kitchen-azurerm 1.7.0 → 1.8.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 7404e656bab5c7777e84ae8c0cf873f184f85816e5ae493162e9efde8b7c14a7
4
- data.tar.gz: a13f4a2acf910bd3737f2ffb8dcfaabcf965ad4616829ae8a58e8ff2c31fdc90
3
+ metadata.gz: 3b15b8e19fac4c6f6bf58cc6d346f9a9c31c8faf11d95465f4c54e2472f0c8cd
4
+ data.tar.gz: 6373c26bd5e70bc53ffc03f90743ea2da8aa4d145ba3b2841c6bf510dfb25de3
5
5
  SHA512:
6
- metadata.gz: 96ec69213c88bb54f4a5347f59d54f4af8b7562c46d313f35c508ec2cf9311d9653c3cb6e70561d86e69d9788b6c980a469b51ba5acdbb62f0352ea3e480e029
7
- data.tar.gz: d9a062a0806e63f05f0ffc072f26cbe4b0dac659a4d6331e488c3d47a6a47b1a450d1728530935c99c27ebe62141de9be704ddf155f3b7c84fbca78041931842
6
+ metadata.gz: 4c30c971dc9a1b1e285f5d7413f8ea39f81261d694e7723ef503156bb7395682407016d0966e38392c06f7981c55011ad57ea289a1219fe1f1da5a12d35e7e48
7
+ data.tar.gz: 2da6c5540a4651423f09d49a0172d30d5529b6e3605e1a3035352d4d73904cda94106512d0593646a92a480bb3e6d48ab08494009bc8667f35200d030b08df82
@@ -58,7 +58,7 @@
58
58
  "osDiskSizeGb": {
59
59
  "type": "int",
60
60
  "minValue": 1,
61
- "maxValue": 1023,
61
+ "maxValue": 2048,
62
62
  "metadata": {
63
63
  "description": "Size of the OS disks in GB."
64
64
  }
data/templates/public.erb CHANGED
@@ -44,7 +44,7 @@
44
44
  "osDiskSizeGb": {
45
45
  "type": "int",
46
46
  "minValue": 1,
47
- "maxValue": 1023,
47
+ "maxValue": 2048,
48
48
  "metadata": {
49
49
  "description": "Size of the OS disks in GB."
50
50
  }
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: kitchen-azurerm
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.7.0
4
+ version: 1.8.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Stuart Preston
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2021-07-02 00:00:00.000000000 Z
11
+ date: 2021-08-27 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: azure_mgmt_network
@@ -118,7 +118,6 @@ extensions: []
118
118
  extra_rdoc_files: []
119
119
  files:
120
120
  - LICENSE
121
- - README.md
122
121
  - lib/kitchen/driver/azure_credentials.rb
123
122
  - lib/kitchen/driver/azurerm.rb
124
123
  - templates/empty.erb
@@ -143,7 +142,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
143
142
  - !ruby/object:Gem::Version
144
143
  version: '0'
145
144
  requirements: []
146
- rubygems_version: 3.2.15
145
+ rubygems_version: 3.2.22
147
146
  signing_key:
148
147
  specification_version: 4
149
148
  summary: Test Kitchen driver for Azure Resource Manager.
data/README.md DELETED
@@ -1,959 +0,0 @@
1
- # kitchen-azurerm
2
-
3
- [![Gem Version](https://badge.fury.io/rb/kitchen-azurerm.svg)](https://badge.fury.io/rb/kitchen-azurerm)
4
- ![CI](https://github.com/test-kitchen/kitchen-azurerm/workflows/CI/badge.svg?branch=master)
5
-
6
- **kitchen-azurerm** is a driver for the popular test harness [Test Kitchen](http://kitchen.ci) that allows Microsoft Azure resources to be provisioned before testing. This driver uses the new Microsoft Azure Resource Management REST API via the [azure-sdk-for-ruby](https://github.com/azure/azure-sdk-for-ruby).
7
-
8
- This version has been tested on Windows, macOS, and Ubuntu. If you encounter a problem on your platform, please raise an issue.
9
-
10
- ## Quick-start
11
-
12
- ### Installation
13
-
14
- This plugin ships in Chef Workstation out of the box so there is no need to install it when using Chef Workstation[https://downloads.chef.io/products/workstation].
15
-
16
- If you're not using Chef Workstation and need to install the plugin as a gem run:
17
-
18
- ```$ gem install kitchen-azurerm```
19
-
20
- ### Configuration
21
-
22
- For the driver to interact with the Microsoft Azure Resource management REST API, a Service Principal needs to be configured with Contributor rights against the specific subscription being targeted. Using an Organizational (AAD) account and related password is no longer supported. To create a Service Principal and apply the correct permissions, you will need to [create an Azure service principal with the Azure CLI](https://docs.microsoft.com/en-us/cli/azure/create-an-azure-service-principal-azure-cli?view=azure-cli-latest#create-a-service-principal) using the [Azure CLI](https://azure.microsoft.com/en-us/documentation/articles/xplat-cli-install/). Make sure you stay within the section titled 'Authenticate service principal with password - Azure CLI'.
23
-
24
- If the above is TLDR then try this after `az login` using your target subscription ID and the desired SP name:
25
-
26
- ```bash
27
- # Create a Service Principal using the desired subscription id from the command above
28
- az ad sp create-for-rbac --name="kitchen-azurerm" --role="Contributor" --scopes="/subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
29
-
30
- #Output
31
- #
32
- #{
33
- # "appId": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx", <- Also known as the Client ID
34
- # "displayName": "azure-cli-2018-12-12-14-15-39",
35
- # "name": "http://azure-cli-2018-12-12-14-15-39",
36
- # "password": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx",
37
- # "tenant": "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
38
- #}
39
- ```
40
-
41
- NOTE: Don't forget to save the values from the output -- most importantly the `password`.
