Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support building for Gov.cloud only accounts #1641

Closed
wants to merge 2 commits into from
Closed

Support building for Gov.cloud only accounts #1641

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
236120f
Support building for Gov.cloud
jtnord Feb 8, 2024
f80da3f
Merge branch 'awslabs:master' into fix-gov-cloud-building
jtnord Feb 12, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion hack/latest-binaries.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ MINOR_VERSION="${1}"

# retrieve the available "VERSION/BUILD_DATE" prefixes (e.g. "1.28.1/2023-09-14")
# from the binary object keys, sorted in descending semver order, and pick the first one
LATEST_BINARIES=$(aws s3api list-objects-v2 --bucket amazon-eks --prefix "${MINOR_VERSION}" --query 'Contents[*].[Key]' --output text | cut -d'/' -f-2 | sort -Vru | head -n1)
LATEST_BINARIES=$(aws s3api list-objects-v2 --bucket amazon-eks --no-sign-request --region us-west-2 --prefix "${MINOR_VERSION}" --query 'Contents[*].[Key]' --output text | cut -d'/' -f-2 | sort -Vru | head -n1)
Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

--no-sign-request the bucket is public and does not need auth so do not attempt it - if we only have a account in the govCloud region we would not be able to auth anyway and this is the crux of the issue.
--region us-west-2 the users default region may be for us-gov-west-n / us-gov-east-n so we need to specify a region that is not a govCloud region as they bucket is not available there. whilst this may be sub ptimal for someone building an image in an asian region - we are only querying metadata here and as such the overhead of the additioanl latency will disappear into the amount of time it takes to actually do real work (build the image with packer)


if [ "${LATEST_BINARIES}" == "None" ]; then
echo >&2 "No binaries available for minor version: ${MINOR_VERSION}"
Expand Down