kitchen-ec2 2.2.1 → 2.2.2

checksums.yaml

@@ -1,7 +1,7 @@
 ---
-SHA1:
-  metadata.gz: 863664a181278e965fac6bb54cf85b705b88e72c
-  data.tar.gz: c2245899fe742f202ebe555038931d8df7776452
+SHA256:
+  metadata.gz: 047c12b65b4d66719dcd642c0b10fa555f0566dbb45871abdc1d68d1d9aa07ae
+  data.tar.gz: affdb19c5f1682c5eb7dfa2db0a385d45657d58b6c6446b3ebe361341e8bcbf1
 SHA512:
-  metadata.gz: ad29d9a33374c23d585d1ddbefda2712005a5a5c57117a2e071fffdde98ccb7b43e84b409f6eef9e4c0e0a23620714633d2bab7d2782ce6b99cd595f8da1a2fd
-  data.tar.gz: 542e97cb2aa201bac249aca2b3cfe790e2a604acefdd916e7eac59beecb644ed167f164d6e8119ff4bd390c636ca218122581f3654e650455f65bada09607fc0
+  metadata.gz: 552de0310d60fcff8cf8cdb63b3d0cc5512897cf670ad8d67c1695dc48081aeebc99d3a2d0b027774d4b9a905caaa9ca4f553e0e3995a2530f4b7a49b4ce7313
+  data.tar.gz: ec77defad9d3ff3073000142d54e9f66269b6f76f3a218c4958bf3eec5c6a661a45caff9e9c92cadd351ab23047a2a3fd7e43dd9de5f85f19d27fceab351aecd

data/CHANGELOG.md

@@ -1,5 +1,24 @@
 # Change Log
 
+## [v2.2.2](https://github.com/test-kitchen/kitchen-ec2/tree/v2.2.2) (2018-06-11)
+[Full Changelog](https://github.com/test-kitchen/kitchen-ec2/compare/v2.2.1...v2.2.2)
+
+**Fixed bugs:**
+
+- Kitchen failure when adding spot\_price [\#328](https://github.com/test-kitchen/kitchen-ec2/issues/328)
+
+**Closed issues:**
+
+- image\_id: required [\#397](https://github.com/test-kitchen/kitchen-ec2/issues/397)
+- kitchen-ec2 ssh port [\#396](https://github.com/test-kitchen/kitchen-ec2/issues/396)
+- Provide option to terminate after "X" minutes [\#395](https://github.com/test-kitchen/kitchen-ec2/issues/395)
+- Explicitly support usage w/o manual or autoconfiguration of aws\_ssh\_key\_id [\#391](https://github.com/test-kitchen/kitchen-ec2/issues/391)
+
+**Merged pull requests:**
+
+- Fix dynamic key creation [\#400](https://github.com/test-kitchen/kitchen-ec2/pull/400) ([bdwyertech](https://github.com/bdwyertech))
+- allow AWS-managed ssh key pairs to be disabled [\#392](https://github.com/test-kitchen/kitchen-ec2/pull/392) ([cheeseplus](https://github.com/cheeseplus))
+
 ## [v2.2.1](https://github.com/test-kitchen/kitchen-ec2/tree/v2.2.1) (2018-02-12)
 [Full Changelog](https://github.com/test-kitchen/kitchen-ec2/compare/v2.2.0...v2.2.1)
 

data/README.md

@@ -152,20 +152,30 @@ specify.
 
 #### SSH
 
-The `aws_ssh_key_id` value is the name of the AWS key pair you want to use. The default will be read from the `AWS_SSH_KEY_ID` environment variable if set.  If a key ID is not specified, a temporary key will be created for you (**>= 2.1.0**).
+The `aws_ssh_key_id` value is the name of the AWS key pair you want to use.
 
-To see a list of existing key pair IDs in a region, run `aws ec2 describe-key-pairs --region us-east-1`.
+The value can be one of:
 
-When using an existing key, ensure that the private key is configured in your
-Test Kitchen `transport`, either directly or made available via `ssh-agent`:
+* `nil` (default)
+
+By default the key ID is read from the `AWS_SSH_KEY_ID` environment variable. If the environment variable is not set, the value will be nil. In this case, a temporary key will be created for you (**>= 2.1.0**).
+
+* `name_of_some_existing_aws_key_pair`
+
+By setting the environment variable `AWS_SSH_KEY_ID` or by setting the `aws_ssh_key_id` driver option in kitchen.yml. This will be the key that becomes associated with the test EC2 instances. The key must already exist in AWS. To see a list of existing key pair IDs in a region, use the `aws` CLI tool. For example, in the US-East-1 region: `aws ec2 describe-key-pairs --region us-east-1`.
+
+* `_disable`
+
+This will not directly associate the EC2 instance with an AWS-managed key pair (pre-existing or auto-generated). This may be useful in environments that have disabled AWS-managed keys. Getting SSH keys onto the instance then becomes an exercise for the reader, though it can be done, for example, with scripting in `user_data` or if the credentials are already baked into the AMI.
+
+When using an existing key, either an AWS-managed key pair or keys that exist on the instance through some other means, ensure that the private key is configured in your Test Kitchen `transport` section, either directly or made available via `ssh-agent`:
 
 ```yaml
 transport:
   ssh_key: ~/.ssh/mykey.pem
 ```
 
-For standard platforms we automatically provide the SSH username, but when
-specifying your own AMI you may need to configure that as well.
+For standard platforms we automatically provide the SSH username, but when specifying your own AMI you may need to configure that as well.
 