42
-
43
- You will also need to ensure you have an active Azure subscription (you can get started [for free](https://azure.microsoft.com/en-us/free/) or use your [MSDN Subscription](https://azure.microsoft.com/en-us/pricing/member-offers/msdn-benefits/)).
44
-
45
- You are now ready to configure kitchen-azurerm to use the credentials from the service principal you created above. You will use four elements from the steps in that article:
46
-
47
- 1. **Subscription ID**: available from the Azure portal
48
- 2. **Client ID**: this will be the Application Id from the application in step 2.
49
- 3. **Client Secret/Password**: this will be the password you supplied in the command in step 2.
50
- 4. **Tenant ID**: use the command detailed in "Manually provide credentials through Azure CLI" step 1 to get the TenantId.
51
-
52
- Using a text editor, open or create the file ```~/.azure/credentials``` and add the following section, noting there is one section per Subscription ID. **Make sure you save the file with UTF-8 encoding**
53
-
54
- ```ruby
55
- [ADD-YOUR-AZURE-SUBSCRIPTION-ID-HERE-IN-SQUARE-BRACKET]
56
- client_id = "your-azure-client-id-here"
57
- client_secret = "your-client-secret-here"
58
- tenant_id = "your-azure-tenant-id-here"
59
- ```
60
-
61
- If preferred, you may also set the following environment variables, however this would be incompatible with supporting multiple Azure subscriptions.
62
-
63
- ```ruby
64
- AZURE_CLIENT_ID="your-azure-client-id-here"
65
- AZURE_CLIENT_SECRET="your-client-secret-here"
66
- AZURE_TENANT_ID="your-azure-tenant-id-here"
67
- ```
68
-
69
- Note that the environment variables, if set, take preference over the values in a configuration file.
70
-
71
- After adjusting your ```~/.azure/credentials``` file you will need to adjust your ```kitchen.yml``` file to leverage the azurerm driver. Use the following examples to achieve this, then check your configuration with standard kitchen commands. For example,
72
-
73
- ```bash
74
- % kitchen list
75
- Instance Driver Provisioner Verifier Transport Last Action Last Error
76
- wsus-windows-2019 Azurerm ChefZero Inspec Winrm <Not Created> <None>
77
- wsus-windows-2016 Azurerm ChefZero Inspec Winrm <Not Created> <None>
78
- ```
79
-
80
- ### Driver Properties
81
-
82
- The following properties are able to be specified in the `driver` section of the Test Kitchen configuration:
83
-
84
- #### subscription_id (required)
85
-
86
- * _string_ : Reads string from `ENV["AZURE_SUBSCRIPTION_ID"]` or must be specified if not present in `ENV`.
87
- * Default Value: `ENV["AZURE_SUBSCRIPTION_ID"]`
88
-
89
- #### azure_environment
90
-
91
- * _string_ : Name of Azure environment to use.
92
-
93
- #### machine_size (required)
94
-
95
- * _string_ : Machine size to use for instances created.
96
-
97
- #### location (required)
98
-
99
- * _string_ : Azure location to use, example `"Central US"`
100
-
101
- #### azure_resource_group_prefix
102
-
103
- * _string_ : Prefix to use for the resource group configuration which will be created.
104
- * Default Value: `"kitchen-"`
105
-
106
- #### azure_resource_group_suffix
107
-
108
- * _string_ : Optional suffix to append to resource group name.
109
- * Default Value: `""`
110
-
111
- #### azure_resource_group_name
112
-
113
- * _string_ : Optional override for base name of the Azure Resource group which is created, uses prefix and suffix.
114
- * Default Value: `""`
115
-
116
- #### explicit_resource_group_name
117
-
118
- * _string_ : Optional explicit resource group name, does not use `azure_resource_group_prefix`/`azure_resource_group_suffix`
119
- * Default Value: `""`
120
-
121
- #### destroy_explicit_resource_group
122
-
123
- * _boolean_ : Used for cleanup with `explicit_resource_group_name`
124
- * Default Value: `true`
125
-
126
- #### destroy_explicit_resource_group_tags
127
-
128
- * _boolean_ : Used for cleanup with `explicit_resource_group_name`
129
- * Default Value: `true`
130
-
131
- #### destroy_resource_group_contents
132
-
133
- * _boolean_ : Can be used when you want to destroy the resources within a resource group without destroying the resource group itself. For example, the following configuration options used in combination would use an existing resource group (or create one if it doesn't exist) and will destroy the contents of the resource group in the ```kitchen destroy``` phase. If you wish to destroy the empty resource group created after you empty the resource group with this flag you can now set the ```destroy_explicit_resource_group``` to "true" to destroy the empty resource group.
134
- * Default Value: `false`
135
-
136
- #### resource_group_tags
137
-
138
- * _hash_ : Optional hash of tags to pass to resource group
139
-
140
- ```yaml
141
- driver:
142
- name: azurerm
143
- resource_group_tags:
144
- tag1: tag1value
145
- ```
146
-
147
- #### image_urn
148
-
149
- * _string_ : Image URN to use for vm creation. List can be found using `az` cli - [https://docs.microsoft.com/en-us/azure/virtual-machines/linux/cli-ps-findimage#list-popular-images]
150
- * Default Value: `"Canonical:UbuntuServer:14.04.3-LTS:latest"`
151
-
152
- #### image_url
153
-
154
- * _string_ : (unmanaged disks only) can be used to specify a custom vhd
155
- * This VHD must be in the same storage account as the disks of the VM, therefore ```existing_storage_account_blob_url``` must also be set and ```use_managed_disks``` must be set to false.
