vagrant-aws-iam-decoder 0.7.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (46) hide show
  1. checksums.yaml +7 -0
  2. data/.gitignore +21 -0
  3. data/.rspec +1 -0
  4. data/.travis.yml +19 -0
  5. data/CHANGELOG.md +96 -0
  6. data/Gemfile +12 -0
  7. data/LICENSE +8 -0
  8. data/README.md +326 -0
  9. data/Rakefile +22 -0
  10. data/dummy.box +0 -0
  11. data/example_box/README.md +13 -0
  12. data/example_box/metadata.json +3 -0
  13. data/lib/vagrant-aws-iam-decoder.rb +18 -0
  14. data/lib/vagrant-aws/action.rb +210 -0
  15. data/lib/vagrant-aws/action/connect_aws.rb +48 -0
  16. data/lib/vagrant-aws/action/elb_deregister_instance.rb +24 -0
  17. data/lib/vagrant-aws/action/elb_register_instance.rb +24 -0
  18. data/lib/vagrant-aws/action/is_created.rb +18 -0
  19. data/lib/vagrant-aws/action/is_stopped.rb +18 -0
  20. data/lib/vagrant-aws/action/message_already_created.rb +16 -0
  21. data/lib/vagrant-aws/action/message_not_created.rb +16 -0
  22. data/lib/vagrant-aws/action/message_will_not_destroy.rb +16 -0
  23. data/lib/vagrant-aws/action/package_instance.rb +192 -0
  24. data/lib/vagrant-aws/action/read_ssh_info.rb +53 -0
  25. data/lib/vagrant-aws/action/read_state.rb +38 -0
  26. data/lib/vagrant-aws/action/run_instance.rb +396 -0
  27. data/lib/vagrant-aws/action/start_instance.rb +81 -0
  28. data/lib/vagrant-aws/action/stop_instance.rb +28 -0
  29. data/lib/vagrant-aws/action/terminate_instance.rb +51 -0
  30. data/lib/vagrant-aws/action/timed_provision.rb +21 -0
  31. data/lib/vagrant-aws/action/wait_for_state.rb +41 -0
  32. data/lib/vagrant-aws/action/warn_networks.rb +19 -0
  33. data/lib/vagrant-aws/config.rb +601 -0
  34. data/lib/vagrant-aws/errors.rb +43 -0
  35. data/lib/vagrant-aws/plugin.rb +73 -0
  36. data/lib/vagrant-aws/provider.rb +50 -0
  37. data/lib/vagrant-aws/util/elb.rb +58 -0
  38. data/lib/vagrant-aws/util/timer.rb +17 -0
  39. data/lib/vagrant-aws/version.rb +5 -0
  40. data/locales/en.yml +161 -0
  41. data/spec/spec_helper.rb +1 -0
  42. data/spec/vagrant-aws/config_spec.rb +395 -0
  43. data/templates/metadata.json.erb +3 -0
  44. data/templates/vagrant-aws_package_Vagrantfile.erb +5 -0
  45. data/vagrant-aws-iam-decoder.gemspec +62 -0
  46. metadata +163 -0
@@ -0,0 +1,43 @@
1
+ require "vagrant"
2
+
3
+ module VagrantPlugins
4
+ module AWS
5
+ module Errors
6
+ class VagrantAWSError < Vagrant::Errors::VagrantError
7
+ error_namespace("vagrant_aws.errors")
8
+ end
9
+
10
+ class FogError < VagrantAWSError
11
+ error_key(:fog_error)
12
+ end
13
+
14
+ class InternalFogError < VagrantAWSError
15
+ error_key(:internal_fog_error)
16
+ end
17
+
18
+ class InstanceReadyTimeout < VagrantAWSError
19
+ error_key(:instance_ready_timeout)
20
+ end
21
+
22
+ class InstancePackageError < VagrantAWSError
23
+ error_key(:instance_package_error)
24
+ end
25
+
26
+ class InstancePackageTimeout < VagrantAWSError
27
+ error_key(:instance_package_timeout)
28
+ end
29
+
30
+ class RsyncError < VagrantAWSError
31
+ error_key(:rsync_error)
32
+ end
33
+
34
+ class MkdirError < VagrantAWSError
35
+ error_key(:mkdir_error)
36
+ end
37
+
38
+ class ElbDoesNotExistError < VagrantAWSError
39
+ error_key("elb_does_not_exist")
40
+ end
41
+ end
42
+ end
43
+ end
@@ -0,0 +1,73 @@
1
+ begin
2
+ require "vagrant"
3
+ rescue LoadError
4
+ raise "The Vagrant AWS plugin must be run within Vagrant."
