kitchen-cloudformation 1.3.0 → 1.5.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 6891d8c196ba95d50531fbb357b0202854d4b63e
-  data.tar.gz: aebccfc91fa225fad525b43639a5ddb850fd6d17
+SHA256:
+  metadata.gz: 96f4545854d99212bb47aa812fbfedf485b674855f19ef36f5eff82548ca6a63
+  data.tar.gz: d3a7035c27afc23f3527d89d1ba0efcce65ceb265592e889dbcd30f1df60494c
 SHA512:
-  metadata.gz: 1322158e69d5b0c67d1adad03e1ec6d6017c4cf3b37e842a6b1563a8af74daf63179767ad3b6bae417777d6accf8789995f29a72bb66166a1fda30c75089f6e1
-  data.tar.gz: 4d70a45467995a1885d8c212c13386adac17e5ed09de73a33f6ffbc1037eaa46867beb44aecb4d06222d7312ec046fcec5af228b67283284ee12ba21ea4b43c9
+  metadata.gz: 923ed16c853ad13e22ab8b0eb39d66106b6cf81aee6646a4673a138d8bcdc5e55efb0f83e50e774900ec936924087594de98d838d899bb2808bf34d1e24f0d28
+  data.tar.gz: 5a274acd9f323d95b4bcc9744fd741bab91768dea2e831cb39755fd8d21973cc0dc3765e41a29c9982528c32a50e417d92cca622cc430d66f6b87bf72f85bd77

data/README.md

@@ -12,7 +12,7 @@ If you wish to use servers specified as a hostname in the converge step then use
 So you can deploy and test say a Mongodb High Availability cluster by using cloud formation to create the servers
 and then converge each of the servers in the cluster and run tests.
 
-This can be used with [kitchen-verifier-awspec](https://github.com/neillturner/kitchen-verifier-awspec) to do verification of AWS infrastructure.
+This can be used with [kitchen-inspec](https://github.com/chef/kitchen-inspec) or [kitchen-verifier-awspec](https://github.com/neillturner/kitchen-verifier-awspec) to do verification of AWS infrastructure.
 
 ## Requirements
 
@@ -32,6 +32,9 @@ shared_credentials_profile| nil|Specify Credentials Using a Profile Name
 key | default value | Notes
 ----|---------------|--------
 capabilities||Array of capabilities that must be specified before creating or updating certain stacks accepts CAPABILITY_IAM, CAPABILITY_NAMED_IAM
+change_set_name ||Name of the Cloud Formation Change Set to create and then execute at converge time
+change_set_template_file||File containing the Cloudformation template to use to create the change set
+change_set_type | UPDATE |Cloud Formation Change Set can be CREATE or UPDATE
 disable_rollback||If the template gets an error don't rollback changes. true/false. default false.
 notification_arns| [] |The Simple Notification Service (SNS) topic ARNs to publish stack related events. Array of Strings.
 on_failure||Determines what action will be taken if stack creation fails. accepts DO_NOTHING, ROLLBACK, DELETE. You can specify either on_failure or disable_rollback, but not both.
@@ -80,6 +83,22 @@ through CI we no longer recommend storing the AWS credentials in the
 `.kitchen.yml` file.  Instead, specify them as environment variables or in the
 `~/.aws/credentials` file.
 
+## Change Sets
+
+Normally kitchen-cloudformation creates the stack from the template file when the kitchen create command if run. 
+
+If you specify a change_set_name and a change_set_template_file
+
+```yaml
+  template_file: TestSecurityGroup.template
+  change_set_name: mystack-cs
+  change_set_template_file: TestSecurityGroupCs.template
+```
+
+then it will also create the change set from the change_set_template_file.
+
+Then when the kitchen converge is run it will apply the change-set so it can be tested. 
+
 
 ## SSL Certificate File Issues
 
@@ -94,6 +113,16 @@ A file ca-bundle.crt is supplied inside this gem for this purpose so you can set
 
 ## Example
 
+See example at https://github.com/neillturner/cloudformation_repo
+
+kitchen create default-test -l debug
+
+Create the stack if it does not exist and creates a change set if one is specified.
+
+kitchen converge default-test -l debug
+
+Executes the change set if one has been created
+
 The following could be used in a `.kitchen.yml` or in a `.kitchen.local.yml`
 to override default configuration.
 