156
-
157
- #### image_id
158
-
159
- * _string_ : (managed disks only) can be used to specify an image by id (managed disk). This works only with managed disks.
160
-
161
- #### use_ephemeral_osdisk
162
-
163
- * _boolean_ : Optional flag to use ephermeal disk for instances.
164
- * Default Value: `false`
165
-
166
- #### os_disk_size_gb
167
-
168
- * _string_ : Optional override of os disk size for instances.
169
-
170
- #### os_type
171
-
172
- * _string_ : Should be specified when os type is not `linux`
173
- * Default Value: `"linux"`
174
-
175
- #### custom_data
176
-
177
- * _string_ : Optional custom data which may be specified for instances [https://docs.microsoft.com/en-us/azure/virtual-machines/custom-data].
178
- * Value can be a file or the data itself, this module handles base64 encoding for you.
179
-
180
- #### username
181
-
182
- * _string_ : Username to use for connecting to instances.
183
- * Default Value: `"azure"`
184
-
185
- #### password
186
-
187
- * _string_ : Optional password to use for connecting to instances.
188
- * Default Value: `SecureRandom.base64(25)` (Randomly generated 24 digit password)
189
-
190
- #### vm_name
191
-
192
- * _string_ : Optional name for vm instances to create.
193
- * Default Value: `"tk-#{SecureRandom.hex(6)[0..11]}"` (Randomly generated 12 character name prefixed with `tk-`)
194
-
195
- #### nic_name
196
-
197
- * _string_ : Optional name to provide for nic, if not specified then nic name will be `"nic-#{config[:vm_name]}"`.
198
-
199
- #### vnet_id
200
-
201
- * _string_ : Optional `vnet` to provide. If no `vnet` is chosen then public IP will be assigned using default values.
202
-
203
- #### subnet_id
204
-
205
- * _string_ : Optional subnet to provide, should be used with `vnet_id`.
206
-
207
- #### public_ip
208
-
209
- * _boolean_ : Option to specify if a public IP should be assigned. In default configuration if all other options are left at default then a public IP _will_ be assigned, due to `vnet_id` having no value.
210
- * Default Value: `false`
211
-
212
- #### public_ip_sku
213
-
214
- * _string_ : Optional string to change the SKU of allocated public IP address. Defaults to `Basic`.
215
- * Default Value: `"Basic"`
216
-
217
- #### storage_account_type
218
-
219
- * _string_ : Optional storage account type.
220
- * Default Value: `"Standard_LRS"`
221
-
222
- #### existing_storage_account_blob_url
223
-
224
- * _string_ : Used with private image specification, the URL of the existing storage account (blob) (without container)
225
-
226
- #### existing_storage_account_container
227
-
228
- * _string_ : Used with private image specification, the Container Name for OS Images (blob)
229
-
230
- #### boot_diagnostics_enabled
231
-
232
- * _boolean_ : Whether to enable (true) or disable (false) boot diagnostics. Default: true (requires Standard storage).
233
- * Default Value: `true`
234
-
235
- #### winrm_powershell_script
236
-
237
- * _string_ : By default on Windows machines, a PowerShell script runs that enables WinRM over the SSL transport, for Basic, Negotiate and CredSSP connections. To supply your own PowerShell script (e.g. to enable HTTP), use the `winrm_powershell_script` parameter. Windows 2008 R2 example:
238
-
239
- ```yaml
240
- platforms:
241
- - name: windows2008-r2
242
- driver_config:
243
- image_urn: MicrosoftWindowsServer:WindowsServer:2008-R2-SP1:latest
244
- winrm_powershell_script: |-
245
- winrm quickconfig -q
246
- winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="512"}'
247
- winrm set winrm/config '@{MaxTimeoutms="1800000"}'
248
- winrm set winrm/config/service '@{AllowUnencrypted="true"}'
249
- winrm set winrm/config/service/auth '@{Basic="true"}'
250
-
251
- ```
252
-
253
- #### pre_deployment_template
254
-
255
- * _string_ : Optional path to name of pre-deployment template to use.
256
-
257
- #### pre_deployment_parameters
258
-
259
- * _hash_ : Optional parameters to pass to pre-deployment template.
260
-
261
- #### post_deployment_template
262
-
263
- * _string_ : Optional path to name of post-deployment template to use.
264
-
265
- #### post_deployment_parameters
266
-
267
- * _hash_ : Optional parameters to pass to post-deployment template.
268
-
269
- #### plan
270
-
271
- * _hash_ : Optional JSON object which allows you to define plan information when creating VMs from Marketplace images. Please refer to [Deploy an image with Marketplace terms](https://aka.ms/azuremarketplaceapideployment) for more details. Not all Marketplace images support programmatic deployment, and support is controlled by the image publisher.
272
-
273
- #### vm_tags
274
-
275
- * _hash_ : Optional hash of vm tags to populate.
276
-
277
- #### use_managed_disks
278
-
279
- * _boolean_ : Must be set to `true` to use `data_disks` property.
280
- * Default Value: `true`
281
-
282
- #### data_disks
283
-
284
- * _array_ : Additional disks to configure for instances.
285
-
286
- ```yaml
287
- platforms:
288
- - name: windows2016-noformat
289
- driver:
290
- image_urn: MicrosoftWindowsServer:WindowsServer:2016-Datacenter:latest
291
- data_disks:
292
- - lun: 0
293
- disk_size_gb: 128
294
- - lun: 1
295
- disk_size_gb: 128
296
- - lun: 2
297
- disk_size_gb: 128
298
- ```
299
-
300
- #### format_data_disks
301
-
302
- * _boolean_ : Run format operations on attached data disks
303
- * Default Value: `false`
304
-
305
- #### format_data_disks_powershell_script
306
-
307
- * _boolean_ : Customize the content of format operations for attached `data_disks`
308
- * Default Value: `false`
309
-
310
- #### system_assigned_identity
311
-
312
- * _boolean_ : Whether to enable system assigned identity for the vm.
