Skip to content

Commit 3740966

Browse files
tthvotthvo
committed
endpoints: use install-config region as signing region for EUSC
The SDK v1 is EOF and no longer supports new regions/partitions; thus, its endpoint resolution handler is outdated. For EUSC, there is currently only 1 region. Thus, we can just it as the signing region instead.
1 parent 1d363c6 commit 3740966

1 file changed

Lines changed: 15 additions & 3 deletions

File tree

pkg/asset/installconfig/aws/session.go

Lines changed: 15 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,7 @@ import (
1717
"github.com/aws/aws-sdk-go/aws/session"
1818
"github.com/sirupsen/logrus"
1919
ini "gopkg.in/ini.v1"
20+
"k8s.io/apimachinery/pkg/util/sets"
2021

2122
typesaws "github.com/openshift/installer/pkg/types/aws"
2223
"github.com/openshift/installer/pkg/version"
@@ -28,6 +29,13 @@ var (
2829
credentials.EnvProviderName: new(sync.Once),
2930
"credentialsFromSession": new(sync.Once),
3031
}
32+
33+
// SDKv2OnlyRegions contains AWS regions that are only available in AWS SDK v2
34+
// and do not exist in the SDK v1 endpoint resolver. For these regions, we cannot
35+
// use endpoints.DefaultResolver().EndpointFor() to look up signing regions as it
36+
// would return invalid value. Instead, we use the region itself as the signing region.
37+
// Example: eusc-de-east-1 (European Sovereign Cloud Germany East 1).
38+
SDKv2OnlyRegions = sets.New("eusc-de-east-1")
3139
)
3240

3341
// SessionOptions is a function that modifies the provided session.Option.
@@ -249,11 +257,15 @@ func newAWSResolver(region string, services []typesaws.ServiceEndpoint) *awsReso
249257
func (ar *awsResolver) EndpointFor(service, region string, optFns ...func(*endpoints.Options)) (endpoints.ResolvedEndpoint, error) {
250258
if s, ok := ar.services[resolverKey(service)]; ok {
251259
logrus.Debugf("resolved AWS service %s (%s) to %q", service, region, s.URL)
260+
252261
signingRegion := ar.region
253-
def, _ := endpoints.DefaultResolver().EndpointFor(service, region)
254-
if len(def.SigningRegion) > 0 {
255-
signingRegion = def.SigningRegion
262+
if !SDKv2OnlyRegions.Has(ar.region) {
263+
def, _ := endpoints.DefaultResolver().EndpointFor(service, region) //nolint:errcheck
264+
if len(def.SigningRegion) > 0 {
265+
signingRegion = def.SigningRegion
266+
}
256267
}
268+
257269
return endpoints.ResolvedEndpoint{
258270
URL: s.URL,
259271
SigningRegion: signingRegion,

0 commit comments

Comments
 (0)