From 86db4eaa57b98cf15900bb881efa5527f2693465 Mon Sep 17 00:00:00 2001 From: Mark Peek Date: Thu, 11 Jul 2013 19:56:59 +0000 Subject: [PATCH] Move AWS auth decisions to goamz [GH-160] Currently the passed in AWS auth or AWS environment variables are interpreted by packer. This change moves that logic into goamz in order to support both the existing and instance based IAM role authentication. This requires a corresponding change to goamz. --- builder/amazonebs/builder.go | 31 ++-------- builder/amazonebs/builder_test.go | 98 ------------------------------- 2 files changed, 5 insertions(+), 124 deletions(-) diff --git a/builder/amazonebs/builder.go b/builder/amazonebs/builder.go index 48446bbab..ef00d5546 100644 --- a/builder/amazonebs/builder.go +++ b/builder/amazonebs/builder.go @@ -15,7 +15,6 @@ import ( "github.com/mitchellh/packer/builder/common" "github.com/mitchellh/packer/packer" "log" - "os" "sort" "strings" "text/template" @@ -84,22 +83,6 @@ func (b *Builder) Prepare(raws ...interface{}) error { } } - if b.config.AccessKey == "" { - b.config.AccessKey = os.Getenv("AWS_ACCESS_KEY_ID") - } - - if b.config.AccessKey == "" { - b.config.AccessKey = os.Getenv("AWS_ACCESS_KEY") - } - - if b.config.SecretKey == "" { - b.config.SecretKey = os.Getenv("AWS_SECRET_ACCESS_KEY") - } - - if b.config.SecretKey == "" { - b.config.SecretKey = os.Getenv("AWS_SECRET_KEY") - } - if b.config.SSHPort == 0 { b.config.SSHPort = 22 } @@ -109,14 +92,6 @@ func (b *Builder) Prepare(raws ...interface{}) error { } // Accumulate any errors - if b.config.AccessKey == "" { - errs = append(errs, errors.New("An access_key must be specified")) - } - - if b.config.SecretKey == "" { - errs = append(errs, errors.New("A secret_key must be specified")) - } - if b.config.SourceAmi == "" { errs = append(errs, errors.New("A source_ami must be specified")) } @@ -163,7 +138,11 @@ func (b *Builder) Run(ui packer.Ui, hook packer.Hook, cache packer.Cache) (packe panic("region not found") } - auth := aws.Auth{b.config.AccessKey, b.config.SecretKey} + auth, err := aws.GetAuth(b.config.AccessKey, b.config.SecretKey) + if err != nil { + return nil, err + } + ec2conn := ec2.New(auth, region) // Setup the state bag and initial state for the steps diff --git a/builder/amazonebs/builder_test.go b/builder/amazonebs/builder_test.go index c03f908bb..03a99cdb3 100644 --- a/builder/amazonebs/builder_test.go +++ b/builder/amazonebs/builder_test.go @@ -47,55 +47,6 @@ func TestBuilder_Prepare_BadType(t *testing.T) { } } -func TestBuilderPrepare_AccessKey(t *testing.T) { - var b Builder - config := testConfig() - - // Test good - config["access_key"] = "foo" - err := b.Prepare(config) - if err != nil { - t.Fatalf("should not have error: %s", err) - } - - if b.config.AccessKey != "foo" { - t.Errorf("access key invalid: %s", b.config.AccessKey) - } - - // Test bad - delete(config, "access_key") - b = Builder{} - err = b.Prepare(config) - if err == nil { - t.Fatal("should have error") - } - - // Test env - delete(config, "access_key") - os.Setenv("AWS_ACCESS_KEY_ID", "foo") - defer os.Setenv("AWS_ACCESS_KEY_ID", "") - err = b.Prepare(config) - if err != nil { - t.Fatalf("should not have error: %s", err) - } - - if b.config.AccessKey != "foo" { - t.Errorf("access key invalid: %s", b.config.AccessKey) - } - - delete(config, "access_key") - os.Setenv("AWS_ACCESS_KEY", "foo") - defer os.Setenv("AWS_ACCESS_KEY", "") - err = b.Prepare(config) - if err != nil { - t.Fatalf("should not have error: %s", err) - } - - if b.config.AccessKey != "foo" { - t.Errorf("access key invalid: %s", b.config.AccessKey) - } -} - func TestBuilderPrepare_AMIName(t *testing.T) { var b Builder config := testConfig() @@ -192,55 +143,6 @@ func TestBuilderPrepare_Region(t *testing.T) { } } -func TestBuilderPrepare_SecretKey(t *testing.T) { - var b Builder - config := testConfig() - - // Test good - config["secret_key"] = "foo" - err := b.Prepare(config) - if err != nil { - t.Fatalf("should not have error: %s", err) - } - - if b.config.SecretKey != "foo" { - t.Errorf("secret key invalid: %s", b.config.SecretKey) - } - - // Test bad - delete(config, "secret_key") - b = Builder{} - err = b.Prepare(config) - if err == nil { - t.Fatal("should have error") - } - - // Test env - delete(config, "secret_key") - os.Setenv("AWS_SECRET_ACCESS_KEY", "foo") - defer os.Setenv("AWS_SECRET_ACCESS_KEY", "") - err = b.Prepare(config) - if err != nil { - t.Fatalf("should not have error: %s", err) - } - - if b.config.SecretKey != "foo" { - t.Errorf("access key invalid: %s", b.config.SecretKey) - } - - delete(config, "secret_key") - os.Setenv("AWS_SECRET_KEY", "foo") - defer os.Setenv("AWS_SECRET_KEY", "") - err = b.Prepare(config) - if err != nil { - t.Fatalf("should not have error: %s", err) - } - - if b.config.SecretKey != "foo" { - t.Errorf("access key invalid: %s", b.config.SecretKey) - } -} - func TestBuilderPrepare_SourceAmi(t *testing.T) { var b Builder config := testConfig()