313
- * Default Value: `false`
314
-
315
- #### user_assigned_identities
316
-
317
- * _hash_ : An object whose keys are resource IDs for user identities to associate with the Virtual Machine and whose values are empty objects, or empty to disable user assigned
318
- identities.
319
-
320
- #### deployment_sleep
321
-
322
- * _string_ : Time in seconds to sleep at the end of deployment before fetching details.
323
- * Default Value: `10`
324
-
325
- #### secret_url
326
-
327
- * _string_ : used with connecting to Azure Key Vault
328
-
329
- #### vault_name
330
-
331
- * _string_ : used with connecting to Azure Key Vault
332
-
333
- #### vault_resource_group
334
-
335
- * _string_ : used with connecting to Azure Key Vault
336
-
337
- #### azure_api_retries
338
-
339
- * _string_ : Number of times to retry connections to Azure API.
340
- * Default Value: `5`
341
-
342
- #### use_fqdn_hostname
343
-
344
- * _boolean_ : When true, Kitchen will use the FQDN that is assigned to the Virtual Machine. When false, kitchen will use the public IP address of the machine. This may overcome issues with Corporate firewalls or VPNs blocking Public IP addresses.
345
- * Default Value: `false`
346
-
347
- ### kitchen.yml example 1 - Linux/Ubuntu
348
-
349
- Here's an example ```kitchen.yml``` file that provisions an Ubuntu Server, using Chef Zero as the provisioner and SSH as the transport. Note that if the key does not exist at the specified location, it will be created. Also note that if ```ssh_key``` is supplied, Test Kitchen will use this in preference to any default/configured passwords that are supplied.
350
-
351
- ```yaml
352
- ---
353
- driver:
354
- name: azurerm
355
- subscription_id: 'your-azure-subscription-id-here'
356
- location: 'West Europe'
357
- machine_size: 'Standard_D1'
358
-
359
- transport:
360
- ssh_key: ~/.ssh/id_kitchen-azurerm
361
-
362
- provisioner:
363
- name: chef_zero
364
-
365
- platforms:
366
- - name: ubuntu-14.04
367
- driver:
368
- image_urn: Canonical:UbuntuServer:14.04.4-LTS:latest
369
- vm_name: trusty-vm
370
-
371
- suites:
372
- - name: default
373
- attributes:
374
- ```
375
-
376
- ### Concurrent execution
377
-
378
- Concurrent execution of create/converge/destroy is supported via the --concurrency parameter. Each machine is created in its own Azure Resource Group so it has no shared lifecycle with the other machines in the test run. To take advantage of parallel execution use the following command:
379
-
380
- ```kitchen test --concurrency <n>```
381
-
382
- Where n is the number of threads to create. Note that any failure (e.g. an AzureOperationError) will cause the whole test to fail, though resources already in creation will continue to be created.
383
-
384
- ### kitchen.yml example 2 - Windows
385
-
386
- Here's a further example ```kitchen.yml``` file that will provision a Windows Server 2019 [smalldisk] instance, using WinRM as the transport. An [ephemeral os disk](https://docs.microsoft.com/en-us/azure/virtual-machines/linux/ephemeral-os-disks) is used. The resource created in Azure will enable itself for remote access at deployment time (it does this by customizing the machine at provisioning time) and tags the Azure Resource Group with metadata using the ```resource_group_tags``` property. Notice that the ```vm_tags``` and ```resource_group_tags``` properties use a simple ```key : value``` structure per line:
387
-
388
- ```yaml
389
- ---
390
- driver:
391
- name: azurerm
392
- subscription_id: 'your-subscription-id-here'
393
- location: 'West Europe'
394
- machine_size: 'Standard_DS2_v2'
395
-
396
- provisioner:
397
- name: chef_zero
398
-
399
- platforms:
400
- - name: windows2019
401
- driver:
402
- image_urn: MicrosoftWindowsServer:WindowsServer:2019-Datacenter-smalldisk:latest
403
- use_ephemeral_osdisk: true
404
- resource_group_tags:
405
- project: 'My Cool Project'
406
- contact: 'me@somewhere.com'
407
- vm_tags:
408
- my_tag: its value
409
- another_tag: its awesome value
410
- transport:
411
- name: winrm
412
- suites:
413
- - name: default
414
- attributes:
415
- ```
416
-
417
- ### kitchen.yml example 3 - "pre-deployment" ARM template
418
-
419
- The following example introduces the ```pre_deployment_template``` and ```pre_deployment_parameters``` properties in the configuration file.
420
- You can use this capability to execute an ARM template containing Azure resources to provision before the system under test is created.
421
-
422
- In the example the ARM template in the file ```predeploy.json``` would be executed with the parameters that are specified under ```pre_deployment_parameters```.
423
- These resources will be created in the same Azure Resource Group as the VM under test, and therefore will be destroyed when you type ```kitchen destroy```.
424
-
425
- ```yaml
426
- ---
427
- driver:
428
- name: azurerm
429
- subscription_id: 'your-azure-subscription-id-here'
430
- location: 'West Europe'
431
- machine_size: 'Standard_D1'
432
- pre_deployment_template: predeploy.json
433
- pre_deployment_parameters:
434
- test_parameter: 'This is a test.'
