Merge pull request #5660 from hashicorp/fix_5625

modify validation to allow user to have the original region in the am…
2017-12-08 13:36:10 -08:00 · 2017-12-08 13:36:10 -08:00 · 9e61005f7c
commit 9e61005f7c
parent 98420fc9f5 1c681fc096
2 changed files with 32 additions and 22 deletions
--- a/builder/amazon/common/ami_config.go
+++ b/builder/amazon/common/ami_config.go
@ -2,6 +2,7 @@ package common

 import (
 	"fmt"
+	"log"

 	"github.com/hashicorp/packer/template/interpolate"
 )
@ -41,22 +42,20 @@ func stringInSlice(s []string, searchstr string) bool {
 func (c *AMIConfig) Prepare(accessConfig *AccessConfig, ctx *interpolate.Context) []error {
 	var errs []error

-	if accessConfig != nil {
-		session, err := accessConfig.Session()
-		if err != nil {
-			errs = append(errs, err)
-		} else {
-			region := *session.Config.Region
-			if stringInSlice(c.AMIRegions, region) {
-				errs = append(errs, fmt.Errorf("Cannot copy AMI to AWS session region '%s', please remove it from `ami_regions`.", region))
-			}
-		}
-	}
-
 	if c.AMIName == "" {
 		errs = append(errs, fmt.Errorf("ami_name must be specified"))
 	}

+	// Make sure that if we have region_kms_key_ids defined,
+	//  the regions in region_kms_key_ids are also in ami_regions
+	if len(c.AMIRegionKMSKeyIDs) > 0 {
+		for kmsKeyRegion := range c.AMIRegionKMSKeyIDs {
+			if !stringInSlice(c.AMIRegions, kmsKeyRegion) {
+				errs = append(errs, fmt.Errorf("Region %s is in region_kms_key_ids but not in ami_regions", kmsKeyRegion))
+			}
+		}
+	}
+
 	if len(c.AMIRegions) > 0 {
 		regionSet := make(map[string]struct{})
 		regions := make([]string, 0, len(c.AMIRegions))
@ -84,21 +83,17 @@ func (c *AMIConfig) Prepare(accessConfig *AccessConfig, ctx *interpolate.Context
 					errs = append(errs, fmt.Errorf("Region %s is in ami_regions but not in region_kms_key_ids", region))
 				}
 			}
-
+			if (accessConfig != nil) && (region == accessConfig.RawRegion) {
+				// make sure we don't try to copy to the region we originally
+				// create the AMI in.
+				log.Printf("Cannot copy AMI to AWS session region '%s', deleting it from `ami_regions`.", region)
+				continue
+			}
 			regions = append(regions, region)
 		}

 		c.AMIRegions = regions
 	}
-	// Make sure that if we have region_kms_key_ids defined,
-	//  the regions in region_kms_key_ids are also in ami_regions
-	if len(c.AMIRegionKMSKeyIDs) > 0 {
-		for kmsKeyRegion := range c.AMIRegionKMSKeyIDs {
-			if !stringInSlice(c.AMIRegions, kmsKeyRegion) {
-				errs = append(errs, fmt.Errorf("Region %s is in region_kms_key_ids but not in ami_regions", kmsKeyRegion))
-			}
-		}
-	}

 	if len(c.AMIUsers) > 0 && c.AMIEncryptBootVolume {
 		errs = append(errs, fmt.Errorf("Cannot share AMI with encrypted boot volume"))
--- a/builder/amazon/common/ami_config_test.go
+++ b/builder/amazon/common/ami_config_test.go
@ -11,6 +11,12 @@ func testAMIConfig() *AMIConfig {
 	}
 }

+func getFakeAccessConfig(region string) *AccessConfig {
+	return &AccessConfig{
+		RawRegion: region,
+	}
+}
+
 func TestAMIConfigPrepare_name(t *testing.T) {
 	c := testAMIConfig()
 	if err := c.Prepare(nil, nil); err != nil {
@ -118,6 +124,15 @@ func TestAMIConfigPrepare_regions(t *testing.T) {
 	if err := c.Prepare(nil, nil); err == nil {
 		t.Fatal("should have error b/c theres a region in in ami_regions that isn't in the key map")
 	}
+
+	// allow rawregion to exist in ami_regions list.
+	accessConf := getFakeAccessConfig("us-east-1")
+	c.AMIRegions = []string{"us-east-1", "us-west-1", "us-east-2"}
+	c.AMIRegionKMSKeyIDs = nil
+	if err := c.Prepare(accessConf, nil); err != nil {
+		t.Fatal("should allow user to have the raw region in ami_regions")
+	}
+
 }

 func TestAMIConfigPrepare_Share_EncryptedBoot(t *testing.T) {