2015-06-08 18:08:39 -04:00
|
|
|
package common
|
|
|
|
|
|
|
|
import (
|
2018-01-22 18:32:33 -05:00
|
|
|
"context"
|
2015-06-08 18:08:39 -04:00
|
|
|
"fmt"
|
2019-02-05 17:07:04 -05:00
|
|
|
"log"
|
2019-04-08 11:57:27 -04:00
|
|
|
"time"
|
2015-06-08 18:08:39 -04:00
|
|
|
|
|
|
|
"github.com/aws/aws-sdk-go/aws"
|
|
|
|
"github.com/aws/aws-sdk-go/service/ec2"
|
2019-11-08 16:13:45 -05:00
|
|
|
"github.com/aws/aws-sdk-go/service/ec2/ec2iface"
|
2019-04-08 11:57:27 -04:00
|
|
|
"github.com/hashicorp/packer/common/retry"
|
2018-01-19 19:18:44 -05:00
|
|
|
"github.com/hashicorp/packer/helper/multistep"
|
2017-04-04 16:39:01 -04:00
|
|
|
"github.com/hashicorp/packer/packer"
|
2015-06-08 18:08:39 -04:00
|
|
|
)
|
|
|
|
|
|
|
|
// StepPreValidate provides an opportunity to pre-validate any configuration for
|
|
|
|
// the build before actually doing any time consuming work
|
|
|
|
//
|
|
|
|
type StepPreValidate struct {
|
2019-06-17 17:39:11 -04:00
|
|
|
DestAmiName string
|
|
|
|
ForceDeregister bool
|
|
|
|
AMISkipBuildRegion bool
|
2019-11-08 16:13:45 -05:00
|
|
|
VpcId string
|
|
|
|
SubnetId string
|
2020-01-17 11:56:07 -05:00
|
|
|
HasSubnetFilter bool
|
2015-06-08 18:08:39 -04:00
|
|
|
}
|
|
|
|
|
2019-03-29 11:50:02 -04:00
|
|
|
func (s *StepPreValidate) Run(ctx context.Context, state multistep.StateBag) multistep.StepAction {
|
2015-06-08 18:08:39 -04:00
|
|
|
ui := state.Get("ui").(packer.Ui)
|
2019-02-05 17:07:04 -05:00
|
|
|
|
|
|
|
if accessConfig, ok := state.GetOk("access_config"); ok {
|
|
|
|
accessconf := accessConfig.(*AccessConfig)
|
|
|
|
if !accessconf.VaultAWSEngine.Empty() {
|
|
|
|
// loop over the authentication a few times to give vault-created creds
|
|
|
|
// time to become eventually-consistent
|
|
|
|
ui.Say("You're using Vault-generated AWS credentials. It may take a " +
|
|
|
|
"few moments for them to become available on AWS. Waiting...")
|
2019-04-08 11:57:27 -04:00
|
|
|
err := retry.Config{
|
|
|
|
Tries: 11,
|
|
|
|
ShouldRetry: func(err error) bool {
|
2019-11-12 15:27:47 -05:00
|
|
|
if isAWSErr(err, "AuthFailure", "") {
|
2019-02-05 17:07:04 -05:00
|
|
|
log.Printf("Waiting for Vault-generated AWS credentials" +
|
|
|
|
" to pass authentication... trying again.")
|
2019-04-08 11:57:27 -04:00
|
|
|
return true
|
2019-02-05 17:07:04 -05:00
|
|
|
}
|
2019-04-08 11:57:27 -04:00
|
|
|
return false
|
|
|
|
},
|
|
|
|
RetryDelay: (&retry.Backoff{InitialBackoff: 200 * time.Millisecond, MaxBackoff: 30 * time.Second, Multiplier: 2}).Linear,
|
|
|
|
}.Run(ctx, func(ctx context.Context) error {
|
|
|
|
ec2conn, err := accessconf.NewEC2Connection()
|
|
|
|
if err != nil {
|
|
|
|
return err
|
2019-02-05 17:07:04 -05:00
|
|
|
}
|
2019-04-08 11:57:27 -04:00
|
|
|
_, err = listEC2Regions(ec2conn)
|
|
|
|
return err
|
2019-02-05 17:07:04 -05:00
|
|
|
})
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
state.Put("error", fmt.Errorf("Was unable to Authenticate to AWS using Vault-"+
|
|
|
|
"Generated Credentials within the retry timeout."))
|
|
|
|
return multistep.ActionHalt
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
if amiConfig, ok := state.GetOk("ami_config"); ok {
|
|
|
|
amiconf := amiConfig.(*AMIConfig)
|
|
|
|
if !amiconf.AMISkipRegionValidation {
|
|
|
|
regionsToValidate := append(amiconf.AMIRegions, accessconf.RawRegion)
|
|
|
|
err := accessconf.ValidateRegion(regionsToValidate...)
|
|
|
|
if err != nil {
|
|
|
|
state.Put("error", fmt.Errorf("error validating regions: %v", err))
|
|
|
|
return multistep.ActionHalt
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2015-06-12 14:05:15 -04:00
|
|
|
if s.ForceDeregister {
|
|
|
|
ui.Say("Force Deregister flag found, skipping prevalidating AMI Name")
|
|
|
|
return multistep.ActionContinue
|
|
|
|
}
|
2019-11-08 16:13:45 -05:00
|
|
|
|
2019-06-17 17:39:11 -04:00
|
|
|
if s.AMISkipBuildRegion {
|
|
|
|
ui.Say("skip_build_region was set; not prevalidating AMI name")
|
|
|
|
return multistep.ActionContinue
|
|
|
|
}
|
2015-06-12 14:05:15 -04:00
|
|
|
|
|
|
|
ec2conn := state.Get("ec2").(*ec2.EC2)
|
2015-06-08 18:08:39 -04:00
|
|
|
|
2019-11-08 16:13:45 -05:00
|
|
|
// Validate VPC settings for non-default VPCs
|
|
|
|
ui.Say("Prevalidating any provided VPC information")
|
|
|
|
if err := s.checkVpc(ec2conn); err != nil {
|
|
|
|
state.Put("error", err)
|
|
|
|
ui.Error(err.Error())
|
|
|
|
return multistep.ActionHalt
|
|
|
|
}
|
|
|
|
|
2017-09-26 19:04:40 -04:00
|
|
|
ui.Say(fmt.Sprintf("Prevalidating AMI Name: %s", s.DestAmiName))
|
2019-08-27 21:00:08 -04:00
|
|
|
req, resp := ec2conn.DescribeImagesRequest(&ec2.DescribeImagesInput{
|
2016-11-01 17:08:04 -04:00
|
|
|
Filters: []*ec2.Filter{{
|
2015-06-08 18:08:39 -04:00
|
|
|
Name: aws.String("name"),
|
|
|
|
Values: []*string{aws.String(s.DestAmiName)},
|
|
|
|
}}})
|
2019-08-27 21:00:08 -04:00
|
|
|
req.RetryCount = 11
|
2015-06-08 18:08:39 -04:00
|
|
|
|
2019-11-08 16:13:45 -05:00
|
|
|
if err := req.Send(); err != nil {
|
|
|
|
err = fmt.Errorf("Error querying AMI: %s", err)
|
2015-06-08 18:08:39 -04:00
|
|
|
state.Put("error", err)
|
|
|
|
ui.Error(err.Error())
|
|
|
|
return multistep.ActionHalt
|
|
|
|
}
|
2019-11-08 16:13:45 -05:00
|
|
|
|
2015-06-08 18:08:39 -04:00
|
|
|
if len(resp.Images) > 0 {
|
2019-03-15 18:38:05 -04:00
|
|
|
err := fmt.Errorf("Error: AMI Name: '%s' is used by an existing AMI: %s", *resp.Images[0].Name, *resp.Images[0].ImageId)
|
2015-06-08 18:08:39 -04:00
|
|
|
state.Put("error", err)
|
|
|
|
ui.Error(err.Error())
|
|
|
|
return multistep.ActionHalt
|
|
|
|
}
|
|
|
|
|
|
|
|
return multistep.ActionContinue
|
|
|
|
}
|
|
|
|
|
2019-11-08 16:13:45 -05:00
|
|
|
func (s *StepPreValidate) checkVpc(conn ec2iface.EC2API) error {
|
2020-01-17 11:56:07 -05:00
|
|
|
if s.VpcId == "" || (s.VpcId != "" && (s.SubnetId != "" || s.HasSubnetFilter)) {
|
2019-11-19 09:05:24 -05:00
|
|
|
// Skip validation if:
|
|
|
|
// * The user has not provided a VpcId.
|
|
|
|
// * Both VpcId and SubnetId are provided; AWS API will error if something is wrong.
|
2020-01-17 11:56:07 -05:00
|
|
|
// * Both VpcId and SubnetFilter are provided
|
2019-11-08 16:13:45 -05:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
res, err := conn.DescribeVpcs(&ec2.DescribeVpcsInput{VpcIds: []*string{aws.String(s.VpcId)}})
|
|
|
|
if isAWSErr(err, "InvalidVpcID.NotFound", "") || err != nil {
|
2019-11-19 15:18:53 -05:00
|
|
|
return fmt.Errorf("Error retrieving VPC information for vpc_id %s: %s", s.VpcId, err)
|
2019-11-08 16:13:45 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
if res != nil && len(res.Vpcs) == 1 && res.Vpcs[0] != nil {
|
|
|
|
if isDefault := aws.BoolValue(res.Vpcs[0].IsDefault); !isDefault {
|
2020-01-17 11:56:07 -05:00
|
|
|
return fmt.Errorf("Error: subnet_id or subnet_filter must be provided for non-default VPCs (%s)", s.VpcId)
|
2019-11-08 16:13:45 -05:00
|
|
|
}
|
|
|
|
}
|
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
// Cleanup ...
|
2015-06-08 18:08:39 -04:00
|
|
|
func (s *StepPreValidate) Cleanup(multistep.StateBag) {}
|