435
-
436
- transport:
437
- ssh_key: ~/.ssh/id_kitchen-azurerm
438
-
439
- provisioner:
440
- name: chef_zero
441
-
442
- platforms:
443
- - name: ubuntu-1404
444
- driver:
445
- image_urn: Canonical:UbuntuServer:14.04.4-LTS:latest
446
-
447
- suites:
448
- - name: default
449
- run_list:
450
- - recipe[kitchen-azurerm-demo::default]
451
- attributes:
452
- ```
453
-
454
- Example predeploy.json:
455
-
456
- ```json
457
- {
458
- "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
459
- "contentVersion": "1.0.0.0",
460
- "parameters": {
461
- "test_parameter": {
462
- "type": "string",
463
- "defaultValue": ""
464
- }
465
- },
466
- "variables": {
467
-
468
- },
469
- "resources": [
470
- {
471
- "name": "uniqueinstancenamehere01",
472
- "type": "Microsoft.Sql/servers",
473
- "location": "[resourceGroup().location]",
474
- "apiVersion": "2014-04-01-preview",
475
- "properties": {
476
- "version": "12.0",
477
- "administratorLogin": "azure",
478
- "administratorLoginPassword": "P2ssw0rd"
479
- }
480
- }
481
- ],
482
- "outputs": {
483
- "parameter testing": {
484
- "type": "string",
485
- "value": "[parameters('test_parameter')]"
486
- }
487
- }
488
- }
489
- ```
490
-
491
- ### kitchen.yml example 4 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios)
492
-
493
- The following example introduces the ```vnet_id``` and ```subnet_id``` properties under "driver" in the configuration file. This can be applied at the top level, or per platform.
494
- You can use this capability to create the VM on an existing virtual network and subnet created in a different resource group.
495
-
496
- In this case, the public IP address is not used unless ```public_ip``` is set to ```true```
497
-
498
- ```yaml
499
- ---
500
- driver:
501
- name: azurerm
502
- subscription_id: 'your-azure-subscription-id-here'
503
- location: 'West Europe'
504
- machine_size: 'Standard_D1'
505
-
506
- transport:
507
- ssh_key: ~/.ssh/id_kitchen-azurerm
508
-
509
- provisioner:
510
- name: chef_zero
511
-
512
- platforms:
513
- - name: ubuntu-1404
514
- driver:
515
- image_urn: Canonical:UbuntuServer:14.04.4-LTS:latest
516
- vnet_id: /subscriptions/b6e7eee9-YOUR-GUID-HERE-03ab624df016/resourceGroups/pendrica-infrastructure/providers/Microsoft.Network/virtualNetworks/pendrica-arm-vnet
517
- subnet_id: subnet-10.1.0
518
-
519
- suites:
520
- - name: default
521
- attributes:
522
- ```
523
-
524
- ### kitchen.yml example 5 - deploy VM to existing virtual network/subnet with a Standard SKU public IP (use for ExpressRoute/VPN scenarios)
525
-
526
- The following example introduces the ```vnet_id``` and ```subnet_id``` properties under "driver" in the configuration file. This can be applied at the top level, or per platform.
527
- You can use this capability to create the VM on an existing virtual network and subnet created in a different resource group.
528
-
529
- This enables scenarios that require a Standard SKU public IP resource, for example when a NAT gateway is present on the target subnet.
530
-
531
-
532
- ```yaml
533
- ---
534
- driver:
535
- name: azurerm
536
- subscription_id: 'your-azure-subscription-id-here'
537
- location: 'West Europe'
538
- machine_size: 'Standard_D1'
539
-
540
- transport:
541
- ssh_key: ~/.ssh/id_kitchen-azurerm
542
-
543
- provisioner:
544
- name: chef_zero
545
-
546
- platforms:
547
- - name: ubuntu-1404
548
- driver:
549
- image_urn: Canonical:UbuntuServer:14.04.4-LTS:latest
550
- vnet_id: /subscriptions/b6e7eee9-YOUR-GUID-HERE-03ab624df016/resourceGroups/pendrica-infrastructure/providers/Microsoft.Network/virtualNetworks/pendrica-arm-vnet
551
- subnet_id: subnet-10.1.0
552
- public_ip: true
553
- public_ip_sku: Standard
554
-
555
- suites:
556
- - name: default
557
- attributes:
558
- ```
559
-
560
- ### kitchen.yml example 6 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios) with Private Managed Image
561
-
562
- This example is the same as above, but uses a private managed image to provision the vm.
563
-
564
- Note: The image must be available first. On deletion the disk and everything is removed.
565
-
566
- ```yaml
567
- ---
568
- driver:
569
- name: azurerm
570
- subscription_id: 'your-azure-subscription-id-here'
571
- location: 'West Europe'
572
- machine_size: 'Standard_D1'
573
-
574
- transport:
575
- ssh_key: ~/.ssh/id_kitchen-azurerm
576
-
577
- provisioner:
578
- name: chef_zero
579
-
580
- platforms:
581
- - name: ubuntu-1404
582
- driver:
583
- image_id: /subscriptions/xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx/resourceGroups/RESGROUP/providers/Microsoft.Compute/images/IMAGENAME
584
- vnet_id: /subscriptions/b6e7eee9-YOUR-GUID-HERE-03ab624df016/resourceGroups/pendrica-infrastructure/providers/Microsoft.Network/virtualNetworks/pendrica-arm-vnet
585
- subnet_id: subnet-10.1.0
586
- use_managed_disk: true
587
-
588
- suites:
589
- - name: default
590
- attributes:
591
- ```
592
-
593
- ### kitchen.yml example 7 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios) with Private Classic OS Image
594
-
595
- This example a classic Custom VM Image (aka a VHD file) is used. As the Image VHD must be in the same storage account then the disk of the instance, the os disk is created in an existing image account.