5
+ end
6
+
7
+ # This is a sanity check to make sure no one is attempting to install
8
+ # this into an early Vagrant version.
9
+ if Vagrant::VERSION < "1.2.0"
10
+ raise "The Vagrant AWS plugin is only compatible with Vagrant 1.2+"
11
+ end
12
+
13
+ module VagrantPlugins
14
+ module AWS
15
+ class Plugin < Vagrant.plugin("2")
16
+ name "AWS"
17
+ description <<-DESC
18
+ This plugin installs a provider that allows Vagrant to manage
19
+ machines in AWS (EC2/VPC).
20
+ DESC
21
+
22
+ config(:aws, :provider) do
23
+ require_relative "config"
24
+ Config
25
+ end
26
+
27
+ provider(:aws, parallel: true) do
28
+ # Setup logging and i18n
29
+ setup_logging
30
+ setup_i18n
31
+
32
+ # Return the provider
33
+ require_relative "provider"
34
+ Provider
35
+ end
36
+
37
+ # This initializes the internationalization strings.
38
+ def self.setup_i18n
39
+ I18n.load_path << File.expand_path("locales/en.yml", AWS.source_root)
40
+ I18n.reload!
41
+ end
42
+
43
+ # This sets up our log level to be whatever VAGRANT_LOG is.
44
+ def self.setup_logging
45
+ require "log4r"
46
+
47
+ level = nil
48
+ begin
49
+ level = Log4r.const_get(ENV["VAGRANT_LOG"].upcase)
50
+ rescue NameError
51
+ # This means that the logging constant wasn't found,
52
+ # which is fine. We just keep `level` as `nil`. But
53
+ # we tell the user.
54
+ level = nil
55
+ end
56
+
57
+ # Some constants, such as "true" resolve to booleans, so the
58
+ # above error checking doesn't catch it. This will check to make
59
+ # sure that the log level is an integer, as Log4r requires.
60
+ level = nil if !level.is_a?(Integer)
61
+
62
+ # Set the logging level on all "vagrant" namespaced
63
+ # logs as long as we have a valid level.
64
+ if level
65
+ logger = Log4r::Logger.new("vagrant_aws")
66
+ logger.outputters = Log4r::Outputter.stderr
67
+ logger.level = level
68
+ logger = nil
69
+ end
70
+ end
71
+ end
72
+ end
73
+ end
@@ -0,0 +1,50 @@
1
+ require "log4r"
2
+ require "vagrant"
3
+
4
+ module VagrantPlugins
5
+ module AWS
6
+ class Provider < Vagrant.plugin("2", :provider)
7
+ def initialize(machine)
8
+ @machine = machine
9
+ end
10
+
11
+ def action(name)
12
+ # Attempt to get the action method from the Action class if it
13
+ # exists, otherwise return nil to show that we don't support the
14
+ # given action.
15
+ action_method = "action_#{name}"
16
+ return Action.send(action_method) if Action.respond_to?(action_method)
17
+ nil
18
+ end
19
+
20
+ def ssh_info
21
+ # Run a custom action called "read_ssh_info" which does what it
22
+ # says and puts the resulting SSH info into the `:machine_ssh_info`
23
+ # key in the environment.
24
+ env = @machine.action("read_ssh_info", lock: false)
25
+ env[:machine_ssh_info]
26
+ end
27
+
28
+ def state
29
+ # Run a custom action we define called "read_state" which does
30
+ # what it says. It puts the state in the `:machine_state_id`
31
+ # key in the environment.
