search

bottlerocket-os / bottlerocket

An operating system designed for hosting containers
https://bottlerocket.dev
Other
8.65k stars 511 forks source link

pubsys should check if amis are public during promote-ssm #2621

Open webern opened 1 year ago

webern commented 1 year ago

Background

Issue #2617 was caused when we used pubsys promote-ssm while AMIs were not publicly available. This could be prevented if pubsys would check AMI ID availability before promoting SSM parameters. Some users would not want this functionality (if they intend to point to private AMIs) so the behavior needs to be optional.

What I'd like:

Possibly somewhere around here https://github.com/bottlerocket-os/bottlerocket/blob/develop/tools/pubsys/src/aws/promote_ssm/mod.rs#L206

We should check if the AMI-ID we are about to promote is public. If it is not, we should report an error and our exit code should be non-zero.

We would like this to be the default behavior.

Users with intentionally private AMIs should be able to pass a buildsys variable to cargo make which is passed as an argument to pubsys that allows them to opt-out of the is ami public safety check.

Any alternatives you've considered:

webern commented 1 year ago

@cbgbt did you close this with #2680?

cbgbt commented 1 year ago

Not during promote, only during set. I still think it's worth doing this though.