Skip to content

Commit

Permalink
aws_tag_deprovision: continue on s3tag fetch
Browse files Browse the repository at this point in the history 
There might be s3buckets in account that attached to different region.
This caused the deprovisioner to fail fataly.
For example:
2018/09/24 22:52:43 DEBUG: Request s3/GetBucketTagging Details:
---[ REQUEST POST-SIGN ]-----------------------------
GET /?tagging= HTTP/1.1
Host: atectonic-demo-97d9f36d6647e7be86e0ce5baca4e419.s3.amazonaws.com
User-Agent: aws-sdk-go/1.15.41 (go1.10.3; linux; amd64)
Authorization: <redacted>
Accept-Encoding: gzip

---[ RESPONSE ]--------------------------------------
HTTP/1.1 400 Bad Request
Connection: close
Transfer-Encoding: chunked
Content-Type: application/xml
Date: Tue, 25 Sep 2018 05:55:26 GMT
Server: AmazonS3

-----------------------------------------------------
2018/09/24 22:55:27 <?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AuthorizationHeaderMalformed</Code><Message>The authorization header is malformed; the region 'us-east-1' is wrong; expecting 'us-west-2'</Message><Region>us-west-2</Region></Error>

Skipping errors allows us to create best possible list of s3 buckets
that might have the required tag.
  • Loading branch information
@abhinavdahiya
abhinavdahiya committed Sep 25, 2018
1 parent 9fa9202 commit 32cde50
Showing 1 changed file with 4 additions and 15 deletions.
19 changes: 4 additions & 15 deletions contrib/pkg/aws_tag_deprovision/aws_tag_deprovision.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@ import (
"k8s.io/apimachinery/pkg/util/wait"

"github.com/aws/aws-sdk-go/aws"
"github.com/aws/aws-sdk-go/aws/awserr"
"github.com/aws/aws-sdk-go/aws/session"
"github.com/aws/aws-sdk-go/service/autoscaling"
"github.com/aws/aws-sdk-go/service/ec2"
Expand Down Expand Up @@ -973,26 +972,16 @@ func deleteSubnets(session *session.Session, filter awsFilter, logger log.FieldL
}

// bucketsToAWSObjects will convert a list of S3 Buckets to awsObjectsWithTags (for easier filtering)
func bucketsToAWSObjects(buckets []*s3.Bucket, s3Client *s3.S3) ([]awsObjectWithTags, error) {
func bucketsToAWSObjects(buckets []*s3.Bucket, s3Client *s3.S3, logger log.FieldLogger) ([]awsObjectWithTags, error) {
bucketObjects := []awsObjectWithTags{}

for _, bucket := range buckets {
tags, err := s3Client.GetBucketTagging(&s3.GetBucketTaggingInput{
Bucket: bucket.Name,
})
if err != nil {
if aerr, ok := err.(awserr.Error); ok {
switch aerr.Code() {
case "NoSuchTagSet":
// it is okay for a bucket to have no tags, just ignore it
// since we can't filter on a tagless bucket
continue
default:
return bucketObjects, err
}
} else {
return bucketObjects, err
}
logger.Errorf("error getting tags for bucket %s: %v, skipping...", bucket.Name, err)
continue
}

tagsAsMap, err := tagsToMap(tags.TagSet)
Expand Down Expand Up @@ -1060,7 +1049,7 @@ func deleteS3Buckets(session *session.Session, filter awsFilter, logger log.Fiel
return false, nil
}

awsObjects, err := bucketsToAWSObjects(results.Buckets, s3Client)
awsObjects, err := bucketsToAWSObjects(results.Buckets, s3Client, logger)
if err != nil {
return false, fmt.Errorf("error converting buckets to internal objects: %v", err)
}
Expand Down

0 comments on commit 32cde50

Please sign in to comment.