Skip to content

Commit

Permalink
Merge pull request #528 from noqdev/fix/handle-empty-description
Browse files Browse the repository at this point in the history 
Fixed bug where none type description was causing an exception on role
  • Loading branch information
@smoy
smoy committed Aug 1, 2023
2 parents 6dc898f + c5cab58 commit af16184
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 13 deletions.
23 changes: 10 additions & 13 deletions iambic/plugins/v0_1_0/aws/iam/role/models.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -315,17 +315,17 @@ async def _apply_to_account( # noqa: C901
"MaxSessionDuration": "max_session_duration",
}
update_resource_log_params = {**log_params}
update_role_params = {}
update_role_keys = set()
for k in supported_update_key_values.keys():
if account_role.get(k) is not None and account_role.get(
k
) != current_role.get(k):
update_resource_log_params[k] = dict(
old_value=current_role.get(k), new_value=account_role.get(k)
)
update_role_params[k] = current_role.get(k)
update_role_keys.add(k)

if update_role_params:
if update_role_keys:
log_str = "Out of date resource found."
if ctx.execute:
log.debug(
Expand All @@ -339,24 +339,21 @@ async def update_role():
await boto_crud_call(
client.update_role,
RoleName=role_name,
**{
k: account_role.get(k)
for k in supported_update_key_values.keys()
},
**{key: account_role[key] for key in update_role_keys},
)
except Exception as e:
exceptions.append(str(e))

proposed_role_changes = []
for key in update_role_params.keys():
for key in update_role_keys:
proposed_role_changes.append(
ProposedChange(
attribute=supported_update_key_values[key],
attribute=key,
change_type=ProposedChangeType.UPDATE,
resource_id=role_name,
resource_type=self.resource_type,
exceptions_seen=exceptions,
current_value={key: current_role[key]},
current_value={key: current_role.get(key)},
new_value={key: account_role[key]},
)
)
Expand All @@ -365,14 +362,14 @@ async def update_role():
tasks.append(update_role())
else:
log.debug(log_str, **update_resource_log_params)
for key in update_role_params.keys():
for key in update_role_keys:
account_change_details.proposed_changes.append(
ProposedChange(
attribute=supported_update_key_values[key],
attribute=key,
change_type=ProposedChangeType.UPDATE,
resource_id=role_name,
resource_type=self.resource_type,
current_value={key: current_role[key]},
current_value={key: current_role.get(key)},
new_value={key: account_role[key]},
)
)
Expand Down
8 changes: 8 additions & 0 deletions iambic/plugins/v0_1_0/aws/iam/role/utils.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -214,6 +214,14 @@ async def untag_role():

log.debug(log_str, tags=tags_to_remove, **log_params)

if tasks:
results: list[list[ProposedChange]] = await asyncio.gather(
*tasks, return_exceptions=True
)
for r in results:
response.extend(r)

tasks = []
if tags_to_apply:
log_str = "New tags discovered in AWS."

Expand Down

0 comments on commit af16184

Please sign in to comment.