Created
August 7, 2020 18:21
-
-
Save tjkirch/b0ac076be189af44551a20f5c5bed7c5 to your computer and use it in GitHub Desktop.
Addresses bcressey's feedback from https://github.com/bottlerocket-os/bottlerocket/pull/1010
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
diff --git a/Makefile.toml b/Makefile.toml | |
index 624dead..e784a39 100644 | |
--- a/Makefile.toml | |
+++ b/Makefile.toml | |
@@ -339,13 +339,23 @@ script = [ | |
set -e | |
cleanup() { | |
- [ -n "${root_image}" ] && rm -f "${root_image}" | |
- [ -n "${data_image}" ] && rm -f "${data_image}" | |
+ [ -f "${root_image}" ] && rm -f "${root_image}" | |
+ [ -f "${data_image}" ] && rm -f "${data_image}" | |
} | |
trap 'cleanup' EXIT | |
export PATH="${BUILDSYS_TOOLS_DIR}/bin:${PATH}" | |
+# Canonicalize architecture identifier to the value recognized by EC2. | |
+case "${BUILDSYS_ARCH,,}" in | |
+ arm64|aarch64) | |
+ arch=arm64 ;; | |
+ x86_64|amd64) | |
+ arch=x86_64 ;; | |
+ *) | |
+ arch="${BUILDSYS_ARCH}" ;; | |
+esac | |
+ | |
# Unlz4 the root / data images | |
rootlz4="${BUILDSYS_OUTPUT_DIR}/${BUILDSYS_NAME_FULL}.img.lz4" | |
root_image="${rootlz4%.lz4}" | |
@@ -365,7 +375,7 @@ pubsys \ | |
${PUBLISH_ROOT_VOLUME_SIZE:+--root-volume-size "${PUBLISH_ROOT_VOLUME_SIZE}"} \ | |
--data-volume-size "${PUBLISH_DATA_VOLUME_SIZE}" \ | |
\ | |
- --arch "${BUILDSYS_ARCH}" \ | |
+ --arch "${arch}" \ | |
--name "${PUBLISH_AMI_NAME}" \ | |
--description "${PUBLISH_AMI_DESCRIPTION:-${PUBLISH_AMI_NAME}}" \ | |
${NO_PROGRESS:+--no-progress} \ | |
diff --git a/tools/pubsys/Infra.toml.example b/tools/pubsys/Infra.toml.example | |
index 2dd8541..6446150 100644 | |
--- a/tools/pubsys/Infra.toml.example | |
+++ b/tools/pubsys/Infra.toml.example | |
@@ -31,6 +31,11 @@ signing_keys = { default = { file = { path = "/home/user/key.pem" } } } | |
# The list of regions in which you want to publish AMIs. We register an AMI in | |
# the first region and copy it to all other regions. | |
regions = ["us-west-2", "us-east-1", "us-east-2"] | |
+# If specified, we use this named profile from ~/.aws/credentials, rather than | |
+# the default path of trying credentials from the environment, from a | |
+# credential process, from the default profile, and then from an IAM instance | |
+# profile. | |
+profile = "my-profile" | |
# If specified, we assume this role before making any API calls. | |
role = "arn:aws:iam::012345678901:role/assume-global" | |
diff --git a/tools/pubsys/src/aws/ami/mod.rs b/tools/pubsys/src/aws/ami/mod.rs | |
index d619456..1340654 100644 | |
--- a/tools/pubsys/src/aws/ami/mod.rs | |
+++ b/tools/pubsys/src/aws/ami/mod.rs | |
@@ -85,8 +85,7 @@ pub(crate) async fn run(args: &Args, ami_args: &AmiArgs) -> Result<()> { | |
.map(|name| region_from_string(&name, &aws)) | |
.collect::<Result<VecDeque<Region>>>()?; | |
- // Prefer to start with the first region in the aws.regions list, fall back to the region in | |
- // the profile, if they gave one, and finally fall back to the default region. | |
+ // We register in this base region first, then copy from there to any other regions. | |
let base_region = regions.pop_front().context(error::MissingConfig { | |
missing: "aws.regions", | |
})?; | |
diff --git a/tools/pubsys/src/aws/ami/register.rs b/tools/pubsys/src/aws/ami/register.rs | |
index 94a7e80..8e9a3cc 100644 | |
--- a/tools/pubsys/src/aws/ami/register.rs | |
+++ b/tools/pubsys/src/aws/ami/register.rs | |
@@ -15,6 +15,7 @@ const DATA_DEVICE_NAME: &str = "/dev/xvdb"; | |
const VIRT_TYPE: &str = "hvm"; | |
const VOLUME_TYPE: &str = "gp2"; | |
const SRIOV: &str = "simple"; | |
+const ENA: bool = true; | |
/// Helper for `register_image`. Inserts registered snapshot IDs into `cleanup_snapshot_ids` so | |
/// they can be cleaned up on failure if desired. | |
@@ -96,7 +97,7 @@ async fn _register_image( | |
architecture: Some(ami_args.arch.clone()), | |
block_device_mappings: Some(vec![root_bdm, data_bdm]), | |
description: ami_args.description.clone(), | |
- ena_support: Some(true), | |
+ ena_support: Some(ENA), | |
name: ami_args.name.clone(), | |
root_device_name: Some(ROOT_DEVICE_NAME.to_string()), | |
sriov_net_support: Some(SRIOV.to_string()), | |
diff --git a/tools/pubsys/src/aws/ami/wait.rs b/tools/pubsys/src/aws/ami/wait.rs | |
index 23e7bb0..c1570e8 100644 | |
--- a/tools/pubsys/src/aws/ami/wait.rs | |
+++ b/tools/pubsys/src/aws/ami/wait.rs | |
@@ -60,7 +60,7 @@ pub(crate) async fn wait_for_ami( | |
.context(error::DescribeImages { | |
region: region.name(), | |
})?; | |
- // The response contains an Option<Vec<Snapshot>>, so we have to check that we got a | |
+ // The response contains an Option<Vec<Image>>, so we have to check that we got a | |
// list at all, and then that the list contains the ID in question. | |
if let Some(images) = describe_response.images { | |
let mut saw_it = false; | |
@@ -94,7 +94,7 @@ pub(crate) async fn wait_for_ami( | |
} | |
} | |
if !saw_it { | |
- // Did not find snapshot in list; reset success count and try again (if we have spare attempts) | |
+ // Did not find image in list; reset success count and try again (if we have spare attempts) | |
successes = 0; | |
} | |
} else { |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment