-
Notifications
You must be signed in to change notification settings - Fork 223
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Upgrade from boto to boto3, and use env variables #183
Conversation
@GitRon thanks for starting on this! The build fails, would be good to fix. Could you post this in the relevant project issues? That way others can find it and try to contribute as well. |
I added a list in the PR to all known issues we have to deal with. I'll have a look at the tests, at least this is my responsibility ;) And just got the info that the issue got a new level of urgency: To improve the security for our customers, beginning October 1, 2020, Amazon Signature Version 3 will be turned off (deprecated) in Amazon SES in favor of Signature Version 4. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thank you GitRon, I am highly interested by your patch since the new announcement of AWS regarding the drop of signature V3.
I reviewed your PR and travis fails because you introduced 2 new requirements in setup.py :
python_requires='>=3.5.8',
install_requires=[..., "django>1.11"],
If you look at the travis matrix, it starts at python2 and Django 1.11. You could try to remove these requirements (I added a patch suggestion to this comment) and see if the build pass. Otherwise there may be a need to drop support for oldest versions.
setup.py
Outdated
packages=find_packages(exclude=['example', 'tests']), | ||
package_data=package_data, | ||
python_requires='>=3.5.8', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
python_requires='>=3.5.8', |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks so much for your input! I changed the python version to 3.4.10
and removed python 2.7 in the travix matrix. After all, python 2.7 is dead. Long live python 3.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm fine dropping support for python 2, though if it's not a big deal we could keep it (I suspect some users will be affected). However it's not worth a lot of time... And hopefully not too many users complain.
It would be great if you could add the supported Django versions to the README. As far as that, I'd be fine supporting 1.10 or even 1.11 and above. Django 3 should be easy if 2.2 works...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, when the tests are fixed, I'll give Python 2.7 another shot and I added django 1.10 to the tox and travis.
setup.py
Outdated
@@ -142,7 +141,7 @@ def find_package_data(where=".", package="", exclude=standard_exclude, | |||
long_description=LONG_DESCRIPTION, | |||
platforms=['any'], | |||
classifiers=CLASSIFIERS, | |||
install_requires=["boto>=2.31.0", "pytz>=2016.10", "future>=0.16.0"], | |||
install_requires=["boto3>=1.0.0", "pytz>=2016.10", "future>=0.16.0", "django>1.11"], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
install_requires=["boto3>=1.0.0", "pytz>=2016.10", "future>=0.16.0", "django>1.11"], | |
install_requires=["boto3>=1.0.0", "pytz>=2016.10", "future>=0.16.0"], |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why did you remove the django dependency here?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I removed it because because Travis matrix has Django 1.11 (https://github.com/django-ses/django-ses/blob/master/.travis.yml#L12) and because it was not on the initial source (https://github.com/django-ses/django-ses/blob/master/setup.py#L145), but maybe it's a good thing to add it?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I mainly added it, because the IDE gives you loades of warnings if it's missing 😅
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If we do keep support for python 2.7, I wonder if it would be easy to add a deprecation warning for it, saying this will be the last release to support it. See this article for a bit on warnings if you're new to them: https://lerner.co.il/2020/04/27/working-with-warnings-in-python/
Seems like a good idea. I'll look into it when we know for sure that we'll stick to python 2.7 |
We found this post stating we don't need a proxy anymore (which has been removed in boto3 anyway) and you can do it via the ENV vars. Anybody disagree if we remove it? I just added the dkim again, though I can't test it, it might just as well work because it's an external package. |
Yeah that seems fine to remove if it can work via ENV vars. Though if it is a separate change, you can also do it in the future/separate PR. Whichever is easier? |
Following this because of the Signature V4 deadline. Thanks for all your great work! |
I removed the proxy logic and added a part to the documentation. |
Ok, update on my progress: dkim is back in, the package seems not to be related to the boto3 upgrade. Though I cannot test it, it still just keep working. Still struggling with some tests, working on mocking the |
Hi, I fixed the tests based on GitRon work. Everything passes except the Python 2.7 tests because of the requirements : https://travis-ci.org/github/django-ses/django-ses/builds/696453533. Also I used a different approach than yours GitRon to mock the different classes, this result in less code diff between the PR and the current master. Hope this solves most of issues. I made a PR to your repo GitRon, so you can integrate my changes with just one click ;). Best, |
@trecouvr You are the best! ❤️ I have some questions about your fix - if you might clarfiy it, then I'll merge it gratefully into my branch! |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good to me. At this point my main concern is manual testing, if someone could confirm this works for them, stats included :)
@pcraciunoiu Fixed your comments, will test all that I can test on Friday. Hopefully @trecouvr finds time for testing as well 😃 |
@GitRon sounds good! Thanks for doing this!! |
Hi, I'll make some time to test it through our applications using it. But we only use the send part of this library, never used a proxy, dkim or the stats. |
I successfully sent emails via eu-west and eu-central - so I guess it works now 🚀 |
I like the idea of getting dkim fixed as well but the branch is quite old and we need the base functionality going. so if we don't get a reply soon, I suggest we throw out version 1.0.0 and can always add new bugfix releases if some of the minor functionality is broken. what do you think about this approach? |
Ok I managed to send emails and get the 2 managements commands working (needed a change for the statistics, but I dont think this is related to the ongoing work, see my comment above). As for the DKIM part, not sure how many people use it, I use what you call in your doc "Easy DKIM" which allows SES to sign directly the emails. |
@pcraciunoiu The stuff I need now works. About all the things which are included in this package... maybe there should be a reevaluation, if we still need to carry it all around. Like dkim, I think there is a AWS way of doing it. |
dkim_headers=self.dkim_headers) | ||
Source=source or message.from_email, | ||
Destinations=message.recipients(), | ||
# todo attachments? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@GitRon were you planning on doing this, is it worth highlighting in a changelog?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good point! I actually wanted to test attachements to make sure they would work but totally forgot about it! I'll check it asap.
Made a couple small changes (the version parsing wasn't quite right -- needed to be joined into a string). Release created: https://github.com/django-ses/django-ses/releases/tag/v1.0.0 And pushed to pypi: https://pypi.org/project/django-ses/1.0.0/ Please test it out. Can do a patch release if stats is broken. |
Yeah I would be glad to remove stuff that is supported in different ways. |
Maybe we could open an issue for it? So it won't be forgotten? |
Yeah want to go ahead and open one, listing what you have in mind? |
Nothing in particular, just maybe look at all the functionality and management commands I personally never use and check if they a) work and b) are still required. I just tested sending emails with attachments - it works! So my todo was unnecessary! |
Hi guys,
I started the migration from
boto
toboto3
.I tried it out locally and now I can send from an email region which has this new auth type v4.
Here's a list of stuff I already did:
Fixes #181 #78