32
+ env = @machine.action("read_state", lock: false)
33
+
34
+ state_id = env[:machine_state_id]
35
+
36
+ # Get the short and long description
37
+ short = I18n.t("vagrant_aws.states.short_#{state_id}")
38
+ long = I18n.t("vagrant_aws.states.long_#{state_id}")
39
+
40
+ # Return the MachineState object
41
+ Vagrant::MachineState.new(state_id, short, long)
42
+ end
43
+
44
+ def to_s
45
+ id = @machine.id.nil? ? "new" : @machine.id
46
+ "AWS (#{id})"
47
+ end
48
+ end
49
+ end
50
+ end
@@ -0,0 +1,58 @@
1
+ module VagrantPlugins
2
+ module AWS
3
+ module ElasticLoadBalancer
4
+
5
+ def register_instance(env, elb_name, instance_id)
6
+ env[:ui].info I18n.t("vagrant_aws.elb.registering", instance_id: instance_id, elb_name: elb_name), :new_line => false
7
+ elb = get_load_balancer(env[:aws_elb], elb_name)
8
+ unless elb.instances.include? instance_id
9
+ elb.register_instances([instance_id])
10
+ env[:ui].info I18n.t("vagrant_aws.elb.ok"), :prefix => false
11
+ adjust_availability_zones env, elb
12
+ else
13
+ env[:ui].info I18n.t("vagrant_aws.elb.skipped"), :prefix => false
14
+ end
15
+ end
16
+
17
+ def deregister_instance(env, elb_name, instance_id)
18
+ env[:ui].info I18n.t("vagrant_aws.elb.deregistering", instance_id: instance_id, elb_name: elb_name), :new_line => false
19
+ elb = get_load_balancer(env[:aws_elb], elb_name)
20
+ if elb.instances.include? instance_id
21
+ elb.deregister_instances([instance_id])
22
+ env[:ui].info I18n.t("vagrant_aws.elb.ok"), :prefix => false
23
+ if env[:machine].provider_config.unregister_elb_from_az
24
+ adjust_availability_zones env, elb
25
+ end
26
+ else
27
+ env[:ui].info I18n.t("vagrant_aws.elb.skipped"), :prefix => false
28
+ end
29
+ end
30
+
31
+ def adjust_availability_zones(env, elb)
32
+ env[:ui].info I18n.t("vagrant_aws.elb.adjusting", elb_name: elb.id), :new_line => false
33
+
34
+ instances = env[:aws_compute].servers.all("instance-id" => elb.instances)
35
+
36
+ azs = if instances.empty?
37
+ ["#{env[:machine].provider_config.region}a"]
38
+ else
39
+ instances.map(&:availability_zone).uniq
40
+ end
41
+
42
+ az_to_disable = elb.availability_zones - azs
43
+ az_to_enable = azs - elb.availability_zones
44
+
45
+ elb.enable_availability_zones az_to_enable unless az_to_enable.empty?
46
+ elb.disable_availability_zones az_to_disable unless az_to_disable.empty?
47
+
48
+ env[:ui].info I18n.t("vagrant_aws.elb.ok"), :prefix => false
49
+ end
50
+
51
+ private
52
+
53
+ def get_load_balancer(aws, name)
54
+ aws.load_balancers.find { |lb| lb.id == name } or raise Errors::ElbDoesNotExistError
55
+ end
56
+ end
57
+ end
58
+ end
@@ -0,0 +1,17 @@
1
+ module VagrantPlugins
2
+ module AWS
3
+ module Util
4
+ class Timer
5
+ # A basic utility method that times the execution of the given
6
+ # block and returns it.
7
+ def self.time
8
+ start_time = Time.now.to_f
9
+ yield
10
+ end_time = Time.now.to_f
11
+
12
+ end_time - start_time
13
+ end
14
+ end
15
+ end
16
+ end
17
+ end
@@ -0,0 +1,5 @@
1
+ module VagrantPlugins
2
+ module AWS
3
+ VERSION = '0.7.2'
4
+ end
5
+ end
data/locales/en.yml ADDED
@@ -0,0 +1,161 @@
1
+ en:
2
+ vagrant_aws:
3
+ already_status: |-
4
+ The machine is already %{status}.
5
+ burning_ami: |-
6
+ Waiting for the AMI '%{ami_id}' to burn...
7
+ elb:
8
+ adjusting: |-
9
+ Adjusting availability zones of ELB %{elb_name}...
10
+ registering: |-
11
+ Registering %{instance_id} at ELB %{elb_name}...
12
+ deregistering: |-
13
+ Deregistering %{instance_id} from ELB %{elb_name}...
14
+ ok: |-
15
+ ok
16
+ skipped: |-
17
+ skipped
18
+
19
+ launching_instance: |-
20
+ Launching an instance with the following settings...
21
+ launching_spot_instance: |-
22
+ Launching a spot request instance with the following settings...
23
+ launch_no_keypair: |-
24
+ Warning! You didn't specify a keypair to launch your instance with.
25
+ This can sometimes result in not being able to access your instance.
