Merge pull request #6657 from hashicorp/fix_6483

randomise temporary AMI name to build encrypted AMIs
2018-09-05 12:49:23 -07:00 · 2018-09-05 12:49:23 -07:00 · 3940cd9c7f
commit 3940cd9c7f
parent 63dfb1db91 5a8af5500b
6 changed files with 58 additions and 85 deletions
--- a/builder/amazon/ebs/step_create_ami.go
+++ b/builder/amazon/ebs/step_create_ami.go
@ -7,6 +7,7 @@ import (

 	"github.com/aws/aws-sdk-go/service/ec2"
 	awscommon "github.com/hashicorp/packer/builder/amazon/common"
+	"github.com/hashicorp/packer/common/random"
 	"github.com/hashicorp/packer/helper/multistep"
 	"github.com/hashicorp/packer/packer"
 )
@ -22,10 +23,17 @@ func (s *stepCreateAMI) Run(ctx context.Context, state multistep.StateBag) multi
 	ui := state.Get("ui").(packer.Ui)

 	// Create the image
-	ui.Say(fmt.Sprintf("Creating the AMI: %s", config.AMIName))
+	amiName := config.AMIName
+	if config.AMIEncryptBootVolume {
+		// to avoid having a temporary unencrypted
+		// image named config.AMIName
+		amiName = random.AlphaNum(7)
+	}
+
+	ui.Say(fmt.Sprintf("Creating unencrypted AMI %s from instance %s", amiName, *instance.InstanceId))
 	createOpts := &ec2.CreateImageInput{
 		InstanceId:          instance.InstanceId,
-		Name:                &config.AMIName,
+		Name:                &amiName,
 		BlockDeviceMappings: config.BlockDevices.BuildAMIDevices(),
 	}

--- a/builder/azure/arm/tempname.go
+++ b/builder/azure/arm/tempname.go
@ -4,17 +4,7 @@ import (
 	"fmt"
 	"strings"

-	"github.com/hashicorp/packer/builder/azure/common"
-)
-
-const (
-	TempNameAlphabet = "0123456789bcdfghjklmnpqrstvwxyz"
-
-	numbers   = "0123456789"
-	lowerCase = "abcdefghijklmnopqrstuvwxyz"
-	upperCase = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
-
-	TempPasswordAlphabet = numbers + lowerCase + upperCase
+	"github.com/hashicorp/packer/common/random"
 )

 type TempName struct {
@ -34,7 +24,7 @@ type TempName struct {
 func NewTempName() *TempName {
 	tempName := &TempName{}

-	suffix := common.RandomString(TempNameAlphabet, 10)
+	suffix := random.AlphaNumLower(10)
 	tempName.ComputeName = fmt.Sprintf("pkrvm%s", suffix)
 	tempName.DeploymentName = fmt.Sprintf("pkrdp%s", suffix)
 	tempName.KeyVaultName = fmt.Sprintf("pkrkv%s", suffix)
@ -46,7 +36,7 @@ func NewTempName() *TempName {
 	tempName.ResourceGroupName = fmt.Sprintf("packer-Resource-Group-%s", suffix)

 	tempName.AdminPassword = generatePassword()
-	tempName.CertificatePassword = common.RandomString(TempPasswordAlphabet, 32)
+	tempName.CertificatePassword = random.AlphaNum(32)

 	return tempName
 }
@ -60,16 +50,16 @@ func NewTempName() *TempName {
 func generatePassword() string {
 	var s string
 	for i := 0; i < 100; i++ {
-		s := common.RandomString(TempPasswordAlphabet, 32)
-		if !strings.ContainsAny(s, numbers) {
+		s := random.AlphaNum(32)
+		if !strings.ContainsAny(s, random.PossibleNumbers) {
 			continue
 		}

-		if !strings.ContainsAny(s, lowerCase) {
+		if !strings.ContainsAny(s, random.PossibleLowerCase) {
 			continue
 		}

-		if !strings.ContainsAny(s, upperCase) {
+		if !strings.ContainsAny(s, random.PossibleUpperCase) {
 			continue
 		}

--- a/builder/azure/arm/tempname_test.go
+++ b/builder/azure/arm/tempname_test.go
@ -3,6 +3,8 @@ package arm
 import (
 	"strings"
 	"testing"
+
+	"github.com/hashicorp/packer/common/random"
 )

 func TestTempNameShouldCreatePrefixedRandomNames(t *testing.T) {
@ -44,14 +46,14 @@ func TestTempNameShouldCreatePrefixedRandomNames(t *testing.T) {
 func TestTempAdminPassword(t *testing.T) {
 	tempName := NewTempName()

