kontena-plugin-aws 0.2.6 → 0.2.7

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 25f871612168855c6a2becb9e555b0ba53a2d6ed
-  data.tar.gz: 2047bf67a773fa58f09f9445ab61b65e682e600b
+  metadata.gz: ae87022c9186594dc522a5eced7bbd4758360822
+  data.tar.gz: eec88a482f9dfcde351b10f1ea324d7f323cb747
 SHA512:
-  metadata.gz: 0268b7dfe2cbf7a9b600205afd8b72bb217ad2bc37997e3adafcfc324c7a6b4ac4eb3f625b8c0010ab9f764f79cfa307a86b50bbe51014ce2170b17261fc1198
-  data.tar.gz: 8dc3ef5d935815aa0bc18be4d9ed34dc86d9dd9e522c34dd14486a38e406150ea7f6849a5b3135b09e5d6386bc4ee22ead53725c19a2d8a11bbaa5719a50aeee
+  metadata.gz: dce564e74e064e04230e13c21f3072cf86ab545fb1756439fd3165bd61776a6a03e0790f0d2b8f7e53812da399114be16f167bd6200dee915ca352220a821054
+  data.tar.gz: 529812334bef114118e1990f1a72450dcefe46f391ec4e565d2b0f5d97c7dffa125393047f4cefe4442cb7f688a75a21bd9006b9b99436b5eed756aac34c434b

data/.travis.yml

@@ -1,9 +1,9 @@
 language: ruby
 rvm:
-  - 2.0.0-p648
-  - 2.1.8
-  - 2.2.3
-  - 2.3.1
+  - 2.1.10
+  - 2.2.6
+  - 2.3.3
+  - 2.4.1
 env:
   - secure: "JgI//AQcXde0SoT07sOCeQEuIR1jSz1mDa0O6riCcHSDWnPKo1KN91oJl9W4nY44sXOKhpc09HmQLOYP0QpK4GspD5zIAO5txeLpbOz0KDPkp15/oC3w6w1Q2A++V3Q+/6XnNIHaR/0/o2o0SAZgAFzHdOjwW9lAZoM1aydLX11TSGpTj88bqfz/gf0WfV+bOhSxtxgiH2h+I66RA2lc+MnWITfEhsXkc+blbHArXJc6gLXVO1/ks5WE4eEzTB7n7XM1WGvLm3sYmOZ+onphO8YESoYqkGmNR/5nSrMlHwHbn70HqR3IDUUe4G+tpYOVTX2odgeJTZMuH/V9Dy9LpyNqiOgX8cYbE9/GhnVlSjbMBK99m8m8trT49E9zEKIcmhUMQsI4YCfTdP+hfALcGRMB93XGrQNirvEjORw5kxNYg9Um3UPBeNYSKEbNE58zASF/d9/08tT9cQIOEo2OQCs6zkiuGUrnCTZYdnNWh2xY+sPpoDcnvGMb3h2lzvM4hkbf6HfMIEBLbi8m/zgYjaXoDxpxXyDH9TKkq8zO6/1koGaQQGhLW9ojtYGbpH6BOdWysxJVUk1rRUs3Q39kqRW+diS04cb/ipywfHzw/SbmqdaVkCL/e7MFjDlqiqRdNVUYGnZ65ZUTkgJo/2kuTuKXutar8qaBBvILfVZ4Hno="
 cache: bundler
@@ -14,3 +14,4 @@ deploy:
   gem: kontena-plugin-aws
   on:
     tags: true
+    rvm: 2.4.1

data/lib/kontena/machine/aws.rb

@@ -1,6 +1,17 @@
 module Kontena
   module Machine
     module Aws
+      def ssl_fail_message(used_option = false)
+        if used_option
+          "AWS SSL certificate verify failed.\n" +
+          "You may need to download cacert.pem and set environment variable\n" +
+          "SSL_CERT_FILE=/path/to/cacert.pem"
+        else
+          "AWS SSL certificate verify failed.\n" +
+          "Try running the command again with option --aws-bundled-cert"
+        end
+      end
+      module_function :ssl_fail_message
     end
   end
 end

data/lib/kontena/plugin/aws.rb

@@ -1,7 +1,7 @@
 module Kontena
   module Plugin
     module Aws
-      VERSION = "0.2.6"
+      VERSION = "0.2.7"
     end
   end
 end

data/lib/kontena/plugin/aws/master/create_command.rb

@@ -23,9 +23,13 @@ module Kontena::Plugin::Aws::Master
     option "--version", "VERSION", "Define installed Kontena version", default: 'latest'
     option "--associate-public-ip-address", :flag, "Whether to associated public IP in case the VPC defaults to not doing it", default: true, attribute_name: :associate_public_ip
     option "--security-groups", "SECURITY_GROUPS", "Comma separated list of security groups (names) where the new instance will be attached (default: create 'kontena_master' group if not already existing)"
+    option "--aws-bundled-cert", :flag, "Use CA certificate bundled in AWS SDK", default: false
 