26
+ launch_vpc_warning: |-
27
+ Warning! You're launching this instance into a VPC without an
28
+ elastic IP. Please verify you're properly connected to a VPN so
29
+ you can access this machine, otherwise Vagrant will not be able
30
+ to SSH into it.
31
+ not_created: |-
32
+ Instance is not created. Please run `vagrant up` first.
33
+ packaging_instance: |-
34
+ Burning instance %{instance_id} into an ami
35
+ packaging_instance_complete: |-
36
+ Burn was successful in %{time_seconds}s
37
+ ready: |-
38
+ Machine is booted and ready for use!
39
+ rsync_not_found_warning: |-
40
+ Warning! Folder sync disabled because the rsync binary is missing in the %{side}.
41
+ Make sure rsync is installed and the binary can be found in the PATH.
42
+ rsync_folder: |-
43
+ Rsyncing folder: %{hostpath} => %{guestpath}
44
+ source_dest_checks_no_vpc: |-
45
+ Warning! Ignoring source_dest_checks flag as it can only be configured on
46
+ a VPC instance.
47
+ starting: |-
48
+ Starting the instance...
49
+ stopping: |-
50
+ Stopping the instance...
51
+ terminating: |-
52
+ Terminating the instance...
53
+ waiting_for_ready: |-
54
+ Waiting for instance to become "ready"...
55
+ waiting_for_ssh: |-
56
+ Waiting for SSH to become available...
57
+ warn_networks: |-
58
+ Warning! The AWS provider doesn't support any of the Vagrant
59
+ high-level network configurations (`config.vm.network`). They
60
+ will be silently ignored.
61
+ warn_ssh_access: |-
62
+ Warning! Vagrant might not be able to SSH into the instance.
63
+ Please check your security groups settings.
64
+ will_not_destroy: |-
65
+ The instance '%{name}' will not be destroyed, since the confirmation
66
+ was declined.
67
+
68
+ config:
69
+ access_key_id_required: |-
70
+ An access key ID must be specified via "access_key_id"
71
+ ami_required: |-
72
+ An AMI must be configured via "ami" (region: #{region})
73
+ private_key_missing: |-
74
+ The specified private key for AWS could not be found
75
+ region_required: |-
76
+ A region must be specified via "region"
77
+ secret_access_key_required: |-
78
+ A secret access key is required via "secret_access_key"
79
+ subnet_id_required_with_public_ip: |-
80
+ If you assign a public IP address to an instance in a VPC, a subnet must be specifed via "subnet_id"
81
+ aws_info_required: |-
82
+ One or more of the needed AWS credentials are missing. No environment variables
83
+ are set nor profile '%{profile}' exists at '%{location}'
84
+
85
+ errors:
86
+ fog_error: |-
87
+ There was an error talking to AWS. The error message is shown
88
+ below:
89
+
90
+ %{message}
91
+ internal_fog_error: |-
92
+ There was an error talking to AWS. The error message is shown
93
+ below:
94
+
95
+ Error: %{error}
96
+ Response: %{response}
97
+ instance_ready_timeout: |-
98
+ The instance never became "ready" in AWS. The timeout currently
99
+ set waiting for the instance to become ready is %{timeout} seconds.
100
+ Please verify that the machine properly boots. If you need more time
101
+ set the `instance_ready_timeout` configuration on the AWS provider.
102
+ instance_package_error: |-
103
+ There was an error packaging the instance. See details below for more info.
104
+
105
+ AMI Id: %{ami_id}
106
+ Error: %{err}
107
+ instance_package_timeout: |-
108
+ The AMI failed to become "ready" in AWS. The timeout currently
109
+ set waiting for the instance to become ready is %{timeout} seconds. For
110
+ larger instances AMI burning may take long periods of time. Please
111
+ ensure the timeout is set high enough, it can be changed by adjusting
112
+ the `instance_package_timeout` configuration on the AWS provider.
113
+ rsync_error: |-
114
+ There was an error when attempting to rsync a shared folder.
115
+ Please inspect the error message below for more info.
116
+
117
+ Host path: %{hostpath}
118
+ Guest path: %{guestpath}
119
+ Error: %{stderr}
120
+ mkdir_error: |-
121
+ There was an error when attempting to create a shared host folder.
122
+ Please inspect the error message below for more info.
123
+
124
+ Host path: %{hostpath}
125
+ Error: %{err}
126
+ elb_does_not_exist: |-
127
+ ELB configured for the instance does not exist
128
+
129
+ states:
130
+ short_not_created: |-
131
+ not created
132
+ long_not_created: |-
133
+ The EC2 instance is not created. Run `vagrant up` to create it.
