From e9ec705497dc3274854cfcb197dca019ef918450 Mon Sep 17 00:00:00 2001 From: Megan Marsh Date: Wed, 2 Aug 2017 09:45:53 -0700 Subject: [PATCH 1/2] use block device mappings to know whether a snapshot existed before packer's current run. If yes, don't delete the unencrypted snapshot. --- builder/amazon/chroot/builder.go | 1 + builder/amazon/common/step_encrypted_ami.go | 14 +++++++++++++- builder/amazon/ebs/builder.go | 1 + 3 files changed, 15 insertions(+), 1 deletion(-) diff --git a/builder/amazon/chroot/builder.go b/builder/amazon/chroot/builder.go index 65660cf4f..401c164b2 100644 --- a/builder/amazon/chroot/builder.go +++ b/builder/amazon/chroot/builder.go @@ -256,6 +256,7 @@ func (b *Builder) Run(ui packer.Ui, hook packer.Hook, cache packer.Cache) (packe KeyID: b.config.AMIKmsKeyId, EncryptBootVolume: b.config.AMIEncryptBootVolume, Name: b.config.AMIName, + AMIMappings: b.config.AMIBlockDevices.AMIMappings, }, &awscommon.StepAMIRegionCopy{ AccessConfig: &b.config.AccessConfig, diff --git a/builder/amazon/common/step_encrypted_ami.go b/builder/amazon/common/step_encrypted_ami.go index fec882b67..a6e95b183 100644 --- a/builder/amazon/common/step_encrypted_ami.go +++ b/builder/amazon/common/step_encrypted_ami.go @@ -15,6 +15,7 @@ type StepCreateEncryptedAMICopy struct { KeyID string EncryptBootVolume bool Name string + AMIMappings []BlockDevice } func (s *StepCreateEncryptedAMICopy) Run(state multistep.StateBag) multistep.StepAction { @@ -118,7 +119,18 @@ func (s *StepCreateEncryptedAMICopy) Run(state multistep.StateBag) multistep.Ste for _, blockDevice := range unencImage.BlockDeviceMappings { if blockDevice.Ebs != nil && blockDevice.Ebs.SnapshotId != nil { - ui.Message(fmt.Sprintf("Snapshot ID: %s", *blockDevice.Ebs.SnapshotId)) + // If this packer run didn't create it, then don't delete it + doDelete := true + for _, origDevice := range s.AMIMappings { + if origDevice.SnapshotId == *blockDevice.Ebs.SnapshotId { + doDelete = false + } + } + if doDelete == false { + ui.Message(fmt.Sprintf("Keeping Snapshot ID: %s", *blockDevice.Ebs.SnapshotId)) + continue + } + ui.Message(fmt.Sprintf("Deleting Snapshot ID: %s", *blockDevice.Ebs.SnapshotId)) deleteSnapOpts := &ec2.DeleteSnapshotInput{ SnapshotId: aws.String(*blockDevice.Ebs.SnapshotId), } diff --git a/builder/amazon/ebs/builder.go b/builder/amazon/ebs/builder.go index 79ef6e687..110c89212 100644 --- a/builder/amazon/ebs/builder.go +++ b/builder/amazon/ebs/builder.go @@ -191,6 +191,7 @@ func (b *Builder) Run(ui packer.Ui, hook packer.Hook, cache packer.Cache) (packe KeyID: b.config.AMIKmsKeyId, EncryptBootVolume: b.config.AMIEncryptBootVolume, Name: b.config.AMIName, + AMIMappings: b.config.AMIBlockDevices.AMIMappings, }, &awscommon.StepAMIRegionCopy{ AccessConfig: &b.config.AccessConfig, From 2d6028eb9aec9eebb74d12b0cf65c671739a3922 Mon Sep 17 00:00:00 2001 From: Megan Marsh Date: Tue, 8 Aug 2017 14:28:01 -0700 Subject: [PATCH 2/2] use named loops instead of doDelete flag --- builder/amazon/common/step_encrypted_ami.go | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/builder/amazon/common/step_encrypted_ami.go b/builder/amazon/common/step_encrypted_ami.go index a6e95b183..3e3b6023d 100644 --- a/builder/amazon/common/step_encrypted_ami.go +++ b/builder/amazon/common/step_encrypted_ami.go @@ -117,19 +117,17 @@ func (s *StepCreateEncryptedAMICopy) Run(state multistep.StateBag) multistep.Ste ui.Say("Deleting unencrypted snapshots") snapshots := state.Get("snapshots").(map[string][]string) +OuterLoop: for _, blockDevice := range unencImage.BlockDeviceMappings { if blockDevice.Ebs != nil && blockDevice.Ebs.SnapshotId != nil { // If this packer run didn't create it, then don't delete it - doDelete := true for _, origDevice := range s.AMIMappings { if origDevice.SnapshotId == *blockDevice.Ebs.SnapshotId { - doDelete = false + ui.Message(fmt.Sprintf("Keeping Snapshot ID: %s", *blockDevice.Ebs.SnapshotId)) + break OuterLoop } } - if doDelete == false { - ui.Message(fmt.Sprintf("Keeping Snapshot ID: %s", *blockDevice.Ebs.SnapshotId)) - continue - } + ui.Message(fmt.Sprintf("Deleting Snapshot ID: %s", *blockDevice.Ebs.SnapshotId)) deleteSnapOpts := &ec2.DeleteSnapshotInput{ SnapshotId: aws.String(*blockDevice.Ebs.SnapshotId),