     def execute
       require_relative '../../../machine/aws'
+
+      Aws.use_bundled_cert! if aws_bundled_cert?
+
       aws_access_key = ask_aws_access_key
       aws_secret_key = ask_aws_secret_key
       aws_region = ask_aws_region(aws_access_key, aws_secret_key)
@@ -55,6 +59,9 @@ module Kontena::Plugin::Aws::Master
           security_groups: security_groups,
           initial_admin_code: SecureRandom.hex(16)
       )
+    rescue Seahorse::Client::NetworkingError => ex
+      raise ex unless ex.message.match(/certificate verify failed/)
+      exit_with_error Kontena::Machine::Aws.ssl_fail_message(aws_bundled_cert?)
     end
 
     def provisioner(access_key, secret_key, region)

data/lib/kontena/plugin/aws/nodes/create_command.rb

@@ -18,13 +18,15 @@ module Kontena::Plugin::Aws::Nodes
     option "--version", "VERSION", "Define installed Kontena version", default: 'latest'
     option "--[no-]associate-public-ip-address", :flag, "Whether to associated public IP in case the VPC defaults to not doing it", default: true, attribute_name: :associate_public_ip
     option "--security-groups", "SECURITY GROUPS", "Comma separated list of security groups (names) where the new instance will be attached (default: create grid specific group if not already existing)"
+    option "--aws-bundled-cert", :flag, "Use CA certificate bundled in AWS SDK", default: false
 
     requires_current_master
 
     def execute
       require_current_grid
-
       require_relative '../../../machine/aws'
+      Aws.use_bundled_cert! if aws_bundled_cert?
+
       grid = fetch_grid(current_grid)
       aws_access_key = ask_aws_access_key
       aws_secret_key = ask_aws_secret_key
@@ -54,6 +56,9 @@ module Kontena::Plugin::Aws::Nodes
           associate_public_ip: associate_public_ip?,
           security_groups: security_groups
       )
+    rescue Seahorse::Client::NetworkingError => ex
+      raise ex unless ex.message.match(/certificate verify failed/)
+      exit_with_error Kontena::Machine::Aws.ssl_fail_message(aws_bundled_cert?)
     end
 
     # @param [String] id

data/lib/kontena/plugin/aws/nodes/restart_command.rb

@@ -8,6 +8,7 @@ module Kontena::Plugin::Aws::Nodes
     option "--access-key", "ACCESS_KEY", "AWS access key ID", environment_variable: "AWS_ACCESS_KEY_ID"
     option "--secret-key", "SECRET_KEY", "AWS secret access key", environment_variable: "AWS_SECRET_ACCESS_KEY"
     option "--region", "REGION", "EC2 Region", environment_variable: "AWS_REGION"
+    option "--aws-bundled-cert", :flag, "Use CA certificate bundled in AWS SDK", default: false
 
     requires_current_master
 
@@ -20,9 +21,13 @@ module Kontena::Plugin::Aws::Nodes
       aws_secret_key = ask_aws_secret_key
       aws_region = self.region || resolve_or_ask_region(node, aws_access_key, aws_secret_key)
       require_relative '../../../machine/aws'
+      Aws.use_bundled_cert! if aws_bundled_cert?
 
       restarter = restarter(aws_access_key, aws_secret_key, aws_region)
       restarter.run!(node_name)
+    rescue Seahorse::Client::NetworkingError => ex
+      raise ex unless ex.message.match(/certificate verify failed/)
+      exit_with_error Kontena::Machine::Aws.ssl_fail_message(aws_bundled_cert?)
     end
 
     def restarter(access_key, secret_key, region)

data/lib/kontena/plugin/aws/nodes/terminate_command.rb

@@ -9,6 +9,7 @@ module Kontena::Plugin::Aws::Nodes
     option "--secret-key", "SECRET_KEY", "AWS secret access key", environment_variable: "AWS_SECRET_ACCESS_KEY"
     option "--region", "REGION", "EC2 Region (default: node's region)", environment_variable: "AWS_REGION"
     option "--force", :flag, "Force remove", default: false, attribute_name: :forced
+    option "--aws-bundled-cert", :flag, "Use CA certificate bundled in AWS SDK", default: false
 
     requires_current_master
 
@@ -23,9 +24,14 @@ module Kontena::Plugin::Aws::Nodes
 
       confirm_command(node_name) unless forced?
       require_relative '../../../machine/aws'
+      Aws.use_bundled_cert! if aws_bundled_cert?
+
       grid = client.get("grids/#{current_grid}")
       destroyer = destroyer(aws_access_key, aws_secret_key, aws_region)
       destroyer.run!(grid, node_name)
+    rescue Seahorse::Client::NetworkingError => ex
+      raise ex unless ex.message.match(/certificate verify failed/)
+      exit_with_error Kontena::Machine::Aws.ssl_fail_message(aws_bundled_cert?)
     end
 
     def destroyer(access_key, secret_key, region)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: kontena-plugin-aws
 version: !ruby/object:Gem::Version
-  version: 0.2.6
+  version: 0.2.7
 platform: ruby
 authors:
 - Kontena, Inc.
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-03-20 00:00:00.000000000 Z
+date: 2017-05-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: kontena-cli