kitchen-google 0.3.0 → 1.0.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 4085522e906870ad6ced21e1324fd139ffb2f454
-  data.tar.gz: e0337e83aa1ae41006264dfe93c0ddd2739f63f8
+  metadata.gz: 76a9c3e0e6785ad0ce9e9a5f73eb41ffedd5ff13
+  data.tar.gz: 345f185a9329e09575fbc5247b8818a62c65f4e8
 SHA512:
-  metadata.gz: b0b0e34c10fa46f788a8e36a11d637a2fe6d5e6729f7c023481a5fae135d4df1eab74ee7cf2c9a877bda863ceb3e46a9df27734ebb4857acb60aaa4669ef7c2a
-  data.tar.gz: a683597a6f9cd2eac0d90cf34bd2b7e4ab7c6612558781c52a78ed646c778b353b513603f9d9b215eb5534a7a6f810d248a27c6e2ca1f790b9953dc3355e5c08
+  metadata.gz: 427b6a8e6c0f9485e8072de9c6b68c5762a3f8fa991c747c88539a22242e6e76c64d2f98b8184b70f588c29632bdfcf69df4289610aca1f9149292530c557c28
+  data.tar.gz: dc81a39c4cf56add4985c31ea750b4a55be452cc354659dcda30e84a47d073bcb419b6a40572b47f1ba861725fd1de33e5d1dd018dc36fde529f9da972af56d5

data/.travis.yml

@@ -1,9 +1,9 @@
 language: ruby
 
 rvm:
-  - 1.9.3
   - 2.0.0
   - 2.1.0
+  - 2.2
 
 before_install:
   - gem update bundler

data/CHANGELOG.md

@@ -1,3 +1,17 @@
+## 1.0.0 / 2016-03-10
+
+### New Features
+
+ * #30: use of gcloud authentication files instead of requiring new service accounts
+ * #30: support for service account scope aliases in addition to regular full names/URLs
+ * #30: support for automated public project searching for well-known disk images
+
+### Improvements
+
+ * #30: rewrite using the google-api-client
+ * #30: use of the new Test Kitchen 1.4+ transport plugins
+ * #30: additional user feedback during API interactions
+
 ## 0.3.0 / 2016-01-23
 
 ### New Features

data/Gemfile

@@ -1,4 +1,6 @@
-source 'https://rubygems.org'
+source "https://rubygems.org"
 
 # Specify dependencies in gemspec:
 gemspec
+
+gem "chefstyle", git: "https://github.com/chef/chefstyle"

data/README.md

@@ -12,85 +12,168 @@ providers, GCE has a couple of advantages for Chef cookbook testing:
 
 ## Requirements
 
-Ruby 1.9 or greater.
+### Ruby Version
 
+Ruby 2.0 or greater.
+
+### Google Cloud Platform (GCP) Project
 A [Google Cloud Platform](https://cloud.google.com) account is
 required.  If you do not already have an appropriate "project" in
 which to run your test-kitchen instances, create one, noting the
-"project id".  Then, within the [Google API
-Console](https://code.google.com/apis/console/), create a "service
-account" for the project under the "API Access" tab.  Save the key
-file, and note the email address associated with the service account
-(e.g. 123456789012@developer.gserviceaccount.com - not the project
-owner's email address).
-
-If you are not using the `public_key_path` setting (see below) and
-have not [set up SSH keys for your GCE
-environment](https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys),
-you must also do that prior to using kitchen-gce.  Also, you will
-likely want to add your SSH keys to ssh-agent prior to converging any
-instances.
+"project id".
+
+### Authentication and Authorization
+
+The [underlying API](https://github.com/google/google-api-ruby-client) this plugin uses relies on the 
+[Google Auth Library](https://github.com/google/google-auth-library-ruby) to handle authentication to the
+Google Cloud API. The auth library expects that there is a JSON credentials file located at:
+
+`~/.config/gcloud/application_default_credentials.json`
+
+The easiest way to create this is to download and install the [Google Cloud SDK](https://cloud.google.com/sdk/) and run the
+`gcloud auth login` command which will create the credentials file for you.
+
+If you already have a file you'd like to use that is in a different location, set the
+`GOOGLE_APPLICATION_CREDENTIALS` environment variable with the full path to that file.
+
+### SSH Keys
+
+In order to bootstrap Linux nodes, you will first need to ensure your SSH
+keys are set up correctly. Ensure your SSH public key is properly entered 
+into your project's Metadata tab in the GCP Console. GCE will add your key
+to the appropriate user's `~/.ssh/authorized_keys` file when Chef first
+connects to perform the bootstrap process.
+
+ * If you don't have one, create a key using `ssh-keygen`
+ * Log in to the GCP console, select your project, go to Compute Engine, and go to the Metadata tab.
+ * Select the "SSH Keys" tab.
+ * Add a new item, and paste in your public key.
+    * Note: to change the username automatically detected for the key, prefix your key with the username
+      you plan to use to connect to a new instance. For example, if you plan to connect
+      as "chefuser", your key should look like: `chefuser:ssh-rsa AAAAB3N...`
+ * Click "Save".
+
+Alternatively, the Google Cloud SDK (a.k.a. `gcloud`) will create a SSH key
+for you when you create and access your first instance:
+
+ 1. Create a small test instance:
+    `gcloud compute instances create instance1 --zone us-central1-f --image debian-8 --machine-type g1-small`
+ 1. Ensure your SSH keys allow access to the new instance
+    `gcloud compute ssh instance1 --zone us-central1-f`
+ 1. Log out and delete the instance
+    `gcloud compute instances delete instance1 --zone us-central1-f`
+
+You will now have a local SSH keypair, `~/.ssh/google_compute_engine[.pub]` that
+will be used for connecting to your GCE Linux instances for this local username
+when you use the `gcloud compute ssh` command. You can tell Test Kitchen to use
+this key by adding it to the transport section of your .kitchen.yml:
+
+```yaml
+transport:
+  ssh_key:
+    - ~/.ssh/google_compute_engine
+```
+
+You can find [more information on configuring SSH keys](https://cloud.google.com/compute/docs/instances/adding-removing-ssh-keys) in
+the Google Compute Engine documentation.
 
