playground-ls-cli 4.14.1.dev8__py3-none-any.whl

localstack_cli/packages/core.py

@@ -0,0 +1,416 @@
+import logging
+import os
+import re
+from abc import ABC
+from functools import lru_cache
+from sys import version_info
+from typing import Any
+
+import requests
+
+from localstack_cli import config
+
+from ..constants import LOCALSTACK_VENV_FOLDER, MAVEN_REPO_URL
+from ..utils.archives import download_and_extract
+from ..utils.files import chmod_r, chown_r, mkdir, rm_rf
+from ..utils.http import download, get_proxies
+from ..utils.run import is_root, run
+from ..utils.venv import VirtualEnvironment
+from .api import InstallTarget, PackageException, PackageInstaller
+
+LOG = logging.getLogger(__name__)
+
+
+class SystemNotSupportedException(PackageException):
+    """Exception indicating that the current system is not allowed."""
+
+    pass
+
+
+class ExecutableInstaller(PackageInstaller, ABC):
+    """
+    This installer simply adds a clean interface for accessing a downloaded executable directly
+    """
+
+    def get_executable_path(self) -> str | None:
+        """
+        :return: the path to the downloaded binary or None if it's not yet downloaded / installed.
+        """
+        install_dir = self.get_installed_dir()
+        if install_dir:
+            return self._get_install_marker_path(install_dir)
+        return None
+
+
+class DownloadInstaller(ExecutableInstaller):
+    def __init__(self, name: str, version: str):
+        super().__init__(name, version)
+
+    def _get_download_url(self) -> str:
+        raise NotImplementedError()
+
+    def _get_install_marker_path(self, install_dir: str) -> str:
+        url = self._get_download_url()
+        binary_name = os.path.basename(url)
+        return os.path.join(install_dir, binary_name)
+
+    def _install(self, target: InstallTarget) -> None:
+        target_directory = self._get_install_dir(target)
+        mkdir(target_directory)
+        download_url = self._get_download_url()
+        target_path = self._get_install_marker_path(target_directory)
+        download(download_url, target_path)
+
+
+class ArchiveDownloadAndExtractInstaller(ExecutableInstaller):
+    def __init__(
+        self,
+        name: str,
+        version: str,
+        extract_single_directory: bool = False,
+    ):
+        """
+        :param name: technical package name, f.e. "opensearch"
+        :param version: version of the package to install
+        :param extract_single_directory: whether to extract files from single root folder in the archive
+        """
+        super().__init__(name, version)
+        self.extract_single_directory = extract_single_directory
+
+    def _get_install_marker_path(self, install_dir: str) -> str:
+        raise NotImplementedError()
+
+    def _get_download_url(self) -> str:
+        raise NotImplementedError()
+
+    def _get_checksum_url(self) -> str | None:
+        """
+        Checksum URL for the archive. This is used to verify the integrity of the downloaded archive.
+        This method can be implemented by subclasses to provide the correct URL for the checksum file.
+        If not implemented, checksum verification will be skipped.
+
+        :return: URL to the checksum file for the archive, or None if not available.
+        """
+        return None
+
+    def get_installed_dir(self) -> str | None:
+        installed_dir = super().get_installed_dir()
+        subdir = self._get_archive_subdir()
+
+        # If the specific installer defines a subdirectory, we return the subdirectory.
+        # f.e. /var/lib/localstack/lib/amazon-mq/5.16.5/apache-activemq-5.16.5/
+        if installed_dir and subdir:
+            return os.path.join(installed_dir, subdir)
+
+        return installed_dir
+
+    def _get_archive_subdir(self) -> str | None:
+        """
+        :return: name of the subdirectory contained in the archive or none if the package content is at the root level
+                of the archive
+        """
+        return None
+
+    def get_executable_path(self) -> str | None:
+        subdir = self._get_archive_subdir()
+        if subdir is None:
+            return super().get_executable_path()
+        else:
+            install_dir = self.get_installed_dir()
+            if install_dir:
+                install_dir = install_dir[: -len(subdir)]
+                return self._get_install_marker_path(install_dir)
+        return None
+
+    def _handle_single_directory_extraction(self, target_directory: str) -> None:
+        """
+        Handle extraction of archives that contain a single root directory.
+        Moves the contents up one level if extract_single_directory is True.
