Adds testing on ec2

.travis.yml

@@ -11,9 +11,7 @@ matrix:
   allow_failures:
     - julia: nightly
     - julia: 1.0
-      stage: "Verify AWSS3"
-    - julia: 1.0
-      stage: "Verify AWSSQS"
+      stage: "Verify Packages"
 branches:
   only:
     - master
@@ -29,16 +27,58 @@ env:
     - secure: Lrh6AxUp1yFdsB1XlvNHFk+5pOMGQR8bJadUtnqXsuk97ieINI5w/da6wBPIH4WkZBGpQr+uJLe10PTxDcaNeZOC1LcuSK+v5J88pSiFYi10BggYWC2Kb2XEVBjd9BHi/RxAkiHXziBEaqpuX2WcwY2hgAOU+rpt3M9U9SxDITXNG68PpVVqDJ7GSZvZeJZnLrjTPKLlFR8EkqrE23bTaGvzqn50fwk7U3n0F04slkmg2ORScWkgBSFmaATBbiSU9Pz7bB4KuGarNC0Q0eTeoZcThRVYVwse3oLnYLMXkUuIDF5QwDfA5HCC4ad5yXdVenwHZSPS/sSnRM+fVAwkU8CL7hFC9zX2X/fBExWet0LufaCh4L6pax3dKV2m6q3Uq9M1z8X33ry2xqS96rpdD4bo+FxYrzjyAotn46w4fPE7yb3YZgf+dbHTDfVjiPH70hIKUhKiyzyKMTwdT63WNIy1/qbREge4jPVXgnIM3/jAu0THf74cT+RwN4xQnt7a50Yn2c/I+37kO2B+4qkyh4p75eIfPXqak1vdDc9tUqxZa7lPdIkofT3jp7TaJ+4/OLf2OrpA2XFjx20el4/TdB9TiJtGv0qTrujY4wh5BALxGVoSEihj3ahkqV/FQ6RyWJsMggd3yoaING61nCkDXUvLk/44yzeYavNrUaMzWpc=
 jobs:
   include:
-    - stage: "Verify AWSS3"
+    - stage: "Verify Packages"
+      name: AWSS3
       julia: 1.0
       os: linux
       script:
         - julia --project=tmps3 -e 'using Pkg; Pkg.develop(PackageSpec(path=pwd())); Pkg.add("AWSS3"); Pkg.test("AWSS3")'
-    - stage: "Verify AWSSQS"
+    - stage: "Verify Packages"
+      name: AWSSQS
       julia: 1.0
       os: linux
       script:
         - julia --project=tmpsqs -e 'using Pkg; Pkg.develop(PackageSpec(path=pwd())); Pkg.add("AWSSQS"); Pkg.test("AWSSQS")'
+    - stage: "EC2"
+      julia: 1.0
+      os: linux
+      before_install:
+        - pip install --user awscli
+      script:
+        - aws ssm get-parameter --name /public_ci/AWSCore/ec2_keyfile --query 'Parameter.Value' --output text --with-decryption > ec2.pem
+        - chmod 600 ec2.pem
+        - export KEYFILE=ec2.pem
+        # Tag with commit to be able to terminate later
+        - INSTANCE_ID=$(aws ec2 run-instances --launch-template LaunchTemplateName=AWSCoreEC2Template --tag-specifications "ResourceType=instance,Tags=[{Key=AWSCoreCommit,Value=$TRAVIS_COMMIT}]" --query 'Instances[0].InstanceId' --output text)
+        # Wait until UserData installs Julia
+        - aws ec2 wait instance-status-ok --instance-ids $INSTANCE_ID
+        - export EC2Ip=$(aws ec2 describe-instances --instance-ids $INSTANCE_ID  --query 'Reservations[0].Instances[0].PublicIpAddress' --output text)
+        - |
+          julia -e '
+          using Distributed
+          addprocs(
+              ["ec2-user@$(ENV["EC2Ip"])"],
+              sshflags=`-i $(ENV["KEYFILE"]) -o "StrictHostKeyChecking=no"`,
+              exename="/julia/bin/julia",
+              dir="/home/ec2-user",
+              tunnel=true,
+          )
+          @fetch @eval using Pkg
+          rev=ENV["TRAVIS_COMMIT"]
+          @fetch Pkg.add(PackageSpec(url="https://github.com/JuliaCloud/AWSCore.jl", rev=rev))
+          @fetch ENV["AWSCORE_EC2"]="true"
+          @fetch Pkg.build("AWSCore")
+          @fetch @eval using AWSCore
+          @fetch Pkg.test("AWSCore")
+          '
+      after_script:
+        - INSTANCE_ID=$(aws ec2 describe-instances --filter Name=tag:AWSCoreCommit,Values=$TRAVIS_COMMIT Name=instance-state-name,Values=running,pending --query 'Reservations[*].Instances[0].InstanceId' --output text)
+        - |
+          if [ "$INSTANCE_ID" ]; then
+              aws ec2 terminate-instances --instance-ids $INSTANCE_ID
+              aws ec2 wait instance-terminated --instance-ids $INSTANCE_ID
+          fi
+      after_success: skip
     - stage: "Documentation"
       julia: 1.0
       os: linux

