2013-08-21 16:53:07 -04:00
|
|
|
package common
|
|
|
|
|
|
|
|
import (
|
2018-01-22 18:32:33 -05:00
|
|
|
"context"
|
2013-08-21 16:53:07 -04:00
|
|
|
"fmt"
|
2015-04-05 17:58:48 -04:00
|
|
|
"sync"
|
|
|
|
|
2015-07-28 20:10:21 -04:00
|
|
|
"github.com/aws/aws-sdk-go/aws"
|
2015-06-03 17:13:52 -04:00
|
|
|
"github.com/aws/aws-sdk-go/service/ec2"
|
2019-05-03 17:47:09 -04:00
|
|
|
"github.com/aws/aws-sdk-go/service/ec2/ec2iface"
|
2019-08-23 05:17:45 -04:00
|
|
|
"github.com/hashicorp/packer/helper/config"
|
2018-01-19 19:18:44 -05:00
|
|
|
"github.com/hashicorp/packer/helper/multistep"
|
2017-04-04 16:39:01 -04:00
|
|
|
"github.com/hashicorp/packer/packer"
|
2013-08-21 16:53:07 -04:00
|
|
|
)
|
|
|
|
|
2013-08-22 18:03:30 -04:00
|
|
|
type StepAMIRegionCopy struct {
|
2017-05-26 15:21:07 -04:00
|
|
|
AccessConfig *AccessConfig
|
|
|
|
Regions []string
|
2019-04-15 19:44:56 -04:00
|
|
|
AMIKmsKeyId string
|
2017-05-26 15:21:07 -04:00
|
|
|
RegionKeyIds map[string]string
|
2019-08-23 05:17:45 -04:00
|
|
|
EncryptBootVolume config.Trilean // nil means preserve
|
2017-05-26 15:21:07 -04:00
|
|
|
Name string
|
2019-05-03 17:47:09 -04:00
|
|
|
OriginalRegion string
|
2019-05-02 17:20:26 -04:00
|
|
|
|
2019-06-17 17:39:11 -04:00
|
|
|
toDelete string
|
|
|
|
getRegionConn func(*AccessConfig, string) (ec2iface.EC2API, error)
|
|
|
|
AMISkipBuildRegion bool
|
2013-08-21 16:53:07 -04:00
|
|
|
}
|
|
|
|
|
2019-07-12 17:59:11 -04:00
|
|
|
func (s *StepAMIRegionCopy) DeduplicateRegions(intermediary bool) {
|
2019-07-11 19:56:40 -04:00
|
|
|
// Deduplicates regions by looping over the list of regions and storing
|
|
|
|
// the regions as keys in a map. This saves users from accidentally copying
|
|
|
|
// regions twice if they've added a region to a map twice.
|
|
|
|
|
|
|
|
RegionMap := map[string]bool{}
|
|
|
|
RegionSlice := []string{}
|
|
|
|
|
2019-07-12 17:59:11 -04:00
|
|
|
// Original build region may or may not be present in the Regions list, so
|
|
|
|
// let's make absolutely sure it's in our map.
|
|
|
|
RegionMap[s.OriginalRegion] = true
|
2019-07-11 19:56:40 -04:00
|
|
|
for _, r := range s.Regions {
|
|
|
|
RegionMap[r] = true
|
|
|
|
}
|
|
|
|
|
2019-07-12 17:59:11 -04:00
|
|
|
if !intermediary || s.AMISkipBuildRegion {
|
|
|
|
// We don't want to copy back into the original region if we aren't
|
|
|
|
// using an intermediary image, so remove the original region from our
|
|
|
|
// map.
|
|
|
|
|
|
|
|
// We also don't want to copy back into the original region if the
|
|
|
|
// intermediary image is because we're skipping the build region.
