kitchen-oci 1.12.1 → 1.12.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/README.md +42 -2
- data/kitchen-oci.gemspec +1 -1
- data/lib/kitchen/driver/oci.rb +55 -7
- data/lib/kitchen/driver/oci_version.rb +1 -1
- metadata +5 -5
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: a10f6ca7b7c04c9156e106fefce6077699d9fb82e377d3475fa1876b7d96b411
|
|
4
|
+
data.tar.gz: eff8e99b111c337b3d748f305d4fecd80952c59ac3220f144b034c14061db807
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: 3fd050c58446fc60c4ac4e6e8e95b62503b00402d48b6b83d35f75b698cef3d84747cb3a5e0d7e8ca8f367cb157d99cc726c5a9a6317fbc9a2d3c704a0fcba3c
|
|
7
|
+
data.tar.gz: 201e5ae042165df1be1fdf11a3f70e2afe8df78907c396d8afbda53dea56a55a29bf2d76a52acfcc10d60d7b68097e968ccd28eadfa3c39936cb3db5e1bdfb14
|
data/README.md
CHANGED
|
@@ -53,7 +53,7 @@ gem install pkg/kitchen-oci-<VERSION>.gem
|
|
|
53
53
|
|
|
54
54
|
Adjust below template as required. The following configuration is mandatory for all instance types:
|
|
55
55
|
|
|
56
|
-
- `compartment_id`
|
|
56
|
+
- `compartment_id` or `compartment_name`
|
|
57
57
|
- `availability_domain`
|
|
58
58
|
- `shape`
|
|
59
59
|
- `subnet_id`
|
|
@@ -74,9 +74,11 @@ The following configuration is mandatory:
|
|
|
74
74
|
|
|
75
75
|
These settings are optional:
|
|
76
76
|
|
|
77
|
+
- `boot_volume_size_in_gbs`, The size of the boot volume, in GB
|
|
77
78
|
- `use_private_ip`, Whether to connect to the instance using a private IP, default is false (public ip)
|
|
78
79
|
- `oci_config_file`, OCI configuration file, by default this is ~/.oci/config
|
|
79
80
|
- `oci_profile_name`, OCI profile to use, default value is "DEFAULT"
|
|
81
|
+
- `oci_config`, Hash of additional `OCI::Config` settings. Allows you to test without an oci config file (see below)
|
|
80
82
|
- `ssh_keypath`, SSH public key, default is ~/.ssh/id\_rsa.pub
|
|
81
83
|
- `post_create_script`, run a script on compute\_instance after deployment
|
|
82
84
|
- `proxy_url`, Connect via the specified proxy URL
|
|
@@ -84,6 +86,7 @@ These settings are optional:
|
|
|
84
86
|
- `hostname_prefix`, Prefix for the generated hostnames (note that OCI doesn't like underscores)
|
|
85
87
|
- `freeform_tags`, Hash containing tag name(s) and values(s)
|
|
86
88
|
- `use_instance_principals`, Boolean flag indicated whether Instance Principals should be used as credentials (see below)
|
|
89
|
+
- `use_token_auth`, Boolean flag indicating if token authentication should be used (see below)
|
|
87
90
|
- `preemptible_instance`, Boolean flag to indicate if the compute instance should be preemptible, default is `false`.
|
|
88
91
|
- `shape_config`, Hash of shape config parameters required when using Flex shapes.
|
|
89
92
|
- `ocpus`, number of CPUs requested
|
|
@@ -105,7 +108,7 @@ If the `subnet_id` refers to a subnet configured to disallow public IPs on any a
|
|
|
105
108
|
driver:
|
|
106
109
|
name: oci
|
|
107
110
|
# These are mandatory
|
|
108
|
-
|
|
111
|
+
compartment_name: "dev-00"
|
|
109
112
|
availability_domain: "XyAb:US-ASHBURN-AD-1"
|
|
110
113
|
image_id: "ocid1.image.oc1.phx.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
|
|
111
114
|
shape: "VM.Standard1.2"
|
|
@@ -173,6 +176,43 @@ export no_proxy=169.254.0.0/16
|
|
|
173
176
|
|
|
174
177
|
This will allow the OCI lib to retrieve the certificate, key and ca-chain from the metadata service.
|
|
175
178
|
|
|
179
|
+
## Token Auth
|
|
180
|
+
|
|
181
|
+
If you are launching Kitchen from system configured for token authentication (by running `oci session authenticate`), you need to set `use_token_auth: true`. This is in addition to the `oci_config_file` and `oci_profile_name` settings.
