awspub 0.0.4__py3-none-any.whl → 0.0.6__py3-none-any.whl

awspub/common.py

@@ -0,0 +1,18 @@
+from typing import Tuple
+
+
+def _split_partition(val: str) -> Tuple[str, str]:
+    """
+    Split a string into partition and resource, separated by a colon. If no partition is given, assume "aws"
+    :param val: the string to split
+    :type val: str
+    :return: the partition and the resource
+    :rtype: Tuple[str, str]
+    """
+    if ":" in val:
+        partition, resource = val.split(":")
+    else:
+        # if no partition is given, assume default commercial partition "aws"
+        partition = "aws"
+        resource = val
+    return partition, resource

awspub/configmodels.py

@@ -1,7 +1,9 @@
 import pathlib
 from typing import Dict, List, Literal, Optional
 
-from pydantic import BaseModel, ConfigDict, Field
+from pydantic import BaseModel, ConfigDict, Field, field_validator
+
+from awspub.common import _split_partition
 
 
 class ConfigS3Model(BaseModel):
@@ -101,7 +103,9 @@ class ConfigImageModel(BaseModel):
 
     description: Optional[str] = Field(description="Optional image description", default=None)
     regions: Optional[List[str]] = Field(
-        description="Optional list of regions for this image. If not given, all available regions will be used",
+        description="Optional list of regions for this image. If not given, all available regions will"
+        "be used from the currently used partition. If a region doesn't exist in the currently used partition,"
+        " it will be ignored.",
         default=None,
     )
     separate_snapshot: bool = Field(description="Use a separate snapshot for this image?", default=False)
@@ -122,7 +126,9 @@ class ConfigImageModel(BaseModel):
     )
     imds_support: Optional[Literal["v2.0"]] = Field(description="Optional IMDS support", default=None)
     share: Optional[List[str]] = Field(
-        description="Optional list of account IDs the image and snapshot will be shared with", default=None
+        description="Optional list of account IDs the image and snapshot will be shared with. The account"
+        "ID can be prefixed with the partition and separated by ':'. Eg 'aws-cn:123456789123'",
+        default=None,
     )
     temporary: Optional[bool] = Field(
         description="Optional boolean field indicates that a image is only temporary", default=False
@@ -143,6 +149,21 @@ class ConfigImageModel(BaseModel):
     groups: Optional[List[str]] = Field(description="Optional list of groups this image is part of", default=[])
     tags: Optional[Dict[str, str]] = Field(description="Optional Tags to apply to this image only", default={})
 
+    @field_validator("share")
+    @classmethod
+    def check_share(cls, v: Optional[List[str]]) -> Optional[List[str]]:
+        """
+        Make sure the account IDs are valid and if given the partition is correct
+        """
+        if v is not None:
+            for val in v:
+                partition, account_id = _split_partition(val)
+                if len(account_id) != 12:
+                    raise ValueError("Account ID must be 12 characters long")
+                if partition not in ["aws", "aws-cn", "aws-us-gov"]:
+                    raise ValueError("Partition must be one of 'aws', 'aws-cn', 'aws-us-gov'")
+        return v
+
 
 class ConfigModel(BaseModel):
     """

awspub/image.py

@@ -9,6 +9,7 @@ from mypy_boto3_ec2.client import EC2Client
 from mypy_boto3_ssm import SSMClient
 
 from awspub import exceptions
+from awspub.common import _split_partition
 from awspub.context import Context
 from awspub.image_marketplace import ImageMarketplace
 from awspub.s3 import S3
@@ -54,6 +55,7 @@ class Image:
         self._ctx: Context = context
         self._image_name: str = image_name
         self._image_regions: List[str] = []
+        self._image_regions_cached: bool = False
 
