Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
pkg/rhcos: Default to the most-recent AMI
We're pushing public AMIs since openshift/os@6dd20dc6 (jenkins: Make RHCOS AMI Public, 2018-09-18, openshift/os#304). There's still no public analog to [1], so I'm just scraping this from metadata on images available via the AWS API. The analogous AWS command line invocation is: $ AWS_DEFAULT_REGION=us-east-1 aws ec2 describe-images --filter 'Name=name,Values=rhcos*' --query 'sort_by(Images, &CreationDate)[-1].ImageId' --output text with a few extra filters thrown in. The full set of metadata on the most recent current image is: $ AWS_DEFAULT_REGION=us-east-1 aws ec2 describe-images --filter 'Name=name,Values=rhcos*' --query 'sort_by(Images, &CreationDate)[-1]' --output json { "VirtualizationType": "hvm", "Description": "Red Hat CoreOS 4.0.5846 (c9a6bb48b837b5bcfeb9bd427be9a18b5bd75b6c57cb289245f211ff98b2a740)", "Hypervisor": "xen", "EnaSupport": true, "SriovNetSupport": "simple", "ImageId": "ami-08a5792a684330602", "State": "available", "BlockDeviceMappings": [ { "DeviceName": "/dev/xvda", "Ebs": { "Encrypted": false, "DeleteOnTermination": true, "VolumeType": "gp2", "VolumeSize": 8, "SnapshotId": "snap-00a45db4ad6173805" } }, { "DeviceName": "/dev/xvdb", "VirtualName": "ephemeral0" } ], "Architecture": "x86_64", "ImageLocation": "531415883065/rhcos_dev_c9a6bb4-hvm", "RootDeviceType": "ebs", "OwnerId": "531415883065", "RootDeviceName": "/dev/xvda", "CreationDate": "2018-09-19T23:40:54.000Z", "Public": true, "ImageType": "machine", "Name": "rhcos_dev_c9a6bb4-hvm" } That doesn't include the "tested" information, so there's still no support for changing channels. We'll need to wait for a public analog of [1], which is blocked on getting stable, production hosting for the release metadata. I'd prefer to use JMESPath and server-side filtering in Go as well, to only return the latest matching AMI. But the AWS Go library doesn't seem to support server-side filtering at the moment [2]. Docs for the AWS Go APIs I'm using are in [3,4,5,6,7,8]. The filters I'm adding here are similar to those we used for Container Linux before they were dropped in 702ee7b (*: Remove stale Container Linux references, 2018-09-11, openshift#233). I added a few more just to be conservative (e.g. we don't want to match a pending or failed image, so I require state to be available). I haven't pushed the Context variables all the way up the stack yet, so there are some context.TODO() entries. The 30-second timeout keeps us from hanging excessively when the caller lacks AWS credentials; the error messages look like: failed to init cluster: failed to parse test config: failed to determine default AMI: NoCredentialProviders: no valid providers in chain. Deprecated. For verbose messaging see aws.Config.CredentialsChainVerboseErrors You can test this error condition by removing the explicit AMI values I've added to our fixtures in this commit and running: $ AWS_PROFILE=does-not-exist go test ./installer/pkg/... [1]: http://aos-ostree.rhev-ci-vms.eng.rdu2.redhat.com/rhcos/images/aws-us-east-1-tested.json [2]: aws/aws-sdk-go#2156 [3]: https://docs.aws.amazon.com/sdk-for-go/api/aws/session/#NewSessionWithOptions [4]: https://docs.aws.amazon.com/sdk-for-go/api/aws/session/#Options [5]: https://docs.aws.amazon.com/sdk-for-go/api/aws/session/#Must [6]: https://docs.aws.amazon.com/sdk-for-go/api/service/ec2/#New [7]: https://docs.aws.amazon.com/sdk-for-go/api/service/ec2/#EC2.DescribeImagesWithContext [8]: https://docs.aws.amazon.com/sdk-for-go/api/service/ec2/#DescribeImagesInput
- Loading branch information