From 32cde50fd32ec040fbd18fc671f6309dd3574f48 Mon Sep 17 00:00:00 2001 From: Abhinav Dahiya Date: Tue, 25 Sep 2018 08:46:22 -0700 Subject: [PATCH] aws_tag_deprovision: continue on s3tag fetch There might be s3buckets in account that attached to different region. This caused the deprovisioner to fail fataly. For example: 2018/09/24 22:52:43 DEBUG: Request s3/GetBucketTagging Details: ---[ REQUEST POST-SIGN ]----------------------------- GET /?tagging= HTTP/1.1 Host: atectonic-demo-97d9f36d6647e7be86e0ce5baca4e419.s3.amazonaws.com User-Agent: aws-sdk-go/1.15.41 (go1.10.3; linux; amd64) Authorization: Accept-Encoding: gzip ---[ RESPONSE ]-------------------------------------- HTTP/1.1 400 Bad Request Connection: close Transfer-Encoding: chunked Content-Type: application/xml Date: Tue, 25 Sep 2018 05:55:26 GMT Server: AmazonS3 ----------------------------------------------------- 2018/09/24 22:55:27 AuthorizationHeaderMalformedThe authorization header is malformed; the region 'us-east-1' is wrong; expecting 'us-west-2'us-west-2 Skipping errors allows us to create best possible list of s3 buckets that might have the required tag. --- .../aws_tag_deprovision.go | 19 ++++--------------- 1 file changed, 4 insertions(+), 15 deletions(-) diff --git a/contrib/pkg/aws_tag_deprovision/aws_tag_deprovision.go b/contrib/pkg/aws_tag_deprovision/aws_tag_deprovision.go index cfe2b051828..1d132735dfd 100644 --- a/contrib/pkg/aws_tag_deprovision/aws_tag_deprovision.go +++ b/contrib/pkg/aws_tag_deprovision/aws_tag_deprovision.go @@ -25,7 +25,6 @@ import ( "k8s.io/apimachinery/pkg/util/wait" "github.com/aws/aws-sdk-go/aws" - "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/session" "github.com/aws/aws-sdk-go/service/autoscaling" "github.com/aws/aws-sdk-go/service/ec2" @@ -973,7 +972,7 @@ func deleteSubnets(session *session.Session, filter awsFilter, logger log.FieldL } // bucketsToAWSObjects will convert a list of S3 Buckets to awsObjectsWithTags (for easier filtering) -func bucketsToAWSObjects(buckets []*s3.Bucket, s3Client *s3.S3) ([]awsObjectWithTags, error) { +func bucketsToAWSObjects(buckets []*s3.Bucket, s3Client *s3.S3, logger log.FieldLogger) ([]awsObjectWithTags, error) { bucketObjects := []awsObjectWithTags{} for _, bucket := range buckets { @@ -981,18 +980,8 @@ func bucketsToAWSObjects(buckets []*s3.Bucket, s3Client *s3.S3) ([]awsObjectWith Bucket: bucket.Name, }) if err != nil { - if aerr, ok := err.(awserr.Error); ok { - switch aerr.Code() { - case "NoSuchTagSet": - // it is okay for a bucket to have no tags, just ignore it - // since we can't filter on a tagless bucket - continue - default: - return bucketObjects, err - } - } else { - return bucketObjects, err - } + logger.Errorf("error getting tags for bucket %s: %v, skipping...", bucket.Name, err) + continue } tagsAsMap, err := tagsToMap(tags.TagSet) @@ -1060,7 +1049,7 @@ func deleteS3Buckets(session *session.Session, filter awsFilter, logger log.Fiel return false, nil } - awsObjects, err := bucketsToAWSObjects(results.Buckets, s3Client) + awsObjects, err := bucketsToAWSObjects(results.Buckets, s3Client, logger) if err != nil { return false, fmt.Errorf("error converting buckets to internal objects: %v", err) }