+
+        :param target_directory: The target extraction directory
+        :return: None
+        """
+        if not self.extract_single_directory:
+            return
+
+        dir_contents = os.listdir(target_directory)
+        if len(dir_contents) != 1:
+            return
+        target_subdir = os.path.join(target_directory, dir_contents[0])
+        if not os.path.isdir(target_subdir):
+            return
+        os.rename(target_subdir, f"{target_directory}.backup")
+        rm_rf(target_directory)
+        os.rename(f"{target_directory}.backup", target_directory)
+
+    def _download_archive(
+        self,
+        target: InstallTarget,
+        download_url: str,
+    ) -> None:
+        target_directory = self._get_install_dir(target)
+        mkdir(target_directory)
+        download_url = download_url or self._get_download_url()
+        archive_name = os.path.basename(download_url)
+        archive_path = os.path.join(config.dirs.tmp, archive_name)
+
+        # Get checksum info if available
+        checksum_url = self._get_checksum_url()
+
+        try:
+            download_and_extract(
+                download_url,
+                retries=3,
+                tmp_archive=archive_path,
+                target_dir=target_directory,
+                checksum_url=checksum_url,
+            )
+            self._handle_single_directory_extraction(target_directory)
+        finally:
+            rm_rf(archive_path)
+
+    def _install(self, target: InstallTarget) -> None:
+        self._download_archive(target, self._get_download_url())
+
+
+class PermissionDownloadInstaller(DownloadInstaller, ABC):
+    def _install(self, target: InstallTarget) -> None:
+        super()._install(target)
+        chmod_r(self.get_executable_path(), 0o777)  # type: ignore[arg-type]
+
+
+class GitHubReleaseInstaller(PermissionDownloadInstaller):
+    """
+    Installer which downloads an asset from a GitHub project's tag.
+    """
+
+    def __init__(self, name: str, tag: str, github_slug: str):
+        super().__init__(name, tag)
+        self.github_tag_url = (
+            f"https://api.github.com/repos/{github_slug}/releases/tags/{self.version}"
+        )
+
+    @lru_cache
+    def _get_download_url(self) -> str:
+        asset_name = self._get_github_asset_name()
+        # try to use a token when calling the GH API for increased API rate limits
+        headers = None
+        gh_token = os.environ.get("GITHUB_API_TOKEN")
+        if gh_token:
+            headers = {"authorization": f"Bearer {gh_token}"}
+        response = requests.get(self.github_tag_url, headers=headers, proxies=get_proxies())
+        if not response.ok:
+            raise PackageException(
+                f"Could not get list of releases from {self.github_tag_url}: {response.text}"
+            )
+        github_release = response.json()
+        download_url = None
+        for asset in github_release.get("assets", []):
+            # find the correct binary in the release
+            if asset["name"] == asset_name:
+                download_url = asset["browser_download_url"]
+                break
+        if download_url is None:
+            raise PackageException(
+                f"Could not find required binary {asset_name} in release {self.github_tag_url}"
+            )
+        return download_url
+
+    def _get_install_marker_path(self, install_dir: str) -> str:
+        # Use the GitHub asset name instead of the download URL (since the download URL needs to be fetched online).
+        return os.path.join(install_dir, self._get_github_asset_name())
+
+    def _get_github_asset_name(self) -> str:
+        """
+        Determines the name of the asset to download.
+        The asset name must be determinable without having any online data (because it is used in offline scenarios to
+        determine if the package is already installed).
+
+        :return: name of the asset to download from the GitHub project's tag / version
+        """
+        raise NotImplementedError()
+
+
+class NodePackageInstaller(ExecutableInstaller):
+    """Package installer for Node / NPM packages."""
+
+    def __init__(
+        self,
+        package_name: str,
+        version: str,
+        package_spec: str | None = None,
+        main_module: str = "main.js",
+    ):
+        """
+        Initializes the Node / NPM package installer.
+        :param package_name: npm package name
+        :param version: version of the package which should be installed
+        :param package_spec: optional package spec for the installation.
+                If not set, the package name and version will be used for the installation.