test/aws/ec2.yml

@@ -0,0 +1,121 @@
+AWSTemplateFormatVersion: 2010-09-09
+Description: >-
+  A stack for testing AWSCore on EC2.
+
+Parameters:
+  KeyName:
+    Description: The keyname associated with the instance.
+    Type: String
+    Default: ec2_keyfile
+  PublicCIUser:
+    Description: User which can assume the testing role
+    Type: String
+
+Resources:
+  EC2TravisPolicy:
+    Type: AWS::IAM::Policy
+    Properties:
+      PolicyName: EC2TravisPolicy
+      Users:
+        - !Sub ${PublicCIUser}
+      PolicyDocument:
+        Version: 2012-10-17
+        Statement:
+          - Effect: Allow
+            Action:
+              - ec2:DescribeInstances
+              - ec2:DescribeInstanceStatus
+            Resource: "*"
+          - Effect: Allow
+            Action: ec2:CreateTags  # Only tag instances on creation
+            Resource: !Sub arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:instance/*
+            Condition:
+              StringEquals:
+                ec2:CreateAction: RunInstances
+          - Effect: Allow
+            Action: ec2:RunInstances  # Create instance only from AWSCoreEC2Template
+            Resource: "*"
+            Condition:
+              ArnLike:
+                ec2:LaunchTemplate: !Sub arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:launch-template/${AWSCoreEC2Template}
+              Bool:
+                ec2:IsLaunchTemplateResource: true
+          - Effect: Allow
+            Action: ec2:RunInstances  # Authorize resources not defined in AWSCoreEC2Template
+            Resource:
+              - !Sub arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:subnet/*
+              - !Sub arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:network-interface/*
+            Condition:
+              ArnLike:
+                ec2:LaunchTemplate: !Sub arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:launch-template/${AWSCoreEC2Template}
+          - Effect: Allow
+            Action: ec2:TerminateInstances  # Only terminate instances created from the template
+            Resource: !Sub arn:aws:ec2:${AWS::Region}:${AWS::AccountId}:instance/*
+            Condition:
+              StringEquals:
+                ec2:ResourceTag/aws:ec2launchtemplate:id: !Sub ${AWSCoreEC2Template}
+          - Effect: Allow
+            Action:
+              - iam:PassRole
+            Resource:
+              - !GetAtt InstanceRole.Arn
+          - Effect: Allow
+            Action:
+              - ssm:GetParameter
+            Resource:
+              - !Sub arn:aws:ssm:*:${AWS::AccountId}:parameter/public_ci/AWSCore/ec2_keyfile
+  SecurityGroup:
+    Type: AWS::EC2::SecurityGroup
+    Properties:
+      GroupDescription: AWSCore-EC2-Test
+      SecurityGroupIngress:
+        - IpProtocol: tcp
+          FromPort: 22
+          ToPort: 22
+          CidrIp: 0.0.0.0/0
+  InstanceRole:
+    Type: AWS::IAM::Role
+    Properties:
+      AssumeRolePolicyDocument:
+        Version: 2012-10-17
+        Statement:
+          - Effect: Allow
+            Principal:
+              Service:
+                - ec2.amazonaws.com
+            Action:
+              - sts:AssumeRole
+      Path: /
+  InstanceProfile:
+    Type: AWS::IAM::InstanceProfile
+    Properties:
+      Roles:
+        - !Ref InstanceRole
+  AWSCoreEC2Template:
+    Type: AWS::EC2::LaunchTemplate
+    Properties:
+      LaunchTemplateName: AWSCoreEC2Template
+      LaunchTemplateData:
+        InstanceType: t2.micro
+        ImageId: ami-0922553b7b0369273
+        # Instance must have a profile for `ec2_instance_credentials()` to succeed
+        IamInstanceProfile:
+          Name: !Ref InstanceProfile
+        # Allow ssh access into the instance
+        SecurityGroupIds:
+          - !GetAtt SecurityGroup.GroupId
+        KeyName: !Ref KeyName
+        UserData:
+          Fn::Base64: !Sub |
+            #!/bin/bash
+            yum update -y
+
+            # Install julia v1.0.3
+            yum install -y curl tar git
+            julia_url="https://julialang-s3.julialang.org/bin/linux/x64/1.0/julia-1.0.3-linux-x86_64.tar.gz"
+            julia_root=/julia
+
+            mkdir $julia_root
+            curl -s -L --retry 7 "$julia_url" | tar -C "$julia_root" -x -z --strip-components=1 -f -
+
+            /julia/bin/julia -e 'using InteractiveUtils; versioninfo()'

test/runtests.jl

@@ -518,6 +518,17 @@ end
                           "invocations/function%3Af%3APROD"
 end
 
+if get(ENV, "AWSCORE_EC2", "false") == "true"
+    @testset "EC2" begin
+        @test_nowarn AWSCore.ec2_instance_credentials()
+        ec2_creds = AWSCore.ec2_instance_credentials()
+        @test ec2_creds !== nothing
+
+        default_creds = AWSCredentials()
+        @test default_creds.access_key_id == ec2_creds.access_key_id
+        @test default_creds.secret_key == ec2_creds.secret_key
+    end
+end
 end # testset "AWSCore"