134
+
135
+ short_stopped: |-
136
+ stopped
137
+ long_stopped: |-
138
+ The EC2 instance is stopped. Run `vagrant up` to start it.
139
+
140
+ short_stopping: |-
141
+ stopping
142
+ long_stopping: |-
143
+ The EC2 instance is stopping. Wait until is completely stopped to
144
+ run `vagrant up` and start it.
145
+
146
+ short_pending: |-
147
+ pending
148
+ long_pending: |-
149
+ The EC2 instance is pending a start (i.e. this is a transition state).
150
+
151
+ short_running: |-
152
+ running
153
+ long_running: |-
154
+ The EC2 instance is running. To stop this machine, you can run
155
+ `vagrant halt`. To destroy the machine, you can run `vagrant destroy`.
156
+
157
+ short_pending: |-
158
+ pending
159
+ long_pending: |-
160
+ The EC2 instance is still being initialized. To destroy this machine,
161
+ you can run `vagrant destroy`.
@@ -0,0 +1 @@
1
+
@@ -0,0 +1,395 @@
1
+ require "vagrant-aws/config"
2
+ require 'rspec/its'
3
+
4
+ # remove deprecation warnings
5
+ # (until someone decides to update the whole spec file to rspec 3.4)
6
+ RSpec.configure do |config|
7
+ # ...
8
+ config.mock_with :rspec do |c|
9
+ c.syntax = [:should, :expect]
10
+ end
11
+ config.expect_with :rspec do |c|
12
+ c.syntax = [:should, :expect]
13
+ end
14
+ end
15
+
16
+ describe VagrantPlugins::AWS::Config do
17
+ let(:instance) { described_class.new }
18
+
19
+ # Ensure tests are not affected by AWS credential environment variables
20
+ before :each do
21
+ ENV.stub(:[] => nil)
22
+ end
23
+
24
+ describe "defaults" do
25
+ subject do
26
+ instance.tap do |o|
27
+ o.finalize!
28
+ end
29
+ end
30
+
31
+ its("access_key_id") { should be_nil }
32
+ its("ami") { should be_nil }
33
+ its("availability_zone") { should be_nil }
34
+ its("instance_ready_timeout") { should == 120 }
35
+ its("instance_check_interval") { should == 2 }
36
+ its("instance_package_timeout") { should == 600 }
37
+ its("instance_type") { should == "m3.medium" }
38
+ its("keypair_name") { should be_nil }
39
+ its("private_ip_address") { should be_nil }
40
+ its("region") { should == "us-east-1" }
41
+ its("secret_access_key") { should be_nil }
42
+ its("session_token") { should be_nil }
43
+ its("security_groups") { should == [] }
44
+ its("subnet_id") { should be_nil }
45
+ its("iam_instance_profile_arn") { should be_nil }
46
+ its("iam_instance_profile_name") { should be_nil }
47
+ its("tags") { should == {} }
48
+ its("package_tags") { should == {} }
49
+ its("user_data") { should be_nil }
50
+ its("use_iam_profile") { should be false }
51
+ its("block_device_mapping") {should == [] }
52
+ its("elastic_ip") { should be_nil }
53
+ its("terminate_on_shutdown") { should == false }
54
+ its("ssh_host_attribute") { should be_nil }
55
+ its("monitoring") { should == false }
56
+ its("ebs_optimized") { should == false }
57
+ its("source_dest_check") { should be_nil }
58
+ its("associate_public_ip") { should == false }
59
+ its("unregister_elb_from_az") { should == true }
60
+ its("tenancy") { should == "default" }
61
+ its("spot_instance") { should == false }
62
+ its("spot_max_price") { should be_nil }
63
+ its("spot_price_product_description") { should be_nil }
64
+ its("spot_valid_until") { should be_nil }
65
+ end
66
+
67
+ describe "overriding defaults" do
68
+ # I typically don't meta-program in tests, but this is a very
69
+ # simple boilerplate test, so I cut corners here. It just sets
70
+ # each of these attributes to "foo" in isolation, and reads the value
71
+ # and asserts the proper result comes back out.