         if self._image_name not in self._ctx.conf["images"].keys():
             raise ValueError(f"image '{self._image_name}' not found in context configuration")
@@ -119,15 +121,28 @@ class Image:
     def image_regions(self) -> List[str]:
         """
         Get the image regions. Either configured in the image configuration
-        or all available regions
+        or all available regions.
+        If a region is listed that is not available in the currently used partition,
+        that region will be ignored (eg. having us-east-1 configured but running in the aws-cn
+        partition doesn't include us-east-1 here).
         """
-        if not self._image_regions:
+        if not self._image_regions_cached:
+            # get all available regions
+            ec2client: EC2Client = boto3.client("ec2", region_name=self._s3.bucket_region)
+            resp = ec2client.describe_regions()
+            image_regions_all = [r["RegionName"] for r in resp["Regions"]]
+
             if self.conf["regions"]:
-                self._image_regions = self.conf["regions"]
+                # filter out regions that are not available in the current partition
+                image_regions_configured_set = set(self.conf["regions"])
+                image_regions_all_set = set(image_regions_all)
+                self._image_regions = list(image_regions_configured_set.intersection(image_regions_all_set))
+                diff = image_regions_configured_set.difference(image_regions_all_set)
+                if diff:
+                    logger.warning(f"configured regions {diff} not available in the current partition. Ignoring those.")
             else:
-                ec2client: EC2Client = boto3.client("ec2", region_name=self._s3.bucket_region)
-                resp = ec2client.describe_regions()
-                self._image_regions = [r["RegionName"] for r in resp["Regions"]]
+                self._image_regions = image_regions_all
+            self._image_regions_cached = True
         return self._image_regions
 
     @property
@@ -145,16 +160,34 @@ class Image:
             tags.append({"Key": name, "Value": value})
         return tags
 
+    def _share_list_filtered(self, share_conf: List[str]) -> List[Dict[str, str]]:
+        """
+        Get a filtered list of share configurations based on the current partition
+        :param share_conf: the share configuration
+        :type share_conf: List[str]
+        :return: a List of share configurations that is usable by modify_image_attribute()
+        :rtype: List[Dict[str, str]]
+        """
+        # the current partition
+        partition_current = boto3.client("ec2").meta.partition
+
+        share_list: List[Dict[str, str]] = []
+        for share in share_conf:
+            partition, account_id = _split_partition(share)
+            if partition == partition_current:
+                share_list.append({"UserId": account_id})
+        return share_list
+
     def _share(self, share_conf: List[str], images: Dict[str, _ImageInfo]):
         """
         Share images with accounts
 
-        :param share_conf: the share configuration. eg. self.conf["share_create"]
+        :param share_conf: the share configuration containing list
         :type share_conf: List[str]
         :param images: a Dict with region names as keys and _ImageInfo objects as values
         :type images: Dict[str, _ImageInfo]
         """
-        share_list: List[Dict[str, str]] = [{"UserId": user_id} for user_id in share_conf]
+        share_list = self._share_list_filtered(share_conf)
 
         for region, image_info in images.items():
             ec2client: EC2Client = boto3.client("ec2", region_name=region)

awspub/s3.py

@@ -113,7 +113,7 @@ class S3:
                 )
                 return
             else:
-                logger.warn(
+                logger.warning(
                     f"'{self._ctx.source_sha256}' in bucket '{self.bucket_name}' "
                     f"already exists but sha256sum does not match. Will be overwritten ..."
                 )

awspub/tests/fixtures/config1.yaml

@@ -78,6 +78,11 @@ awspub:
       public: true
       tags:
         key1: value1
+      share:
+        - "123456789123"
+        - "221020170000"
+        - "aws:290620200000"
+        - "aws-cn:334455667788"
       marketplace:
         entity_id: "xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx"
         access_role_arn: "arn:aws:iam::xxxxxxxxxxxx:role/AWSMarketplaceAccess"

awspub/tests/test_common.py

@@ -0,0 +1,16 @@
+import pytest
+
+from awspub.common import _split_partition
+
+
+@pytest.mark.parametrize(
+    "input,expected_output",
+    [
+        ("123456789123", ("aws", "123456789123")),
+        ("aws:123456789123", ("aws", "123456789123")),
+        ("aws-cn:123456789123", ("aws-cn", "123456789123")),
+        ("aws-us-gov:123456789123", ("aws-us-gov", "123456789123")),
+    ],
+)
+def test_common__split_partition(input, expected_output):
+    assert _split_partition(input) == expected_output

awspub/tests/test_image.py

@@ -40,27 +40,34 @@ def test_snapshot_names(imagename, snapshotname):
 
