Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Handle ResourceNotFoundException while iterating certificates #646

Merged
merged 2 commits into from
Feb 9, 2022
Merged

Handle ResourceNotFoundException while iterating certificates #646

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
d444627
add error handling
sebastien-rosset Jan 28, 2022
437b795
add changelog fragment
sebastien-rosset Feb 4, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
3 changes: 3 additions & 0 deletions changelogs/fragments/646-acm-resource-not-found.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
bugfixes:
- >-
aws_acm - No longer raising ResourceNotFound exception while retrieving ACM certificates.
16 changes: 13 additions & 3 deletions plugins/module_utils/acm.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@
from ansible.module_utils._text import to_bytes
from ansible.module_utils.common.dict_transformations import camel_dict_to_snake_dict

from .core import is_boto3_error_code
from .ec2 import AWSRetry
from .ec2 import ansible_dict_to_boto3_tag_list
from .ec2 import boto3_tag_list_to_ansible_dict
Expand Down Expand Up @@ -109,19 +110,28 @@ def get_certificates(self, client, module, domain_name=None, statuses=None, arn=
for certificate in certificates:
try:
cert_data = self.describe_certificate_with_backoff(client, certificate['CertificateArn'])
except (BotoCoreError, ClientError) as e:
except is_boto3_error_code('ResourceNotFoundException'):
# The certificate was deleted after the call to list_certificates_with_backoff.
continue
except (BotoCoreError, ClientError) as e: # pylint: disable=duplicate-except
module.fail_json_aws(e, msg="Couldn't obtain certificate metadata for domain %s" % certificate['DomainName'])

# in some states, ACM resources do not have a corresponding cert
if cert_data['Status'] not in ['PENDING_VALIDATION', 'VALIDATION_TIMED_OUT', 'FAILED']:
try:
cert_data.update(self.get_certificate_with_backoff(client, certificate['CertificateArn']))
except (BotoCoreError, ClientError, KeyError) as e:
except is_boto3_error_code('ResourceNotFoundException'):
# The certificate was deleted after the call to list_certificates_with_backoff.
continue
except (BotoCoreError, ClientError, KeyError) as e: # pylint: disable=duplicate-except
module.fail_json_aws(e, msg="Couldn't obtain certificate data for domain %s" % certificate['DomainName'])
cert_data = camel_dict_to_snake_dict(cert_data)
try:
tags = self.list_certificate_tags_with_backoff(client, certificate['CertificateArn'])
except (BotoCoreError, ClientError) as e:
except is_boto3_error_code('ResourceNotFoundException'):
# The certificate was deleted after the call to list_certificates_with_backoff.
continue
except (BotoCoreError, ClientError) as e: # pylint: disable=duplicate-except
module.fail_json_aws(e, msg="Couldn't obtain tags for domain %s" % certificate['DomainName'])

cert_data['tags'] = boto3_tag_list_to_ansible_dict(tags)
Expand Down