 #### WinRM
 

data/lib/kitchen/driver/ec2.rb

@@ -217,9 +217,16 @@ module Kitchen
         end
 
         # If no SSH key pair name is specified, create one automatically.
-        unless config[:aws_ssh_key_id]
+        # If `_disabled`, nullify the key ID to avoid associating the instance with
+        # an AWS-managed key pair.
+        case config[:aws_ssh_key_id]
+        when nil
           create_key(state)
           config[:aws_ssh_key_id] = state[:auto_key_id]
+        when "_disable"
+          info("Disabling AWS-managed SSH key pairs for this EC2 instance.")
+          info("The key pairs for the kitchen transport config and the AMI must match.")
+          config[:aws_ssh_key_id] = nil
         end
 
         if config[:spot_price]
@@ -778,10 +785,9 @@ module Kitchen
         resp = ec2.client.create_key_pair(key_name: "kitchen-#{name_parts.join('-')}")
         state[:auto_key_id] = resp.key_name
         info("Created automatic key pair #{state[:auto_key_id]}")
-        # Write the key out, but safely hence the weird sysopen.
+        # Write the key out with safe permissions
         key_path = "#{config[:kitchen_root]}/.kitchen/#{instance.name}.pem"
-        key_fd = File.sysopen(key_path, File::WRONLY | File::CREAT | File::EXCL, 00600)
-        File.open(key_fd) do |f|
+        File.open(key_path, File::WRONLY | File::CREAT | File::EXCL, 00600) do |f|
           f.write(resp.key_material)
         end
         # Inject the key into the state to be used by the SSH transport, or for

data/lib/kitchen/driver/ec2_version.rb

@@ -22,6 +22,6 @@ module Kitchen
   module Driver
 
     # Version string for EC2 Test Kitchen driver
-    EC2_VERSION = "2.2.1"
+    EC2_VERSION = "2.2.2"
   end
 end

data/spec/kitchen/driver/ec2/image_selection_spec.rb

@@ -20,44 +20,6 @@ require "kitchen/transport/dummy"
 require "kitchen/verifier/dummy"
 
 describe "Default images for various platforms" do
-
-  class FakeImage
-    def self.next_ami
-      @n ||= 0
-      @n += 1
-      [sprintf("ami-%08x", @n), Time.now + @n]
-    end
-
-    def initialize(name: "foo")
-      @id, @creation_date = FakeImage.next_ami
-      @name = name
-      @creation_date = @creation_date.strftime("%F %T")
-      @architecture = :x86_64
-      @volume_type = "gp2"
-      @root_device_type = "ebs"
-      @virtualization_type = "hvm"
-      @root_device_name = "root"
-      @device_name = "root"
-    end
-    attr_reader :id
-    attr_reader :name
-    attr_reader :creation_date
-    attr_reader :architecture
-    attr_reader :volume_type
-    attr_reader :root_device_type
-    attr_reader :virtualization_type
-    attr_reader :root_device_name
-    attr_reader :device_name
-
-    def block_device_mappings
-      [self]
-    end
-
-    def ebs
-      self
-    end
-  end
-
   let(:driver) do
     Kitchen::Driver::Ec2.new(:region => "us-west-2", :aws_ssh_key_id => "foo", **config)
   end

data/spec/kitchen/driver/ec2_spec.rb

@@ -499,6 +499,28 @@ describe Kitchen::Driver::Ec2 do
     end
   end
 
+  describe "#create_key" do
+    context "creates a key pair via the ec2 API, saves the generated key locally" do
+      before do
+        config[:kitchen_root] = "/kitchen"
+        config.delete(:aws_ssh_key_id)
+        allow(instance).to receive(:name).and_return("instance_name")
+
+        expect(actual_client).to receive(:create_key_pair).with(key_name: /kitchen-/).and_return(double(key_name: "expected-key-name", key_material: "RSA PRIVATE KEY"))
+        fake_file = double()
+        allow(File).to receive(:open).and_call_original
+        expect(File).to receive(:open).with("/kitchen/.kitchen/instance_name.pem", kind_of(Numeric), kind_of(Numeric)).and_yield(fake_file)
+        expect(fake_file).to receive(:write).with("RSA PRIVATE KEY")
+      end
+
+      it "generates a temporary SSH key pair for the instance" do
+        driver.send(:create_key, state)
+        expect(state[:auto_key_id]).to eq("expected-key-name")
+        expect(state[:ssh_key]).to eq("/kitchen/.kitchen/instance_name.pem")
+      end
+    end
+  end
+
   describe "#create" do
     let(:server) { double("aws server object", :id => id, :image_id => "ami-3f807145") }
     let(:id) { "i-12345" }
@@ -658,26 +680,52 @@ describe Kitchen::Driver::Ec2 do
       include_examples "common create"
     end
 
