Fixed a problem like this a while ago but somehow stumbled into again - messing with my head.
Using just a simple wrapper-cookbook for Sudo to demonstrate Travis CI job using EC2 for instance provisioning, configuration, and testing.
While both the default Rake (vagrant based test) and the ci version run successfully from a local machine - during a Travis run it will provision the new instance and then once available wait in an endless loop...
Waiting for SSH service on ec2-xx-xx-xx-xx.compute-1.amazonaws.com:22, retrying in 3 seconds
Waiting for SSH service on ec2-xx-xx-xx-xx.compute-1.amazonaws.com:22, retrying in 3 seconds
Waiting for SSH service on ec2-xx-xx-xx-xx.compute-1.amazonaws.com:22, retrying in 3 seconds
Any ideas on how to correct? It seems like Kitchen doesn't actually pick up the .pem when running on Travis. I tried this as a Jenkins job running in a private datacenter server to try and replicate the conditions on the Travis container (e.g., not a dev box) but that actually worked. So it is something about the Travis config I am missing. And setting a connection_timeout in transport doesn't seem to get recognized...
Below are relevant files:
.kitchen.ec2.yml
provisioner:
name: chef_zero
platforms:
- name: cloud
driver_plugin: ec2
driver_config:
aws_access_key_id: <%= ENV['AWS_ACCESS_KEY_ID'] %>
aws_secret_access_key: <%= ENV['AWS_SECRET_ACCESS_KEY'] %>
aws_ssh_key_id: <%= ENV['AWS_SSH_KEY_ID'] %>
aws_ssh_key_path: <%= ENV['AWS_SSH_KEY_PATH'] %>
image_id: ami-6d1c2007
require_chef_omnibus: true
instance_type: t2.nano
associate_public_ip: true
block_device_mappings:
- ebs_device_name: /dev/sda1
ebs_volume_size: 8
ebs_delete_on_termination: true
tags:
Name: ci
transport:
username: centos
ssh_key: 'org_aws_ci.pem'
connection_timeout: 10
connection_retries: 8
suites:
- name: default
run_list:
- recipe[org-sudo::default]
attributes:
The before_install decompresses the travis encrypt-file of org_aws_ci.pem into the local folder - as shown above in the transport path, also where the ENV key path. The secure keys are all the necessary ENV vars.
.travis.yml
language: ruby
rvm:
- 2.2.0
before_install:
- openssl aes-256-cbc -K $encrypted_844f1325c8ef_key -iv $encrypted_844f1325c8ef_iv -in org_aws_ci.pem.enc -out org_aws_ci.pem -d
install:
- bundle install --without vagrant
- bundle exec berks install
script:
- bundle exec rake ci
env:
global:
- secure: <travis encrypted key>
- secure: <travis encrypted key>
- secure: <travis encrypted key>
- secure: <travis encrypted key>
Rakefile
require 'rspec/core/rake_task'
require 'rubocop/rake_task'
require 'foodcritic'
require 'kitchen'
namespace :style do
desc 'Run Ruby style checks'
RuboCop::RakeTask.new(:ruby)
desc 'Run Chef style checks'
FoodCritic::Rake::LintTask.new(:chef)
end
desc 'Run all style checks'
task style: %w(style:chef style:ruby)
namespace :integration do
desc 'Run Test Kitchen with Vagrant'
task :vagrant do
Kitchen.logger = Kitchen.default_file_logger
instance = Kitchen::Config.new.instances.get('default-local')
instance.test
end
desc 'Run Test Kitchen in EC2'
task :ec2 do
Kitchen.logger = Kitchen.default_file_logger
@loader = Kitchen::Loader::YAML.new(project_config: './.kitchen.ec2.yml')
config = Kitchen::Config.new(loader: @loader)
config.instances.each do |instance|
instance.test(:always)
end
end
end
desc 'Run ChefSpec examples'
RSpec::Core::RakeTask.new(:spec)
desc 'Validate .travis.yml format'
task :validatetravis do
sh 'travis lint --skip-completion-check'
end
task ci: %w(validatetravis style spec integration:ec2)
task default: %w(style spec integration:vagrant)
