Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix passing an instance profile arn to ec2_launch_template #371

Merged
merged 3 commits into from
Apr 8, 2021

Conversation

kepstin
Copy link
Contributor

@kepstin kepstin commented Jan 25, 2021

SUMMARY

If the string given on the iam_instance_profile looked like an arn, the
wrong structure format was being returned. boto3 expects a dict of the
format { arn: "{{ arn }}" } but the bare arn string was returned instead.

This fixes this error:

Couldn't create subsequent launch template version: Parameter validation failed:
Invalid type for parameter LaunchTemplateData.IamInstanceProfile, value: arn:aws:iam::[...]:instance-profile/[...], type: <class 'str'>, valid types: <class 'dict'>
ISSUE TYPE
  • Bugfix Pull Request
COMPONENT NAME

community.aws.ec2_launch_template

@ansibullbot
Copy link

@ansibullbot ansibullbot added bug This issue/PR relates to a bug community_review module module needs_triage new_contributor Help guide this first time contributor plugins plugin (any type) small_patch Hopefully easy to review labels Jan 25, 2021
Copy link
Member

@markuman markuman left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@tremble
Copy link
Contributor

tremble commented Feb 16, 2021

Hi @kepstin,

Thanks for the time you've taken to submit this PR. Do you think you'd be able to update our integration tests to include the failure mode you were seeing?

We already have some tests which try to exercise the iam_instance_profile option. I'm guessing they didn't go far enough:

https://github.com/ansible-collections/community.aws/blob/main/tests/integration/targets/ec2_launch_template/playbooks/roles/ec2_launch_template/tasks/iam_instance_role.yml

@kepstin
Copy link
Contributor Author

kepstin commented Feb 16, 2021

I don't really know enough about how the integration test setup works to be able to do that.

It looks like the current tests provide only a role name, and use the arn lookup functionality - to test the issue that i've been seeing, a test has to be added that instead provides an instance profile arn that matches the regex shown in

if re.match(r'^arn:aws:iam::\d+:instance-profile/[\w+=/,.@-]+$', name_or_arn):

I assume this would require some setup in the test aws environment to ensure that an instance profile is available with a known fixed arn (or to determine the arn out of band and provide it).

If the string given on the iam_instance_profile looked like an arn, the
wrong structure format was being returned. boto3 expects a dict of the
format { arn: "{{ arn }}" } but the string was returned instead.

This fixes this error:
Couldn't create subsequent launch template version: Parameter validation failed:
Invalid type for parameter LaunchTemplateData.IamInstanceProfile, value: arn:aws:iam::[...]:instance-profile/[...], type: <class 'str'>, valid types: <class 'dict'>
@ansibullbot ansibullbot added integration tests/integration tests tests needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR and removed small_patch Hopefully easy to review community_review labels Mar 16, 2021
@tremble
Copy link
Contributor

tremble commented Apr 8, 2021

@kepstin sorry it's taken a while. I've added a changelog fragment and simple test. I think we're ready to get this PR merged.

@ansibullbot ansibullbot added community_review and removed needs_revision This PR fails CI tests or a maintainer has requested a review/revision of the PR labels Apr 8, 2021
@tremble tremble merged commit b528eaa into ansible-collections:main Apr 8, 2021
alinabuzachis pushed a commit to alinabuzachis/community.aws that referenced this pull request Jul 19, 2021
…ollections#371)

* Fix passing an instance profile arn to ec2_launch_template

If the string given on the iam_instance_profile looked like an arn, the
wrong structure format was being returned. boto3 expects a dict of the
format { arn: "{{ arn }}" } but the string was returned instead.

This fixes this error:
Couldn't create subsequent launch template version: Parameter validation failed:
Invalid type for parameter LaunchTemplateData.IamInstanceProfile, value: arn:aws:iam::[...]:instance-profile/[...], type: <class 'str'>, valid types: <class 'dict'>


* integration test
* changelog
Co-authored-by: Mark Chappell <[email protected]>
alinabuzachis pushed a commit to alinabuzachis/community.aws that referenced this pull request Jul 19, 2021
…ollections#371)

* Fix passing an instance profile arn to ec2_launch_template

If the string given on the iam_instance_profile looked like an arn, the
wrong structure format was being returned. boto3 expects a dict of the
format { arn: "{{ arn }}" } but the string was returned instead.

This fixes this error:
Couldn't create subsequent launch template version: Parameter validation failed:
Invalid type for parameter LaunchTemplateData.IamInstanceProfile, value: arn:aws:iam::[...]:instance-profile/[...], type: <class 'str'>, valid types: <class 'dict'>


* integration test
* changelog
Co-authored-by: Mark Chappell <[email protected]>
danielcotton pushed a commit to danielcotton/community.aws that referenced this pull request Nov 23, 2021
…ollections#371)

* Fix passing an instance profile arn to ec2_launch_template

If the string given on the iam_instance_profile looked like an arn, the
wrong structure format was being returned. boto3 expects a dict of the
format { arn: "{{ arn }}" } but the string was returned instead.

This fixes this error:
Couldn't create subsequent launch template version: Parameter validation failed:
Invalid type for parameter LaunchTemplateData.IamInstanceProfile, value: arn:aws:iam::[...]:instance-profile/[...], type: <class 'str'>, valid types: <class 'dict'>


* integration test
* changelog
Co-authored-by: Mark Chappell <[email protected]>
alinabuzachis pushed a commit to alinabuzachis/community.aws that referenced this pull request May 25, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug This issue/PR relates to a bug community_review integration tests/integration module module new_contributor Help guide this first time contributor plugins plugin (any type) tests tests
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants