kitchen-ec2 2.2.0 → 2.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.travis.yml +1 -2
- data/CHANGELOG.md +9 -0
- data/lib/kitchen/driver/aws/instance_generator.rb +12 -10
- data/lib/kitchen/driver/ec2.rb +38 -27
- data/lib/kitchen/driver/ec2_version.rb +1 -1
- data/spec/kitchen/driver/ec2/instance_generator_spec.rb +36 -0
- data/spec/kitchen/driver/ec2_spec.rb +12 -0
- metadata +2 -2
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA1:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: 863664a181278e965fac6bb54cf85b705b88e72c
|
|
4
|
+
data.tar.gz: c2245899fe742f202ebe555038931d8df7776452
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: ad29d9a33374c23d585d1ddbefda2712005a5a5c57117a2e071fffdde98ccb7b43e84b409f6eef9e4c0e0a23620714633d2bab7d2782ce6b99cd595f8da1a2fd
|
|
7
|
+
data.tar.gz: 542e97cb2aa201bac249aca2b3cfe790e2a604acefdd916e7eac59beecb644ed167f164d6e8119ff4bd390c636ca218122581f3654e650455f65bada09607fc0
|
data/.travis.yml
CHANGED
data/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,14 @@
|
|
|
1
1
|
# Change Log
|
|
2
2
|
|
|
3
|
+
## [v2.2.1](https://github.com/test-kitchen/kitchen-ec2/tree/v2.2.1) (2018-02-12)
|
|
4
|
+
[Full Changelog](https://github.com/test-kitchen/kitchen-ec2/compare/v2.2.0...v2.2.1)
|
|
5
|
+
|
|
6
|
+
**Fixed bugs:**
|
|
7
|
+
|
|
8
|
+
- Fix `undefined` error when Windows AMIs don't include "windows" in name [\#322](https://github.com/test-kitchen/kitchen-ec2/issues/322) [\#324](https://github.com/test-kitchen/kitchen-ec2/pull/324) ([BenLiyanage](https://github.com/BenLiyanage))
|
|
9
|
+
- Fix error behavior when security\_group\_filter is set but no security group found for those tags [\#386](https://github.com/test-kitchen/kitchen-ec2/pull/386) ([dpattmann](https://github.com/dpattmann))
|
|
10
|
+
- Don't create security group if security\_group\_filter is set [\#385](https://github.com/test-kitchen/kitchen-ec2/pull/385) ([dpattmann](https://github.com/dpattmann))
|
|
11
|
+
|
|
3
12
|
## [v2.2.0](https://github.com/test-kitchen/kitchen-ec2/tree/v2.2.0) (2018-01-27)
|
|
4
13
|
|
|
5
14
|
[Full Changelog](https://github.com/test-kitchen/kitchen-ec2/compare/v2.1.0...v2.2.0)
|
|
@@ -62,19 +62,21 @@ module Kitchen
|
|
|
62
62
|
end
|
|
63
63
|
|
|
64
64
|
if config[:security_group_ids].nil? && config[:security_group_filter]
|
|
65
|
-
|
|
66
|
-
|
|
65
|
+
security_group = ::Aws::EC2::Client.
|
|
66
|
+
new(:region => config[:region]).describe_security_groups(
|
|
67
67
|
:filters => [
|
|
68
|
-
|
|
69
|
-
|
|
70
|
-
|
|
71
|
-
|
|
68
|
+
{
|
|
69
|
+
:name => "tag:#{config[:security_group_filter][:tag]}",
|
|
70
|
+
:values => [config[:security_group_filter][:value]],
|
|
71
|
+
},
|
|
72
72
|
]
|
|
73
|
-
|
|
73
|
+
)[0][0]
|
|
74
74
|
|
|
75
|
-
if
|
|
76
|
-
|
|
77
|
-
|
|
75
|
+
if security_group
|
|
76
|
+
config[:security_group_ids] = [security_group.group_id]
|
|
77
|
+
else
|
|
78
|
+
raise "The group tagged '#{config[:security_group_filter][:tag]} " +
|
|
79
|
+
"#{config[:security_group_filter][:value]}' does not exist!"
|
|
78
80
|
end
|
|
79
81
|
end
|
|
80
82
|
|
data/lib/kitchen/driver/ec2.rb
CHANGED
|
@@ -61,6 +61,7 @@ module Kitchen
|
|
|
61
61
|
end
|
|
62
62
|
default_config :ebs_optimized, false
|
|
63
63
|
default_config :security_group_ids, nil
|
|
64
|
+
default_config :security_group_filter, nil
|
|
64
65
|
default_config :tags, "created-by" => "test-kitchen"
|
|
65
66
|
default_config :user_data do |driver|
|
|
66
67
|
if driver.windows_os?
|
|
@@ -210,7 +211,7 @@ module Kitchen
|
|
|
210
211
|
END
|
|
211
212
|
|
|
212
213
|
# If no security group IDs are specified, create one automatically.
|
|
213
|
-
unless config[:security_group_ids]
|
|
214
|
+
unless config[:security_group_ids] || config[:security_group_filter]
|
|
214
215
|
create_security_group(state)
|
|
215
216
|
config[:security_group_ids] = [state[:auto_security_group_id]]
|
|
216
217
|
end
|
|
@@ -622,6 +623,36 @@ module Kitchen
|
|
|
622
623
|
end
|
|
623
624
|
|
|
624
625
|
def default_windows_user_data
|
|
626
|
+
base_script = Kitchen::Util.outdent!(<<-EOH)
|
|
627
|
+
$OSVersion = (get-itemproperty -Path "HKLM:\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion" -Name ProductName).ProductName
|
|
628
|
+
If($OSVersion.contains('2016'))
|
|
629
|
+
{
|
|
630
|
+
$logfile='C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Log\\kitchen-ec2.log'
|
|
631
|
+
# EC2Launch doesn't init extra disks by default
|
|
632
|
+
C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\\InitializeDisks.ps1
|
|
633
|
+
}
|
|
634
|
+
Else
|
|
635
|
+
{
|
|
636
|
+
$logfile='C:\\Program Files\\Amazon\\Ec2ConfigService\\Logs\\kitchen-ec2.log'
|
|
637
|
+
}
|
|
638
|
+
# Allow script execution
|
|
639
|
+
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force
|
|
640
|
+
#PS Remoting and & winrm.cmd basic config
|
|
641
|
+
$enableArgs=@{Force=$true}
|
|
642
|
+
$command=Get-Command Enable-PSRemoting
|
|
643
|
+
if($command.Parameters.Keys -contains "skipnetworkprofilecheck"){
|
|
644
|
+
$enableArgs.skipnetworkprofilecheck=$true
|
|
645
|
+
}
|
|
646
|
+
Enable-PSRemoting @enableArgs
|
|
647
|
+
& winrm.cmd set winrm/config '@{MaxTimeoutms="1800000"}' >> $logfile
|
|
648
|
+
& winrm.cmd set winrm/config/winrs '@{MaxMemoryPerShellMB="1024"}' >> $logfile
|
|
649
|
+
& winrm.cmd set winrm/config/winrs '@{MaxShellsPerUser="50"}' >> $logfile
|
|
650
|
+
& winrm.cmd set winrm/config/winrs '@{MaxMemoryPerShellMB="1024"}' >> $logfile
|
|
651
|
+
#Firewall Config
|
|
652
|
+
& netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" profile=public protocol=tcp localport=5985 remoteip=localsubnet new remoteip=any >> $logfile
|
|
653
|
+
Set-ItemProperty -Name LocalAccountTokenFilterPolicy -Path HKLM:\\software\\Microsoft\\Windows\\CurrentVersion\\Policies\\system -Value 1
|
|
654
|
+
EOH
|
|
655
|
+
|
|
625
656
|
# Preparing custom static admin user if we defined something other than Administrator
|
|
626
657
|
custom_admin_script = ""
|
|
627
658
|
if !(instance.transport[:username] =~ /administrator/i) && instance.transport[:password]
|
|
@@ -642,35 +673,10 @@ module Kitchen
|
|
|
642
673
|
EOH
|
|
643
674
|
end
|
|
644
675
|
|
|
645
|
-
if actual_platform.version =~ /2016/
|
|
646
|
-
logfile_name = 'C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Log\\kitchen-ec2.log'
|
|
647
|
-
disk_init = 'C:\\ProgramData\\Amazon\\EC2-Windows\\Launch\\Scripts\\InitializeDisks.ps1'
|
|
648
|
-
else
|
|
649
|
-
logfile_name = 'C:\\Program Files\\Amazon\\Ec2ConfigService\\Logs\\kitchen-ec2.log'
|
|
650
|
-
disk_init = ""
|
|
651
|
-
end
|
|
652
676
|
# Returning the fully constructed PowerShell script to user_data
|
|
653
677
|
Kitchen::Util.outdent!(<<-EOH)
|
|
654
678
|
<powershell>
|
|
655
|
-
|
|
656
|
-
# EC2Launch doesn't init extra disks by default
|
|
657
|
-
#{disk_init}
|
|
658
|
-
# Allow script execution
|
|
659
|
-
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Force
|
|
660
|
-
#PS Remoting and & winrm.cmd basic config
|
|
661
|
-
$enableArgs=@{Force=$true}
|
|
662
|
-
$command=Get-Command Enable-PSRemoting
|
|
663
|
-
if($command.Parameters.Keys -contains "skipnetworkprofilecheck"){
|
|
664
|
-
$enableArgs.skipnetworkprofilecheck=$true
|
|
665
|
-
}
|
|
666
|
-
Enable-PSRemoting @enableArgs
|
|
667
|
-
& winrm.cmd set winrm/config '@{MaxTimeoutms="1800000"}' >> $logfile
|
|
668
|
-
& winrm.cmd set winrm/config/winrs '@{MaxMemoryPerShellMB="1024"}' >> $logfile
|
|
669
|
-
& winrm.cmd set winrm/config/winrs '@{MaxShellsPerUser="50"}' >> $logfile
|
|
670
|
-
& winrm.cmd set winrm/config/winrs '@{MaxMemoryPerShellMB="1024"}' >> $logfile
|
|
671
|
-
#Firewall Config
|
|
672
|
-
& netsh advfirewall firewall set rule name="Windows Remote Management (HTTP-In)" profile=public protocol=tcp localport=5985 remoteip=localsubnet new remoteip=any >> $logfile
|
|
673
|
-
Set-ItemProperty -Name LocalAccountTokenFilterPolicy -Path HKLM:\\software\\Microsoft\\Windows\\CurrentVersion\\Policies\\system -Value 1
|
|
679
|
+
#{base_script}
|
|
674
680
|
#{custom_admin_script}
|
|
675
681
|
</powershell>
|
|
676
682
|
EOH
|
|
@@ -764,6 +770,11 @@ module Kitchen
|
|
|
764
770
|
Time.now.utc.iso8601,
|
|
765
771
|
Array.new(8) { rand(36).to_s(36) }.join(""),
|
|
766
772
|
]