 
 @pytest.mark.parametrize(
-    "imagename,regions",
+    "imagename,regions_in_partition,regions_expected",
     [
         # test-image-1 has 2 regions defined
-        ("test-image-1", ["region1", "region2"]),
+        ("test-image-1", ["region1", "region2"], ["region1", "region2"]),
+        # test-image-1 has 2 regions defined and there are more regions in the partition
+        ("test-image-1", ["region1", "region2", "region3"], ["region1", "region2"]),
+        ("test-image-1", ["region1", "region2"], ["region1", "region2"]),
         # test-image-2 has no regions defined, so whatever the ec2 client returns should be valid
-        ("test-image-2", ["all-region-1", "all-region-2"]),
+        ("test-image-2", ["all-region-1", "all-region-2"], ["all-region-1", "all-region-2"]),
+        # test-image-1 has 2 regions defined, but those regions are not in the partition
+        ("test-image-1", ["region3", "region4"], []),
+        # test-image-1 has 2 regions defined, but those regions are not partially in the partition
+        ("test-image-1", ["region2", "region4"], ["region2"]),
+        # test-image-2 has no regions defined and the ec2 client doesn't return any regions
+        ("test-image-2", [], []),
     ],
 )
 @patch("awspub.s3.S3.bucket_region", return_value="region1")
-def test_image_regions(s3_region_mock, imagename, regions):
+def test_image_regions(s3_region_mock, imagename, regions_in_partition, regions_expected):
     """
     Test the regions for a given image
     """
     with patch("boto3.client") as bclient_mock:
         instance = bclient_mock.return_value
-        instance.describe_regions.return_value = {
-            "Regions": [{"RegionName": "all-region-1"}, {"RegionName": "all-region-2"}]
-        }
+        instance.describe_regions.return_value = {"Regions": [{"RegionName": r} for r in regions_in_partition]}
         ctx = context.Context(curdir / "fixtures/config1.yaml", None)
         img = image.Image(ctx, imagename)
-        assert img.image_regions == regions
+        assert sorted(img.image_regions) == sorted(regions_expected)
 
 
 @pytest.mark.parametrize(
@@ -77,6 +84,8 @@ def test_image_cleanup(imagename, cleanup):
     with patch("boto3.client") as bclient_mock:
         instance = bclient_mock.return_value
         instance.describe_images.return_value = {"Images": [{"Name": imagename, "Public": False, "ImageId": "ami-123"}]}
+        instance.describe_regions.return_value = {"Regions": [{"RegionName": "region1"}, {"RegionName": "region2"}]}
+        instance.list_buckets.return_value = {"Buckets": [{"Name": "bucket1"}]}
         ctx = context.Context(curdir / "fixtures/config1.yaml", None)
         img = image.Image(ctx, imagename)
         img.cleanup()
@@ -154,6 +163,10 @@ def test_image_publish(
             ]
         }
         instance.get_parameters.return_value = {"Parameters": []}
+        instance.describe_regions.return_value = {
+            "Regions": [{"RegionName": "eu-central-1"}, {"RegionName": "us-east-1"}]
+        }
+        instance.list_buckets.return_value = {"Buckets": [{"Name": "bucket1"}]}
         ctx = context.Context(curdir / "fixtures/config1.yaml", None)
         img = image.Image(ctx, imagename)
         img.publish()
@@ -299,6 +312,10 @@ def test_image_list(available_images, expected):
     with patch("boto3.client") as bclient_mock:
         instance = bclient_mock.return_value
         instance.describe_images.return_value = {"Images": available_images}
+        instance.describe_regions.return_value = {
+            "Regions": [{"RegionName": "eu-central-1"}, {"RegionName": "us-east-1"}]
+        }
+        instance.list_buckets.return_value = {"Buckets": [{"Name": "bucket1"}]}
         ctx = context.Context(curdir / "fixtures/config1.yaml", None)
         img = image.Image(ctx, "test-image-6")
         assert img.list() == expected
@@ -330,6 +347,10 @@ def test_image_create_existing(s3_bucket_mock):
                 }
             ]
         }
+        instance.describe_regions.return_value = {
+            "Regions": [{"RegionName": "eu-central-1"}, {"RegionName": "us-east-1"}]
+        }
+        instance.list_buckets.return_value = {"Buckets": [{"Name": "bucket1"}]}
         ctx = context.Context(curdir / "fixtures/config1.yaml", None)
         img = image.Image(ctx, "test-image-6")
         assert img.create() == {"eu-central-1": image._ImageInfo(image_id="ami-123", snapshot_id="snap-123")}
@@ -375,6 +396,10 @@ def test_image__put_ssm_parameters(
         instance = bclient_mock.return_value
         instance.describe_images.return_value = {"Images": describe_images}
         instance.get_parameters.return_value = {"Parameters": get_parameters}
+        instance.describe_regions.return_value = {
+            "Regions": [{"RegionName": "eu-central-1"}, {"RegionName": "us-east-1"}]
+        }
+        instance.list_buckets.return_value = {"Buckets": [{"Name": "bucket1"}]}
         ctx = context.Context(curdir / "fixtures/config1.yaml", None)
         img = image.Image(ctx, imagename)
         img._put_ssm_parameters()
@@ -431,3 +456,23 @@ def test_image__verify(image_found, config, config_image_name, expected_problems
         img = image.Image(ctx, config_image_name)
         problems = img._verify("eu-central-1")
         assert problems == expected_problems
+
+
+@pytest.mark.parametrize(
+    "partition,imagename,share_list_expected",
+    [
+        ("aws", "test-image-8", [{"UserId": "123456789123"}, {"UserId": "221020170000"}, {"UserId": "290620200000"}]),
+        ("aws-cn", "test-image-8", [{"UserId": "334455667788"}]),
+        ("aws-us-gov", "test-image-8", []),
+    ],
+)
+def test_image__share_list_filtered(partition, imagename, share_list_expected):
+    """
+    Test _share_list_filtered() for a given image
+    """
+    with patch("boto3.client") as bclient_mock:
+        instance = bclient_mock.return_value
+        instance.meta.partition = partition
+        ctx = context.Context(curdir / "fixtures/config1.yaml", None)
+        img = image.Image(ctx, imagename)
+        assert img._share_list_filtered(img.conf["share"]) == share_list_expected