|
|
|
|
delete(RegionMap, s.OriginalRegion)
|
|
|
|
|
|
|
|
}
|
|
|
|
|
2019-07-11 19:56:40 -04:00
|
|
|
// Now print all those keys into the region slice again
|
|
|
|
for k, _ := range RegionMap {
|
|
|
|
RegionSlice = append(RegionSlice, k)
|
|
|
|
}
|
|
|
|
|
|
|
|
s.Regions = RegionSlice
|
|
|
|
}
|
|
|
|
|
2018-06-01 19:17:30 -04:00
|
|
|
func (s *StepAMIRegionCopy) Run(ctx context.Context, state multistep.StateBag) multistep.StepAction {
|
2013-08-31 15:58:55 -04:00
|
|
|
ui := state.Get("ui").(packer.Ui)
|
|
|
|
amis := state.Get("amis").(map[string]string)
|
2016-09-11 08:37:24 -04:00
|
|
|
snapshots := state.Get("snapshots").(map[string][]string)
|
2019-07-27 13:07:29 -04:00
|
|
|
intermediary, _ := state.Get("intermediary_image").(bool)
|
2013-08-21 16:53:07 -04:00
|
|
|
|
2019-07-12 17:59:11 -04:00
|
|
|
s.DeduplicateRegions(intermediary)
|
2019-05-03 17:47:09 -04:00
|
|
|
ami := amis[s.OriginalRegion]
|
2019-07-12 17:59:11 -04:00
|
|
|
|
|
|
|
// Make a note to delete the intermediary AMI if necessary.
|
|
|
|
if intermediary {
|
2019-06-17 18:38:28 -04:00
|
|
|
s.toDelete = ami
|
2019-06-17 17:39:11 -04:00
|
|
|
}
|
2019-05-03 17:47:09 -04:00
|
|
|
|
2019-08-23 05:17:45 -04:00
|
|
|
if s.EncryptBootVolume.True() {
|
2019-07-12 17:59:11 -04:00
|
|
|
// encrypt_boot is true, so we have to copy the temporary
|
|
|
|
// AMI with required encryption setting.
|
|
|
|
// temp image was created by stepCreateAMI.
|
|
|
|
if s.RegionKeyIds == nil {
|
|
|
|
s.RegionKeyIds = make(map[string]string)
|
2019-06-17 18:38:28 -04:00
|
|
|
}
|
2019-07-12 17:59:11 -04:00
|
|
|
|
2019-10-25 19:09:20 -04:00
|
|
|
// Make sure the kms_key_id for the original region is in the map, as
|
|
|
|
// long as the AMIKmsKeyId isn't being defaulted.
|
|
|
|
if s.AMIKmsKeyId != "" {
|
|
|
|
if _, ok := s.RegionKeyIds[s.OriginalRegion]; !ok {
|
|
|
|
s.RegionKeyIds[s.OriginalRegion] = s.AMIKmsKeyId
|
|
|
|
}
|
|
|
|
} else {
|
|
|
|
if regionKey, ok := s.RegionKeyIds[s.OriginalRegion]; ok {
|
|
|
|
s.AMIKmsKeyId = regionKey
|
|
|
|
}
|
2019-04-17 15:55:30 -04:00
|
|
|
}
|
2018-11-26 05:33:44 -05:00
|
|
|
}
|
|
|
|
|
2013-08-21 16:53:07 -04:00
|
|
|
if len(s.Regions) == 0 {
|
|
|
|
return multistep.ActionContinue
|
|
|
|
}
|
|
|
|
|
2019-05-03 17:47:09 -04:00
|
|
|
ui.Say(fmt.Sprintf("Copying/Encrypting AMI (%s) to other regions...", ami))
|
2013-12-12 15:24:32 -05:00
|
|
|
|
|
|
|
var lock sync.Mutex
|
|
|
|
var wg sync.WaitGroup
|
|
|
|
errs := new(packer.MultiError)
|
2018-11-26 05:32:54 -05:00
|
|
|
wg.Add(len(s.Regions))
|
2013-08-21 16:53:07 -04:00
|
|
|
for _, region := range s.Regions {
|
2019-07-12 17:59:11 -04:00
|
|
|
var regKeyID string
|
2019-05-24 18:08:20 -04:00
|
|
|
ui.Message(fmt.Sprintf("Copying to: %s", region))
|
2015-06-04 06:16:44 -04:00
|
|
|
|
2019-08-23 05:17:45 -04:00
|
|
|
if s.EncryptBootVolume.True() {
|
2019-07-12 17:59:11 -04:00
|
|
|
// Encrypt is true, explicitly
|
2017-05-31 16:41:32 -04:00
|
|
|
regKeyID = s.RegionKeyIds[region]
|
2019-07-12 17:59:11 -04:00
|
|
|
} else {
|
|
|
|
// Encrypt is nil or false; Make sure region key is empty
|
|
|
|
regKeyID = ""
|
2017-05-26 15:21:07 -04:00
|
|
|
}
|
|
|
|
|
2013-12-12 15:24:32 -05:00
|
|
|
go func(region string) {
|
|
|
|
defer wg.Done()
|
2019-08-23 05:17:45 -04:00
|
|
|
id, snapshotIds, err := s.amiRegionCopy(ctx, state, s.AccessConfig,
|
|
|
|
s.Name, ami, region, s.OriginalRegion, regKeyID,
|
|
|
|
s.EncryptBootVolume.ToBoolPointer())
|
2013-12-12 15:24:32 -05:00
|
|
|
lock.Lock()
|
|
|
|
defer lock.Unlock()
|
|
|
|
amis[region] = id
|
2016-09-11 08:37:24 -04:00
|
|
|
snapshots[region] = snapshotIds
|
2013-12-12 15:24:32 -05:00
|
|
|
if err != nil {
|
|
|
|
errs = packer.MultiErrorAppend(errs, err)
|
|
|
|
}
|
|
|
|
}(region)
|
|
|
|
}
|
|
|
|
|
|
|
|
// TODO(mitchellh): Wait but also allow for cancels to go through...