|
|
182
|
+
|
|
183
|
+
```yml
|
|
184
|
+
platforms:
|
|
185
|
+
- name: ubuntu-18.04
|
|
186
|
+
driver:
|
|
187
|
+
...
|
|
188
|
+
oci_config_file: "~/.oci/config"
|
|
189
|
+
oci_profile_name: "DEFAULT"
|
|
190
|
+
use_token_auth: true
|
|
191
|
+
...
|
|
192
|
+
```
|
|
193
|
+
|
|
194
|
+
## Use without OCI config file
|
|
195
|
+
|
|
196
|
+
If you want to run without running `oci setup config` (such as on a build server) you can specify configuration settings that would be in the `~/.oci/config` file directly in the `kitchen.yml`
|
|
197
|
+
|
|
198
|
+
For example, to use the [OCI CLI Environment Variables](https://docs.oracle.com/en-us/iaas/Content/API/SDKDocs/clienvironmentvariables.htm) without a config you could have use kitchen's ERB to read environment variables.
|
|
199
|
+
|
|
200
|
+
```yml
|
|
201
|
+
platforms:
|
|
202
|
+
- name: ubuntu-18.04
|
|
203
|
+
driver:
|
|
204
|
+
...
|
|
205
|
+
oci_config:
|
|
206
|
+
region: <%= ENV['OCI_CLI_REGION'] %>
|
|
207
|
+
user: <%= ENV['OCI_CLI_USER'] %>
|
|
208
|
+
fingerprint: <%= ENV['OCI_CLI_FINGERPRINT'] %>
|
|
209
|
+
authentication_type: <%= ENV['OCI_CLI_AUTH'] %>
|
|
210
|
+
key_file: <%= ENV['OCI_CLI_KEY_FILE'] %>
|
|
211
|
+
tenancy: <%= ENV['OCI_CLI_TENANCY'] %>
|
|
212
|
+
...
|
|
213
|
+
```
|
|
214
|
+
|
|
215
|
+
|
|
176
216
|
## Support for user data scripts and cloud-init
|
|
177
217
|
|
|
178
218
|
The driver has support for adding user data that can be executed as scripts by cloud-init. These can either be specified inline or by referencing a file. Examples:
|
data/kitchen-oci.gemspec
CHANGED
|
@@ -35,7 +35,7 @@ Gem::Specification.new do |spec|
|
|
|
35
35
|
spec.test_files = spec.files.grep(%r{^(test|spec|features)/})
|
|
36
36
|
spec.require_paths = ['lib']
|
|
37
37
|
|
|
38
|
-
spec.add_dependency 'oci', '~> 2.
|
|
38
|
+
spec.add_dependency 'oci', '~> 2.18.0'
|
|
39
39
|
spec.add_dependency 'test-kitchen'
|
|
40
40
|
|
|
41
41
|
spec.add_development_dependency 'bundler'
|
data/lib/kitchen/driver/oci.rb
CHANGED
|
@@ -25,6 +25,7 @@ require 'base64'
|
|
|
25
25
|
require 'erb'
|
|
26
26
|
require 'kitchen'
|
|
27
27
|
require 'oci'
|
|
28
|
+
require 'openssl'
|
|
28
29
|
require 'uri'
|
|
29
30
|
require 'zlib'
|
|
30
31
|
|
|
@@ -35,12 +36,13 @@ module Kitchen
|
|
|
35
36
|
# @author Stephen Pearson <stephen.pearson@oracle.com>
|
|
36
37
|
class Oci < Kitchen::Driver::Base # rubocop:disable Metrics/ClassLength
|
|
37
38
|
# required config items
|
|
38
|
-
required_config :compartment_id
|
|
39
39
|
required_config :availability_domain
|
|
40
40
|
required_config :shape
|
|
41
41
|
required_config :subnet_id
|
|
42
42
|
|
|
43
43
|
# common config items
|
|
44
|
+
default_config :compartment_id, nil
|
|
45
|
+
default_config :compartment_name, nil
|
|
44
46
