kitchen-ec2 1.3.2 → 1.4.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: e1b0647af10aedb9a104e2a4659c8178a45e9bc2
4
- data.tar.gz: 5f24e47af52b639dce9217c19f599b6adbd4cc32
3
+ metadata.gz: '0629654ede02f6b7f39315c2434f07bc9325f622'
4
+ data.tar.gz: aa125bda4edbab056fbaf0c37ba63ee9e7fec696
5
5
  SHA512:
6
- metadata.gz: b41b1990852aec08150b2ecee3d8241ce3859880a486acfc13c8469a705a7ce6e02e68e44b1da91daac224caa75d907762a9ba0d61cd660ef9b4a52a384f2d91
7
- data.tar.gz: ed47c0bfa871227064f8dabf3d59a6038546cc678de5f7856392f61df62b5c4765bb85561f7c126b20e0b1e68ed855a9a598f611334c1fe84e32cd73b3370d66
6
+ metadata.gz: b3fd4e4b7152d22b5c3952e8c60a718feddad53f9c69be85bbcac95803dfe1437f3cc9501e250a7d90cd8b011eccb168496e42b1339424d1a98629f637338bd2
7
+ data.tar.gz: 7d96f594e0600b78209d5d89c86d1ddb5ca54afc86e53f9f04c4acfd275a0cd9fdf45da80cd36069d78e326eab4746abcb31b3e25458014a81c814408f44679a
@@ -1,7 +1,11 @@
1
1
  language: ruby
2
2
  cache: bundler
3
3
  sudo: false
4
+ branches:
5
+ only:
6
+ - master
4
7
  rvm:
5
- - 2.2.6
6
- - 2.3.1
8
+ - 2.2.8
9
+ - 2.3.5
10
+ - 2.4.2
7
11
  - ruby-head
@@ -1,5 +1,23 @@
1
1
  # Change Log
2
2
 
3
+ ## [v1.4.0](https://github.com/test-kitchen/kitchen-ec2/tree/v1.4.0) (2017-11-29)
4
+ [Full Changelog](https://github.com/test-kitchen/kitchen-ec2/compare/v1.3.2...v1.4.0)
5
+
6
+ **Improvements**
7
+
8
+ - Explicitly initialise secondary disks on windows 2016 [\#352](https://github.com/test-kitchen/kitchen-ec2/pull/352) ([rlaveycal](https://github.com/rlaveycal))
9
+ - Fix windows user\_data log file [\#350](https://github.com/test-kitchen/kitchen-ec2/pull/350) ([rlaveycal](https://github.com/rlaveycal))
10
+ - Set LocalAccountTokenFilterPolicy to allow powershell remoting from local accounts [\#348](https://github.com/test-kitchen/kitchen-ec2/pull/348) ([Sam-Martin](https://github.com/Sam-Martin))
11
+ - Add EC2 hostname when printing ready message [\#346](https://github.com/test-kitchen/kitchen-ec2/pull/346) ([pierrecdn](https://github.com/pierrecdn))
12
+ - Fix for issue with instance-store backed instance \(issue \#318\) [\#343](https://github.com/test-kitchen/kitchen-ec2/pull/343) ([naunga](https://github.com/naunga))
13
+ - Handle nulls/binary text in user data so it supports gzip [\#338](https://github.com/test-kitchen/kitchen-ec2/pull/338) ([brodygov](https://github.com/brodygov))
14
+ - This updates the documentation [\#337](https://github.com/test-kitchen/kitchen-ec2/pull/337) ([stiller-leser](https://github.com/stiller-leser))
15
+ - Add support for Debian Stretch [\#327](https://github.com/test-kitchen/kitchen-ec2/pull/327) ([RoboticCheese](https://github.com/RoboticCheese))
16
+ - Add support for Amazon Linux [\#321](https://github.com/test-kitchen/kitchen-ec2/pull/321) ([steven-burns](https://github.com/steven-burns))
17
+ - modernize winrm setup and fix for 2008r2 [\#304](https://github.com/test-kitchen/kitchen-ec2/pull/304) ([mwrock](https://github.com/mwrock))
18
+ - Updated readme based on issue 300 [\#302](https://github.com/test-kitchen/kitchen-ec2/pull/302) ([pgporada](https://github.com/pgporada))
19
+ - Use Chefstyle and require Ruby 2.2.2 [\#301](https://github.com/test-kitchen/kitchen-ec2/pull/301) ([tas50](https://github.com/tas50))
20
+
3
21
  ## [v1.3.2](https://github.com/test-kitchen/kitchen-ec2/tree/v1.3.2) (2017-02-24)
4
22
  [Full Changelog](https://github.com/test-kitchen/kitchen-ec2/compare/v1.3.1...v1.3.2)
5
23
 
