search

searchspring / aws-security

Chef library cookbook for managing AWS Security Groups
Apache License 2.0
13 stars 13 forks source link

Reflect real fog dependencies in Gemfile #5

Closed eherot closed 9 years ago

eherot commented 9 years ago

Fog <= 1.23.0 does not support the wildcard protocol notation already being used in this cookbook:

           ================================================================================
           Error executing action `remove` on resource 'aws_security_group_rule[test rule 4]'
           ================================================================================

           Fog::Compute::AWS::Error
           ------------------------
           Malformed => Unsupported IP protocol \"-1\"  - supported: [tcp, udp, icmp]

           Cookbook Trace:
           ---------------
           /tmp/kitchen/cache/cookbooks/aws_security/providers/group_rule.rb:31:in `block (2 levels) in class_from_file'
           /tmp/kitchen/cache/cookbooks/aws_security/providers/group_rule.rb:27:in `block in class_from_file'

           Resource Declaration:
           ---------------------
           # In /tmp/kitchen/cache/cookbooks/fake/recipes/test2.rb

            75: aws_security_group_rule 'test rule 4' do
            76:   cidr_ip "192.168.1.3/32"
            77:   groupname "test"
            78:   region 'us-west-2'
            79:   ip_protocol '-1'
            80:   action :remove
            81: end
            82:
eherot commented 9 years ago

loljk -1 is actually not a legal value for protocol except in VPCs under any circumstances, per the AWS docs.

And the Fog gem won't allow it either:

https://github.com/fog/fog/blob/master/lib/fog/aws/requests/compute/authorize_security_group_ingress.rb#L135