+        :param main_module: main module file of the package
+        """
+        super().__init__(package_name, version)
+        self.package_name = package_name
+        # If the package spec is not explicitly set (f.e. to a repo), we build it and pin the version
+        self.package_spec = package_spec or f"{self.package_name}@{version}"
+        self.main_module = main_module
+
+    def _get_install_marker_path(self, install_dir: str) -> str:
+        return os.path.join(install_dir, "node_modules", self.package_name, self.main_module)
+
+    def _install(self, target: InstallTarget) -> None:
+        target_dir = self._get_install_dir(target)
+
+        run(
+            [
+                "npm",
+                "install",
+                "--prefix",
+                target_dir,
+                self.package_spec,
+            ]
+        )
+        # npm 9+ does _not_ set the ownership of files anymore if run as root
+        # - https://github.blog/changelog/2022-10-24-npm-v9-0-0-released/
+        # - https://github.com/npm/cli/pull/5704
+        # - https://github.com/localstack/localstack/issues/7620
+        if is_root():
+            # if the package was installed as root, set the ownership manually
+            LOG.debug("Setting ownership root:root on %s", target_dir)
+            chown_r(target_dir, "root")
+
+
+LOCALSTACK_VENV = VirtualEnvironment(LOCALSTACK_VENV_FOLDER)
+
+
+class PythonPackageInstaller(PackageInstaller):
+    """
+    Package installer which allows the runtime-installation of additional python packages used by certain services.
+    f.e. vosk as offline speech recognition toolkit (which is ~7MB in size compressed and ~26MB uncompressed).
+    """
+
+    normalized_name: str
+    """Normalized package name according to PEP440."""
+
+    def __init__(self, name: str, version: str, *args: Any, **kwargs: Any):
+        super().__init__(name, version, *args, **kwargs)
+        self.normalized_name = self._normalize_package_name(name)
+
+    def _normalize_package_name(self, name: str) -> str:
+        """
+        Normalized the Python package name according to PEP440.
+        https://packaging.python.org/en/latest/specifications/name-normalization/#name-normalization
+        """
+        return re.sub(r"[-_.]+", "-", name).lower()
+
+    def _get_install_dir(self, target: InstallTarget) -> str:
+        # all python installers share a venv
+        return os.path.join(target.value, "python-packages")
+
+    def _get_install_marker_path(self, install_dir: str) -> str:
+        python_subdir = f"python{version_info[0]}.{version_info[1]}"
+        dist_info_dir = f"{self.normalized_name}-{self.version}.dist-info"
+        # the METADATA file is mandatory, use it as install marker
+        return os.path.join(
+            install_dir, "lib", python_subdir, "site-packages", dist_info_dir, "METADATA"
+        )
+
+    def _get_venv(self, target: InstallTarget) -> VirtualEnvironment:
+        venv_dir = self._get_install_dir(target)
+        return VirtualEnvironment(venv_dir)
+
+    def _prepare_installation(self, target: InstallTarget) -> None:
+        # make sure the venv is properly set up before installing the package
+        venv = self._get_venv(target)
+        if not venv.exists:
+            LOG.info("creating virtual environment at %s", venv.venv_dir)
+            venv.create()
+            LOG.info("adding localstack venv path %s", venv.venv_dir)
+            venv.add_pth("localstack-venv", LOCALSTACK_VENV)
+        LOG.debug("injecting venv into path %s", venv.venv_dir)
+        venv.inject_to_sys_path()
+
+    def _install(self, target: InstallTarget) -> None:
+        venv = self._get_venv(target)
+        python_bin = os.path.join(venv.venv_dir, "bin/python")
+
+        # run pip via the python binary of the venv
+        run([python_bin, "-m", "pip", "install", f"{self.name}=={self.version}"], print_error=False)
+
+    def _setup_existing_installation(self, target: InstallTarget) -> None:
+        """If the venv is already present, it just needs to be initialized once."""
+        self._prepare_installation(target)
+
+
+class MavenDownloadInstaller(DownloadInstaller):
+    """The packageURL is easy copy/pastable from the Maven central repository and the first package URL
+    defines the package name and version.
+    Example package_url: pkg:maven/software.amazon.event.ruler/event-ruler@1.7.3
+    => name: event-ruler
+    => version: 1.7.3
+    """
+
+    # Example: software.amazon.event.ruler
+    group_id: str
+    # Example: event-ruler
+    artifact_id: str
+
+    # Custom installation directory
+    install_dir_suffix: str | None
+
+    def __init__(self, package_url: str, install_dir_suffix: str | None = None):
+        self.group_id, self.artifact_id, version = parse_maven_package_url(package_url)
+        super().__init__(self.artifact_id, version)
+        self.install_dir_suffix = install_dir_suffix
+
+    def _get_download_url(self) -> str:
+        group_id_path = self.group_id.replace(".", "/")
+        return f"{MAVEN_REPO_URL}/{group_id_path}/{self.artifact_id}/{self.version}/{self.artifact_id}-{self.version}.jar"
+
+    def _get_install_dir(self, target: InstallTarget) -> str:
+        """Allow to overwrite the default installation directory.