72
+ [:access_key_id, :ami, :availability_zone, :instance_ready_timeout,
73
+ :instance_package_timeout, :instance_type, :keypair_name, :ssh_host_attribute,
74
+ :ebs_optimized, :region, :secret_access_key, :session_token, :monitoring,
75
+ :associate_public_ip, :subnet_id, :tags, :package_tags, :elastic_ip,
76
+ :terminate_on_shutdown, :iam_instance_profile_arn, :iam_instance_profile_name,
77
+ :use_iam_profile, :user_data, :block_device_mapping,
78
+ :source_dest_check].each do |attribute|
79
+
80
+ it "should not default #{attribute} if overridden" do
81
+ # but these should always come together, so you need to set them all or nothing
82
+ instance.send("access_key_id=".to_sym, "foo")
83
+ instance.send("secret_access_key=".to_sym, "foo")
84
+ instance.send("session_token=".to_sym, "foo")
85
+ instance.send("#{attribute}=".to_sym, "foo")
86
+ instance.finalize!
87
+ instance.send(attribute).should == "foo"
88
+ end
89
+ end
90
+ it "should not default security_groups if overridden" do
91
+ instance.security_groups = "foo"
92
+ instance.finalize!
93
+ instance.security_groups.should == ["foo"]
94
+ end
95
+ end
96
+
97
+ describe "getting credentials from environment" do
98
+ context "without EC2 credential environment variables" do
99
+ subject do
100
+ instance.tap do |o|
101
+ o.finalize!
102
+ end
103
+ end
104
+
105
+ its("access_key_id") { should be_nil }
106
+ its("secret_access_key") { should be_nil }
107
+ its("session_token") { should be_nil }
108
+ end
109
+
110
+ context "with EC2 credential environment variables" do
111
+ before :each do
112
+ ENV.stub(:[]).with("AWS_ACCESS_KEY_ID").and_return("access_key")
113
+ ENV.stub(:[]).with("AWS_SECRET_ACCESS_KEY").and_return("secret_key")
114
+ ENV.stub(:[]).with("AWS_SESSION_TOKEN").and_return("session_token")
115
+ end
116
+
117
+ subject do
118
+ instance.tap do |o|
119
+ o.finalize!
120
+ end
121
+ end
122
+
123
+ its("access_key_id") { should == "access_key" }
124
+ its("secret_access_key") { should == "secret_key" }
125
+ its("session_token") { should == "session_token" }
126
+ end
127
+ end
128
+
129
+
130
+ describe "getting credentials when there is an AWS profile" do
131
+ ## ENV has been nuked so ENV['HOME'] will be a empty string when Credentials#get_aws_info gets called
132
+ let(:filename_cfg) { "/.aws/config" }
133
+ let(:filename_keys) { "/.aws/credentials" }
134
+ let(:data_cfg) {
135
+ "[default]
136
+ region=eu-west-1
137
+ output=json
138
+
139
+ [profile user1]
140
+ region=us-east-1
141
+ output=text
142
+
143
+ [profile user2]
144
+ region=us-east-1
145
+ output=text
146
+
147
+ [profile user3]
148
+ region=us-west-2
149
+ output=text
150
+ " }
151
+ let(:data_keys) {
152
+ "[default]
153
+ aws_access_key_id=AKIdefault
154
+ aws_secret_access_key=PASSdefault
155
+
156
+ [user1]
157
+ aws_access_key_id=AKIuser1
158
+ aws_secret_access_key=PASSuser1
159
+
160
+ [user2]
161
+ aws_access_key_id=AKIuser2
162
+ aws_secret_access_key=PASSuser2
163
+ aws_session_token=TOKuser2
164
+
165
+ [user3]
166
+ aws_access_key_id=AKIuser3
167
+ aws_secret_access_key=PASSuser3
168
+ aws_session_token= TOKuser3
169
+ " }
170
+ # filenames and file data when using AWS_SHARED_CREDENTIALS_FILE and AWS_CONFIG_FILE
171
+ let(:sh_dir) { "/aws_shared/" }
172
+ let(:sh_filename_cfg) { sh_dir + "config" }
173
+ let(:sh_filename_keys) { sh_dir + "credentials" }
174
+ let(:sh_data_cfg) { "[default]\nregion=sh-region\noutput=text" }
175
+ let(:sh_data_keys) { "[default]\naws_access_key_id=AKI_set_shared\naws_secret_access_key=set_shared_foobar" }
176
+
177
+ context "with EC2 credential environment variables set" do
178
+ subject do
179
+ ENV.stub(:[]).with("AWS_ACCESS_KEY_ID").and_return("env_access_key")
180
+ ENV.stub(:[]).with("AWS_SECRET_ACCESS_KEY").and_return("env_secret_key")
181
+ ENV.stub(:[]).with("AWS_SESSION_TOKEN").and_return("env_session_token")
182
+ ENV.stub(:[]).with("AWS_DEFAULT_REGION").and_return("env_region")
183
+ allow(File).to receive(:read).with(filename_cfg).and_return(data_cfg)
184
+ allow(File).to receive(:read).with(filename_keys).and_return(data_keys)
185
+ instance.tap do |o|
186
+ o.finalize!