 ## Installation
 
-Assuming you are using Bundler, ensure the Gemfile within your Chef
-cookbook contains at least the following:
+Install the gem with:
 
-```ruby
-source 'https://rubygems.org'
+```sh
+gem install kitchen-google
+```
+
+Or, even better, if you're using the ChefDK:
 
-gem 'berkshelf'
+```sh
+chef gem install kitchen-google
+```
+
+If you're using Bundler, simply add it to your Gemfile:
 
-group :integration do
-  gem 'kitchen-gce'
-end
+```ruby
+gem "kitchen-google", "~> 1.0"
 ```
 
-Then, execute `bundle install`.
+... and then run `bundle install`.
+
 
 ## Configuration
 
-### `area`
+### `project`
 
-Deprecated - use equivalent [`region`](#region) instead.  If both `area` and
-`region` are set, the value of `region` will be used.
+**Required**. The project ID of the GCP project into which Test Kitchen
+instances will be launched. This can be found on the "Manage All Projects"
+screen, found under the "Select a Project" drop-down at the top of the
+GCP console.
 
-### `autodelete_disk`
+Note that this parameter requires the "Project ID", not the "Project Name."
 
-Boolean specifying whether or not to automatically delete boot disk
-for test instance.  Default: `true`
+Example: "funky-penguin-12345"
 
-### `disk_size`
+### `image_name`
 
-Size, in gigabytes, of boot disk.  Default: `10`.
+**Required**. The name of the disk image to use as the source image for 
+the boot disk. Example: `centos-6-v20160219`
 
-### `google_client_email`
+The GCP project specified with the `project` configuration parameter will
+be searched first. If the image cannot be found and it looks like a common
+public image, the appropriate public project will be searched.
 
-**Required** Email address associated with your GCE service account.
-(N.B. - this is not the same as the Google Cloud Platform user's email
-account; should be in the form
-"123456789012@developer.gserviceaccount.com".)
+You can override the project in which to search for the image with the
+`image_project` parameter.
 
-### `google_key_location`
+### `zone`
 
-**Required** Path to GCE service account key file.
+**Required if `region` is left blank.** The name of the GCE zone in which to
+launch your instances. 
 
-### `google_project`
+Example: `us-east1-b`
 
-**Required** Project ID of the GCE project into which test-kitchen
-instances will be launched.
+### `region`
 
-### `image_name`
+**Required if zone is left blank.** The name of the region in which to
+launch your instances. A zone in the region will be randomly selected.
+
+Example: `us-central1`
+
+This parameter will be ignored if `zone` is specified.
+
+### `autodelete_disk`
+
+Boolean specifying whether or not to automatically delete boot disk
+for test instance.  Default: `true`
+
+NOTE: If you set this to false, once Test Kitchen destroys your instance,
+the boot disk used will remain in your project. You will need to manually delete it to
+avoid consuming unused resources by either using the `gcloud compute disks delete`
+command in the GCP SDK or by using `knife google disk delete` from
+[knife-google](https://github.com/chef/knife-google).
+
+### `auto_migrate`
+
+Boolean specifying whether or not to automatically migrate the instance
+to a host in the event of host maintenance. Default: `false`
+
+### `disk_size`
 
-**Required** Operating system image to deploy.
+Size, in gigabytes, of boot disk.  Default: `10`.
+
+Some images, such as windows images, have a larger source image size
+and require the disk_size to be the same size or larger than the source. 
+An error message will be displayed to you indicating this requirement
+if necessary.
+
+### `email`
 
-### `inst_name`
+**Required for Windows instances.** The email address of the
+currently-logged-in GCP user.
 
-Name to give to instance; unlike EC2's "Name" tag, this is used as an
-instance identifier and must be unique.  If none is specified, a unique
-name will be auto-generated; note that auto-generated names must be
-used if there is more than one test suite.  Default:
-`<suite>-<platform>-<UUID>`
+While the credentials file specified in the Authentication and Authorization
+section is used for all API interactions, the email address is required when
+performing the necessary password reset prior to bootstrapping the instance.
 
 ### `machine_type`
 
@@ -107,67 +190,111 @@ that runs at a much lower price than normal instances. However, Compute