|
|
|
|
ui.Message("Waiting for all copies to complete...")
|
|
|
|
wg.Wait()
|
|
|
|
|
|
|
|
// If there were errors, show them
|
|
|
|
if len(errs.Errors) > 0 {
|
|
|
|
state.Put("error", errs)
|
|
|
|
ui.Error(errs.Error())
|
|
|
|
return multistep.ActionHalt
|
2013-08-21 16:53:07 -04:00
|
|
|
}
|
|
|
|
|
2013-08-31 15:58:55 -04:00
|
|
|
state.Put("amis", amis)
|
2013-08-21 16:53:07 -04:00
|
|
|
return multistep.ActionContinue
|
|
|
|
}
|
|
|
|
|
2013-08-31 15:58:55 -04:00
|
|
|
func (s *StepAMIRegionCopy) Cleanup(state multistep.StateBag) {
|
2019-05-02 17:20:26 -04:00
|
|
|
ec2conn := state.Get("ec2").(*ec2.EC2)
|
|
|
|
ui := state.Get("ui").(packer.Ui)
|
|
|
|
|
2019-06-17 18:38:28 -04:00
|
|
|
if len(s.toDelete) == 0 {
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
2019-05-02 17:20:26 -04:00
|
|
|
// Delete the unencrypted amis and snapshots
|
|
|
|
ui.Say("Deregistering the AMI and deleting unencrypted temporary " +
|
|
|
|
"AMIs and snapshots")
|
|
|
|
|
|
|
|
resp, err := ec2conn.DescribeImages(&ec2.DescribeImagesInput{
|
|
|
|
ImageIds: []*string{&s.toDelete},
|
|
|
|
})
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
err := fmt.Errorf("Error describing AMI: %s", err)
|
|
|
|
state.Put("error", err)
|
|
|
|
ui.Error(err.Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
|
|
|
|
// Deregister image by name.
|
|
|
|
for _, i := range resp.Images {
|
|
|
|
_, err := ec2conn.DeregisterImage(&ec2.DeregisterImageInput{
|
|
|
|
ImageId: i.ImageId,
|
|
|
|
})
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
err := fmt.Errorf("Error deregistering existing AMI: %s", err)
|
|
|
|
state.Put("error", err)
|
|
|
|
ui.Error(err.Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
ui.Say(fmt.Sprintf("Deregistered AMI id: %s", *i.ImageId))
|
|
|
|
|
|
|
|
// Delete snapshot(s) by image
|
|
|
|
for _, b := range i.BlockDeviceMappings {
|
|
|
|
if b.Ebs != nil && aws.StringValue(b.Ebs.SnapshotId) != "" {
|
|
|
|
_, err := ec2conn.DeleteSnapshot(&ec2.DeleteSnapshotInput{
|
|
|
|
SnapshotId: b.Ebs.SnapshotId,
|
|
|
|
})
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
err := fmt.Errorf("Error deleting existing snapshot: %s", err)
|
|
|
|
state.Put("error", err)
|
|
|
|
ui.Error(err.Error())
|
|
|
|
return
|
|
|
|
}
|
|
|
|
ui.Say(fmt.Sprintf("Deleted snapshot: %s", *b.Ebs.SnapshotId))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
2013-08-21 16:53:07 -04:00
|
|
|
}
|
2013-12-12 15:24:32 -05:00
|
|
|
|
2019-05-03 17:47:09 -04:00
|
|
|
func getRegionConn(config *AccessConfig, target string) (ec2iface.EC2API, error) {
|
2013-12-12 15:24:32 -05:00
|
|
|
// Connect to the region where the AMI will be copied to
|
2017-03-01 19:43:09 -05:00
|
|
|
session, err := config.Session()
|
2015-05-28 11:31:22 -04:00
|
|
|
if err != nil {
|
2019-05-03 17:47:09 -04:00
|
|
|
return nil, fmt.Errorf("Error getting region connection for copy: %s", err)
|
2015-04-05 17:58:48 -04:00
|
|
|
}
|
2018-11-26 05:33:44 -05:00
|
|
|
|
2017-03-01 19:43:09 -05:00
|
|
|
regionconn := ec2.New(session.Copy(&aws.Config{
|
2019-03-04 19:22:52 -05:00
|
|
|
Region: aws.String(target),
|
2019-01-23 19:58:48 -05:00
|
|
|
}))
|
2017-03-01 19:43:09 -05:00
|
|
|
|
2019-05-03 17:47:09 -04:00
|
|
|
return regionconn, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// amiRegionCopy does a copy for the given AMI to the target region and
|
|
|
|
// returns the resulting ID and snapshot IDs, or error.
