kitchen-ec2 1.3.2 → 1.4.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e1b0647af10aedb9a104e2a4659c8178a45e9bc2
-  data.tar.gz: 5f24e47af52b639dce9217c19f599b6adbd4cc32
+  metadata.gz: '0629654ede02f6b7f39315c2434f07bc9325f622'
+  data.tar.gz: aa125bda4edbab056fbaf0c37ba63ee9e7fec696
 SHA512:
-  metadata.gz: b41b1990852aec08150b2ecee3d8241ce3859880a486acfc13c8469a705a7ce6e02e68e44b1da91daac224caa75d907762a9ba0d61cd660ef9b4a52a384f2d91
-  data.tar.gz: ed47c0bfa871227064f8dabf3d59a6038546cc678de5f7856392f61df62b5c4765bb85561f7c126b20e0b1e68ed855a9a598f611334c1fe84e32cd73b3370d66
+  metadata.gz: b3fd4e4b7152d22b5c3952e8c60a718feddad53f9c69be85bbcac95803dfe1437f3cc9501e250a7d90cd8b011eccb168496e42b1339424d1a98629f637338bd2
+  data.tar.gz: 7d96f594e0600b78209d5d89c86d1ddb5ca54afc86e53f9f04c4acfd275a0cd9fdf45da80cd36069d78e326eab4746abcb31b3e25458014a81c814408f44679a

data/.travis.yml

@@ -1,7 +1,11 @@
 language: ruby
 cache: bundler
 sudo: false
+branches:
+  only:
+  - master
 rvm:
-  - 2.2.6
-  - 2.3.1
+  - 2.2.8
+  - 2.3.5
+  - 2.4.2
   - ruby-head

data/CHANGELOG.md

@@ -1,5 +1,23 @@
 # Change Log
 
+## [v1.4.0](https://github.com/test-kitchen/kitchen-ec2/tree/v1.4.0) (2017-11-29)
+[Full Changelog](https://github.com/test-kitchen/kitchen-ec2/compare/v1.3.2...v1.4.0)
+
+**Improvements**
+
+- Explicitly initialise secondary disks on windows 2016 [\#352](https://github.com/test-kitchen/kitchen-ec2/pull/352) ([rlaveycal](https://github.com/rlaveycal))
+- Fix windows user\_data log file [\#350](https://github.com/test-kitchen/kitchen-ec2/pull/350) ([rlaveycal](https://github.com/rlaveycal))
+- Set LocalAccountTokenFilterPolicy to allow powershell remoting from local accounts [\#348](https://github.com/test-kitchen/kitchen-ec2/pull/348) ([Sam-Martin](https://github.com/Sam-Martin))
+- Add EC2 hostname when printing ready message [\#346](https://github.com/test-kitchen/kitchen-ec2/pull/346) ([pierrecdn](https://github.com/pierrecdn))
+- Fix for issue with instance-store backed instance \(issue \#318\) [\#343](https://github.com/test-kitchen/kitchen-ec2/pull/343) ([naunga](https://github.com/naunga))
+- Handle nulls/binary text in user data so it supports gzip [\#338](https://github.com/test-kitchen/kitchen-ec2/pull/338) ([brodygov](https://github.com/brodygov))
+- This updates the documentation [\#337](https://github.com/test-kitchen/kitchen-ec2/pull/337) ([stiller-leser](https://github.com/stiller-leser))
+- Add support for Debian Stretch [\#327](https://github.com/test-kitchen/kitchen-ec2/pull/327) ([RoboticCheese](https://github.com/RoboticCheese))
+- Add support for Amazon Linux [\#321](https://github.com/test-kitchen/kitchen-ec2/pull/321) ([steven-burns](https://github.com/steven-burns))
+- modernize winrm setup and fix for 2008r2 [\#304](https://github.com/test-kitchen/kitchen-ec2/pull/304) ([mwrock](https://github.com/mwrock))
+- Updated readme based on issue 300 [\#302](https://github.com/test-kitchen/kitchen-ec2/pull/302) ([pgporada](https://github.com/pgporada))
+- Use Chefstyle and require Ruby 2.2.2 [\#301](https://github.com/test-kitchen/kitchen-ec2/pull/301) ([tas50](https://github.com/tas50))
+
 ## [v1.3.2](https://github.com/test-kitchen/kitchen-ec2/tree/v1.3.2) (2017-02-24)
 [Full Changelog](https://github.com/test-kitchen/kitchen-ec2/compare/v1.3.1...v1.3.2)
 

data/Gemfile

@@ -2,17 +2,15 @@ source "https://rubygems.org"
 