 Engine might terminate (preempt) these instances if it requires access 
 to those resources for other tasks; default: `false`
 
-### `public_key_path`
+### `service_account_name`
 
-Path to the public half of the ssh key that will be deployed to
-`~username/.ssh/authorized_keys`; see also [`username`](#username) below.
+The name of the service account to use when enabling account scopes. This
+is usually an email-formatted service account name created via the "Permissions"
+tab of the GCP console.
 
-### `region`
+This is ignored unless you specify any `service_account_scopes`.
+
+Default: "default"
+
+### `service_account_scopes`
 
-Region in which to launch instances.  `region` is defined as the part
-prior to the second hyphen in an availability zone's name; e.g. in
-`us-central1-b`, the region is `us-central1`.  Specifying region but
-not `zone_name` allows kitchen-gce to avoid launching instances into a
-zone that is down for maintenance.  If `any` is specified, kitchen-gce
-will select a zone from all regions.  Default: `us-central1` (lowest
-cost region); valid values: `any`, `asia-east1`, `europe-west1`,
-`us-central1`
+An array of scopes to add to the instance, used to grant additional permissions
+within GCP.
+
+The scopes can either be a full URL (i.e. `https://www.googleapis.com/auth/devstorage.read_write`),
+the short-name (i.e. `devstorage.read_write`), or a gcloud alias (i.e. `storage-rw`).
+
+See the output of `gcloud compute instances create --help` for a full list of scopes.
 
 ### `tags`
 
 Array of tags to associate with instance; default: `[]`
 
-### `username`
+### `use_private_ip`
 
-Username test-kitchen will log into instance as; default: `ENV['USER']`
+Boolean indicating whether or not to connect to the instance using its
+private IP address. If `true`, kitchen-google will also not provision
+a public IP for this instance. Default: `false`
 
-### `zone_name`
+### `wait_time`
 
-Location into which instances will be launched.  If not specified, a
-zone is chosen from available zones within the [`region`](#region).
+Amount of time, in seconds, to wait for any API interactions. Default: 600
 
-## Example
+### `refresh_rate`
 
-An example `.kitchen.yml` file using kitchen-gce might look something
-like this:
+Amount of time, in seconds, to refresh the status of an API interaction. Default: 2
 
-```ruby
+### Transport Settings
+
+Beginning with Test Kitchen 1.4, settings related to the transport (i.e. how to connect
+to the instance) have been moved to the `transport` section of the config, such as the
+username, password, SSH key path, etc.
+
+Therefore, you will need to update the transport section with the username configured
+for the SSH Key you imported into your project metadata as described in the "SSH Keys"
+section above.  For example, if you are connecting as the "chefuser", your .kitchen.yml
+might have a section like this:
+
+```yaml
+transport:
+  username: chefuser
+```
+
+Additionally, if you do not wish to use the standard default SSH key (`~/.ssh/id_rsa`),
+you can set the `ssh_key` parameter in the `transport` section of your .kitchen.yml.
+For example, if you want to use the SSH key auto-generated by the GCP SDK:
+
+```yaml
+transport:
+  ssh_key:
+    - ~/.ssh/google_compute_engine
+```
+
+## Example .kitchen.yml
+
+```yaml
 ---
-driver_plugin: gce
-driver_config:
-  google_client_email: "123456789012@developer.gserviceaccount.com"
-  google_key_location: "<%= ENV['HOME']%>/gce/1234567890abcdef1234567890abcdef12345678-privatekey.p12"
-  google_project: "alpha-bravo-123"
-  network: "kitchenci"
-  region: any
+driver:
+  name: gce
+  project: mycompany-test
+  zone: us-east1-c
+  email: me@mycompany.com
+  tags:
+    - devteam
+    - test-kitchen
+  service_account_scopes:
+    - devstorage.read_write
+    - userinfo.email
+
+provisioner:
+  name: chef_zero
+
+transport:
+  username: chefuser
 
 platforms:
-- name: debian-7
-  driver_config:
-    image_name: debian-7-wheezy-v20151104
-    require_chef_omnibus: true
-    public_key_path: '/home/alice/.ssh/google_compute_engine.pub'
-    tags: ["somerole"]
+  - name: centos
+    driver:
+      image_name: centos-6-v20160219
+  - name: windows
+    driver:
+      image_name: windows-server-2012-r2-dc-v20160112
+      disk_size: 50
 
 suites:
-- name: default
-  run_list: ["recipe[somecookbook]"]
-  attributes: {}
+  - name: default
+    run_list:
+      - recipe[gcetest::default]
+    attributes:
 ```
 