data/Gemfile CHANGED
@@ -2,17 +2,15 @@ source "https://rubygems.org"
2
2
 
3
3
  # Specify your gem"s dependencies in kitchen-ec2.gemspec
4
4
  gemspec
5
- gem "test-kitchen"
5
+
6
6
  gem "winrm-transport"
7
7
  gem "winrm-fs"
8
- gem "activesupport", "~> 4.0"
9
- gem "faraday-http-cache", "~> 1.3"
10
8
 
11
9
  group :test do
12
- gem "rake", "< 12"
10
+ gem "rake"
13
11
  gem "pry"
14
12
  end
15
13
 
16
- group :development do
14
+ group :changelog do
17
15
  gem "github_changelog_generator"
18
16
  end
data/README.md CHANGED
@@ -30,7 +30,7 @@ Once
30
30
  that is done, create your kitchen file in your cookbook directory (or an empty
31
31
  directory if you just want to get a feel for it):
32
32
 
33
- 1. `kitchen init -D ec2`
33
+ 1. `kitchen init -D kitchen-ec2`
34
34
  2. Edit `.kitchen.yml` and add the aws_ssh_key_id to driver and a transport with
35
35
  an ssh_key:
36
36
 
@@ -65,7 +65,8 @@ working with!
65
65
  ```yaml
66
66
  platforms:
67
67
  - name: centos-7
68
- image_id: ami-96a818fe
68
+ driver:
69
+ image_id: ami-96a818fe
69
70
  ```
70
71
 
71
72
  image_id's have a format like ami-748e2903. The image_id values appear next to the image names when you select 'Launch Instance' from the AWS EC2 console. You can also see the list from the AWS CLI ````aws ec2 describe-images````.
@@ -123,6 +124,8 @@ platforms:
123
124
  - name: rhel-6
124
125
  # The latest patch release of CentOS 6.3
125
126
  - name: centos-6.3
127
+ # The latest patch release of Amazon Linux 2017.03
128
+ - name: amazon-2017.03
126
129
  # 32-bit version of latest major+minor+patch release of Ubuntu
127
130
  - name: ubuntu-i386
128
131
  # 32-bit version of Debian 6
@@ -244,21 +247,21 @@ the letter designation - will attach this to the region used.
244
247
  If not specified, your instances will be placed in an AZ of AWS's choice in your
245
248
  region.
246
249
 
247
- ### <a name="config-instance_type"></a> `instance_type`
250
+ #### <a name="config-instance_type"></a> `instance_type`
248
251
 
249
252
  The EC2 [instance type][instance_docs] (also known as size) to use.
250
253
 
251
254
  The default is `t2.micro` or `t1.micro`, depending on whether the image is `hvm`
252
255
  or `paravirtual`. (`paravirtual` images are incompatible with `t2.micro`.)
253
256
 
254
- ### `security_group_ids`
257
+ #### `security_group_ids`
255
258
 
256
259
  An Array of EC2 [security groups][group_docs] which will be applied to the
257
260
  instance.
258
261
 
259
262
  The default is `["default"]`.
260
263
 
261
- ### `security_group_filter`
264
+ #### `security_group_filter`
262
265
 
263
266
  The EC2 [security group][group_docs] which will be applied to the instance,
264
267
  specified by tag. Only one group can be specified this way.
@@ -272,20 +275,20 @@ security_group_filter:
272
275
  value: 'example-group-name'
273
276
  ```
274
277
 
275
- ### `region`
278
+ #### `region`
276
279
 
277
280
  **Required** The AWS [region][region_docs] to use.
278
281
 
279
282
  If the environment variable `AWS_REGION` is populated that will be used.
280
283
  Otherwise the default is `"us-east-1"`.
281
284
 
282
- ### `subnet_id`
285
+ #### `subnet_id`
283
286
 
284
287
  The EC2 [subnet][subnet_docs] to use.
285
288
 
286
289
  The default is unset, or `nil`.
287
290
 
288
- ### `subnet_filter`
291
+ #### `subnet_filter`
289
292
 
290
293
  The EC2 [subnet][subnet_docs] to use, specified by tag.
291
294
 
@@ -298,13 +301,13 @@ subnet_filter:
298
301
  value: 'example-subnet-name'
299
302
  ```
300
303
 
301
- ### `tags`
304
+ #### `tags`
302
305
 
303
306
  The Hash of EC tag name/value pairs which will be applied to the instance.
304
307
 
305
308
  The default is `{ "created-by" => "test-kitchen" }`.
306
309
 
307
- ### `user_data`
310
+ #### `user_data`
308
311
 
309
312
  The user_data script or the path to a script to feed the instance.
310
313
  Use bash to install dependencies or download artifacts before chef runs.
@@ -317,32 +320,55 @@ On Windows instances we specify a default that enables winrm and
317
320
  adds a non-administrator user specified in the `username` transport
318
321
  options to the Administrator's User Group.
319
322
 
320
- ### `iam_profile_name`
323
+ #### `iam_profile_name`
324
+
325
+ The EC2 IAM profile name to use. The default is `nil`.
326
+
327
+ Note: The user, whose AWS credentials you have defined, not only needs `AmazonEC2FullAccess` permissions, but also the ability to execute `iam:PassRole`.
328
+ Hence, use a policy like below when using this option:
329
+ ```json
330
+ {
331
+ "Version": "2012-10-17",
332
+ "Statement": [
333
+ {
334
+ "Effect": "Allow",
335
+ "Action": [
336
+ "ec2:*"
337
+ ],
338
+ "Resource": "*"
339
+ },
340
+ {
341
+ "Effect": "Allow",
342
+ "Action": "iam:PassRole",
343
+ "Resource": "arn:aws:iam::123456789:role/RoleName"
344
+ }
345
+ ]
346
+ }
347
+ ```
321
348
 
322
- The EC2 IAM profile name to use.
349
+ See [AWS documentation](https://aws.amazon.com/de/blogs/security/granting-permission-to-launch-ec2-instances-with-iam-roles-passrole-permission/) for more details.
323
350
 
324
- The default is `nil`.
325
351
 
326
- ### `spot_price`
352
+ #### `spot_price`
327
353
 
328
354
  The price you bid in order to submit a spot request. An additional step will be required during the spot request process submission. If no price is set, it will use an on-demand instance.
329
355
 
330
356
  The default is `nil`.
331
357
 
332
- ### `instance_initiated_shutdown_behavior`
358
+ #### `instance_initiated_shutdown_behavior`
333
359
 
334
360
  Control whether an instance should `stop` or `terminate` when shutdown is initiated from the instance using an operating system command for system shutdown.
335
361
 
336
362
  The default is `nil`.
337
363
 
338
- ### block_duration_minutes
364
+ #### `block_duration_minutes`
339
365
 
340
366
  The [specified duration](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-requests.html#fixed-duration-spot-instances) for a spot instance, in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
341
367
  If no duration is set, the spot instance will remain active until it is terminated.
342
368
 
