-
Notifications
You must be signed in to change notification settings - Fork 342
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
5.0.0 : aws_s3 may fail on some S3 compatible provider that do not implement OwnershipControls #1115
Comments
Files identified in the description: If these files are inaccurate, please update the |
Please work with Scaleway If they're not going to implement an API in a compatible manner then they should raise either 'XNotImplemented' or 'NotImplemented' errors. https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketOwnershipControls.html |
Ran into this same problem. What used to work, is now broken. It worked fine in 4.2.0 but broke when we used 5.0.0
I've had to use This is from one of our own owned S3 buckets. We have about a dozen S3 buckets and we get this error across most of them. It broke our deployment until I was able to force version 4.2.0 and then things began to work again. |
@glitchsys Please see the module/collection documentation:
While things may (mostly) work with older versions of botocore, we don't make any guarantees, and we don't actively try to code work-arounds for missing features. The rate with with Amazon AWS are developing their APIs means that if we don't set a limit somewhere the code becomes very unwieldy. We've drawn the line at botocore releases ~1 year old. |
@tremble just prior to ansible running, the build system, Ubuntu 20.04, did a "apt-get install python3-boto3" which would have installed |
Pretty much. We don't actively go out of our way to break things, (we don't throw an error just because you're using an old version), however if someone adds a new feature we only check that it works with the oldest version we support.
Yeah we used to try to support older versions, unfortunately the rate at which AWS is moving makes this impractical to test. We now deliberately test against the older version we support, where someone needs an even newer feature, support has to be coded in such a way that as far as is practical, only the new feature won't work, everything else should work. |
…_ownership_controls (#1117) s3_object - Be more defensive when checking the results of get_bucket_ownership_controls SUMMARY Scaleway have half-implemented get_bucket_ownership_controls, but don't return any rules. Be a little more defensive when checking the return value of get_bucket_ownership_controls. The API doesn't strictly say a Rule will always be returned. Fixes: #1115 ISSUE TYPE Bugfix Pull Request COMPONENT NAME s3_object ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis <None>
…_ownership_controls (#1117) s3_object - Be more defensive when checking the results of get_bucket_ownership_controls SUMMARY Scaleway have half-implemented get_bucket_ownership_controls, but don't return any rules. Be a little more defensive when checking the return value of get_bucket_ownership_controls. The API doesn't strictly say a Rule will always be returned. Fixes: #1115 ISSUE TYPE Bugfix Pull Request COMPONENT NAME s3_object ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis <None> (cherry picked from commit 0c3239b)
…_ownership_controls (#1117) s3_object - Be more defensive when checking the results of get_bucket_ownership_controls SUMMARY Scaleway have half-implemented get_bucket_ownership_controls, but don't return any rules. Be a little more defensive when checking the return value of get_bucket_ownership_controls. The API doesn't strictly say a Rule will always be returned. Fixes: #1115 ISSUE TYPE Bugfix Pull Request COMPONENT NAME s3_object ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis <None> (cherry picked from commit 0c3239b)
…_ownership_controls (#1117) (#1122) SUMMARY Scaleway have half-implemented get_bucket_ownership_controls, but don't return any rules. Be a little more defensive when checking the return value of get_bucket_ownership_controls. The API doesn't strictly say a Rule will always be returned. Fixes: #1115 ISSUE TYPE Bugfix Pull Request COMPONENT NAME s3_object ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis <None> (cherry picked from commit 0c3239b)
We've just released 5.0.1 which should fix your issue. |
Its working fine ! Thinks for fixing it so fast ! |