+        This enables downloading transitive dependencies into the same directory.
+        """
+        if self.install_dir_suffix:
+            return os.path.join(target.value, self.install_dir_suffix)
+        else:
+            return super()._get_install_dir(target)
+
+
+class MavenPackageInstaller(MavenDownloadInstaller):
+    """Package installer for downloading Maven JARs, including optional dependencies.
+    The first Maven package is used as main LPM package and other dependencies are installed additionally.
+    Follows the Maven naming conventions: https://maven.apache.org/guides/mini/guide-naming-conventions.html
+    """
+
+    # Installers for Maven dependencies
+    dependencies: list[MavenDownloadInstaller]
+
+    def __init__(self, *package_urls: str):
+        super().__init__(package_urls[0])
+        self.dependencies = []
+
+        # Create installers for dependencies
+        for package_url in package_urls[1:]:
+            install_dir_suffix = os.path.join(self.name, self.version)
+            self.dependencies.append(MavenDownloadInstaller(package_url, install_dir_suffix))
+
+    def _install(self, target: InstallTarget) -> None:
+        # Install all dependencies first
+        for dependency in self.dependencies:
+            dependency._install(target)
+        # Install the main Maven package once all dependencies are installed.
+        # This main package indicates whether all dependencies are installed.
+        super()._install(target)
+
+
+def parse_maven_package_url(package_url: str) -> tuple[str, str, str]:
+    """Example: parse_maven_package_url("pkg:maven/software.amazon.event.ruler/event-ruler@1.7.3")
+    -> software.amazon.event.ruler, event-ruler, 1.7.3
+    """
+    parts = package_url.split("/")
+    group_id = parts[1]
+    sub_parts = parts[2].split("@")
+    artifact_id = sub_parts[0]
+    version = sub_parts[1]
+    return group_id, artifact_id, version

localstack_cli/pro/core/bootstrap/__init__.py

@@ -0,0 +1 @@
+#

localstack_cli/pro/core/bootstrap/auth.py

@@ -0,0 +1,213 @@
+import base64
+import getpass
+import json
+import logging
+import sys
+import time
+from typing import Any
+
+import jwt
+from localstack_cli.constants import API_ENDPOINT
+from localstack_cli.pro.core import config as pro_config
+from localstack_cli.pro.core.bootstrap.licensingv2 import (
+    ApiKeyCredentials,
+    get_credentials_from_environment,
+)
+from localstack_cli.pro.core.bootstrap.licensingv2 import (
+    AuthToken as LSAuthToken,
+)
+from localstack_cli.pro.core.constants import VERSION
+from localstack_cli.utils.functions import call_safe
+from localstack_cli.utils.http import safe_requests
+from localstack_cli.utils.json import FileMappedDocument
+from localstack_cli.utils.strings import to_bytes, to_str
+
+LOG = logging.getLogger(__name__)
+
+
+AuthCache = FileMappedDocument | dict
+
+# TODO: reconcile this module with localstack.bootstrap.licensingv2
+
+
+class AuthToken:
+    """A thin wrapper around auth tokens, as not all of them a just strings but can also
+    include some other important details, like refresh token, expiration time etc."""
+
+    def __init__(self, token: str, metadata: dict | None = None):
+        self.token = token
+        self.metadata = metadata
+
+    def extract_jwt(self):
+        """Extract the JWT token from the given auth token (e.g., "Bearer <jwt_token>")."""