 # Specify your gem"s dependencies in kitchen-ec2.gemspec
 gemspec
-gem "test-kitchen"
+
 gem "winrm-transport"
 gem "winrm-fs"
-gem "activesupport", "~> 4.0"
-gem "faraday-http-cache", "~> 1.3"
 
 group :test do
-  gem "rake", "< 12"
+  gem "rake"
   gem "pry"
 end
 
-group :development do
+group :changelog do
   gem "github_changelog_generator"
 end

data/README.md

@@ -30,7 +30,7 @@ Once
 that is done, create your kitchen file in your cookbook directory (or an empty
 directory if you just want to get a feel for it):
 
-1. `kitchen init -D ec2`
+1. `kitchen init -D kitchen-ec2`
 2. Edit `.kitchen.yml` and add the aws_ssh_key_id to driver and a transport with
    an ssh_key:
 
@@ -65,7 +65,8 @@ working with!
 ```yaml
 platforms:
   - name: centos-7
-    image_id: ami-96a818fe
+    driver:
+      image_id: ami-96a818fe
 ```
 
 image_id's have a format like ami-748e2903. The image_id values appear next to the image names when you select 'Launch Instance' from the AWS EC2 console. You can also see the list from the AWS CLI ````aws ec2 describe-images````.
@@ -123,6 +124,8 @@ platforms:
   - name: rhel-6
   # The latest patch release of CentOS 6.3
   - name: centos-6.3
+  # The latest patch release of Amazon Linux 2017.03
+  - name: amazon-2017.03
   # 32-bit version of latest major+minor+patch release of Ubuntu
   - name: ubuntu-i386
   # 32-bit version of Debian 6
@@ -244,21 +247,21 @@ the letter designation - will attach this to the region used.
 If not specified, your instances will be placed in an AZ of AWS's choice in your
 region.
 
-### <a name="config-instance_type"></a> `instance_type`
+#### <a name="config-instance_type"></a> `instance_type`
 
 The EC2 [instance type][instance_docs] (also known as size) to use.
 
 The default is `t2.micro` or `t1.micro`, depending on whether the image is `hvm`
 or `paravirtual`. (`paravirtual` images are incompatible with `t2.micro`.)
 
-### `security_group_ids`
+#### `security_group_ids`
 
 An Array of EC2 [security groups][group_docs] which will be applied to the
 instance.
 
 The default is `["default"]`.
 
-### `security_group_filter`
+#### `security_group_filter`
 
 The EC2 [security group][group_docs] which will be applied to the instance,
 specified by tag. Only one group can be specified this way.
@@ -272,20 +275,20 @@ security_group_filter:
   value: 'example-group-name'
 ```
 
-### `region`
+#### `region`
 
 **Required** The AWS [region][region_docs] to use.
 
 If the environment variable `AWS_REGION` is populated that will be used.
 Otherwise the default is `"us-east-1"`.
 
-### `subnet_id`
+#### `subnet_id`
 
 The EC2 [subnet][subnet_docs] to use.
 
 The default is unset, or `nil`.
 
-### `subnet_filter`
+#### `subnet_filter`
 
 The EC2 [subnet][subnet_docs] to use, specified by tag.
 
@@ -298,13 +301,13 @@ subnet_filter:
   value: 'example-subnet-name'
 ```
 
-### `tags`
+#### `tags`
 
 The Hash of EC tag name/value pairs which will be applied to the instance.
 
 The default is `{ "created-by" => "test-kitchen" }`.
 
-### `user_data`
+#### `user_data`
 
 The user_data script or the path to a script to feed the instance.
 Use bash to install dependencies or download artifacts before chef runs.
@@ -317,32 +320,55 @@ On Windows instances we specify a default that enables winrm and
 adds a non-administrator user specified in the `username` transport
 options to the Administrator's User Group.
 