343
369
  The default is `nil`.
344
370
 
345
- ### `http_proxy`
371
+ #### `http_proxy`
346
372
 
347
373
  Specify a proxy to send AWS requests through. Should be of the format `http://<host>:<port>`.
348
374
 
@@ -350,10 +376,18 @@ The default is `ENV["HTTPS_PROXY"] || ENV["HTTP_PROXY"]`. If you have these env
350
376
 
351
377
  **Note** - The AWS command line utility allow you to specify [two proxies](http://docs.aws.amazon.com/cli/latest/userguide/cli-http-proxy.html), one for HTTP and one for HTTPS. The AWS Ruby SDK only allows you to specify 1 proxy and because all requests are `https://` this proxy needs to support HTTPS.
352
378
 
353
- ### `ssl_verify_peer`
379
+ #### `ssl_verify_peer`
354
380
 
355
381
  If you need to turn off ssl certificate verification for HTTP calls made to AWS, set `ssl_verify_peer: false`.
356
382
 
383
+ #### `vpc_mode`
384
+
385
+ Can be used to place ec2 instance into vpc. Requires `vpc_id` and `subnet_id` to be set.
386
+
387
+ #### `vpc_id`
388
+
389
+ Needs `vpc_mode` to be set to true. Represents the ID of the vpc in which the instance should be placed.
390
+
357
391
  ### Disk Configuration
358
392
 
359
393
  #### <a name="config-block_device_mappings"></a> `block_device_mappings`
data/Rakefile CHANGED
@@ -13,7 +13,7 @@ task :stats do
13
13
  sh "countloc -r spec features"
14
14
  end
15
15
 
16
- require "finstyle"
16
+ require "chefstyle"
17
17
  require "rubocop/rake_task"
18
18
  RuboCop::RakeTask.new(:style) do |task|
19
19
  task.options << "--display-cop-names"
@@ -18,6 +18,8 @@ Gem::Specification.new do |gem|
18
18
  gem.test_files = gem.files.grep(%r{^(test|spec|features)/})
19
19
  gem.require_paths = ["lib"]
20
20
 
21
+ gem.required_ruby_version = ">= 2.2.2"
22
+
21
23
  gem.add_dependency "test-kitchen", "~> 1.4", ">= 1.4.1"
22
24
  gem.add_dependency "excon"
23
25
  gem.add_dependency "multi_json"
@@ -30,16 +32,9 @@ Gem::Specification.new do |gem|
30
32
  gem.add_development_dependency "simplecov", "~> 0.7"
31
33
  gem.add_development_dependency "yard", "~> 0.8"
32
34
 
33
- # conflicts with finstyle 1.4.0
34
- # gem.add_development_dependency "github_changelog_generator"
35
-
36
35
  # style and complexity libraries are tightly version pinned as newer releases
37
36
  # may introduce new and undesireable style choices which would be immediately
38
37
  # enforced in CI
39
- gem.add_development_dependency "finstyle", "1.4.0"
38
+ gem.add_development_dependency "chefstyle", "= 0.6.0"
40
39
  gem.add_development_dependency "climate_control"
41
-
42
- # github_changelog_generator -> github-api -> oauth2 -> rack
43
- # rack being unconstrained breaks Ruby 2.1 installs
44
- gem.add_development_dependency "rack", "~> 1.0"
45
40
  end
@@ -61,21 +61,21 @@ module Kitchen
61
61
  def self.get_credentials(profile_name, access_key_id, secret_access_key, session_token,
62
62
  region, options = {})
63
63
  source_creds =
64
- if access_key_id && secret_access_key
65
- ::Aws::Credentials.new(access_key_id, secret_access_key, session_token)
66
- elsif ENV["AWS_ACCESS_KEY_ID"] && ENV["AWS_SECRET_ACCESS_KEY"]
67
- ::Aws::Credentials.new(
68
- ENV["AWS_ACCESS_KEY_ID"],
69
- ENV["AWS_SECRET_ACCESS_KEY"],
70
- ENV["AWS_SESSION_TOKEN"]
71
- )
72
- elsif profile_name
73
- ::Aws::SharedCredentials.new(:profile_name => profile_name)
74
- elsif default_shared_credentials?
75
- ::Aws::SharedCredentials.new
76
- else
77
- ::Aws::InstanceProfileCredentials.new(:retries => 1)
78
- end
64
+ if access_key_id && secret_access_key
65
+ ::Aws::Credentials.new(access_key_id, secret_access_key, session_token)
66
+ elsif ENV["AWS_ACCESS_KEY_ID"] && ENV["AWS_SECRET_ACCESS_KEY"]
67
+ ::Aws::Credentials.new(
68
+ ENV["AWS_ACCESS_KEY_ID"],
69
+ ENV["AWS_SECRET_ACCESS_KEY"],
70
+ ENV["AWS_SESSION_TOKEN"]
71
+ )
72
+ elsif profile_name
73
+ ::Aws::SharedCredentials.new(:profile_name => profile_name)
74
+ elsif default_shared_credentials?
75
+ ::Aws::SharedCredentials.new
76
+ else
77
+ ::Aws::InstanceProfileCredentials.new(:retries => 1)
78
+ end
79
79
 
