iSharkFly-Docs
/
packer-cn
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

the build ami is made with an intermediary name, which means that we can't skip copying even from the original build region when unencrypted

This commit is contained in:
Megan Marsh 2019-05-24 15:08:20 -07:00
parent 1204213516
commit bda09bf7d5
1 changed files with 4 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
builder/amazon/common/step_ami_region_copy.go
View File

@ -31,17 +31,18 @@ func (s *StepAMIRegionCopy) Run(ctx context.Context, state multistep.StateBag) m
snapshots := state.Get("snapshots").(map[string][]string) snapshots := state.Get("snapshots").(map[string][]string)
ami := amis[s.OriginalRegion] ami := amis[s.OriginalRegion]
// Always copy back into original region to preserve the ami name
s.toDelete = ami
s.Regions = append(s.Regions, s.OriginalRegion)
if s.EncryptBootVolume != nil && *s.EncryptBootVolume { if s.EncryptBootVolume != nil && *s.EncryptBootVolume {
// encrypt_boot is true, so we have to copy the temporary // encrypt_boot is true, so we have to copy the temporary
// AMI with required encryption setting. // AMI with required encryption setting.
// temp image was created by stepCreateAMI. // temp image was created by stepCreateAMI.
s.Regions = append(s.Regions, s.OriginalRegion)
if s.RegionKeyIds == nil { if s.RegionKeyIds == nil {
s.RegionKeyIds = make(map[string]string) s.RegionKeyIds = make(map[string]string)
} }
s.RegionKeyIds[s.OriginalRegion] = s.AMIKmsKeyId s.RegionKeyIds[s.OriginalRegion] = s.AMIKmsKeyId
s.toDelete = ami
} }
if len(s.Regions) == 0 { if len(s.Regions) == 0 {
@ -57,20 +58,7 @@ func (s *StepAMIRegionCopy) Run(ctx context.Context, state multistep.StateBag) m
wg.Add(len(s.Regions)) wg.Add(len(s.Regions))
for _, region := range s.Regions { for _, region := range s.Regions {
if region == s.OriginalRegion { ui.Message(fmt.Sprintf("Copying to: %s", region))
if s.EncryptBootVolume == nil || *s.EncryptBootVolume == false {
ui.Message(fmt.Sprintf(
"Avoiding copying AMI to duplicate region %s", region))
wg.Done()
continue
} else {
// encryption is true and we're in the original region
ui.Message(fmt.Sprintf("Creating encrypted copy in build region: %s", region))
}
} else {
// in non-build region
ui.Message(fmt.Sprintf("Copying to: %s", region))
}
if s.EncryptBootVolume != nil && *s.EncryptBootVolume { if s.EncryptBootVolume != nil && *s.EncryptBootVolume {
regKeyID = s.RegionKeyIds[region] regKeyID = s.RegionKeyIds[region]
@ -108,11 +96,6 @@ func (s *StepAMIRegionCopy) Cleanup(state multistep.StateBag) {
ec2conn := state.Get("ec2").(*ec2.EC2) ec2conn := state.Get("ec2").(*ec2.EC2)
ui := state.Get("ui").(packer.Ui) ui := state.Get("ui").(packer.Ui)
// cleanup is only for encrypted copies.
if s.EncryptBootVolume == nil || !*s.EncryptBootVolume {
return
}
// Delete the unencrypted amis and snapshots // Delete the unencrypted amis and snapshots
ui.Say("Deregistering the AMI and deleting unencrypted temporary " + ui.Say("Deregistering the AMI and deleting unencrypted temporary " +
"AMIs and snapshots") "AMIs and snapshots")