187
+ end
188
+ end
189
+ its("access_key_id") { should == "env_access_key" }
190
+ its("secret_access_key") { should == "env_secret_key" }
191
+ its("session_token") { should == "env_session_token" }
192
+ its("region") { should == "env_region" }
193
+ end
194
+
195
+ context "without EC2 credential environment variables but with AWS_CONFIG_FILE and AWS_SHARED_CREDENTIALS_FILE set" do
196
+ subject do
197
+ allow(File).to receive(:exist?).and_return(true)
198
+ allow(File).to receive(:read).with(filename_cfg).and_return(data_cfg)
199
+ allow(File).to receive(:read).with(filename_keys).and_return(data_keys)
200
+ ENV.stub(:[]).with("AWS_CONFIG_FILE").and_return(sh_filename_cfg)
201
+ ENV.stub(:[]).with("AWS_SHARED_CREDENTIALS_FILE").and_return(sh_filename_keys)
202
+ allow(File).to receive(:read).with(sh_filename_cfg).and_return(sh_data_cfg)
203
+ allow(File).to receive(:read).with(sh_filename_keys).and_return(sh_data_keys)
204
+ instance.tap do |o|
205
+ o.finalize!
206
+ end
207
+ end
208
+ its("access_key_id") { should == "AKI_set_shared" }
209
+ its("secret_access_key") { should == "set_shared_foobar" }
210
+ its("session_token") { should be_nil }
211
+ its("region") { should == "sh-region" }
212
+ end
213
+
214
+ context "without any credential environment variables and fallback to default profile at default location" do
215
+ subject do
216
+ allow(File).to receive(:exist?).and_return(true)
217
+ allow(File).to receive(:read).with(filename_cfg).and_return(data_cfg)
218
+ allow(File).to receive(:read).with(filename_keys).and_return(data_keys)
219
+ instance.tap do |o|
220
+ o.finalize!
221
+ end
222
+ end
223
+ its("access_key_id") { should == "AKIdefault" }
224
+ its("secret_access_key") { should == "PASSdefault" }
225
+ its("session_token") { should be_nil }
226
+ its("region") { should == "eu-west-1" }
227
+ end
228
+
229
+ context "with default profile and overriding region" do
230
+ subject do
231
+ allow(File).to receive(:exist?).and_return(true)
232
+ allow(File).to receive(:read).with(filename_cfg).and_return(data_cfg)
233
+ allow(File).to receive(:read).with(filename_keys).and_return(data_keys)
234
+ instance.region = "eu-central-1"
235
+ instance.tap do |o|
236
+ o.finalize!
237
+ end
238
+ end
239
+ its("access_key_id") { should == "AKIdefault" }
240
+ its("secret_access_key") { should == "PASSdefault" }
241
+ its("session_token") { should be_nil }
242
+ its("region") { should == "eu-central-1" }
243
+ end
244
+
245
+ context "without any credential environment variables and chosing a profile" do
246
+ subject do
247
+ allow(File).to receive(:exist?).and_return(true)
248
+ allow(File).to receive(:read).with(filename_cfg).and_return(data_cfg)
249
+ allow(File).to receive(:read).with(filename_keys).and_return(data_keys)
250
+ instance.aws_profile = "user3"
251
+ instance.tap do |o|
252
+ o.finalize!
