This example will:
 ---
 driver:
   name: azurerm
-  subscription_id: '4801fa9d-YOUR-GUID-HERE-b265ff49ce21'
+  subscription_id: 'your-azure-subscription-id-here'
   location: 'West Europe'
   machine_size: 'Standard_D1'
 
@@ -319,7 +347,7 @@ Note: Custom data can be custom data or a file to custom data. Please also note
 ---
 driver:
   name: azurerm
-  subscription_id: '4801fa9d-YOUR-GUID-HERE-b265ff49ce21'
+  subscription_id: 'your-azure-subscription-id-here'
   location: 'West Europe'
   machine_size: 'Standard_D1'
 
@@ -364,7 +392,7 @@ Note the availability of a `format_data_disks` option (default: `false`). When s
 ---
 driver:
   name: azurerm
-  subscription_id: '4801fa9d-YOUR-GUID-HERE-b265ff49ce21'
+  subscription_id: 'your-azure-subscription-id-here'
   location: 'West Europe'
   machine_size: 'Standard_F2s'
 
@@ -403,7 +431,7 @@ These resources will be created in the same Azure Resource Group as the VM under
 ---
 driver:
   name: azurerm
-  subscription_id: '4801fa9d-YOUR-GUID-HERE-b265ff49ce21'
+  subscription_id: 'your-azure-subscription-id-here'
   location: 'West Europe'
   machine_size: 'Standard_D1'
   post_deployment_template: postdeploy.json
@@ -488,7 +516,7 @@ See the [Managed identities for Azure resources](https://docs.microsoft.com/en-u
 ---
 driver:
   name: azurerm
-  subscription_id: '4801fa9d-YOUR-GUID-HERE-b265ff49ce21'
+  subscription_id: 'your-azure-subscription-id-here'
   location: 'West Europe'
   machine_size: 'Standard_D1'
 
@@ -521,7 +549,7 @@ This following example introduces ```secret_url```, ```vault_name```, and ```vau
 ---
 driver:
   name: azurerm
-  subscription_id: '4801fa9d-YOUR-GUID-HERE-b265ff49ce21'
+  subscription_id: 'your-azure-subscription-id-here'
   location: 'CentralUS'
   machine_size: 'Standard_D2s_v3'
   secret_url: 'https://YOUR-SECRET-PATH'
@@ -556,7 +584,7 @@ Note that the ```use_managed_disks``` option should be set to false until suppor
 ---
 driver:
   name: azurerm
-  subscription_id: 'abcdabcd-YOUR-GUID-HERE-abcdabcdabcd'
+  subscription_id: 'your-azure-subscription-id-here'
   azure_environment: 'AzureUSGovernment'
   location: 'US Gov Iowa'
   machine_size: 'Standard_D2_v2_Promo'
@@ -616,9 +644,9 @@ data:    Canonical  UbuntuServer  15.10-DAILY        15.10.201509220  westeurope
 info:    vm image list command OK
 ```
 
-### Additional parameters that can be specified
+### Additional parameters that can be specified in your `kitchen.yml` or added to your personal `kitchen.local.yml`
 
-* Note that the ```driver``` section can also takes a ```username``` and ```password```. The default username is "azure" and the password is a randomly generated 12 character password that can be found in your local kitchen state file (typically .kitchen/<instance-name>.yml) if you require it for any reason.
+* Note that the ```driver``` section can also take explicit values for ```username``` and ```password```. Otherwise, the default username is "azure" and the password is a randomly generated 24 character password that can be found in your local kitchen state file (typically `.kitchen/<instance-name>.yml`) if you require it for any reason.
 
 * The ```storage_account_type``` parameter defaults to 'Standard_LRS' and allows you to switch to premium storage (e.g. 'Premium_LRS')
 

data/lib/kitchen/driver/azurerm.rb

@@ -75,7 +75,7 @@ module Kitchen
       end
 
       default_config(:password) do |_config|
-        SecureRandom.base64(12)
+        SecureRandom.base64(25)
       end
 
       default_config(:vm_name) do |_config|
@@ -225,7 +225,7 @@ module Kitchen
         end
 
         if config[:subscription_id].to_s == ""
-          raise "A subscription_id config value was not detected and kitchen-azurerm cannot continue. Please check your .kitchen.yml configuration. Exiting."
+          raise "A subscription_id config value was not detected and kitchen-azurerm cannot continue. Please check your kitchen.yml configuration. Exiting."
         end
 
         if config[:nic_name].to_s == ""

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kitchen-azurerm
 version: !ruby/object:Gem::Version
-  version: 1.0.0
+  version: 1.1.0
 platform: ruby
 authors:
 - Stuart Preston
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2020-05-06 00:00:00.000000000 Z
+date: 2020-08-20 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: azure_mgmt_network
@@ -212,7 +212,7 @@ homepage: https://github.com/test-kitchen/kitchen-azurerm
 licenses:
 - Apache-2.0
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -228,7 +228,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubygems_version: 3.1.2
-signing_key: 
+signing_key:
 specification_version: 4
 summary: Test Kitchen driver for Azure Resource Manager.
 test_files: []