-### `iam_profile_name`
+#### `iam_profile_name`
+
+The EC2 IAM profile name to use. The default is `nil`.
+
+Note: The user, whose AWS credentials you have defined, not only needs `AmazonEC2FullAccess` permissions, but also the ability to execute `iam:PassRole`.
+Hence, use a policy like below when using this option:
+```json
+{
+    "Version": "2012-10-17",
+    "Statement": [
+        {
+            "Effect": "Allow",
+            "Action": [
+                "ec2:*"
+            ],
+            "Resource": "*"
+        },
+        {
+            "Effect": "Allow",
+            "Action": "iam:PassRole",
+            "Resource": "arn:aws:iam::123456789:role/RoleName"
+        }
+    ]
+}
+```
 
-The EC2 IAM profile name to use.
+See [AWS documentation](https://aws.amazon.com/de/blogs/security/granting-permission-to-launch-ec2-instances-with-iam-roles-passrole-permission/) for more details.
 
-The default is `nil`.
 
-### `spot_price`
+#### `spot_price`
 
 The price you bid in order to submit a spot request. An additional step will be required during the spot request process submission. If no price is set, it will use an on-demand instance.
 
 The default is `nil`.
 
-### `instance_initiated_shutdown_behavior`
+#### `instance_initiated_shutdown_behavior`
 
 Control whether an instance should `stop` or `terminate` when shutdown is initiated from the instance using an operating system command for system shutdown.
 
 The default is `nil`.
 
-### block_duration_minutes
+#### `block_duration_minutes`
 
 The [specified duration](http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-requests.html#fixed-duration-spot-instances) for a spot instance, in minutes. This value must be a multiple of 60 (60, 120, 180, 240, 300, or 360).
 If no duration is set, the spot instance will remain active until it is terminated.
 
 The default is `nil`.
 
-### `http_proxy`
+#### `http_proxy`
 
 Specify a proxy to send AWS requests through.  Should be of the format `http://<host>:<port>`.
 
@@ -350,10 +376,18 @@ The default is `ENV["HTTPS_PROXY"] || ENV["HTTP_PROXY"]`.  If you have these env
 
 **Note** - The AWS command line utility allow you to specify [two proxies](http://docs.aws.amazon.com/cli/latest/userguide/cli-http-proxy.html), one for HTTP and one for HTTPS.  The AWS Ruby SDK only allows you to specify 1 proxy and because all requests are `https://` this proxy needs to support HTTPS.
 
-### `ssl_verify_peer`
+#### `ssl_verify_peer`
 
 If you need to turn off ssl certificate verification for HTTP calls made to AWS, set `ssl_verify_peer: false`.
 
+#### `vpc_mode`
+
+Can be used to place ec2 instance into vpc. Requires `vpc_id` and `subnet_id` to be set.
+
+#### `vpc_id`
+
+Needs `vpc_mode` to be set to true. Represents the ID of the vpc in which the instance should be placed.
+
 ### Disk Configuration
 
 #### <a name="config-block_device_mappings"></a> `block_device_mappings`

data/Rakefile

@@ -13,7 +13,7 @@ task :stats do
   sh "countloc -r spec features"
 end
 
-require "finstyle"
+require "chefstyle"
 require "rubocop/rake_task"
 RuboCop::RakeTask.new(:style) do |task|
   task.options << "--display-cop-names"

data/kitchen-ec2.gemspec

@@ -18,6 +18,8 @@ Gem::Specification.new do |gem|
   gem.test_files    = gem.files.grep(%r{^(test|spec|features)/})
   gem.require_paths = ["lib"]
 
+  gem.required_ruby_version = ">= 2.2.2"
+
   gem.add_dependency "test-kitchen", "~> 1.4", ">= 1.4.1"
   gem.add_dependency "excon"
   gem.add_dependency "multi_json"
@@ -30,16 +32,9 @@ Gem::Specification.new do |gem|
   gem.add_development_dependency "simplecov", "~> 0.7"
   gem.add_development_dependency "yard",      "~> 0.8"
 
