From dc641324de1fe0d2456379deb4a55911177a26d7 Mon Sep 17 00:00:00 2001 From: Mitchell Hashimoto Date: Tue, 11 Jun 2013 14:37:10 -0700 Subject: [PATCH] builder/amazonebs: Create temporary security group as well --- builder/amazonebs/builder.go | 1 + builder/amazonebs/step_run_source_instance.go | 12 ++-- builder/amazonebs/step_security_group.go | 71 +++++++++++++++++++ 3 files changed, 79 insertions(+), 5 deletions(-) create mode 100644 builder/amazonebs/step_security_group.go diff --git a/builder/amazonebs/builder.go b/builder/amazonebs/builder.go index 660a27526..47f3a36aa 100644 --- a/builder/amazonebs/builder.go +++ b/builder/amazonebs/builder.go @@ -133,6 +133,7 @@ func (b *Builder) Run(ui packer.Ui, hook packer.Hook, cache packer.Cache) packer // Build the steps steps := []multistep.Step{ &stepKeyPair{}, + &stepSecurityGroup{}, &stepRunSourceInstance{}, &stepConnectSSH{}, &stepProvision{}, diff --git a/builder/amazonebs/step_run_source_instance.go b/builder/amazonebs/step_run_source_instance.go index 06cec67fa..37d9f50f8 100644 --- a/builder/amazonebs/step_run_source_instance.go +++ b/builder/amazonebs/step_run_source_instance.go @@ -16,14 +16,16 @@ func (s *stepRunSourceInstance) Run(state map[string]interface{}) multistep.Step config := state["config"].(config) ec2conn := state["ec2"].(*ec2.EC2) keyName := state["keyPair"].(string) + securityGroupId := state["securityGroupId"].(string) ui := state["ui"].(packer.Ui) runOpts := &ec2.RunInstances{ - KeyName: keyName, - ImageId: config.SourceAmi, - InstanceType: config.InstanceType, - MinCount: 0, - MaxCount: 0, + KeyName: keyName, + ImageId: config.SourceAmi, + InstanceType: config.InstanceType, + MinCount: 0, + MaxCount: 0, + SecurityGroups: []ec2.SecurityGroup{ec2.SecurityGroup{Id: securityGroupId}}, } ui.Say("Launching a source AWS instance...") diff --git a/builder/amazonebs/step_security_group.go b/builder/amazonebs/step_security_group.go new file mode 100644 index 000000000..3537d2ebd --- /dev/null +++ b/builder/amazonebs/step_security_group.go @@ -0,0 +1,71 @@ +package amazonebs + +import ( + "cgl.tideland.biz/identifier" + "encoding/hex" + "fmt" + "github.com/mitchellh/goamz/ec2" + "github.com/mitchellh/multistep" + "github.com/mitchellh/packer/packer" + "log" +) + +type stepSecurityGroup struct { + groupId string +} + +func (s *stepSecurityGroup) Run(state map[string]interface{}) multistep.StepAction { + config := state["config"].(config) + ec2conn := state["ec2"].(*ec2.EC2) + ui := state["ui"].(packer.Ui) + + // Create the group + ui.Say("Creating temporary security group for this instance...") + groupName := fmt.Sprintf("packer %s", hex.EncodeToString(identifier.NewUUID().Raw())) + log.Printf("Temporary group name: %s", groupName) + groupResp, err := ec2conn.CreateSecurityGroup(groupName, "Temporary group for Packer") + if err != nil { + ui.Error(err.Error()) + return multistep.ActionHalt + } + + // Set the group ID so we can delete it later + s.groupId = groupResp.Id + + // Authorize the SSH access + perms := []ec2.IPPerm{ + ec2.IPPerm{ + Protocol: "tcp", + FromPort: config.SSHPort, + ToPort: config.SSHPort, + SourceIPs: []string{"0.0.0.0/0"}, + }, + } + + ui.Say("Authorizing SSH access on the temporary security group...") + if _, err := ec2conn.AuthorizeSecurityGroup(groupResp.SecurityGroup, perms); err != nil { + ui.Error(err.Error()) + return multistep.ActionHalt + } + + // Set some state data for use in future steps + state["securityGroupId"] = s.groupId + + return multistep.ActionContinue +} + +func (s *stepSecurityGroup) Cleanup(state map[string]interface{}) { + if s.groupId == "" { + return + } + + ec2conn := state["ec2"].(*ec2.EC2) + ui := state["ui"].(packer.Ui) + + ui.Say("Deleting temporary security group...") + _, err := ec2conn.DeleteSecurityGroup(ec2.SecurityGroup{Id: s.groupId}) + if err != nil { + ui.Error(fmt.Sprintf( + "Error cleaning up security group. Please delete the group manually: %s", s.groupId)) + } +}