-	if !strings.ContainsAny(tempName.AdminPassword, numbers) {
-		t.Errorf("Expected AdminPassword to contain at least one of '%s'!", numbers)
+	if !strings.ContainsAny(tempName.AdminPassword, random.PossibleNumbers) {
+		t.Errorf("Expected AdminPassword to contain at least one of '%s'!", random.PossibleNumbers)
 	}
-	if !strings.ContainsAny(tempName.AdminPassword, lowerCase) {
-		t.Errorf("Expected AdminPassword to contain at least one of '%s'!", lowerCase)
+	if !strings.ContainsAny(tempName.AdminPassword, random.PossibleLowerCase) {
+		t.Errorf("Expected AdminPassword to contain at least one of '%s'!", random.PossibleLowerCase)
 	}
-	if !strings.ContainsAny(tempName.AdminPassword, upperCase) {
-		t.Errorf("Expected AdminPassword to contain at least one of '%s'!", upperCase)
+	if !strings.ContainsAny(tempName.AdminPassword, random.PossibleUpperCase) {
+		t.Errorf("Expected AdminPassword to contain at least one of '%s'!", random.PossibleUpperCase)
 	}
 }

--- a/builder/azure/common/randomstring.go
+++ b/builder/azure/common/randomstring.go
@ -1,45 +0,0 @@
-package common
-
-import (
-	"math/rand"
-	"os"
-	"time"
-)
-
-var pwSymbols = []string{
-	"abcdefghijklmnopqrstuvwxyz",
-	"ABCDEFGHIJKLMNOPQRSTUVWXYZ",
-	"0123456789",
-}
-
-var rnd = rand.New(rand.NewSource(time.Now().UnixNano() + int64(os.Getpid())))
-
-func RandomString(chooseFrom string, length int) (randomString string) {
-	cflen := len(chooseFrom)
-	for i := 0; i < length; i++ {
-		randomString += string(chooseFrom[rnd.Intn(cflen)])
-	}
-	return
-}
-
-func RandomPassword() (password string) {
-	pwlen := 15
-	batchsize := pwlen / len(pwSymbols)
-	pw := make([]byte, 0, pwlen)
-	// choose character set
-	for c := 0; len(pw) < pwlen; c++ {
-		s := RandomString(pwSymbols[c%len(pwSymbols)], rnd.Intn(batchsize-1)+1)
-		pw = append(pw, []byte(s)...)
-	}
-	// truncate
-	pw = pw[:pwlen]
-
-	// permute
-	for c := 0; c < pwlen-1; c++ {
-		i := rnd.Intn(pwlen-c) + c
-		x := pw[c]
-		pw[c] = pw[i]
-		pw[i] = x
-	}
-	return string(pw)
-}
--- a/builder/azure/common/randomstring_test.go
+++ b/builder/azure/common/randomstring_test.go
@ -1,15 +0,0 @@
-package common
-
-import (
-	"testing"
-)
-
-func TestRandomPassword_generates_15char_passwords(t *testing.T) {
-	for i := 0; i < 100; i++ {
-		pw := RandomPassword()
-		t.Logf("pw: %v", pw)
-		if len(pw) != 15 {
-			t.Fatalf("len(pw)!=15, but %v: %v (%v)", len(pw), pw, i)
-		}
-	}
-}
--- a/common/random/string.go
+++ b/common/random/string.go
@ -0,0 +1,33 @@
+package random
+
+import (
+	"math/rand"
+	"os"
+	"time"
+)
+
+var (
+	PossibleNumbers   = "0123456789"
+	PossibleLowerCase = "abcdefghijklmnopqrstuvwxyz"
+	PossibleUpperCase = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
+
+	PossibleAlphaNum      = PossibleNumbers + PossibleLowerCase + PossibleUpperCase
+	PossibleAlphaNumLower = PossibleNumbers + PossibleLowerCase
+	PossibleAlphaNumUpper = PossibleNumbers + PossibleUpperCase
+)
+
+var rnd = rand.New(rand.NewSource(time.Now().UnixNano() + int64(os.Getpid())))
+
+func Numbers(length int) string       { return String(PossibleNumbers, length) }
+func AlphaNum(length int) string      { return String(PossibleAlphaNum, length) }
+func AlphaNumLower(length int) string { return String(PossibleAlphaNumLower, length) }
+func AlphaNumUpper(length int) string { return String(PossibleAlphaNumUpper, length) }
+
+func String(chooseFrom string, length int) (randomString string) {
+	cflen := len(chooseFrom)
+	bytes := make([]byte, length)
+	for i := range bytes {
+		bytes[i] = chooseFrom[rnd.Intn(cflen)]
+	}
+	return string(bytes)
+}