253
+ end
254
+ end
255
+ its("access_key_id") { should == "AKIuser3" }
256
+ its("secret_access_key") { should == "PASSuser3" }
257
+ its("session_token") { should == "TOKuser3" }
258
+ its("region") { should == "us-west-2" }
259
+ end
260
+ end
261
+
262
+
263
+
264
+ describe "region config" do
265
+ let(:config_access_key_id) { "foo" }
266
+ let(:config_ami) { "foo" }
267
+ let(:config_instance_type) { "foo" }
268
+ let(:config_keypair_name) { "foo" }
269
+ let(:config_region) { "foo" }
270
+ let(:config_secret_access_key) { "foo" }
271
+ let(:config_session_token) { "foo" }
272
+
273
+ def set_test_values(instance)
274
+ instance.access_key_id = config_access_key_id
275
+ instance.ami = config_ami
276
+ instance.instance_type = config_instance_type
277
+ instance.keypair_name = config_keypair_name
278
+ instance.region = config_region
279
+ instance.secret_access_key = config_secret_access_key
280
+ instance.session_token = config_session_token
281
+ end
282
+
283
+ it "should raise an exception if not finalized" do
284
+ expect { instance.get_region_config("us-east-1") }.
285
+ to raise_error
286
+ end
287
+
288
+ context "with no specific config set" do
289
+ subject do
290
+ # Set the values on the top-level object
291
+ set_test_values(instance)
292
+
293
+ # Finalize so we can get the region config
294
+ instance.finalize!
295
+
296
+ # Get a lower level region
297
+ instance.get_region_config("us-east-1")
298
+ end
299
+
300
+ its("access_key_id") { should == config_access_key_id }
301
+ its("ami") { should == config_ami }
302
+ its("instance_type") { should == config_instance_type }
303
+ its("keypair_name") { should == config_keypair_name }
304
+ its("region") { should == config_region }
305
+ its("secret_access_key") { should == config_secret_access_key }
306
+ its("session_token") { should == config_session_token }
307
+ end
308
+
309
+ context "with a specific config set" do
310
+ let(:region_name) { "hashi-region" }
311
+
312
+ subject do
313
+ # Set the values on a specific region
314
+ instance.region_config region_name do |config|
315
+ set_test_values(config)
316
+ end
317
+
318
+ # Finalize so we can get the region config
319
+ instance.finalize!
320
+
321
+ # Get the region
322
+ instance.get_region_config(region_name)
323
+ end
324
+
325
+ its("access_key_id") { should == config_access_key_id }
326
+ its("ami") { should == config_ami }
327
+ its("instance_type") { should == config_instance_type }
328
+ its("keypair_name") { should == config_keypair_name }
329
+ its("region") { should == region_name }
330
+ its("secret_access_key") { should == config_secret_access_key }
331
+ its("session_token") { should == config_session_token }
332
+ end
333
+
334
+ describe "inheritance of parent config" do
335
+ let(:region_name) { "hashi-region" }
336
+
337
+ subject do
338
+ # Set the values on a specific region
339
+ instance.region_config region_name do |config|
340
+ config.ami = "child"
341
+ end
342
+
343
+ # Set some top-level values
344
+ instance.access_key_id = "parent"
345
+ instance.secret_access_key = "parent"
346
+ instance.ami = "parent"
347
+
348
+ # Finalize and get the region
349
+ instance.finalize!
350
+ instance.get_region_config(region_name)
351
+ end
352
+
353
+ its("access_key_id") { should == "parent" }
354
+ its("secret_access_key") { should == "parent" }
355
+ its("ami") { should == "child" }
356
+ end
357
+
358
+ describe "shortcut configuration" do
359
+ subject do
360
+ # Use the shortcut configuration to set some values
361
+ instance.region_config "us-east-1", :ami => "child"
362
+ instance.finalize!
363
+ instance.get_region_config("us-east-1")
364
+ end
365
+
366
+ its("ami") { should == "child" }
367
+ end
368
+
369
+ describe "merging" do
370
+ let(:first) { described_class.new }
371
+ let(:second) { described_class.new }
372
+
373
+ it "should merge the tags and block_device_mappings" do
374
+ first.tags["one"] = "one"
375
+ second.tags["two"] = "two"
376
+ first.package_tags["three"] = "three"
377
+ second.package_tags["four"] = "four"
378
+ first.block_device_mapping = [{:one => "one"}]
379
+ second.block_device_mapping = [{:two => "two"}]
380
+
381
+ third = first.merge(second)
382
+ third.tags.should == {
383
+ "one" => "one",
384
+ "two" => "two"
385
+ }
386
+ third.package_tags.should == {
387
+ "three" => "three",
388
+ "four" => "four"
389
+ }
390
+ third.block_device_mapping.index({:one => "one"}).should_not be_nil
391
+ third.block_device_mapping.index({:two => "two"}).should_not be_nil
392
+ end
393
+ end
394
+ end
395
+ end