Merge branch 'master' into amazon-import-format

builder/amazon/common/access_config.go

@@ -1,8 +1,10 @@
 package common
 
 import (
+	"crypto/tls"
 	"fmt"
 	"log"
+	"net/http"
 	"strings"
 	"time"
 
@@ -22,6 +24,7 @@ type AccessConfig struct {
 	AccessKey             string `mapstructure:"access_key"`
 	CustomEndpointEc2     string `mapstructure:"custom_endpoint_ec2"`
 	DecodeAuthZMessages   bool   `mapstructure:"decode_authorization_messages"`
+	InsecureSkipTLSVerify bool   `mapstructure:"insecure_skip_tls_verify"`
 	MFACode               string `mapstructure:"mfa_code"`
 	ProfileName           string `mapstructure:"profile"`
 	RawRegion             string `mapstructure:"region"`
@@ -60,6 +63,14 @@ func (c *AccessConfig) Session() (*session.Session, error) {
 		config = config.WithEndpoint(c.CustomEndpointEc2)
 	}
 
+	if c.InsecureSkipTLSVerify {
+		config := config.WithHTTPClient(cleanhttp.DefaultClient())
+		transport := config.HTTPClient.Transport.(*http.Transport)
+		transport.TLSClientConfig = &tls.Config{
+			InsecureSkipVerify: true,
+		}
+	}
+
 	opts := session.Options{
 		SharedConfigState: session.SharedConfigEnable,
 		Config:            *config,

provisioner/shell/provisioner.go

@@ -45,6 +45,11 @@ type Config struct {
 	// your command(s) are executed.
 	Vars []string `mapstructure:"environment_vars"`
 
+	// A duration of how long to pause after the provisioner
+	RawPauseAfter string `mapstructure:"pause_after"`
+
+	PauseAfter time.Duration
+
 	// Write the Vars to a file and source them from there rather than declaring
 	// inline
 	UseEnvVarFile bool `mapstructure:"use_env_var_file"`
@@ -189,6 +194,14 @@ func (p *Provisioner) Prepare(raws ...interface{}) error {
 		}
 	}
 
+	if p.config.RawPauseAfter != "" {
+		p.config.PauseAfter, err = time.ParseDuration(p.config.RawPauseAfter)
+		if err != nil {
+			errs = packer.MultiErrorAppend(
+				errs, fmt.Errorf("Failed parsing pause_after: %s", err))
+		}
+	}
+
 	if errs != nil && len(errs.Errors) > 0 {
 		return errs
 	}
@@ -371,6 +384,14 @@ func (p *Provisioner) Provision(ui packer.Ui, comm packer.Communicator) error {
 		}
 	}
 
+	if p.config.RawPauseAfter != "" {
+		ui.Say(fmt.Sprintf("Pausing %s after this provisioner...", p.config.PauseAfter))
+		select {
+		case <-time.After(p.config.PauseAfter):
+			return nil
+		}
+	}
+
 	return nil
 }
 

website/source/docs/builders/amazon-chroot.html.md

@@ -154,6 +154,9 @@ each category, the available configuration keys are alphabetized.
     associated with AMIs, which have been deregistered by `force_deregister`.
     Default `false`.
 
+-   `insecure_skip_tls_verify` (boolean) - This allows skipping TLS verification of
+    the AWS EC2 endpoint. The default is `false`.
+
 -   `kms_key_id` (string) - ID, alias or ARN of the KMS key to use for boot
     volume encryption. This only applies to the main `region`, other regions
     where the AMI will be copied will be encrypted by the default EBS KMS key.

website/source/docs/builders/amazon-ebs.html.md

@@ -242,6 +242,9 @@ builder.
     profile](https://docs.aws.amazon.com/IAM/latest/UserGuide/instance-profiles.html)
     to launch the EC2 instance with.
 
+-   `insecure_skip_tls_verify` (boolean) - This allows skipping TLS verification of
+    the AWS EC2 endpoint. The default is `false`.
+
 -   `launch_block_device_mappings` (array of block device mappings) - Add one
     or more block devices before the Packer build starts. If you add instance
     store volumes or EBS volumes in addition to the root device volume, the

website/source/docs/builders/amazon-ebssurrogate.html.md

@@ -235,6 +235,9 @@ builder.
     profile](https://docs.aws.amazon.com/IAM/latest/UserGuide/instance-profiles.html)
     to launch the EC2 instance with.
 
+-   `insecure_skip_tls_verify` (boolean) - This allows skipping TLS verification of
+    the AWS EC2 endpoint. The default is `false`.
+
 -   `launch_block_device_mappings` (array of block device mappings) - Add one
     or more block devices before the Packer build starts. If you add instance
     store volumes or EBS volumes in addition to the root device volume, the

website/source/docs/builders/amazon-ebsvolume.html.md

@@ -189,6 +189,9 @@ builder.
     profile](https://docs.aws.amazon.com/IAM/latest/UserGuide/instance-profiles.html)
     to launch the EC2 instance with.
 
+-   `insecure_skip_tls_verify` (boolean) - This allows skipping TLS verification of
+    the AWS EC2 endpoint. The default is `false`.
+
 -   `mfa_code` (string) - The MFA
     [TOTP](https://en.wikipedia.org/wiki/Time-based_One-time_Password_Algorithm)
     code. This should probably be a user variable since it changes all the

website/source/docs/post-processors/amazon-import.html.md

@@ -89,6 +89,9 @@ Optional:
     the format of the source virtual machine image. The resulting artifact from the builder
     is assumed to have a file extension matching the format. This defaults to `ova`.
 
+-   `insecure_skip_tls_verify` (boolean) - This allows skipping TLS verification of
+    the AWS EC2 endpoint. The default is `false`.
+
 -   `license_type` (string) - The license type to be used for the Amazon
     Machine Image (AMI) after importing. Valid values: `AWS` or `BYOL`
     (default). For more details regarding licensing, see

website/source/docs/provisioners/shell.html.md

@@ -117,6 +117,9 @@ Optional parameters:
     exists in order to deal with times when SSH may restart, such as a system
     reboot. Set this to a higher value if reboots take a longer amount of time.
 
+-   `pause_after` (string) - Wait the amount of time after provisioning a shell
+    script, this pause be taken if all previous steps were successful.
+
 ## Execute Command Example
 
 To many new users, the `execute_command` is puzzling. However, it provides an