{awspub-0.0.4.dist-info → awspub-0.0.6.dist-info}/METADATA

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: awspub
-Version: 0.0.4
+Version: 0.0.6
 Summary: Publish images to AWS EC2
 Home-page: https://github.com/canonical/awspub
 License: GPL-3.0-or-later

{awspub-0.0.4.dist-info → awspub-0.0.6.dist-info}/RECORD

@@ -1,31 +1,33 @@
 awspub/__init__.py,sha256=7hgLrq6k53yaJrjFe7X5Cm45z3SIc1Vxocb5k3G8xPc,124
 awspub/api.py,sha256=d1gx9LdqdYXRLf8yZ_spIz_93WhB2GNnCG_x3ABrMkI,6497
 awspub/cli/__init__.py,sha256=-zCBEbnt5zbvSZ8PxQALpPAy0CiQUf-qZnikJ7U4Sf0,5621
-awspub/configmodels.py,sha256=8JV_fh9VTCSTRcwoqdxXoNFUurn5Q1iTfp-r3u-OLUQ,6869
+awspub/common.py,sha256=M_Ibw8DoAHG3oLoK5qRUggEjI7kJSSslC7r9VySe8vk,562
+awspub/configmodels.py,sha256=DMrC3N8V_zj2SuBRJu27dxxY4Um5rcemWFFqMlA6j9E,7824
 awspub/context.py,sha256=LDkp9Sz5AqRxQq70ICgFIJn5g2qrc5qiVawTyS_rXZE,4064
 awspub/exceptions.py,sha256=SbGf9XyiGlj6estlraAwWAKLtuEfzwEuAbHXYiCiJD0,447
-awspub/image.py,sha256=FRw8CyYo0RBh-ik4I9W4TmaF0LJ2TpgeddwalidlQKA,25763
+awspub/image.py,sha256=1oJ5x4WljJt4C119qj7b0n9HRXAb3Mi_d_2g5_vRT8o,27451
 awspub/image_marketplace.py,sha256=oiD7yNU5quG5CQG9Ql5Ut9hLWA1yewg6qVwTbyadGwc,5314
-awspub/s3.py,sha256=vnel5UtASHK_mkGuZDnA1IydWCLD_TCZ_WyWwAds9F8,11271
+awspub/s3.py,sha256=ivR8DuAkYilph73EjFkTgUelkXxU7pZfosnsHHyoZkQ,11274
 awspub/snapshot.py,sha256=V5e_07SnmCwEPjRmwZh43spWparhH8X4ugG16uQfGuo,10040
 awspub/tests/__init__.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
 awspub/tests/fixtures/config-invalid-s3-extra.yaml,sha256=TdgqE-quxgueXS9L8ixsRuG6eTVfqalZ41G3JNCWn58,288
 awspub/tests/fixtures/config-minimal.yaml,sha256=oHupXHYQXxmqgN2qFCAwvxzR7Bch-3yScrmMXeMIICE,176
 awspub/tests/fixtures/config-valid-nonawspub.yaml,sha256=Md-YINQQRo3kveikUxk8Co9BYIZfDftmPT2LmIqoTL4,330
 awspub/tests/fixtures/config1.vmdk,sha256=YlJHVAi5-e5kRSthHXBqB4gxqZsSPbadFE2HigSIoKg,65536
-awspub/tests/fixtures/config1.yaml,sha256=EdAfnBpZzKBFKcMNv9EYf2qCQ0dk8KHBAXzJUwox370,3132
