diff --git a/devops-service/config.rb b/devops-service/config.rb index 60aaf1a..5bc27b3 100644 --- a/devops-service/config.rb +++ b/devops-service/config.rb @@ -29,6 +29,7 @@ config[:openstack_ssh_key] = "ssh_key" config[:openstack_certificate] = "/path/to/.ssh/openstack.pem" # aws settings +config[:aws_use_iam_profile] = false config[:aws_access_key_id] = "access_key_id" config[:aws_secret_access_key] = "secret_access_key" config[:aws_ssh_key] = "ssh_key" diff --git a/devops-service/db/mongo/models/provider_accounts/ec2_provider_account.rb b/devops-service/db/mongo/models/provider_accounts/ec2_provider_account.rb index 3f2fb41..7453835 100644 --- a/devops-service/db/mongo/models/provider_accounts/ec2_provider_account.rb +++ b/devops-service/db/mongo/models/provider_accounts/ec2_provider_account.rb @@ -4,7 +4,7 @@ module Devops module Model class Ec2ProviderAccount < ProviderAccount - attr_accessor :access_key_id, :availability_zone, :secret_access_key + attr_accessor :availability_zone set_field_validators :access_key_id, ::Validators::FieldValidator::NotNil, ::Validators::FieldValidator::FieldType::String, @@ -13,6 +13,9 @@ module Devops set_field_validators :secret_access_key, ::Validators::FieldValidator::NotNil, ::Validators::FieldValidator::FieldType::String, ::Validators::FieldValidator::NotEmpty + + set_field_validators :use_iam_profile, ::Validators::FieldValidator::Nil, + ::Validators::FieldValidator::FieldType::Boolean def initialize a={} super(a) self.provider = Provider::Ec2::PROVIDER @@ -45,6 +48,7 @@ module Devops { access_key_id: "AWS account access key", secret_access_key: "AWS account secret key", + use_iam_profile: "Should use iam profile?", availability_zone: "Availability zone, todo: remove field?" }.merge(ProviderAccount::ACCOUNT_FIELDS) end diff --git a/devops-service/db/validators/field_validators/field_type.rb b/devops-service/db/validators/field_validators/field_type.rb index f90d191..2ad69fd 100644 --- a/devops-service/db/validators/field_validators/field_type.rb +++ b/devops-service/db/validators/field_validators/field_type.rb @@ -25,6 +25,17 @@ module Validators end end + class Boolean < FieldType + + def valid? + @value == true or @value == false + end + + def type_name + "boolean" + end + end + class Array < FieldType def type diff --git a/devops-service/providers/ec2.rb b/devops-service/providers/ec2.rb index e6d88fb..b001baa 100644 --- a/devops-service/providers/ec2.rb +++ b/devops-service/providers/ec2.rb @@ -15,10 +15,14 @@ module Provider self.certificate_path = config[:aws_certificate] self.ssh_key = config[:aws_ssh_key] options = { - :provider => "aws", - :aws_access_key_id => config[:aws_access_key_id], - :aws_secret_access_key => config[:aws_secret_access_key] + :provider => "aws" } + if config[:aws_use_iam_profile] + options[:use_iam_profile] = true + else + options[:aws_access_key_id] = config[:aws_access_key_id] + options[:aws_secret_access_key] = config[:aws_secret_access_key] + end if config[:aws_proxy] and config[:aws_no_proxy] options[:connection_options] = { :proxy => config[:aws_proxy], diff --git a/devops-service/providers/ec2_accounts_factory.rb b/devops-service/providers/ec2_accounts_factory.rb index 58eb3a8..7a875f3 100644 --- a/devops-service/providers/ec2_accounts_factory.rb +++ b/devops-service/providers/ec2_accounts_factory.rb @@ -20,6 +20,7 @@ module Provider aws_ssh_key: account.ssh_key, aws_access_key_id: account.access_key_id, aws_secret_access_key: account.secret_access_key, + aws_use_iam_profile: account.use_iam_profile, aws_availability_zone: account.availability_zone, aws_proxy: config[:aws_proxy],