596
-
597
- Note: When the resource group ís deleted, the os disk is left in the existing storage account blob. You must clean up manually.
598
-
599
- This example will:
600
-
601
- * use the customized image <https://yourstorageaccount.blob.core.windows.net/system/Microsoft.Compute/Images/images/Cent7_P4-osDisk.170dd1b7-7dc3-4496-b248-f47c49f63965.vhd> (can be built with packer)
602
- * set the disk url of the vm to <https://yourstorageaccount.blob.core.windows.net/vhds/osdisk-kitchen-XXXXX.vhd>
603
- * set the os type to linux
604
-
605
- ```yaml
606
- ---
607
- driver:
608
- name: azurerm
609
- subscription_id: 'your-azure-subscription-id-here'
610
- location: 'West Europe'
611
- machine_size: 'Standard_D1'
612
-
613
- transport:
614
- ssh_key: ~/.ssh/id_kitchen-azurerm
615
-
616
- provisioner:
617
- name: chef_zero
618
-
619
- platforms:
620
- - name: ubuntu-1404
621
- driver:
622
- image_url: https://yourstorageaccount.blob.core.windows.net/system/Microsoft.Compute/Images/images/Cent7_P4-osDisk.170dd1b7-7dc3-4496-b248-f47c49f63965.vhd
623
- existing_storage_account_blob_url: https://yourstorageaccount.blob.core.windows.net
624
- os_type: linux
625
- use_managed_disk: false
626
- vnet_id: /subscriptions/b6e7eee9-YOUR-GUID-HERE-03ab624df016/resourceGroups/pendrica-infrastructure/providers/Microsoft.Network/virtualNetworks/pendrica-arm-vnet
627
- subnet_id: subnet-10.1.0
628
-
629
- suites:
630
- - name: default
631
- attributes:
632
- ```
633
-
634
- ### kitchen.yml example 8 - deploy VM to existing virtual network/subnet (use for ExpressRoute/VPN scenarios) with Private Classic OS Image and providing custom data and extra large os disk
635
-
636
- This is the same as above, but uses custom data to customize the instance.
637
-
638
- Note: Custom data can be custom data or a file to custom data. Please also note that if you use winrm communication to non-nano windows servers custom data is not supported, as winrm is enabled via custom data.
639
-
640
- ```yaml
641
- ---
642
- driver:
643
- name: azurerm
644
- subscription_id: 'your-azure-subscription-id-here'
645
- location: 'West Europe'
646
- machine_size: 'Standard_D1'
647
-
648
- transport:
649
- ssh_key: ~/.ssh/id_kitchen-azurerm
650
-
651
- provisioner:
652
- name: chef_zero
653
-
654
- platforms:
655
- - name: ubuntu-1404
656
- driver:
657
- image_url: https://yourstorageaccount.blob.core.windows.net/system/Microsoft.Compute/Images/images/Cent7_P4-osDisk.170dd1b7-7dc3-4496-b248-f47c49f63965.vhd
658
- existing_storage_account_blob_url: https://yourstorageaccount.blob.core.windows.net
659
- os_type: linux
660
- use_managed_disk: false
661
- vnet_id: /subscriptions/b6e7eee9-YOUR-GUID-HERE-03ab624df016/resourceGroups/pendrica-infrastructure/providers/Microsoft.Network/virtualNetworks/pendrica-arm-vnet
662
- subnet_id: subnet-10.1.0
663
- os_disk_size_gb: 100
664
- #custom_data: /tmp/customdata.txt
665
- custom_data: |
666
- #cloud-config
667
- fqdn: myhostname
668
- preserve_hostname: false
669
- runcmd:
670
- - yum install -y telnet
671
-
672
- suites:
673
- - name: default
674
- attributes:
675
- ```
676
-
677
- ### kitchen.yml example 9 - Windows 2016 VM with additional data disks
678
-
679
- This example demonstrates how to add 3 additional Managed data disks to a Windows Server 2016 VM. Not supported with legacy (pre-managed disk) storage accounts.
680
-
681
- Note the availability of a `format_data_disks` option (default: `false`). When set to true, a PowerShell script will execute at first boot to initialize and format the disks with an NTFS filesystem. This option does not affect Linux machines.
682
-
683
- ```yaml
684
- ---
685
- driver:
686
- name: azurerm
687
- subscription_id: 'your-azure-subscription-id-here'
688
- location: 'West Europe'
689
- machine_size: 'Standard_F2s'
690
-
691
- provisioner:
692
- name: chef_zero
693
-
694
- platforms:
695
- - name: windows2016-noformat
696
- driver:
697
- image_urn: MicrosoftWindowsServer:WindowsServer:2016-Datacenter:latest
698
- data_disks:
699
- - lun: 0
700
- disk_size_gb: 128
701
- - lun: 1
702
- disk_size_gb: 128
703
- - lun: 2
704
- disk_size_gb: 128
705
- # format_data_disks: false
706
-
707
- suites:
708
- - name: default
709
- attributes:
710
- ```
711
-
712
- ### kitchen.yml example 10 - "post-deployment" ARM template with MSI authentication
713
-
714
- The following example introduces the ```post_deployment_template``` and ```post_deployment_parameters``` properties in the configuration file.
715
- You can use this capability to execute an ARM template containing Azure resources to provision after the system under test is created.
716
-
717
- In the example the ARM template in the file ```postdeploy.json``` would be executed with the parameters that are specified under ```post_deployment_parameters```.
718
- These resources will be created in the same Azure Resource Group as the VM under test, and therefore will be destroyed when you type ```kitchen destroy```.
