From bc54a238e3d4b6ff0776ae3a0186f3eeb24b6598 Mon Sep 17 00:00:00 2001 From: Erikson Tung Date: Tue, 14 Mar 2023 16:25:59 -0700 Subject: [PATCH 1/3] pubsys: surface AWS API service error code in error log This surfaces the actual AWS API service error code in the error log message. --- tools/pubsys/src/aws/ami/mod.rs | 6 +++++- tools/pubsys/src/aws/publish_ami/mod.rs | 18 +++++++++++------- 2 files changed, 16 insertions(+), 8 deletions(-) diff --git a/tools/pubsys/src/aws/ami/mod.rs b/tools/pubsys/src/aws/ami/mod.rs index 23a26792a3a..e19a2edd0a3 100644 --- a/tools/pubsys/src/aws/ami/mod.rs +++ b/tools/pubsys/src/aws/ami/mod.rs @@ -358,7 +358,11 @@ async fn _run(args: &Args, ami_args: &AmiArgs) -> Result> } Err(e) => { saw_error = true; - error!("Copy to {} failed: {}", region, e); + error!( + "Copy to {} failed: {}", + region, + e.into_service_error().code().unwrap_or("unknown") + ); } } } diff --git a/tools/pubsys/src/aws/publish_ami/mod.rs b/tools/pubsys/src/aws/publish_ami/mod.rs index 7aea3cbce8c..27b1fce17b5 100644 --- a/tools/pubsys/src/aws/publish_ami/mod.rs +++ b/tools/pubsys/src/aws/publish_ami/mod.rs @@ -399,12 +399,14 @@ pub(crate) async fn modify_regional_snapshots( } Err(e) => { error_count += 1; - error!( - "Failed to modify permissions in {} for snapshots [{}]: {}", - region.as_ref(), - snapshot_ids.join(", "), - e - ); + if let Error::ModifyImageAttribute { source: err, .. } = e { + error!( + "Failed to modify permissions in {} for snapshots [{}]: {:?}", + region.as_ref(), + snapshot_ids.join(", "), + err.into_service_error().code().unwrap_or("unknown"), + ); + } } } } @@ -483,7 +485,9 @@ pub(crate) async fn modify_regional_images( error_count += 1; error!( "Modifying permissions of {} in {} failed: {}", - image_id, region, e + image_id, + region, + e.into_service_error().code().unwrap_or("unknown"), ); } } From b346f782dd6611253612a5daeb091ce6f88b46e5 Mon Sep 17 00:00:00 2001 From: Erikson Tung Date: Tue, 14 Mar 2023 16:27:05 -0700 Subject: [PATCH 2/3] pubsys: fix AWS SDK API calls The EC2 API call for modify-snapshot-attribute and modify-image-attribute errors on empty vecs. This passes 'None' for the list parameters if the list is empty. --- tools/pubsys/src/aws/publish_ami/mod.rs | 24 ++++++++++++++++++------ 1 file changed, 18 insertions(+), 6 deletions(-) diff --git a/tools/pubsys/src/aws/publish_ami/mod.rs b/tools/pubsys/src/aws/publish_ami/mod.rs index 27b1fce17b5..5aa36976878 100644 --- a/tools/pubsys/src/aws/publish_ami/mod.rs +++ b/tools/pubsys/src/aws/publish_ami/mod.rs @@ -331,8 +331,12 @@ pub(crate) async fn modify_snapshots( let response_future = ec2_client .modify_snapshot_attribute() .set_attribute(Some(SnapshotAttributeName::CreateVolumePermission)) - .set_user_ids(Some(modify_opts.user_ids.clone())) - .set_group_names(Some(modify_opts.group_names.clone())) + .set_user_ids( + (!modify_opts.user_ids.is_empty()).then_some(modify_opts.user_ids.clone()), + ) + .set_group_names( + (!modify_opts.group_names.is_empty()).then_some(modify_opts.group_names.clone()), + ) .set_operation_type(Some(operation.clone())) .set_snapshot_id(Some(snapshot_id.clone())) .send(); @@ -435,10 +439,18 @@ pub(crate) async fn modify_image( .set_attribute(Some( ImageAttributeName::LaunchPermission.as_ref().to_string(), )) - .set_user_ids(Some(modify_opts.user_ids.clone())) - .set_user_groups(Some(modify_opts.group_names.clone())) - .set_organization_arns(Some(modify_opts.organization_arns.clone())) - .set_organizational_unit_arns(Some(modify_opts.organizational_unit_arns.clone())) + .set_user_ids((!modify_opts.user_ids.is_empty()).then_some(modify_opts.user_ids.clone())) + .set_user_groups( + (!modify_opts.group_names.is_empty()).then_some(modify_opts.group_names.clone()), + ) + .set_organization_arns( + (!modify_opts.organization_arns.is_empty()) + .then_some(modify_opts.organization_arns.clone()), + ) + .set_organizational_unit_arns( + (!modify_opts.organizational_unit_arns.is_empty()) + .then_some(modify_opts.organizational_unit_arns.clone()), + ) .set_operation_type(Some(operation.clone())) .set_image_id(Some(image_id.to_string())) .send() From 035b5336b7d8cbf5e438bca09ee9915bd8f79621 Mon Sep 17 00:00:00 2001 From: Erikson Tung Date: Tue, 14 Mar 2023 16:38:11 -0700 Subject: [PATCH 3/3] pubsys: fix put-parameter taking a empty list Ensure we pass None if the list of names we're passing is empty. --- tools/pubsys/src/aws/ssm/ssm.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/pubsys/src/aws/ssm/ssm.rs b/tools/pubsys/src/aws/ssm/ssm.rs index 1c1c1e681d8..8b055376015 100644 --- a/tools/pubsys/src/aws/ssm/ssm.rs +++ b/tools/pubsys/src/aws/ssm/ssm.rs @@ -43,7 +43,7 @@ where let len = names_chunk.len(); let get_future = ssm_client .get_parameters() - .set_names(Some(names_chunk.to_vec())) + .set_names((!names_chunk.is_empty()).then_some(names_chunk.to_vec().clone())) .send(); // Store the region so we can include it in errors and the output map