+        jwt_token = self.token.strip().split(" ")[-1]
+        # attempt to parse the token, then return it
+        jwt.decode(jwt_token, options={"verify_signature": False})
+        return jwt_token
+
+    def to_dict(self) -> dict[str, Any]:
+        return {**(self.metadata or {}), "token": self.token}
+
+
+class AuthClient:
+    """Authentication client used to obtain auth tokens from the remote API endpoint"""
+
+    # token refresh lead time (secs before token expiry to initiate token refresh)
+    TOKEN_REFRESH_LEAD_TIME = 30
+
+    def get_auth_token(
+        self, username: str, password: str, headers: dict | None = None
+    ) -> AuthToken | None:
+        data = {"username": username, "password": password}
+        response = safe_requests.post(
+            self._api_url("/user/signin"), json.dumps(data), headers=headers
+        )
+        if not response.ok:
+            return None
+        try:
+            result = json.loads(to_str(response.content or "{}"))
+            return AuthToken(token=result["token"], metadata=result)
+        except Exception:
+            pass
+
+    def get_token_expiry(self, token: AuthToken) -> int | None:
+        """Get the expiry (epoch timestamp) of the given auth token, or None if this is not a valid (JWT) token"""
+        try:
+            # note: not performing token verification here, extracting expiry date directly
+            claims = jwt.decode(token.extract_jwt(), options={"verify_signature": False})
+            return claims.get("exp")
+        except jwt.PyJWTError:
+            # looks like this is not a JWT token (e.g., when using legacy auth tokens) -> return
+            return
+
+    def refresh_token(self, token: AuthToken) -> AuthToken:
+        """Check the expiry of the given token, and perform token refresh if it is (about to) expire(d)"""
+        expiry = self.get_token_expiry(token)
+        if not expiry or time.time() < expiry - self.TOKEN_REFRESH_LEAD_TIME:
+            return token
+
+        data = token.to_dict()
+        response = safe_requests.put(self._api_url("/user/signin"), json.dumps(data))
+        if not response.ok:
+            raise Exception(
+                f"Unable to obtain auth token (code {response.status_code}) - please log in again."
+            )
+        try:
+            result = json.loads(to_str(response.content or "{}"))
+            token_with_metadata = result["token"]
+            return AuthToken(token=token_with_metadata["token"], metadata=token_with_metadata)
+        except Exception as e:
+            raise Exception(f"Unable to obtain token ({e}) - please log in again.")
+
+    def read_credentials(
+        self, username: str | None = None, password: str | None = None
+    ) -> tuple[str, str, dict]:
+        # TODO: try to read from a configured credentials file in config.dirs.config
+        # if username and password is not specified, prompt for input
+        if not username or not password:
+            sys.stdout.write("Please provide your login credentials below\n")
+            sys.stdout.flush()
+        if not username:
+            sys.stdout.write("Username: ")
+            sys.stdout.flush()
+            username = input()
+        if not password:
+            password = getpass.getpass()
+        return username, password, {}
+
+    def _api_url(self, path: str) -> str:
+        return f"{API_ENDPOINT}{path}"
+
+
+def get_auth_cache() -> FileMappedDocument:
+    """Auth cache for the host on the filesystem."""
+    return FileMappedDocument(pro_config.AUTH_CACHE_PATH, mode=0o600)
+
+
+def login(username: str | None = None, password: str | None = None) -> None:
+    """
+    Authenticate against the /user/signin endpoint. If credentials are correct, it stores the token in the cache.
+    The bearer token can be used to sub-sequentially authenticate various calls to platform, e.g., Cloud Pod operations.
+    :param username: the username for the login.
+    :param password: the password for the login.
+    :raise an exception if the credentials are not valid.
+    """
+    auth_client = AuthClient()
+    username, password, headers = auth_client.read_credentials(username, password)
+    print("Verifying credentials ... (this may take a few moments)")
+    token = auth_client.get_auth_token(username, password, headers)
+    if not token:
+        raise Exception("Unable to verify login credentials - please try again")
+
+    # cache generated token
+    cache = get_auth_cache()
+    cache.update({"username": username, "token": token.token})
+    # a permission error can occur if the cache directory was created previously by a container
+    call_safe(cache.save, exception_message="error saving authentication information")
+
+
+def logout() -> None:
+    """A logout operation clears the username and the token from the cache."""
+    cache = get_auth_cache()
+    cache.pop("username", None)
+    cache.pop("token", None)
+    cache.save()
+
+
+def get_bearer_token_from_cache(auth_cache: AuthCache | None = None) -> dict[str, str]:
+    """
+    A successful login CLI command returns a bearer token that is stored into the auth_cache and can be used to make
+    authenticated calls against platform (e.g., for Cloud Pods).
+    This function retrieves such a token and build the authorization header for such platform calls.
+    :param auth_cache: the cache for the token.
+    :return: the authorization header to authenticate against platform calls.