|
|
773
|
+
# In a perfect world this would generate the key locally and use ImportKey
|
|
774
|
+
# instead for better security, but given the use case that is very likely
|
|
775
|
+
# to rapidly exhaust local entropy by creating a lot of keys. So this is
|
|
776
|
+
# probably fine. If you want very high security, probably don't use this
|
|
777
|
+
# feature anyway.
|
|
767
778
|
resp = ec2.client.create_key_pair(key_name: "kitchen-#{name_parts.join('-')}")
|
|
768
779
|
state[:auto_key_id] = resp.key_name
|
|
769
780
|
info("Created automatic key pair #{state[:auto_key_id]}")
|
|
@@ -212,6 +212,42 @@ describe Kitchen::Driver::Aws::InstanceGenerator do
|
|
|
212
212
|
end
|
|
213
213
|
end
|
|
214
214
|
|
|
215
|
+
context "when provided a non existing security_group tag filter" do
|
|
216
|
+
ec2_stub_whithout_security_group = Aws::EC2::Client.new(:stub_responses => true)
|
|
217
|
+
|
|
218
|
+
let(:config) do
|
|
219
|
+
{
|
|
220
|
+
:instance_type => "micro",
|
|
221
|
+
:ebs_optimized => true,
|
|
222
|
+
:image_id => "ami-123",
|
|
223
|
+
:aws_ssh_key_id => "key",
|
|
224
|
+
:subnet_id => "s-123",
|
|
225
|
+
:security_group_ids => nil,
|
|
226
|
+
:region => "us-west-2",
|
|
227
|
+
:security_group_filter =>
|
|
228
|
+
{
|
|
229
|
+
:tag => "foo",
|
|
230
|
+
:value => "bar",
|
|
231
|
+
},
|
|
232
|
+
}
|
|
233
|
+
end
|
|
234
|
+
|
|
235
|
+
it "generates id from the provided tag" do
|
|
236
|
+
allow(::Aws::EC2::Client).to receive(:new).and_return(ec2_stub_whithout_security_group)
|
|
237
|
+
expect(ec2_stub_whithout_security_group).to receive(:describe_security_groups).with(
|
|
238
|
+
:filters => [
|
|
239
|
+
{
|
|
240
|
+
:name => "tag:foo",
|
|
241
|
+
:values => ["bar"],
|
|
242
|
+
},
|
|
243
|
+
]
|
|
244
|
+
).and_return(ec2_stub_whithout_security_group.describe_security_groups)
|
|
245
|
+
|
|
246
|
+
expect { generator.ec2_instance_data }.to raise_error("The group tagged '#{config[:security_group_filter][:tag]} " +
|
|
247
|
+
"#{config[:security_group_filter][:value]}' does not exist!")
|
|
248
|
+
end
|
|
249
|
+
end
|
|
250
|
+
|
|
215
251
|
context "when passed an empty block_device_mappings" do
|
|
216
252
|
let(:config) do
|
|
217
253
|
{
|
|
@@ -646,6 +646,18 @@ describe Kitchen::Driver::Ec2 do
|
|
|
646
646
|
end
|
|
647
647
|
end
|
|
648
648
|
|
|
649
|
+
context "with no security group but filter specified" do
|
|
650
|
+
before do
|
|
651
|
+
config.delete(:security_group_ids)
|
|
652
|
+
config[:security_group_filter] = { tag: "SomeTag", value: "SomeValue" }
|
|
653
|
+
expect(driver).not_to receive(:create_security_group)
|
|
654
|
+
expect(driver).to receive(:submit_server).and_return(server)
|
|
655
|
+
allow(instance).to receive(:name).and_return("instance_name")
|
|
656
|
+
end
|
|
657
|
+
|
|
658
|
+
include_examples "common create"
|
|
659
|
+
end
|
|
660
|
+
|
|
649
661
|
context "with no key pair configured" do
|
|
650
662
|
before do
|
|
651
663
|
config[:kitchen_root] = "/kitchen"
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: kitchen-ec2
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 2.2.
|
|
4
|
+
version: 2.2.1
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Fletcher Nichol
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2018-02-
|
|
11
|
+
date: 2018-02-12 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: test-kitchen
|