Merge pull request #4043 from minimum2scp/features/googlecompute/custom-scopes

googlecompute builder: support custom scopes
2016-10-22 21:14:49 +02:00 · 2016-10-22 21:14:49 +02:00 · 841f4d00b0
parent fc1ec29b9e dd89aa7243
commit 841f4d00b0
6 changed files with 40 additions and 9 deletions
--- a/builder/googlecompute/config.go
+++ b/builder/googlecompute/config.go
@ -41,6 +41,7 @@ type Config struct {
 	Preemptible          bool              `mapstructure:"preemptible"`
 	RawStateTimeout      string            `mapstructure:"state_timeout"`
 	Region               string            `mapstructure:"region"`
+	Scopes               []string          `mapstructure:"scopes"`
 	SourceImage          string            `mapstructure:"source_image"`
 	SourceImageProjectId string            `mapstructure:"source_image_project_id"`
 	StartupScriptFile    string            `mapstructure:"startup_script_file"`
@ -143,6 +144,14 @@ func NewConfig(raws ...interface{}) (*Config, []string, error) {
 			errs, errors.New("a project_id must be specified"))
 	}

+	if c.Scopes == nil {
+		c.Scopes = []string{
+			"https://www.googleapis.com/auth/userinfo.email",
+			"https://www.googleapis.com/auth/compute",
+			"https://www.googleapis.com/auth/devstorage.full_control",
+		}
+	}
+
 	if c.SourceImage == "" {
 		errs = packer.MultiErrorAppend(
 			errs, errors.New("a source_image must be specified"))
--- a/builder/googlecompute/config_test.go
+++ b/builder/googlecompute/config_test.go
@ -128,6 +128,21 @@ func TestConfigPrepare(t *testing.T) {
 			"foo bar",
 			true,
 		},
+		{
+			"scopes",
+			[]string{},
+			false,
+		},
+		{
+			"scopes",
+			[]string{"https://www.googleapis.com/auth/userinfo.email", "https://www.googleapis.com/auth/compute", "https://www.googleapis.com/auth/devstorage.full_control", "https://www.googleapis.com/auth/sqlservice.admin"},
+			false,
+		},
+		{
+			"scopes",
+			[]string{"https://www.googleapis.com/auth/cloud-platform"},
+			false,
+		},
 	}

 	for _, tc := range cases {
--- a/builder/googlecompute/driver.go
+++ b/builder/googlecompute/driver.go
@ -67,6 +67,7 @@ type InstanceConfig struct {
 	OmitExternalIP      bool
 	Preemptible         bool
 	Region              string
+	Scopes              []string
 	ServiceAccountEmail string
 	Subnetwork          string
 	Tags                []string
--- a/builder/googlecompute/driver_gce.go
+++ b/builder/googlecompute/driver_gce.go
@ -377,12 +377,8 @@ func (d *driverGCE) RunInstance(c *InstanceConfig) (<-chan error, error) {
 		},
 		ServiceAccounts: []*compute.ServiceAccount{
 			&compute.ServiceAccount{
-				Email: c.ServiceAccountEmail,
-				Scopes: []string{
-					"https://www.googleapis.com/auth/userinfo.email",
-					"https://www.googleapis.com/auth/compute",
-					"https://www.googleapis.com/auth/devstorage.full_control",
-				},
+				Email:  c.ServiceAccountEmail,
+				Scopes: c.Scopes,
 			},
 		},
 		Tags: &compute.Tags{
--- a/builder/googlecompute/step_create_instance.go
+++ b/builder/googlecompute/step_create_instance.go
@ -100,6 +100,7 @@ func (s *StepCreateInstance) Run(state multistep.StateBag) multistep.StepAction
 		Preemptible:         c.Preemptible,
 		Region:              c.Region,
 		ServiceAccountEmail: c.Account.ClientEmail,
+		Scopes:              c.Scopes,
 		Subnetwork:          c.Subnetwork,
 		Tags:                c.Tags,
 		Zone:                c.Zone,
--- a/website/source/docs/builders/googlecompute.html.md
+++ b/website/source/docs/builders/googlecompute.html.md
@ -171,7 +171,16 @@ builder.
 -   `region` (string) - The region in which to launch the instance. Defaults to
    to the region hosting the specified `zone`.

-   `source_image_project_id` (string) - The project ID of the 
+-   `scopes` (array of strings) - The service account scopes for launched instance.
+    Defaults to:
+
+``` {.json}
+[ "https://www.googleapis.com/auth/userinfo.email",
+  "https://www.googleapis.com/auth/compute",
+  "https://www.googleapis.com/auth/devstorage.full_control" ]
+```
+
+-   `source_image_project_id` (string) - The project ID of the
    project containing the source image.

 -   `startup_script_file` (string) - The filepath to a startup script to run on 
@ -190,10 +199,10 @@ builder.

 -   `use_internal_ip` (boolean) - If true, use the instance's internal IP
    instead of its external IP during building.
-    
+
 ## Startup Scripts

-Startup scripts can be a powerful tool for configuring the instance from which the image is made. 
+Startup scripts can be a powerful tool for configuring the instance from which the image is made.
 The builder will wait for a startup script to terminate. A startup script can be provided via the
 `startup_script_file` or 'startup-script' instance creation `metadata` field. Therefore, the build
 time will vary depending on the duration of the startup script. If `startup_script_file` is set,