-    context "with no key pair configured" do
+    context "and AWS SSH keys" do
       before do
-        config[:kitchen_root] = "/kitchen"
-        config.delete(:aws_ssh_key_id)
-        expect(driver).to receive(:submit_server).and_return(server)
+        allow(driver).to receive(:submit_server).and_return(server)
         allow(instance).to receive(:name).and_return("instance_name")
+      end
 
-        expect(actual_client).to receive(:create_key_pair).with(key_name: /kitchen-/).and_return(double(key_name: "kitchen-asdf", key_material: "RSA PRIVATE KEY"))
-        fake_fd = double()
-        fake_file = double()
-        allow(File).to receive(:sysopen).and_call_original
-        expect(File).to receive(:sysopen).with("/kitchen/.kitchen/instance_name.pem", kind_of(Numeric), kind_of(Numeric)).and_return(fake_fd)
-        allow(File).to receive(:open).and_call_original
-        expect(File).to receive(:open).with(fake_fd).and_yield(fake_file)
-        expect(fake_file).to receive(:write).with("RSA PRIVATE KEY")
+      context "with no AWS-managed ssh key pair configured, creates a key pair to use" do
+        before do
+          config[:aws_ssh_key_id] = nil
+          expect(driver).to receive(:create_key)
+          state[:auto_key_id] = "autogenerated_by_create_key"
+        end
+
+        after do
+          expect(config[:aws_ssh_key_id]).to eq("autogenerated_by_create_key")
+        end
+
+        include_examples "common create"
       end
 
-      include_examples "common create"
-    end
+      context "with AWS-managed ssh key pair disabled, does not create a key pair or pass a key id" do
+        before do
+          config[:aws_ssh_key_id] = "_disable"
+          expect(driver).to_not receive(:create_key)
+        end
+
+        after do
+          expect(config[:aws_ssh_key_id]).to be_nil
+        end
 
+        include_examples "common create"
+      end
+
+      context "with AWS ssh key pair set, uses set key and does not create a key pair" do
+        before do
+          config[:aws_ssh_key_id] = "use_this_key_please"
+          expect(driver).to_not receive(:create_key)
+        end
+
+        after do
+          expect(config[:aws_ssh_key_id]).to eq("use_this_key_please")
+        end
+
+        include_examples "common create"
+      end
+    end
   end
 
   describe "#destroy" do

data/spec/spec_helper.rb

@@ -17,6 +17,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
+require "support/fake_image"
+
 if ENV["CODECLIMATE_REPO_TOKEN"]
   require "codeclimate-test-reporter"
   CodeClimate::TestReporter.start

data/spec/support/fake_image.rb

@@ -0,0 +1,36 @@
+class FakeImage
+  def self.next_ami
+    @n ||= 0
+    @n += 1
+    [sprintf("ami-%08x", @n), Time.now + @n]
+  end
+
+  def initialize(name: "foo")
+    @id, @creation_date = FakeImage.next_ami
+    @name = name
+    @creation_date = @creation_date.strftime("%F %T")
+    @architecture = :x86_64
+    @volume_type = "gp2"
+    @root_device_type = "ebs"
+    @virtualization_type = "hvm"
+    @root_device_name = "root"
+    @device_name = "root"
+  end
+  attr_reader :id
+  attr_reader :name
+  attr_reader :creation_date
+  attr_reader :architecture
+  attr_reader :volume_type
+  attr_reader :root_device_type
+  attr_reader :virtualization_type
+  attr_reader :root_device_name
+  attr_reader :device_name
+
+  def block_device_mappings
+    [self]
+  end
+
+  def ebs
+    self
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kitchen-ec2
 version: !ruby/object:Gem::Version
-  version: 2.2.1
+  version: 2.2.2
 platform: ruby
 authors:
 - Fletcher Nichol
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-02-12 00:00:00.000000000 Z
+date: 2018-06-11 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: test-kitchen
@@ -225,6 +225,7 @@ files:
 - spec/kitchen/driver/ec2/instance_generator_spec.rb
 - spec/kitchen/driver/ec2_spec.rb
 - spec/spec_helper.rb
+- spec/support/fake_image.rb
 homepage: https://kitchen.ci/
 licenses:
 - Apache 2.0
@@ -245,7 +246,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.6.13
+rubygems_version: 2.7.6
 signing_key: 
 specification_version: 4
 summary: A Test Kitchen Driver for Amazon EC2
@@ -255,3 +256,4 @@ test_files:
 - spec/kitchen/driver/ec2/instance_generator_spec.rb
 - spec/kitchen/driver/ec2_spec.rb
 - spec/spec_helper.rb
+- spec/support/fake_image.rb