-  # conflicts with finstyle 1.4.0
-  # gem.add_development_dependency "github_changelog_generator"
-
   # style and complexity libraries are tightly version pinned as newer releases
   # may introduce new and undesireable style choices which would be immediately
   # enforced in CI
-  gem.add_development_dependency "finstyle",  "1.4.0"
+  gem.add_development_dependency "chefstyle", "= 0.6.0"
   gem.add_development_dependency "climate_control"
-
-  # github_changelog_generator -> github-api -> oauth2 -> rack
-  # rack being unconstrained breaks Ruby 2.1 installs
-  gem.add_development_dependency "rack", "~> 1.0"
 end

data/lib/kitchen/driver/aws/client.rb

@@ -61,21 +61,21 @@ module Kitchen
         def self.get_credentials(profile_name, access_key_id, secret_access_key, session_token,
                                  region, options = {})
           source_creds =
-          if access_key_id && secret_access_key
-            ::Aws::Credentials.new(access_key_id, secret_access_key, session_token)
-          elsif ENV["AWS_ACCESS_KEY_ID"] && ENV["AWS_SECRET_ACCESS_KEY"]
-            ::Aws::Credentials.new(
-              ENV["AWS_ACCESS_KEY_ID"],
-              ENV["AWS_SECRET_ACCESS_KEY"],
-              ENV["AWS_SESSION_TOKEN"]
-            )
-          elsif profile_name
-            ::Aws::SharedCredentials.new(:profile_name => profile_name)
-          elsif default_shared_credentials?
-            ::Aws::SharedCredentials.new
-          else
-            ::Aws::InstanceProfileCredentials.new(:retries => 1)
-          end
+            if access_key_id && secret_access_key
+              ::Aws::Credentials.new(access_key_id, secret_access_key, session_token)
+            elsif ENV["AWS_ACCESS_KEY_ID"] && ENV["AWS_SECRET_ACCESS_KEY"]
+              ::Aws::Credentials.new(
+                ENV["AWS_ACCESS_KEY_ID"],
+                ENV["AWS_SECRET_ACCESS_KEY"],
+                ENV["AWS_SESSION_TOKEN"]
+              )
+            elsif profile_name
+              ::Aws::SharedCredentials.new(:profile_name => profile_name)
+            elsif default_shared_credentials?
+              ::Aws::SharedCredentials.new
+            else
+              ::Aws::InstanceProfileCredentials.new(:retries => 1)
+            end
 
           if options[:assume_role_arn] && options[:assume_role_session_name]
             sts = ::Aws::STS::Client.new(:credentials => source_creds, :region => region)
@@ -111,7 +111,7 @@ module Kitchen
           resource.instances(
             :filters => [{
               :name => "spot-instance-request-id",
-              :values => [request_id]
+              :values => [request_id],
             }]
           ).to_a[0]
         end

data/lib/kitchen/driver/aws/instance_generator.rb

@@ -49,13 +49,13 @@ module Kitchen
                 :filters => [
                   {
                     :name   => "tag:#{config[:subnet_filter][:tag]}",
-                    :values => [config[:subnet_filter][:value]]
-                  }
+                    :values => [config[:subnet_filter][:value]],
+                  },
                 ]
               )[0][0].subnet_id
 
             if config[:subnet_id].nil?
-              fail "The subnet tagged '#{config[:subnet_filter][:tag]}\
+              raise "The subnet tagged '#{config[:subnet_filter][:tag]}\
               #{config[:subnet_filter][:value]}' does not exist!"
             end
           end
@@ -66,13 +66,13 @@ module Kitchen
                 :filters => [
                   {
                     :name   => "tag:#{config[:security_group_filter][:tag]}",
-                    :values => [config[:security_group_filter][:value]]
-                  }
+                    :values => [config[:security_group_filter][:value]],
+                  },
                 ]
               )[0][0].group_id]
 