+    """
+    auth_cache = auth_cache or get_auth_cache()
+    token_dict = auth_cache.get("token")
+    id_token = token_dict
+    if isinstance(id_token, dict):
+        # refresh the auth token, if necessary
+        auth_client = AuthClient()
+        token_obj = AuthToken(token_dict.get("token"), metadata=token_dict)
+        token_obj = auth_client.refresh_token(token_obj)
+
+        # update token cache
+        token_dict_new = token_obj.to_dict()
+        if token_dict != token_dict_new:
+            token_dict.update(token_dict_new)
+            auth_cache["token"] = token_dict
+            auth_cache.save()
+
+        # get id token string from token object
+        id_token = token_obj.token
+
+    if id_token:
+        provider = auth_cache.get("provider") or "internal"
+        prefix = f"{provider} "
+        if not id_token.startswith(prefix) and " " not in id_token:
+            id_token = f"{prefix}{id_token}"
+        return {"authorization": id_token}
+
+
+def get_platform_auth_headers(auth_cache: AuthCache | None = None) -> dict[str, str]:
+    """
+    Creates auth headers used for connecting to the LocalStack backend (a.k.a., our platform), either a
+    token bearer authorization header from the auth cache (created by a login command),
+    or the environment API key.
+    """
+    # Try to build the authentication headers from the credentials in the environment
+    credentials = get_credentials_from_environment()
+    if isinstance(credentials, LSAuthToken):
+        auth_token_encoded = to_str(base64.b64encode(to_bytes(f":{credentials.encoded()}")))
+        return {"Authorization": f"Basic {auth_token_encoded}"}
+    if isinstance(credentials, ApiKeyCredentials):
+        return {"ls-api-key": credentials.encoded(), "ls-version": VERSION}
+
+    # Try to retrieve the token from the auth cache
+    if not (auth := get_bearer_token_from_cache(auth_cache or get_auth_cache())):
+        raise Exception(
+            "Auth token not configured! "
+            "Please run 'localstack auth set-token <AUTH_TOKEN>', "
+            "or set the environment variable LOCALSTACK_AUTH_TOKEN to a valid auth token."
+        )
+    return auth

localstack_cli/pro/core/bootstrap/dns_utils.py

@@ -0,0 +1,55 @@
+import logging
+
+LOG = logging.getLogger(__name__)
+
+
+def configure_systemd(revert: bool):
+    from subprocess import CalledProcessError
+
+    from localstack_cli import config
+    from localstack_cli.utils.container_utils.container_client import ContainerException
+    from localstack_cli.utils.docker_utils import DOCKER_CLIENT
+    from localstack_cli.utils.run import is_linux, run, to_str
+
+    if not is_linux():
+        LOG.warning("Command only supported on GNU/Linux")
+
+    try:
+        container_ip = DOCKER_CLIENT.get_container_ip(config.MAIN_CONTAINER_NAME)
+        container_network = DOCKER_CLIENT.get_networks(config.MAIN_CONTAINER_NAME)
+        container_network = container_network[0]
+        network_inspect = DOCKER_CLIENT.inspect_network(container_network)
+        network_interface = network_inspect["Options"].get("com.docker.network.bridge.name")
+        bridge_id = network_inspect["Id"][:12]
+        network_interface = network_interface or f"br-{bridge_id}"
+
+        if revert:
+            cmd = ["sudo", "resolvectl", "revert", network_interface]
+            run(cmd, shell=False, print_error=False)
+            LOG.info("Reverting DNS config completed!")
+        else:
+            cmd = ["sudo", "resolvectl", "dns", network_interface, container_ip]
+            run(cmd, shell=False, print_error=False)
+            cmd = [
+                "sudo",
+                "resolvectl",
+                "domain",
+                network_interface,
+                "~amazonaws.com",
+                "~aws.amazon.com",
+                "~cloudfront.net",
+                "~localhost.localstack.cloud",
+            ]
+            run(cmd, shell=False, print_error=False)
+            LOG.info("Setting DNS config completed!")
+
+    except ContainerException:
+        if config.DEBUG:
+            LOG.exception("Error while getting container information")
+        LOG.warning(
+            "LocalStack container might not be running. Is container %s running?",
+            config.MAIN_CONTAINER_NAME,
+        )
+        LOG.warning("Is $MAIN_CONTAINER_NAME set correctly?")
+    except CalledProcessError as e:
+        LOG.warning("Error while configuring systemd-resolved: %s", to_str(e.output).strip())