@@ -105,12 +134,14 @@ driver:
   template_file: /test/example.template
   parameters:
     base_package: wget
+  change_set_name: mystack-cs
+  change_set_template_file: TestSecurityGroupCs.template
 
 provisioner:
-  name: chef_zero
+  name: Cloudformation
 
 platforms:
-  - name: centos-6.4
+  - name: test
     driver:  Cloudformation
 
 suites:

data/kitchen-cloudformation.gemspec

@@ -16,9 +16,9 @@ Gem::Specification.new do |gem|
   gem.executables   = []
   gem.require_paths = ['lib']
   gem.required_ruby_version = '>= 2.2.2'
-  gem.add_dependency 'test-kitchen', '~> 1.4', '>= 1.4.1'
+  gem.add_dependency 'aws-sdk', '~> 3'
   gem.add_dependency 'excon'
   gem.add_dependency 'multi_json'
-  gem.add_dependency 'aws-sdk', '~> 2'
   gem.add_dependency 'retryable', '~> 2.0'
+  gem.add_dependency 'test-kitchen', '>= 1.4.1'
 end

data/lib/kitchen/driver/aws/cf_client.rb

@@ -94,10 +94,31 @@ module Kitchen
           resource.create_stack(options)
         end
 
+        def update_stack(options)
+          resource.update_stack(options)
+        end
+
+        def create_change_set(options)
+          client.create_change_set(options)
+        end
+
+        def execute_change_set(options)
+          client.execute_change_set(options)
+        end
+
         def get_stack(stack_name)
           resource.stack(stack_name)
         end
 
+        # rubocop:disable Lint/RescueWithoutErrorClass
+        def describe_change_set(stack_name, change_set_name)
+          client.describe_change_set(change_set_name: change_set_name,
+                                     stack_name: stack_name)
+        rescue
+          nil
+        end
+        # rubocop:enable Lint/RescueWithoutErrorClass
+
         def get_stack_events(stack_name)
           client.describe_stack_events(stack_name: stack_name)
         end

data/lib/kitchen/driver/aws/stack_generator.rb

@@ -34,7 +34,7 @@ module Kitchen
         # can be passed in null, others need to be ommitted if they are null
         def cf_stack_data
           s = { stack_name: config[:stack_name] }
-          s[:template_url] = config[:template_url] if config[:template_file]
+          s[:template_url] = config[:template_url] if config[:template_file].nil?
           if config[:template_file]
             s[:template_body] = File.open(config[:template_file], 'rb') { |file| file.read }
           end

data/lib/kitchen/driver/cloudformation.rb

@@ -37,12 +37,12 @@ module Kitchen
       default_config :ssl_verify_peer, true
       default_config :stack_name, nil
       default_config :template_file, nil
+
       default_config :capabilities, nil
       default_config :parameters, {}
       default_config :disable_rollback, nil
       default_config :timeout_in_minutes, 0
       default_config :parameters, {}
-
       default_config :ssh_key, nil
       default_config :username, 'root'
       default_config :hostname, nil
@@ -53,13 +53,16 @@ module Kitchen
       default_config :stack_policy_body, nil
       default_config :stack_policy_url, nil
       default_config :tags, {}
+      default_config :change_set_name, nil
+      default_config :change_set_type, 'UPDATE'
+      default_config :change_set_template_file, nil
 
       required_config :stack_name
 
       # rubocop:disable Lint/RescueWithoutErrorClass
       def create(state)
         copy_deprecated_configs(state)
-        return if state[:stack_name]
+        # return if state[:stack_name]
 