             if config[:security_group_ids].nil?
-              fail "The group tagged '#{config[:security_group_filter][:tag]}\
+              raise "The group tagged '#{config[:security_group_filter][:tag]}\
               #{config[:security_group_filter][:value]}' does not exist!"
             end
           end
@@ -83,7 +83,7 @@ module Kitchen
             :image_id                     => config[:image_id],
             :key_name                     => config[:aws_ssh_key_id],
             :subnet_id                    => config[:subnet_id],
-            :private_ip_address           => config[:private_ip_address]
+            :private_ip_address           => config[:private_ip_address],
           }
 
           availability_zone = config[:availability_zone]
@@ -94,7 +94,7 @@ module Kitchen
             i[:placement] = { :availability_zone => availability_zone.downcase }
           end
           tenancy = config[:tenancy]
-          if tenancy && %w[default dedicated].include?(tenancy)
+          if tenancy && %w{default dedicated}.include?(tenancy)
             if i.key?(:placement)
               i[:placement][:tenancy] = tenancy
             else
@@ -114,7 +114,7 @@ module Kitchen
               [{
                 :device_index => 0,
                 :associate_public_ip_address => config[:associate_public_ip],
-                :delete_on_termination => true
+                :delete_on_termination => true,
               }]
             # If specifying `:network_interfaces` in the request, you must specify
             # network specific configs in the network_interfaces block and not at
@@ -137,7 +137,7 @@ module Kitchen
             i[:placement] = { :availability_zone => availability_zone.downcase }
           end
           tenancy = config[:tenancy]
-          if tenancy && %w[default dedicated].include?(tenancy)
+          if tenancy && %w{default dedicated}.include?(tenancy)
             if i.key?(:placement)
               i[:placement][:tenancy] = tenancy
             else
@@ -154,14 +154,14 @@ module Kitchen
         def prepared_user_data
           # If user_data is a file reference, lets read it as such
           return nil if config[:user_data].nil?
-          @user_data ||= begin
-            if File.file?(config[:user_data])
-              @user_data = File.read(config[:user_data])
-            else
-              @user_data = config[:user_data]
-            end
-            @user_data = Base64.encode64(@user_data)
+          return @user_data if @user_data
+
+          raw_user_data = config.fetch(:user_data)
+          if !raw_user_data.include?("\0") && File.file?(raw_user_data)
+            raw_user_data = File.read(raw_user_data)
           end
+
+          @user_data = Base64.encode64(raw_user_data)
         end
 
       end

data/lib/kitchen/driver/aws/standard_platform.rb

@@ -138,7 +138,7 @@ module Kitchen
         #
         # The list of supported architectures
         #
-        ARCHITECTURE = %w[x86_64 i386 i86pc sun4v powerpc]
+        ARCHITECTURE = %w{x86_64 i386 i86pc sun4v powerpc}
 
         protected
 
@@ -162,7 +162,7 @@ module Kitchen
           images.group_by do |image|
             platform = self.class.from_image(driver, image)
             platform ? platform.version : nil
-          end.sort_by { |k, _v| k ? k.to_f : nil }.reverse.map { |_k, v| v }.flatten(1)
+          end.sort_by { |k, _v| k ? k.to_f : nil }.reverse.flat_map { |_k, v| v }
         end
 
         # Not supported yet: aix mac_os_x nexus solaris

data/lib/kitchen/driver/aws/standard_platform/amazon.rb

@@ -0,0 +1,34 @@
+require "kitchen/driver/aws/standard_platform"
+
+module Kitchen
+  module Driver
+    class Aws
+      class StandardPlatform
+        # https://aws.amazon.com/amazon-linux-ami/
+        class Amazon < StandardPlatform
+          StandardPlatform.platforms["amazon"] = self
+
+          def username
+            "ec2-user"
+          end
+
+          def image_search
+            search = {
+              "owner-id" => "137112412989",
+              "name" => version ? "amzn-ami-*-#{version}*" : "amzn-ami-*",
+            }
+            search["architecture"] = architecture if architecture
+            search
+          end
+
+          def self.from_image(driver, image)
+            if image.name =~ /amzn-ami/i
+              image.name =~ /\b(\d+(\.\d+[\.\d])?)/i
+              new(driver, "amazon", (Regexp.last_match || [])[1], image.architecture)
+            end
+          end
+        end
+      end
+    end
+  end
+end