|
|
|
|
func (s *StepAMIRegionCopy) amiRegionCopy(ctx context.Context, state multistep.StateBag, config *AccessConfig, name, imageId,
|
|
|
|
target, source, keyId string, encrypt *bool) (string, []string, error) {
|
|
|
|
snapshotIds := []string{}
|
|
|
|
|
|
|
|
if s.getRegionConn == nil {
|
|
|
|
s.getRegionConn = getRegionConn
|
|
|
|
}
|
|
|
|
|
|
|
|
regionconn, err := s.getRegionConn(config, target)
|
|
|
|
if err != nil {
|
|
|
|
return "", snapshotIds, err
|
|
|
|
}
|
2015-04-05 17:58:48 -04:00
|
|
|
resp, err := regionconn.CopyImage(&ec2.CopyImageInput{
|
|
|
|
SourceRegion: &source,
|
2015-08-17 20:44:01 -04:00
|
|
|
SourceImageId: &imageId,
|
2015-06-05 07:15:48 -04:00
|
|
|
Name: &name,
|
2018-11-26 05:33:44 -05:00
|
|
|
Encrypted: encrypt,
|
|
|
|
KmsKeyId: aws.String(keyId),
|
2013-12-12 15:24:32 -05:00
|
|
|
})
|
|
|
|
|
|
|
|
if err != nil {
|
2016-09-11 08:37:24 -04:00
|
|
|
return "", snapshotIds, fmt.Errorf("Error Copying AMI (%s) to region (%s): %s",
|
2015-04-05 17:58:48 -04:00
|
|
|
imageId, target, err)
|
2013-12-12 15:24:32 -05:00
|
|
|
}
|
|
|
|
|
2018-05-31 14:29:04 -04:00
|
|
|
// Wait for the image to become ready
|
2018-06-01 19:17:30 -04:00
|
|
|
if err := WaitUntilAMIAvailable(ctx, regionconn, *resp.ImageId); err != nil {
|
2016-09-11 08:37:24 -04:00
|
|
|
return "", snapshotIds, fmt.Errorf("Error waiting for AMI (%s) in region (%s): %s",
|
2015-08-17 20:44:01 -04:00
|
|
|
*resp.ImageId, target, err)
|
2013-12-12 15:24:32 -05:00
|
|
|
}
|
|
|
|
|
2016-09-11 08:37:24 -04:00
|
|
|
// Getting snapshot IDs out of the copied AMI
|
|
|
|
describeImageResp, err := regionconn.DescribeImages(&ec2.DescribeImagesInput{ImageIds: []*string{resp.ImageId}})
|
|
|
|
if err != nil {
|
|
|
|
return "", snapshotIds, fmt.Errorf("Error describing copied AMI (%s) in region (%s): %s",
|
|
|
|
imageId, target, err)
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, blockDeviceMapping := range describeImageResp.Images[0].BlockDeviceMappings {
|
2017-03-08 12:12:37 -05:00
|
|
|
if blockDeviceMapping.Ebs != nil && blockDeviceMapping.Ebs.SnapshotId != nil {
|
2016-09-11 08:37:24 -04:00
|
|
|
snapshotIds = append(snapshotIds, *blockDeviceMapping.Ebs.SnapshotId)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
return *resp.ImageId, snapshotIds, nil
|
2013-12-12 15:24:32 -05:00
|
|
|
}
|