         info(Kitchen::Util.outdent!(<<-TEXT))
           Creating CloudFormation Stack <#{config[:stack_name]}>...
@@ -68,33 +71,83 @@ module Kitchen
           should be minimal, but neither Test Kitchen nor its maintainers
           are responsible for your incurred costs.
         TEXT
+        unless stack_exists
+          begin
+            stack = create_stack
+          rescue
+            error("CloudFormation #{$ERROR_INFO}.") # e.message
+            return
+          end
+          state[:stack_name] = stack.stack_name unless state[:stack_name]
+          info("Stack <#{state[:stack_name]}> requested.")
+          # tag_stack(stack)
+
+          s = cf.get_stack(state[:stack_name])
+          while s.stack_status == 'CREATE_IN_PROGRESS'
+            debug_stack_events(state[:stack_name])
+            info("CloudFormation waiting for stack <#{state[:stack_name]}> to be created.....")
+            sleep(30)
+            s = cf.get_stack(state[:stack_name])
+          end
+          display_stack_events(state[:stack_name])
+          if s.stack_status == 'CREATE_COMPLETE'
+            outputs = Hash[*s.outputs.map do |o|
+              [o[:output_key], o[:output_value]]
+            end.flatten]
+            state[:hostname] = config[:hostname].gsub(/\${([^}]+)}/) { outputs[Regexp.last_match(1)] || '' } if config[:hostname]
+            info("CloudFormation stack <#{state[:stack_name]}> created.")
+          else
+            error("CloudFormation stack <#{stack.stack_name}> failed to create....attempting to delete")
+            destroy(state)
+          end
+        end
+        return if change_set_exists
+        begin
+          create_change_set
+        rescue
+          error("CloudFormation #{$ERROR_INFO}.") # e.message
+          return
+        end
+        state[:stack_name] = config[:stack_name] unless state[:stack_name]
+      end
+
+      def update(state)
+        info("Stack <#{state[:stack_name]}> Execute Change Set requested to update stack.")
+        stack = cf.get_stack(state[:stack_name])
+        if stack.nil?
+          info("CloudFormation stack <#{state[:stack_name]}> doesn't exist.")
+          return
+        end
+        unless change_set_exists
+          info("CloudFormation change set <#{config[:change_set_name]}> doesn't exist for stack <#{state[:stack_name]}>.")
+          return
+        end
         begin
-          stack = create_stack
+          stack = execute_change_set
         rescue
           error("CloudFormation #{$ERROR_INFO}.") # e.message
           return
         end
-        state[:stack_name] = stack.stack_name
+        state[:stack_name] = stack.stack_name  unless state[:stack_name]
         info("Stack <#{state[:stack_name]}> requested.")
         # tag_stack(stack)
 
         s = cf.get_stack(state[:stack_name])
-        while s.stack_status == 'CREATE_IN_PROGRESS'
+        while s.stack_status == 'UPDATE_IN_PROGRESS'
           debug_stack_events(state[:stack_name])
-          info("CloudFormation waiting for stack <#{state[:stack_name]}> to be created.....")
-          sleep(30)
+          info("CloudFormation waiting for stack <#{state[:stack_name]}> to be updated.....")
+          sleep(20)
           s = cf.get_stack(state[:stack_name])
         end
         display_stack_events(state[:stack_name])
-        if s.stack_status == 'CREATE_COMPLETE'
+        if s.stack_status == 'UPDATE_COMPLETE'
           outputs = Hash[*s.outputs.map do |o|
             [o[:output_key], o[:output_value]]
           end.flatten]
           state[:hostname] = config[:hostname].gsub(/\${([^}]+)}/) { outputs[Regexp.last_match(1)] || '' } if config[:hostname]
-          info("CloudFormation stack <#{state[:stack_name]}> created.")
+          info("CloudFormation stack <#{state[:stack_name]}> updated.")
         else
-          error("CloudFormation stack <#{stack.stack_name}> failed to create....attempting to delete")
-          destroy(state)
+          error("CloudFormation stack <#{stack.stack_name}> failed to update.")
         end
       end
 
@@ -163,6 +216,48 @@ module Kitchen
         cf.create_stack(stack_data)
       end
 
+      def stack_exists
+        s = cf.get_stack(config[:stack_name])
+        info("Stack #{s.stack_name} already exists so not creating") if s.exists?
+        s.exists?
+      end
+
+      def change_set_exists
+        s = cf.describe_change_set(config[:stack_name], config[:change_set_name])
+        if s.nil? || s.status == 'DELETE_COMPLETE'
+          false
+        else
+          info("Change Set #{s[:change_set_name]} already exists so not creating")
+          true
+        end
+      end
+
+      def create_change_set
+        stack_data = stack_generator.cf_stack_data
+        stack_data[:change_set_name] = config[:change_set_name] if config[:change_set_name]
+        stack_data[:change_set_type] = config[:change_set_type] if config[:change_set_type] # accepts CREATE, UPDATE
+        info("Creating Change Set for CloudFormation Stack #{stack_data[:stack_name]}")
+        stack_data[:template_url] = config[:change_set_template_url] if config[:change_set_template_file]
+        if config[:change_set_template_file]
+          stack_data[:template_body] = File.open(config[:change_set_template_file], 'rb') { |file| file.read }
+        end
+        cf.create_change_set(stack_data)
+      end
+
+      def execute_change_set
+        stack_data = {}
+        stack_data[:stack_name] = config[:stack_name]
+        stack_data[:change_set_name] = config[:change_set_name]
+        info("Execute Change Set #{stack_data[:change_set_name]} for CloudFormation Stack #{stack_data[:stack_name]}")
+        cf.execute_change_set(stack_data)
+      end
+
+      def update_stack
+        stack_data = stack_generator.cf_stack_data
+        info("Updating CloudFormation Stack #{stack_data[:stack_name]}")
+        cf.update_stack(stack_data)
+      end
+
       def debug_stack_events(stack_name)
         return unless logger.debug?
         response = cf.get_stack_events(stack_name)

data/lib/kitchen/driver/cloudformation_version.rb

@@ -14,6 +14,6 @@
 module Kitchen
   module Driver
     # Version string for CloudFormation Test Kitchen driver
-    CLOUDFORMATION_VERSION = '1.3.0'.freeze
+    CLOUDFORMATION_VERSION = '1.5.2'.freeze
   end
 end

data/lib/kitchen/provisioner/cloudformation.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+require 'kitchen'
+# require "kitchen/cloudformation/configurable"
+
+# The design of the provisioner is unconventional compared to other Test Kitchen provisioner plugins. Since Cloudformation
+# creates and provisions resources when applying an execution plan, managed by the driver, the provisioner simply
+# proxies the driver's create action to apply any changes to the existing Cloudformation state.
+#
+# === Configuration
+#
+# ==== Example .kitchen.yml snippet
+#
+#   provisioner:
+#     name: cloudformation
+#
+# @see ::Kitchen::Driver::Cloudformation
+# rubocop:disable Style/ClassAndModuleChildren
+class ::Kitchen::Provisioner::Cloudformation < ::Kitchen::Provisioner::Base
+  kitchen_provisioner_api_version 2
+
+  # include ::Kitchen::Cloudformation::Configurable
+
+  # Proxies the driver's create action.
+  #
+  # @example
+  #   `kitchen converge suite-name`
+  # @param state [::Hash] the mutable instance and provisioner state.
+  # @raise [::Kitchen::ActionFailed] if the result of the action is a failure.
+  def call(state)
+    info("State is  <#{state}>.")
+    instance.driver.update state
+  end
+end

metadata

@@ -1,35 +1,29 @@
 --- !ruby/object:Gem::Specification
 name: kitchen-cloudformation
 version: !ruby/object:Gem::Version
-  version: 1.3.0
+  version: 1.5.2
 platform: ruby
 authors:
 - Neill Turner
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-09-21 00:00:00.000000000 Z
+date: 2021-06-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: test-kitchen
+  name: aws-sdk
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.4'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.4.1
+        version: '3'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '1.4'
-    - - ">="
-      - !ruby/object:Gem::Version
-        version: 1.4.1
+        version: '3'
 - !ruby/object:Gem::Dependency
   name: excon
   requirement: !ruby/object:Gem::Requirement
@@ -59,33 +53,33 @@ dependencies:
       - !ruby/object:Gem::Version
         version: '0'
 - !ruby/object:Gem::Dependency
-  name: aws-sdk
+  name: retryable
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2'
+        version: '2.0'
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
-        version: '2'
+        version: '2.0'
 - !ruby/object:Gem::Dependency
-  name: retryable
+  name: test-kitchen
   requirement: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: 1.4.1
   type: :runtime
   prerelease: false
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
-    - - "~>"
+    - - ">="
       - !ruby/object:Gem::Version
-        version: '2.0'
+        version: 1.4.1
 description: A Test Kitchen Driver for Amazon AWS CloudFormation
 email:
 - neillwturner@gmail.com
@@ -102,6 +96,7 @@ files:
 - lib/kitchen/driver/aws/stack_generator.rb
 - lib/kitchen/driver/cloudformation.rb
 - lib/kitchen/driver/cloudformation_version.rb
+- lib/kitchen/provisioner/cloudformation.rb
 homepage: https://github.com/neillturner/kitchen-cloudformation
 licenses:
 - Apache-2.0
@@ -121,8 +116,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.6.13
+rubygems_version: 3.1.4
 signing_key: 
 specification_version: 4
 summary: A Test Kitchen Driver for AWS CloudFormation