From c106e7c26c7a954718aeec19901edc5234064d57 Mon Sep 17 00:00:00 2001 From: Matthew Hooker Date: Tue, 7 Nov 2017 14:03:52 -0800 Subject: [PATCH 1/4] Don't set region from metadata if profile is set. --- builder/amazon/common/access_config.go | 33 ++++++++++++-------------- builder/amazon/common/ami_config.go | 9 +++---- 2 files changed, 20 insertions(+), 22 deletions(-) diff --git a/builder/amazon/common/access_config.go b/builder/amazon/common/access_config.go index ecbb100b7..462e32617 100644 --- a/builder/amazon/common/access_config.go +++ b/builder/amazon/common/access_config.go @@ -34,15 +34,15 @@ func (c *AccessConfig) Session() (*session.Session, error) { return c.session, nil } + config := aws.NewConfig().WithMaxRetries(11).WithCredentialsChainVerboseErrors(true) + if c.ProfileName != "" { if err := os.Setenv("AWS_PROFILE", c.ProfileName); err != nil { return nil, fmt.Errorf("Set env error: %s", err) } - } - - config := aws.NewConfig().WithMaxRetries(11).WithCredentialsChainVerboseErrors(true) - - if region := c.region(); region != "" { + } else if c.RawRegion != "" { + config = config.WithRegion(c.RawRegion) + } else if region := c.metadataRegion(); region != "" { config = config.WithRegion(region) } @@ -68,25 +68,26 @@ func (c *AccessConfig) Session() (*session.Session, error) { SharedConfigState: session.SharedConfigEnable, Config: *config, } + if c.MFACode != "" { opts.AssumeRoleTokenProvider = func() (string, error) { return c.MFACode, nil } } - var err error - c.session, err = session.NewSessionWithOptions(opts) - if err != nil { + + if session, err := session.NewSessionWithOptions(opts); err != nil { return nil, err + } else if *session.Config.Region == "" { + return nil, fmt.Errorf("Could not find AWS region, make sure it's set.") + } else { + c.session = session } return c.session, nil } -// region returns either the region from config or region from metadata service -func (c *AccessConfig) region() string { - if c.RawRegion != "" { - return c.RawRegion - } +// metadataRegion returns the region from the metadata service +func (c *AccessConfig) metadataRegion() string { client := cleanhttp.DefaultClient() @@ -112,9 +113,5 @@ func (c *AccessConfig) Prepare(ctx *interpolate.Context) []error { } } - if len(errs) > 0 { - return errs - } - - return nil + return errs } diff --git a/builder/amazon/common/ami_config.go b/builder/amazon/common/ami_config.go index 7dfe1af88..aa0792e3a 100644 --- a/builder/amazon/common/ami_config.go +++ b/builder/amazon/common/ami_config.go @@ -45,10 +45,11 @@ func (c *AMIConfig) Prepare(accessConfig *AccessConfig, ctx *interpolate.Context session, err := accessConfig.Session() if err != nil { errs = append(errs, err) - } - region := *session.Config.Region - if stringInSlice(c.AMIRegions, region) { - errs = append(errs, fmt.Errorf("Cannot copy AMI to AWS session region '%s', please remove it from `ami_regions`.", region)) + } else { + region := *session.Config.Region + if stringInSlice(c.AMIRegions, region) { + errs = append(errs, fmt.Errorf("Cannot copy AMI to AWS session region '%s', please remove it from `ami_regions`.", region)) + } } } From 545ee45567eccbf0555350c68f9b5b1cff425541 Mon Sep 17 00:00:00 2001 From: Matthew Hooker Date: Tue, 7 Nov 2017 14:51:20 -0800 Subject: [PATCH 2/4] debug region we found --- builder/amazon/common/access_config.go | 1 + 1 file changed, 1 insertion(+) diff --git a/builder/amazon/common/access_config.go b/builder/amazon/common/access_config.go index 462e32617..ca589c7bf 100644 --- a/builder/amazon/common/access_config.go +++ b/builder/amazon/common/access_config.go @@ -80,6 +80,7 @@ func (c *AccessConfig) Session() (*session.Session, error) { } else if *session.Config.Region == "" { return nil, fmt.Errorf("Could not find AWS region, make sure it's set.") } else { + log.Printf("Found region %s", *session.Config.Region) c.session = session } From f681faa296f6dc87efe0e768d6b41b134ef9bbfd Mon Sep 17 00:00:00 2001 From: Matthew Hooker Date: Tue, 7 Nov 2017 14:57:10 -0800 Subject: [PATCH 3/4] fix tests --- builder/amazon/chroot/builder_test.go | 1 + 1 file changed, 1 insertion(+) diff --git a/builder/amazon/chroot/builder_test.go b/builder/amazon/chroot/builder_test.go index a52714030..c13658286 100644 --- a/builder/amazon/chroot/builder_test.go +++ b/builder/amazon/chroot/builder_test.go @@ -10,6 +10,7 @@ func testConfig() map[string]interface{} { return map[string]interface{}{ "ami_name": "foo", "source_ami": "foo", + "region": "us-east-1", } } From 0a24f4eb2efb6afac6b6558144bca2fb52431e8b Mon Sep 17 00:00:00 2001 From: Matthew Hooker Date: Tue, 7 Nov 2017 16:05:43 -0800 Subject: [PATCH 4/4] don't shadow package name --- builder/amazon/common/access_config.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/builder/amazon/common/access_config.go b/builder/amazon/common/access_config.go index ca589c7bf..73e50b862 100644 --- a/builder/amazon/common/access_config.go +++ b/builder/amazon/common/access_config.go @@ -75,13 +75,13 @@ func (c *AccessConfig) Session() (*session.Session, error) { } } - if session, err := session.NewSessionWithOptions(opts); err != nil { + if sess, err := session.NewSessionWithOptions(opts); err != nil { return nil, err - } else if *session.Config.Region == "" { + } else if *sess.Config.Region == "" { return nil, fmt.Errorf("Could not find AWS region, make sure it's set.") } else { - log.Printf("Found region %s", *session.Config.Region) - c.session = session + log.Printf("Found region %s", *sess.Config.Region) + c.session = sess } return c.session, nil