80
80
  if options[:assume_role_arn] && options[:assume_role_session_name]
81
81
  sts = ::Aws::STS::Client.new(:credentials => source_creds, :region => region)
@@ -111,7 +111,7 @@ module Kitchen
111
111
  resource.instances(
112
112
  :filters => [{
113
113
  :name => "spot-instance-request-id",
114
- :values => [request_id]
114
+ :values => [request_id],
115
115
  }]
116
116
  ).to_a[0]
117
117
  end
@@ -49,13 +49,13 @@ module Kitchen
49
49
  :filters => [
50
50
  {
51
51
  :name => "tag:#{config[:subnet_filter][:tag]}",
52
- :values => [config[:subnet_filter][:value]]
53
- }
52
+ :values => [config[:subnet_filter][:value]],
53
+ },
54
54
  ]
55
55
  )[0][0].subnet_id
56
56
 
57
57
  if config[:subnet_id].nil?
58
- fail "The subnet tagged '#{config[:subnet_filter][:tag]}\
58
+ raise "The subnet tagged '#{config[:subnet_filter][:tag]}\
59
59
  #{config[:subnet_filter][:value]}' does not exist!"
60
60
  end
61
61
  end
@@ -66,13 +66,13 @@ module Kitchen
66
66
  :filters => [
67
67
  {
68
68
  :name => "tag:#{config[:security_group_filter][:tag]}",
69
- :values => [config[:security_group_filter][:value]]
70
- }
69
+ :values => [config[:security_group_filter][:value]],
70
+ },
71
71
  ]
72
72
  )[0][0].group_id]
73
73
 
74
74
  if config[:security_group_ids].nil?
75
- fail "The group tagged '#{config[:security_group_filter][:tag]}\
75
+ raise "The group tagged '#{config[:security_group_filter][:tag]}\
76
76
  #{config[:security_group_filter][:value]}' does not exist!"
77
77
  end
78
78
  end
@@ -83,7 +83,7 @@ module Kitchen
83
83
  :image_id => config[:image_id],
84
84
  :key_name => config[:aws_ssh_key_id],
85
85
  :subnet_id => config[:subnet_id],
86
- :private_ip_address => config[:private_ip_address]
86
+ :private_ip_address => config[:private_ip_address],
87
87
  }
88
88
 
89
89
  availability_zone = config[:availability_zone]
@@ -94,7 +94,7 @@ module Kitchen
94
94
  i[:placement] = { :availability_zone => availability_zone.downcase }
95
95
  end
96
96
  tenancy = config[:tenancy]
97
- if tenancy && %w[default dedicated].include?(tenancy)
97
+ if tenancy && %w{default dedicated}.include?(tenancy)
98
98
  if i.key?(:placement)
99
99
  i[:placement][:tenancy] = tenancy
100
100
  else
@@ -114,7 +114,7 @@ module Kitchen
114
114
  [{
115
115
  :device_index => 0,
116
116
  :associate_public_ip_address => config[:associate_public_ip],
117
- :delete_on_termination => true
117
+ :delete_on_termination => true,
118
118
  }]
119
119
  # If specifying `:network_interfaces` in the request, you must specify
120
120
  # network specific configs in the network_interfaces block and not at
@@ -137,7 +137,7 @@ module Kitchen
137
137
  i[:placement] = { :availability_zone => availability_zone.downcase }
138
138
  end
139
139
  tenancy = config[:tenancy]
140
- if tenancy && %w[default dedicated].include?(tenancy)
140
+ if tenancy && %w{default dedicated}.include?(tenancy)
141
141
  if i.key?(:placement)
142
142
  i[:placement][:tenancy] = tenancy
143
143
  else
@@ -154,14 +154,14 @@ module Kitchen
154
154
  def prepared_user_data
155
155
  # If user_data is a file reference, lets read it as such
156
156
  return nil if config[:user_data].nil?
157
- @user_data ||= begin
158
- if File.file?(config[:user_data])
159
- @user_data = File.read(config[:user_data])
160
- else
161
- @user_data = config[:user_data]
162
- end
163
- @user_data = Base64.encode64(@user_data)
157
+ return @user_data if @user_data
158
+
159
+ raw_user_data = config.fetch(:user_data)
160
+ if !raw_user_data.include?("\0") && File.file?(raw_user_data)
161
+ raw_user_data = File.read(raw_user_data)
164
162
  end
163
+
164
+ @user_data = Base64.encode64(raw_user_data)
165
165
  end
166
166
 
167
167
  end
@@ -138,7 +138,7 @@ module Kitchen
138
138
  #
139
139
  # The list of supported architectures
140
140
  #
141
- ARCHITECTURE = %w[x86_64 i386 i86pc sun4v powerpc]
141
+ ARCHITECTURE = %w{x86_64 i386 i86pc sun4v powerpc}
142
142
 
143
143
  protected
144
144
 
@@ -162,7 +162,7 @@ module Kitchen
162
162
  images.group_by do |image|
163
163
  platform = self.class.from_image(driver, image)
164
164
  platform ? platform.version : nil
165
- end.sort_by { |k, _v| k ? k.to_f : nil }.reverse.map { |_k, v| v }.flatten(1)
165
+ end.sort_by { |k, _v| k ? k.to_f : nil }.reverse.flat_map { |_k, v| v }
166
166
  end
167
167
 
168
168
  # Not supported yet: aix mac_os_x nexus solaris
@@ -0,0 +1,34 @@
1
+ require "kitchen/driver/aws/standard_platform"
2
+
3
+ module Kitchen
4
+ module Driver
5
+ class Aws
6
+ class StandardPlatform
7
+ # https://aws.amazon.com/amazon-linux-ami/
8
+ class Amazon < StandardPlatform
9
+ StandardPlatform.platforms["amazon"] = self
10
+
11
+ def username
12
+ "ec2-user"
13
+ end
14
+
15
+ def image_search
16
+ search = {
17
+ "owner-id" => "137112412989",
18
+ "name" => version ? "amzn-ami-*-#{version}*" : "amzn-ami-*",
19
+ }
20
+ search["architecture"] = architecture if architecture
21
+ search
22
+ end
23
+
24
+ def self.from_image(driver, image)
25
+ if image.name =~ /amzn-ami/i
26
+ image.name =~ /\b(\d+(\.\d+[\.\d])?)/i
27
+ new(driver, "amazon", (Regexp.last_match || [])[1], image.architecture)
28
+ end
29
+ end
30
+ end
31
+ end
32
+ end
33
+ end
34
+ end