|
default_config :instance_type, 'compute'
|
|
45
47
|
default_config :hostname_prefix, nil
|
|
46
48
|
default_keypath = File.expand_path(File.join(%w[~ .ssh id_rsa.pub]))
|
|
@@ -52,13 +54,16 @@ module Kitchen
|
|
|
52
54
|
|
|
53
55
|
# compute config items
|
|
54
56
|
default_config :image_id
|
|
57
|
+
default_config :boot_volume_size_in_gbs, nil
|
|
55
58
|
default_config :use_private_ip, false
|
|
59
|
+
default_config :oci_config, {}
|
|
56
60
|
default_config :oci_config_file, nil
|
|
57
61
|
default_config :oci_profile_name, nil
|
|
58
62
|
default_config :setup_winrm, false
|
|
59
63
|
default_config :winrm_user, 'opc'
|
|
60
64
|
default_config :winrm_password, nil
|
|
61
65
|
default_config :use_instance_principals, false
|
|
66
|
+
default_config :use_token_auth, false
|
|
62
67
|
default_config :preemptible_instance, false
|
|
63
68
|
default_config :shape_config, {}
|
|
64
69
|
|
|
@@ -121,6 +126,24 @@ module Kitchen
|
|
|
121
126
|
|
|
122
127
|
private
|
|
123
128
|
|
|
129
|
+
def compartment_id
|
|
130
|
+
return config[:compartment_id] if config[:compartment_id]
|
|
131
|
+
raise 'must specify either compartment_id or compartment_name' unless config[:compartment_name]
|
|
132
|
+
ident_api.list_compartments(tenancy).data.find do |item|
|
|
133
|
+
return item.id if item.name == config[:compartment_name]
|
|
134
|
+
end
|
|
135
|
+
raise 'compartment not found'
|
|
136
|
+
end
|
|
137
|
+
|
|
138
|
+
def tenancy
|
|
139
|
+
if config[:use_instance_principals]
|
|
140
|
+
sign = OCI::Auth::Signers::InstancePrincipalsSecurityTokenSigner.new
|
|
141
|
+
sign.instance_variable_get '@tenancy_id'
|
|
142
|
+
else
|
|
143
|
+
oci_config.tenancy
|
|
144
|
+
end
|
|
145
|
+
end
|
|
146
|
+
|
|
124
147
|
def instance_type
|
|
125
148
|
raise 'instance_type must be either compute or dbaas!' unless %w[compute dbaas].include?(config[:instance_type].downcase)
|
|
126
149
|
|
|
@@ -131,10 +154,23 @@ module Kitchen
|
|
|
131
154
|
# OCI config setup #
|
|
132
155
|
####################
|
|
133
156
|
def oci_config
|
|
157
|
+
# OCI::Config is missing this
|
|
158
|
+
OCI::Config.class_eval { attr_accessor :security_token_file } if config[:use_token_auth]
|
|
159
|
+
|
|
134
160
|
opts = {}
|
|
135
161
|
opts[:config_file_location] = config[:oci_config_file] if config[:oci_config_file]
|
|
136
162
|
opts[:profile_name] = config[:oci_profile_name] if config[:oci_profile_name]
|
|
137
|
-
|
|
163
|
+
|
|
164
|
+
oci_config = begin
|
|
165
|
+
OCI::ConfigFileLoader.load_config(**opts)
|
|
166
|
+
rescue OCI::ConfigFileLoader::Errors::ConfigFileNotFoundError
|
|
167
|
+
OCI::Config.new
|
|
168
|
+
end
|
|
169
|
+
|
|
170
|
+
config[:oci_config].each do |key, value|
|
|
171
|
+
oci_config.send("#{key}=", value) unless value.nil? || value.empty?