719
-
720
- ```yaml
721
- ---
722
- driver:
723
- name: azurerm
724
- subscription_id: 'your-azure-subscription-id-here'
725
- location: 'West Europe'
726
- machine_size: 'Standard_D1'
727
- post_deployment_template: postdeploy.json
728
- post_deployment_parameters:
729
- test_parameter: 'This is a test.'
730
-
731
- transport:
732
- ssh_key: ~/.ssh/id_kitchen-azurerm
733
-
734
- provisioner:
735
- name: chef_zero
736
-
737
- platforms:
738
- - name: ubuntu-1404
739
- driver:
740
- image_urn: Canonical:UbuntuServer:14.04.4-LTS:latest
741
-
742
- suites:
743
- - name: default
744
- attributes:
745
- ```
746
-
747
- Example postdeploy.json to enable MSI extention on VM:
748
-
749
- ```json
750
- {
751
- "$schema": "https://schema.management.azure.com/schemas/2015-01-01/deploymentTemplate.json#",
752
- "contentVersion": "1.0.0.0",
753
- "parameters": {
754
- "vmName": {
755
- "type": "String"
756
- },
757
- "location": {
758
- "type": "String"
759
- },
760
- "msiExtensionName": {
761
- "type": "String"
762
- }
763
- },
764
- "resources": [
765
- {
766
- "type": "Microsoft.Compute/virtualMachines",
767
- "name": "[parameters('vmName')]",
768
- "apiVersion": "2017-12-01",
769
- "location": "[parameters('location')]",
770
- "identity": {
771
- "type": "systemAssigned"
772
- }
773
- },
774
- {
775
- "type": "Microsoft.Compute/virtualMachines/extensions",
776
- "name": "[concat( parameters('vmName'), '/' , parameters('msiExtensionName') )]",
777
- "apiVersion": "2017-12-01",
778
- "location": "[parameters('location')]",
779
- "properties": {
780
- "publisher": "Microsoft.ManagedIdentity",
781
- "type": "[parameters('msiExtensionName')]",
782
- "typeHandlerVersion": "1.0",
783
- "autoUpgradeMinorVersion": true,
784
- "settings": {
785
- "port": 50342
786
- }
787
- },
788
- "dependsOn": [
789
- "[concat('Microsoft.Compute/virtualMachines/', parameters('vmName'))]"
790
- ]
791
- }
792
- ]
793
- }
794
- ```
795
-
796
- ### kitchen.yml example 11 - Enabling Managed Service Identities
797
-
798
- This example demonstrates how to enable a System Assigned Identity and User Assigned Identities on a Kitchen VM.
799
- Any combination of System and User assigned identities may be enabled, and multiple User Assigned Identities can be supplied.
800
-
801
- See the [Managed identities for Azure resources](https://docs.microsoft.com/en-us/azure/active-directory/managed-identities-azure-resources/overview) documentation for more information on using Managed Service Identities.
802
-
803
- ```yaml
804
- ---
805
- driver:
806
- name: azurerm
807
- subscription_id: 'your-azure-subscription-id-here'
808
- location: 'West Europe'
809
- machine_size: 'Standard_D1'
810
-
811
- transport:
812
- ssh_key: ~/.ssh/id_kitchen-azurerm
813
-
814
- provisioner:
815
- name: chef_zero
816
-
817
- platforms:
818
- - name: ubuntu-1404
819
- driver:
820
- image_urn: Canonical:UbuntuServer:14.04.4-LTS:latest
821
- system_assigned_identity: true
822
- user_assigned_identities:
823
- - /subscriptions/4801fa9d-YOUR-GUID-HERE-b265ff49ce21/resourcegroups/test-kitchen-user/providers/Microsoft.ManagedIdentity/userAssignedIdentities/test-kitchen-user
824
-
825
- suites:
826
- - name: default
827
- attributes:
828
- ```
829
-
830
- ### kitchen.yml example 12 - deploy VM with key vault certificate
831
-
832
- This following example introduces ```secret_url```, ```vault_name```, and ```vault_resource_group``` properties under "driver" in the configuration file. You can use this capability to create a VM with a specified key vault certificate.
833
-
834
- ```yaml
835
- ---
836
- driver:
837
- name: azurerm
838
- subscription_id: 'your-azure-subscription-id-here'
839
- location: 'CentralUS'
840
- machine_size: 'Standard_D2s_v3'
841
- secret_url: 'https://YOUR-SECRET-PATH'
842
- vault_name: 'YOUR-VAULT-NAME'
843
- vault_group_name: 'YOUR-VAULT-GROUP-NAME'
844
- transport:
845
- name: winrm
846
- elevated: true
847
- provisioner:
848
- name: chef_zero
849
- platforms:
850
- - name: win2012R2-sql2016
851
- driver:
852
- image_urn: MicrosoftSQLServer:SQL2016SP2-WS2012R2:SQLDEV:latest
853
-
854
- suites:
855
- - name: default
856
- attributes:
857
- ```
858
-
859
- ## Support for Government and Sovereign Clouds (China and Germany)
860
-
861
- Starting with v0.9.0 this driver has support for Azure Government and Sovereign Clouds via the use of the ```azure_environment``` setting. Valid Azure environments are ```Azure```, ```AzureUSGovernment```, ```AzureChina``` and ```AzureGermanCloud```
862
-
863
- Note that the ```use_managed_disks``` option should be set to false until supported by AzureUSGovernment.