+awspub/tests/fixtures/config1.yaml,sha256=QUxX7j7SNP40CeSIRFcXm54Ef2CmzgDeWfYYy_THlM0,3256
 awspub/tests/fixtures/config2-mapping.yaml,sha256=lqJE0ej9DdGsE8O5dqG5PX7bOJrY4nMciXoOzMzV-so,31
 awspub/tests/fixtures/config2.yaml,sha256=m2v-n1T-XPGDHyrJXArC_rYV-ZPMr9cgzHkLXiSRuDs,1250
 awspub/tests/fixtures/config3-duplicate-keys.yaml,sha256=Cn0tTQawpEFocDNpWxDz1651uQa7aw88XjNyPcCG4iQ,324
 awspub/tests/test_api.py,sha256=7MKm2aCtcvHJ0x_o2qinljfL9xFBWnasUnVpBxB37w8,2504
 awspub/tests/test_cli.py,sha256=47DEQpj8HBSa-_TImW-5JCeuQeRkm5NMpJWZG3hSuFU,0
+awspub/tests/test_common.py,sha256=kytMUU47uZYYe302XswdO15qX_i1vO2LS5n96--TcSU,478
 awspub/tests/test_context.py,sha256=wMXQqj4vi2U3q5w1xPV-stB3mp3K6puUyXhsShJG4wA,3115
-awspub/tests/test_image.py,sha256=4z7UmcUhFBXCFX-iGz4FbHp7mgm_JNTTJsHSONMbwi0,16400
+awspub/tests/test_image.py,sha256=tMcMx8rnx0q3oeRBA3JSeOHVxnnUGG_AAHVsZ7DWNYw,19083
 awspub/tests/test_image_marketplace.py,sha256=JP7PrFjix1AyQg7eEaQ-wCROVoIOb873koseniOqGQQ,1456
 awspub/tests/test_s3.py,sha256=UJL8CQDEvhA42MwPGeSvSbQFj8h86c1LrLFDvcMcRws,2857
 awspub/tests/test_snapshot.py,sha256=8KPTqGVyzrpivWuq3HE7ZhgtLllcr3rA_3hZcxu2xjg,4123
-awspub-0.0.4.dist-info/LICENSE,sha256=9GbrzFQ3rWjVKj-IZnX1kGDsIGIdjc25KGRmAp03Jn0,35150
-awspub-0.0.4.dist-info/METADATA,sha256=FnuoxZOfvW7AtbWTySouXFSiQ_FkcMbvd8mtKkczj-s,1773
-awspub-0.0.4.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
-awspub-0.0.4.dist-info/entry_points.txt,sha256=hrQzy9P5yO58nj6W0UDPdQPUTqEkQLpMvuyDDRu7LRQ,42
-awspub-0.0.4.dist-info/RECORD,,
+awspub-0.0.6.dist-info/LICENSE,sha256=9GbrzFQ3rWjVKj-IZnX1kGDsIGIdjc25KGRmAp03Jn0,35150
+awspub-0.0.6.dist-info/METADATA,sha256=0Dk6LfbKHJXh--WbmzrPtLtK75hJNs_G6bpqzN6D2iM,1773
+awspub-0.0.6.dist-info/WHEEL,sha256=sP946D7jFCHeNz5Iq4fL4Lu-PrWrFsgfLXbbkciIZwg,88
+awspub-0.0.6.dist-info/entry_points.txt,sha256=hrQzy9P5yO58nj6W0UDPdQPUTqEkQLpMvuyDDRu7LRQ,42
+awspub-0.0.6.dist-info/RECORD,,