|
|
172
|
+
end
|
|
173
|
+
oci_config
|
|
138
174
|
end
|
|
139
175
|
|
|
140
176
|
def proxy_config
|
|
@@ -165,6 +201,13 @@ module Kitchen
|
|
|
165
201
|
if config[:use_instance_principals]
|
|
166
202
|
sign = OCI::Auth::Signers::InstancePrincipalsSecurityTokenSigner.new
|
|
167
203
|
params = { signer: sign }
|
|
204
|
+
elsif config[:use_token_auth]
|
|
205
|
+
pkey_content = oci_config.key_content || IO.read(oci_config.key_file).strip
|
|
206
|
+
pkey = OpenSSL::PKey::RSA.new(pkey_content, oci_config.pass_phrase)
|
|
207
|
+
|
|
208
|
+
token = IO.read(oci_config.security_token_file).strip
|
|
209
|
+
sign = OCI::Auth::Signers::SecurityTokenSigner.new(token, pkey)
|
|
210
|
+
params = { config: oci_config, signer: sign }
|
|
168
211
|
else
|
|
169
212
|
params = { config: oci_config }
|
|
170
213
|
end
|
|
@@ -184,6 +227,10 @@ module Kitchen
|
|
|
184
227
|
generic_api(OCI::Database::DatabaseClient)
|
|
185
228
|
end
|
|
186
229
|
|
|
230
|
+
def ident_api
|
|
231
|
+
generic_api(OCI::Identity::IdentityClient)
|
|
232
|
+
end
|
|
233
|
+
|
|
187
234
|
##################
|
|
188
235
|
# Common methods #
|
|
189
236
|
##################
|
|
@@ -288,7 +335,7 @@ module Kitchen
|
|
|
288
335
|
OCI::Core::Models::LaunchInstanceDetails.new.tap do |l|
|
|
289
336
|
hostname = generate_hostname
|
|
290
337
|
l.availability_domain = config[:availability_domain]
|
|
291
|
-
l.compartment_id =
|
|
338
|
+
l.compartment_id = compartment_id
|
|
292
339
|
l.display_name = hostname
|
|
293
340
|
l.source_details = instance_source_details
|
|
294
341
|
l.shape = config[:shape]
|
|
@@ -302,7 +349,8 @@ module Kitchen
|
|
|
302
349
|
def instance_source_details
|
|
303
350
|
OCI::Core::Models::InstanceSourceViaImageDetails.new(
|
|
304
351
|
sourceType: 'image',
|
|
305
|
-
imageId: config[:image_id]
|
|
352
|
+
imageId: config[:image_id],
|
|
353
|
+
bootVolumeSizeInGBs: config[:boot_volume_size_in_gbs],
|
|
306
354
|
)
|
|
307
355
|
end
|
|
308
356
|
|
|
@@ -340,7 +388,7 @@ module Kitchen
|
|
|
340
388
|
|
|
341
389
|
def vnic_attachments(instance_id)
|
|
342
390
|
att = comp_api.list_vnic_attachments(
|
|
343
|
-
|
|
391
|
+
compartment_id,
|
|
344
392
|
instance_id: instance_id
|
|
345
393
|
).data
|
|
346
394
|
|
|
@@ -438,7 +486,7 @@ module Kitchen
|
|
|
438
486
|
|
|
439
487
|
OCI::Database::Models::LaunchDbSystemDetails.new.tap do |l|
|
|
440
488
|
l.availability_domain = config[:availability_domain]
|
|
441
|
-
l.compartment_id =
|
|
489
|
+
l.compartment_id = compartment_id
|
|
442
490
|
l.cpu_core_count = cpu_core_count
|
|
443
491
|
l.database_edition = database_edition
|
|
444
492
|
l.db_home = create_db_home_details
|
|
@@ -501,7 +549,7 @@ module Kitchen
|
|
|
501
549
|
|
|
502
550
|
def dbaas_node(instance_id)
|
|
503
551
|
dbaas_api.list_db_nodes(
|
|
504
|
-
|
|
552
|
+
compartment_id,
|
|
505
553
|
db_system_id: instance_id
|
|
506
554
|
).data
|
|
507
555
|
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: kitchen-oci
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 1.12.
|
|
4
|
+
version: 1.12.3
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Stephen Pearson
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date:
|
|
11
|
+
date: 2023-07-07 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: oci
|
|
@@ -16,14 +16,14 @@ dependencies:
|
|
|
16
16
|
requirements:
|
|
17
17
|
- - "~>"
|
|
18
18
|
- !ruby/object:Gem::Version
|
|
19
|
-
version: 2.
|
|
19
|
+
version: 2.18.0
|
|
20
20
|
type: :runtime
|
|
21
21
|
prerelease: false
|
|
22
22
|
version_requirements: !ruby/object:Gem::Requirement
|
|
23
23
|
requirements:
|
|
24
24
|
- - "~>"
|
|
25
25
|
- !ruby/object:Gem::Version
|
|
26
|
-
version: 2.
|
|
26
|
+
version: 2.18.0
|
|
27
27
|
- !ruby/object:Gem::Dependency
|
|
28
28
|
name: test-kitchen
|
|
29
29
|
requirement: !ruby/object:Gem::Requirement
|
|
@@ -148,7 +148,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
148
148
|
- !ruby/object:Gem::Version
|
|
149
149
|
version: '0'
|
|
150
150
|
requirements: []
|
|
151
|
-
rubygems_version: 3.
|
|
151
|
+
rubygems_version: 3.3.7
|
|
152
152
|
signing_key:
|
|
153
153
|
specification_version: 4
|
|
154
154
|
summary: A Test Kitchen Driver for Oracle OCI
|