864
-
865
- ### Example kitchen.yml for Azure US Government cloud
866
-
867
- ```yaml
868
- ---
869
- driver:
870
- name: azurerm
871
- subscription_id: 'your-azure-subscription-id-here'
872
- azure_environment: 'AzureUSGovernment'
873
- location: 'US Gov Iowa'
874
- machine_size: 'Standard_D2_v2_Promo'
875
- use_managed_disks: false
876
-
877
- provisioner:
878
- name: chef_zero
879
-
880
- verifier:
881
- name: inspec
882
-
883
- platforms:
884
- - name: ubuntu1604
885
- driver:
886
- image_urn: Canonical:UbuntuServer:16.04-LTS:latest
887
- transport:
888
- ssh_key: ~/.ssh/id_kitchen-azurerm
889
-
890
- suites:
891
- - name: default
892
- ```
893
-
894
- ### How to retrieve the image_urn
895
-
896
- You can use the azure (azure-cli) command line tools to interrogate for the Urn. All 4 parts of the Urn must be specified, though the last part can be changed to "latest" to indicate you always wish to provision the latest operating system and patches.
897
-
898
- ```$ azure vm image list "West Europe" Canonical UbuntuServer```
899
-
900
- This will return a list like the following, from which you can derive the Urn.
901
- *this list has been shortened for readability*
902
-
903
- ```bash
904
- data: Publisher Offer Sku Version Location Urn
905
- data: --------- ------------ ----------------- --------------- ---------- --------------------------------------------------------
906
- data: Canonical UbuntuServer 12.04.5-LTS 12.04.201507301 westeurope Canonical:UbuntuServer:12.04.5-LTS:12.04.201507301
907
- data: Canonical UbuntuServer 12.04.5-LTS 12.04.201507311 westeurope Canonical:UbuntuServer:12.04.5-LTS:12.04.201507311
908
- data: Canonical UbuntuServer 12.04.5-LTS 12.04.201508190 westeurope Canonical:UbuntuServer:12.04.5-LTS:12.04.201508190
909
- data: Canonical UbuntuServer 12.04.5-LTS 12.04.201509060 westeurope Canonical:UbuntuServer:12.04.5-LTS:12.04.201509060
910
- data: Canonical UbuntuServer 12.04.5-LTS 12.04.201509090 westeurope Canonical:UbuntuServer:12.04.5-LTS:12.04.201509090
911
- data: Canonical UbuntuServer 12.10 12.10.201212180 westeurope Canonical:UbuntuServer:12.10:12.10.201212180
912
- data: Canonical UbuntuServer 14.04.3-DAILY-LTS 14.04.201509110 westeurope Canonical:UbuntuServer:14.04.3-DAILY-LTS:14.04.201509110
913
- data: Canonical UbuntuServer 14.04.3-DAILY-LTS 14.04.201509160 westeurope Canonical:UbuntuServer:14.04.3-DAILY-LTS:14.04.201509160
914
- data: Canonical UbuntuServer 14.04.3-DAILY-LTS 14.04.201509220 westeurope Canonical:UbuntuServer:14.04.3-DAILY-LTS:14.04.201509220
915
- data: Canonical UbuntuServer 14.04.3-LTS 14.04.201508050 westeurope Canonical:UbuntuServer:14.04.3-LTS:14.04.201508050
916
- data: Canonical UbuntuServer 14.04.3-LTS 14.04.201509080 westeurope Canonical:UbuntuServer:14.04.3-LTS:14.04.201509080
917
- data: Canonical UbuntuServer 15.04 15.04.201506161 westeurope Canonical:UbuntuServer:15.04:15.04.201506161
918
- data: Canonical UbuntuServer 15.04 15.04.201507070 westeurope Canonical:UbuntuServer:15.04:15.04.201507070
919
- data: Canonical UbuntuServer 15.04 15.04.201507220 westeurope Canonical:UbuntuServer:15.04:15.04.201507220
920
- data: Canonical UbuntuServer 15.04 15.04.201507280 westeurope Canonical:UbuntuServer:15.04:15.04.201507280
921
- data: Canonical UbuntuServer 15.10-DAILY 15.10.201509170 westeurope Canonical:UbuntuServer:15.10-DAILY:15.10.201509170
922
- data: Canonical UbuntuServer 15.10-DAILY 15.10.201509180 westeurope Canonical:UbuntuServer:15.10-DAILY:15.10.201509180
923
- data: Canonical UbuntuServer 15.10-DAILY 15.10.201509190 westeurope Canonical:UbuntuServer:15.10-DAILY:15.10.201509190
924
- data: Canonical UbuntuServer 15.10-DAILY 15.10.201509210 westeurope Canonical:UbuntuServer:15.10-DAILY:15.10.201509210
925
- data: Canonical UbuntuServer 15.10-DAILY 15.10.201509220 westeurope Canonical:UbuntuServer:15.10-DAILY:15.10.201509220
926
- info: vm image list command OK
927
- ```
928
-
929
- ## Contributing
930
-
931
- Contributions to the project are welcome via submitting Pull Requests.
932
-
933
- 1. Fork it ( <https://github.com/test-kitchen/kitchen-azurerm/fork> )
934
- 2. Create your feature branch (`git checkout -b my-new-feature`)
935
- 3. Commit your changes (`git commit -am 'Add some feature'`)
936
- 4. Push to the branch (`git push origin my-new-feature`)
937
- 5. Create a new Pull Request
938
-
939
- ## Author
940
-
941
- Stuart Preston
942
-
943
- ## License and Copyright
944
-
945
- Copyright 2015-2021, Chef Software, Inc.
946
-
947
- ```
948
- Licensed under the Apache License, Version 2.0 (the "License");
949
- you may not use this file except in compliance with the License.
950
- You may obtain a copy of the License at
951
-
952
- http://www.apache.org/licenses/LICENSE-2.0
953
-
954
- Unless required by applicable law or agreed to in writing, software
955
- distributed under the License is distributed on an "AS IS" BASIS,
956
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
957
- See the License for the specific language governing permissions and
958
- limitations under the License.
959
- ```