 ## Development
 
-Source is hosted on [GitHub](https://github.com/anl/kitchen-gce).
+Source is hosted on [GitHub](https://github.com/test-kitchen/kitchen-google).
 
 * Pull requests are welcome, using topic branches if possible:
 
@@ -175,7 +302,7 @@ Source is hosted on [GitHub](https://github.com/anl/kitchen-gce).
 2. Create a feature branch, commit changes to it and push them.
 3. Submit a pull request.
 
-* Report issues or submit feature requests on [GitHub](https://github.com/anl/kitchen-gce/issues)
+* Report issues or submit feature requests on [GitHub](https://github.com/test-kitchen/kitchen-google/issues)
 
 ## Author, Acknowledgements, Etc.
 

data/Rakefile

@@ -1,8 +1,14 @@
 # -*- coding: utf-8 -*-
 
-require 'rspec/core/rake_task'
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
 
-desc 'Run RSpec unit tests'
 RSpec::Core::RakeTask.new(:spec)
 
-task default: [:spec]
+require "chefstyle"
+require "rubocop/rake_task"
+RuboCop::RakeTask.new(:style) do |task|
+  task.options << "--display-cop-names"
+end
+
+task default: [:spec, :style]

data/kitchen-google.gemspec

@@ -1,26 +1,28 @@
 # -*- coding: utf-8 -*-
+$:.push File.expand_path("../lib", __FILE__)
+require "kitchen/driver/gce_version"
+
 Gem::Specification.new do |s|
-  s.name        = 'kitchen-google'
-  s.version     = '0.3.0'
-  s.date        = '2016-01-23'
-  s.summary     = 'Kitchen::Driver::Gce'
-  s.description = 'A Test-Kitchen driver for Google Compute Engine'
-  s.authors     = ['Andrew Leonard']
-  s.email       = 'andy@hurricane-ridge.com'
-  s.files       = `git ls-files`.split($/) # rubocop:disable SpecialGlobalVars
-  s.homepage    = 'https://github.com/test-kitchen/kitchen-google'
-  s.license     = 'Apache 2.0'
+  s.name        = "kitchen-google"
+  s.version     = Kitchen::Driver::GCE_VERSION
+  s.date        = "2016-03-10"
+  s.summary     = "Kitchen::Driver::Gce"
+  s.description = "A Test-Kitchen driver for Google Compute Engine"
+  s.authors     = ["Andrew Leonard", "Chef Partner Engineering"]
+  s.email       = ["andy@hurricane-ridge.com", "partnereng@chef.io"]
+  s.files       = `git ls-files`.split($/)
+  s.homepage    = "https://github.com/test-kitchen/kitchen-google"
+  s.license     = "Apache 2.0"
 
-  s.add_dependency 'fog', '>= 1.31.0'
-  s.add_dependency 'google-api-client'
-  s.add_dependency 'ridley', '>= 3.0.0' # See GH issue RiotGames/ridley#239
-  s.add_dependency 'test-kitchen'
+  s.add_dependency "gcewinpass",        "~> 1.0"
+  s.add_dependency "google-api-client", "~> 0.9.0"
+  s.add_dependency "test-kitchen"
 
-  s.add_development_dependency 'bundler'
-  s.add_development_dependency 'pry'
-  s.add_development_dependency 'rake'
-  s.add_development_dependency 'rspec'
-  s.add_development_dependency 'rubocop'
+  s.add_development_dependency "bundler"
+  s.add_development_dependency "pry"
+  s.add_development_dependency "rake"
+  s.add_development_dependency "rspec"
+  s.add_development_dependency "rubocop"
 
-  s.required_ruby_version = '>= 1.9'
+  s.required_ruby_version = ">= 2.0"
 end