From 3238205e44d25bf104bb1a80134ba3f3aaf4e019 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Saulius=20Ma=C5=A1nauskas?= Date: Fri, 13 Aug 2021 17:54:00 +0300 Subject: [PATCH] feat: validate aws-sdk credentials func (#36) --- internal/services/controller/controller.go | 2 +- .../services/controller/controller_test.go | 2 +- internal/services/providers/castai/castai.go | 2 +- internal/services/providers/eks/client/aws.go | 12 ++++++++++++ internal/services/providers/eks/eks.go | 2 +- internal/services/providers/eks/eks_test.go | 2 +- internal/services/providers/gke/gke.go | 2 +- internal/services/providers/gke/gke_test.go | 2 +- internal/services/providers/kops/kops.go | 7 ++++++- internal/services/providers/kops/kops_test.go | 19 ++++++++++++++++++- pkg/labels/labels.go | 5 +++-- 11 files changed, 46 insertions(+), 11 deletions(-) diff --git a/internal/services/controller/controller.go b/internal/services/controller/controller.go index 8c538ff0..50a3b7ba 100644 --- a/internal/services/controller/controller.go +++ b/internal/services/controller/controller.go @@ -151,7 +151,7 @@ func (c *Controller) nodeAddHandler(log logrus.FieldLogger, event event, obj int } if spot { - node.Labels[labels.FakeSpot] = "true" + node.Labels[labels.CastaiFakeSpot] = "true" } genericHandler(log, c.queue, reflect.TypeOf(&corev1.Node{}), event, node) diff --git a/internal/services/controller/controller_test.go b/internal/services/controller/controller_test.go index 9d6832a1..c82d5208 100644 --- a/internal/services/controller/controller_test.go +++ b/internal/services/controller/controller_test.go @@ -37,7 +37,7 @@ func Test(t *testing.T) { node := &v1.Node{ObjectMeta: metav1.ObjectMeta{Name: "node1", Labels: map[string]string{}}} expectedNode := node.DeepCopy() - expectedNode.Labels[labels.FakeSpot] = "true" + expectedNode.Labels[labels.CastaiFakeSpot] = "true" nodeData, err := encode(expectedNode) require.NoError(t, err) diff --git a/internal/services/providers/castai/castai.go b/internal/services/providers/castai/castai.go index 80c7b7e1..0fb188a8 100644 --- a/internal/services/providers/castai/castai.go +++ b/internal/services/providers/castai/castai.go @@ -25,7 +25,7 @@ type Provider struct { } func (p *Provider) IsSpot(_ context.Context, node *v1.Node) (bool, error) { - if val, ok := node.Labels[labels.Spot]; ok && val == "true" { + if val, ok := node.Labels[labels.CastaiSpot]; ok && val == "true" { return true, nil } return false, nil diff --git a/internal/services/providers/eks/client/aws.go b/internal/services/providers/eks/client/aws.go index 10c887c5..8bcc4162 100644 --- a/internal/services/providers/eks/client/aws.go +++ b/internal/services/providers/eks/client/aws.go @@ -72,12 +72,23 @@ func WithEC2Client() func(ctx context.Context, c *client) error { return fmt.Errorf("creating aws sdk session: %w", err) } + c.sess = sess c.ec2Client = ec2.New(sess) return nil } } +// WithValidateCredentials validates the aws-sdk credentials chain. +func WithValidateCredentials() func(ctx context.Context, c *client) error { + return func(ctx context.Context, c *client) error { + if _, err := c.sess.Config.Credentials.Get(); err != nil { + return fmt.Errorf("validating aws credentials: %w", err) + } + return nil + } +} + // WithMetadata configures the discoverable EC2 instance metadata and EKS properties by setting static values instead // of relying on the discovery mechanism. func WithMetadata(accountID, region, clusterName string) func(ctx context.Context, c *client) error { @@ -112,6 +123,7 @@ func WithMetadataDiscovery() func(ctx context.Context, c *client) error { type client struct { log logrus.FieldLogger + sess *session.Session metaClient *ec2metadata.EC2Metadata ec2Client *ec2.EC2 region *string diff --git a/internal/services/providers/eks/eks.go b/internal/services/providers/eks/eks.go index d9d24e07..5c779332 100644 --- a/internal/services/providers/eks/eks.go +++ b/internal/services/providers/eks/eks.go @@ -89,7 +89,7 @@ func (p *Provider) IsSpot(ctx context.Context, node *v1.Node) (bool, error) { return true, nil } - if val, ok := node.Labels[labels.Spot]; ok && val == "true" { + if val, ok := node.Labels[labels.CastaiSpot]; ok && val == "true" { return true, nil } diff --git a/internal/services/providers/eks/eks_test.go b/internal/services/providers/eks/eks_test.go index d3a27061..ad0f4999 100644 --- a/internal/services/providers/eks/eks_test.go +++ b/internal/services/providers/eks/eks_test.go @@ -86,7 +86,7 @@ func TestProvider_IsSpot(t *testing.T) { } got, err := p.IsSpot(context.Background(), &v1.Node{ObjectMeta: metav1.ObjectMeta{Labels: map[string]string{ - labels.Spot: "true", + labels.CastaiSpot: "true", }}}) require.NoError(t, err) diff --git a/internal/services/providers/gke/gke.go b/internal/services/providers/gke/gke.go index 3fea2bca..85c6831f 100644 --- a/internal/services/providers/gke/gke.go +++ b/internal/services/providers/gke/gke.go @@ -49,7 +49,7 @@ func (p *Provider) RegisterCluster(ctx context.Context, client castai.Client) (* } func (p *Provider) IsSpot(_ context.Context, node *corev1.Node) (bool, error) { - if val, ok := node.Labels[labels.Spot]; ok && val == "true" { + if val, ok := node.Labels[labels.CastaiSpot]; ok && val == "true" { return true, nil } diff --git a/internal/services/providers/gke/gke_test.go b/internal/services/providers/gke/gke_test.go index 03c3db41..9effe932 100644 --- a/internal/services/providers/gke/gke_test.go +++ b/internal/services/providers/gke/gke_test.go @@ -61,7 +61,7 @@ func TestProvider_IsSpot(t *testing.T) { }{ { name: "castai spot node", - node: &v1.Node{ObjectMeta: metav1.ObjectMeta{Labels: map[string]string{labels.Spot: "true"}}}, + node: &v1.Node{ObjectMeta: metav1.ObjectMeta{Labels: map[string]string{labels.CastaiSpot: "true"}}}, expected: true, }, { diff --git a/internal/services/providers/kops/kops.go b/internal/services/providers/kops/kops.go index e4a936e7..948d2dcb 100644 --- a/internal/services/providers/kops/kops.go +++ b/internal/services/providers/kops/kops.go @@ -81,6 +81,7 @@ func (p *Provider) RegisterCluster(ctx context.Context, client castai.Client) (* opts := []awsclient.Opt{ awsclient.WithMetadata("", region, clusterName), awsclient.WithEC2Client(), + awsclient.WithValidateCredentials(), } c, err := awsclient.New(ctx, p.log, opts...) if err != nil { @@ -114,7 +115,11 @@ func (p *Provider) RegisterCluster(ctx context.Context, client castai.Client) (* } func (p *Provider) IsSpot(ctx context.Context, node *v1.Node) (bool, error) { - if val, ok := node.Labels[labels.Spot]; ok && val == "true" { + if val, ok := node.Labels[labels.CastaiSpot]; ok && val == "true" { + return true, nil + } + + if val, ok := node.Labels[labels.KopsSpot]; ok && val == "true" { return true, nil } diff --git a/internal/services/providers/kops/kops_test.go b/internal/services/providers/kops/kops_test.go index 0a6fd1ae..771b3d4a 100644 --- a/internal/services/providers/kops/kops_test.go +++ b/internal/services/providers/kops/kops_test.go @@ -170,7 +170,24 @@ func TestProvider_IsSpot(t *testing.T) { node := &v1.Node{ ObjectMeta: metav1.ObjectMeta{ Labels: map[string]string{ - labels.Spot: "true", + labels.CastaiSpot: "true", + }, + }, + } + + p := &Provider{} + + got, err := p.IsSpot(context.Background(), node) + + require.NoError(t, err) + require.True(t, got) + }) + + t.Run("kops instance group spot nodes", func(t *testing.T) { + node := &v1.Node{ + ObjectMeta: metav1.ObjectMeta{ + Labels: map[string]string{ + labels.KopsSpot: "true", }, }, } diff --git a/pkg/labels/labels.go b/pkg/labels/labels.go index 7ff07bd3..1f75a038 100644 --- a/pkg/labels/labels.go +++ b/pkg/labels/labels.go @@ -1,6 +1,7 @@ package labels const ( - Spot = "scheduling.cast.ai/spot" - FakeSpot = "scheduling.cast.ai/fake-spot" + CastaiSpot = "scheduling.cast.ai/spot" + CastaiFakeSpot = "scheduling.cast.ai/fake-spot" + KopsSpot = "spot" )