Move AWS auth decisions to goamz [GH-160]

Currently the passed in AWS auth or AWS environment variables are interpreted by packer. This change moves that logic into goamz in order to support both the existing and instance based IAM role authentication. This requires a corresponding change to goamz.
2013-07-11 19:56:59 +00:00 · 2013-07-11 19:56:59 +00:00 · 86db4eaa57
parent 0d71024450
commit 86db4eaa57
2 changed files with 5 additions and 124 deletions
--- a/builder/amazonebs/builder.go
+++ b/builder/amazonebs/builder.go
@ -15,7 +15,6 @@ import (
 	"github.com/mitchellh/packer/builder/common"
 	"github.com/mitchellh/packer/packer"
 	"log"
-	"os"
 	"sort"
 	"strings"
 	"text/template"
@ -84,22 +83,6 @@ func (b *Builder) Prepare(raws ...interface{}) error {
 		}
 	}

-	if b.config.AccessKey == "" {
-		b.config.AccessKey = os.Getenv("AWS_ACCESS_KEY_ID")
-	}
-
-	if b.config.AccessKey == "" {
-		b.config.AccessKey = os.Getenv("AWS_ACCESS_KEY")
-	}
-
-	if b.config.SecretKey == "" {
-		b.config.SecretKey = os.Getenv("AWS_SECRET_ACCESS_KEY")
-	}
-
-	if b.config.SecretKey == "" {
-		b.config.SecretKey = os.Getenv("AWS_SECRET_KEY")
-	}
-
 	if b.config.SSHPort == 0 {
 		b.config.SSHPort = 22
 	}
@ -109,14 +92,6 @@ func (b *Builder) Prepare(raws ...interface{}) error {
 	}

 	// Accumulate any errors
-	if b.config.AccessKey == "" {
-		errs = append(errs, errors.New("An access_key must be specified"))
-	}
-
-	if b.config.SecretKey == "" {
-		errs = append(errs, errors.New("A secret_key must be specified"))
-	}
-
 	if b.config.SourceAmi == "" {
 		errs = append(errs, errors.New("A source_ami must be specified"))
 	}
@ -163,7 +138,11 @@ func (b *Builder) Run(ui packer.Ui, hook packer.Hook, cache packer.Cache) (packe
 		panic("region not found")
 	}

-	auth := aws.Auth{b.config.AccessKey, b.config.SecretKey}
+	auth, err := aws.GetAuth(b.config.AccessKey, b.config.SecretKey)
+	if err != nil {
+		return nil, err
+	}
+
 	ec2conn := ec2.New(auth, region)

 	// Setup the state bag and initial state for the steps
--- a/builder/amazonebs/builder_test.go
+++ b/builder/amazonebs/builder_test.go
@ -47,55 +47,6 @@ func TestBuilder_Prepare_BadType(t *testing.T) {
 	}
 }

-func TestBuilderPrepare_AccessKey(t *testing.T) {
-	var b Builder
-	config := testConfig()
-
-	// Test good
-	config["access_key"] = "foo"
-	err := b.Prepare(config)
-	if err != nil {
-		t.Fatalf("should not have error: %s", err)
-	}
-
-	if b.config.AccessKey != "foo" {
-		t.Errorf("access key invalid: %s", b.config.AccessKey)
-	}
-
-	// Test bad
-	delete(config, "access_key")
-	b = Builder{}
-	err = b.Prepare(config)
-	if err == nil {
-		t.Fatal("should have error")
-	}
-
-	// Test env
-	delete(config, "access_key")
-	os.Setenv("AWS_ACCESS_KEY_ID", "foo")
-	defer os.Setenv("AWS_ACCESS_KEY_ID", "")
-	err = b.Prepare(config)
-	if err != nil {
-		t.Fatalf("should not have error: %s", err)
-	}
-
-	if b.config.AccessKey != "foo" {
-		t.Errorf("access key invalid: %s", b.config.AccessKey)
-	}
-
-	delete(config, "access_key")
-	os.Setenv("AWS_ACCESS_KEY", "foo")
-	defer os.Setenv("AWS_ACCESS_KEY", "")
-	err = b.Prepare(config)
-	if err != nil {
-		t.Fatalf("should not have error: %s", err)
-	}
-
-	if b.config.AccessKey != "foo" {
-		t.Errorf("access key invalid: %s", b.config.AccessKey)
-	}
-}
-
 func TestBuilderPrepare_AMIName(t *testing.T) {
 	var b Builder
 	config := testConfig()
@ -192,55 +143,6 @@ func TestBuilderPrepare_Region(t *testing.T) {
 	}
 }

-func TestBuilderPrepare_SecretKey(t *testing.T) {
-	var b Builder
-	config := testConfig()
-
-	// Test good
-	config["secret_key"] = "foo"
-	err := b.Prepare(config)
-	if err != nil {
-		t.Fatalf("should not have error: %s", err)
-	}
-
-	if b.config.SecretKey != "foo" {
-		t.Errorf("secret key invalid: %s", b.config.SecretKey)
-	}
-
-	// Test bad
-	delete(config, "secret_key")
-	b = Builder{}
-	err = b.Prepare(config)
-	if err == nil {
-		t.Fatal("should have error")
-	}
-
-	// Test env
-	delete(config, "secret_key")
-	os.Setenv("AWS_SECRET_ACCESS_KEY", "foo")
-	defer os.Setenv("AWS_SECRET_ACCESS_KEY", "")
-	err = b.Prepare(config)
-	if err != nil {
-		t.Fatalf("should not have error: %s", err)
-	}
-
-	if b.config.SecretKey != "foo" {
-		t.Errorf("access key invalid: %s", b.config.SecretKey)
-	}
-
-	delete(config, "secret_key")
-	os.Setenv("AWS_SECRET_KEY", "foo")
-	defer os.Setenv("AWS_SECRET_KEY", "")
-	err = b.Prepare(config)
-	if err != nil {
-		t.Fatalf("should not have error: %s", err)
-	}
-
-	if b.config.SecretKey != "foo" {
-		t.Errorf("access key invalid: %s", b.config.SecretKey)
-	}
-}
-
 func TestBuilderPrepare_SourceAmi(t *testing.T) {
 	var b Builder
 	config := testConfig()