…ctions#1115) execute_lambda - fix check mode and update RETURN docs Depends-On: ansible-collections#1116 SUMMARY check_mode fix update RETURN docs to match what is actually being returned require one of name, function_arn ISSUE TYPE Bugfix Pull Request COMPONENT NAME execute_lambda ADDITIONAL INFORMATION I noticed some modules in community.aws will return data directly, and others will return data nested in a dict. Example: let iam_group be the module, retrieving a key called group_arn, and registering the response as response. Some modules you would need to query result.iam_group.group_arn, meanwhile in others, you can result.group_arn (where iam_group is assumed, since its the name of the module). Do we have a preference for either method? Should we come to some sort of collection-wide consensus on which to use moving forward? Reviewed-by: Sloane Hertel <None> Reviewed-by: Markus Bergholz <[email protected]> This commit was initially merged in https://github.com/ansible-collections/community.aws See: ansible-collections/community.aws@f2ad637
…ctions#1115) execute_lambda - fix check mode and update RETURN docs Depends-On: ansible-collections#1116 SUMMARY check_mode fix update RETURN docs to match what is actually being returned require one of name, function_arn ISSUE TYPE Bugfix Pull Request COMPONENT NAME execute_lambda ADDITIONAL INFORMATION I noticed some modules in community.aws will return data directly, and others will return data nested in a dict. Example: let iam_group be the module, retrieving a key called group_arn, and registering the response as response. Some modules you would need to query result.iam_group.group_arn, meanwhile in others, you can result.group_arn (where iam_group is assumed, since its the name of the module). Do we have a preference for either method? Should we come to some sort of collection-wide consensus on which to use moving forward? Reviewed-by: Sloane Hertel <None> Reviewed-by: Markus Bergholz <[email protected]>
…ctions#1115) execute_lambda - fix check mode and update RETURN docs Depends-On: ansible-collections#1116 SUMMARY check_mode fix update RETURN docs to match what is actually being returned require one of name, function_arn ISSUE TYPE Bugfix Pull Request COMPONENT NAME execute_lambda ADDITIONAL INFORMATION I noticed some modules in community.aws will return data directly, and others will return data nested in a dict. Example: let iam_group be the module, retrieving a key called group_arn, and registering the response as response. Some modules you would need to query result.iam_group.group_arn, meanwhile in others, you can result.group_arn (where iam_group is assumed, since its the name of the module). Do we have a preference for either method? Should we come to some sort of collection-wide consensus on which to use moving forward? Reviewed-by: Sloane Hertel <None> Reviewed-by: Markus Bergholz <[email protected]>
…ctions#1115) execute_lambda - fix check mode and update RETURN docs Depends-On: ansible-collections#1116 SUMMARY check_mode fix update RETURN docs to match what is actually being returned require one of name, function_arn ISSUE TYPE Bugfix Pull Request COMPONENT NAME execute_lambda ADDITIONAL INFORMATION I noticed some modules in community.aws will return data directly, and others will return data nested in a dict. Example: let iam_group be the module, retrieving a key called group_arn, and registering the response as response. Some modules you would need to query result.iam_group.group_arn, meanwhile in others, you can result.group_arn (where iam_group is assumed, since its the name of the module). Do we have a preference for either method? Should we come to some sort of collection-wide consensus on which to use moving forward? Reviewed-by: Sloane Hertel <None> Reviewed-by: Markus Bergholz <[email protected]>
Summary
On the version 5.0.0, because of #921, we can have failure using aws_s3 on some non aws provider that are compatible with s3 but that dos not implement OwnershipControls (ie scaleway) :
The problem is on s3_object.py. When calling s3.get_bucket_ownership_controls(Bucket=bucket)['OwnershipControls']['Rules'][0]['ObjectOwnership']. If OwnershipControls is null or empty, Rules does not exists.
This is working with version 4.2.0 of the collection.
Issue Type
Bug Report
Component Name
aws_s3
Ansible Version
Collection Versions
amazon.aws:5.0.0
AWS SDK versions
Configuration
No response
OS / Environment
Debian 11
Steps to Reproduce
Try to download a Scaleway bucket (You must have a Scaleway account) :
Expected Results
Bucket is downloaded on /tmp/test.tar.gz without errors
Actual Results
Code of Conduct
The text was updated successfully, but these errors were encountered: