From 915d8521d806927a566389b19679e62810264d0b Mon Sep 17 00:00:00 2001 From: Samkeet Jain Date: Fri, 2 Aug 2024 10:13:25 +0530 Subject: [PATCH 1/4] Added retry option to S3, EC2, IAM --- basepair/modules/aws/ec2.py | 2 +- basepair/modules/aws/iam.py | 2 +- basepair/modules/aws/s3.py | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/basepair/modules/aws/ec2.py b/basepair/modules/aws/ec2.py index 4736edc4..febb7510 100644 --- a/basepair/modules/aws/ec2.py +++ b/basepair/modules/aws/ec2.py @@ -20,7 +20,7 @@ class EC2(Service): def __init__(self, cfg): super().__init__(cfg, 'EC2') self.client = self.session.client(**{ - 'config': Config(retries={'max_attempts': 0, 'mode': 'standard'}), + 'config': Config(retries={'max_attempts': 10, 'mode': 'standard'}), 'service_name': 'ec2', }) self.default = { diff --git a/basepair/modules/aws/iam.py b/basepair/modules/aws/iam.py index 024e059b..85fc6b35 100644 --- a/basepair/modules/aws/iam.py +++ b/basepair/modules/aws/iam.py @@ -24,7 +24,7 @@ class IAM(Service): def __init__(self, cfg): super().__init__(cfg, 'IAM') self.client = self.session.client(**{ - 'config': Config(retries={'max_attempts': 0, 'mode': 'standard'}), + 'config': Config(retries={'max_attempts': 10, 'mode': 'standard'}), 'service_name': 'iam', }) # Reminder: Update __bp_tmp_user__ will require to update boundary policy for the role diff --git a/basepair/modules/aws/s3.py b/basepair/modules/aws/s3.py index 9dba70a0..c2aa6379 100644 --- a/basepair/modules/aws/s3.py +++ b/basepair/modules/aws/s3.py @@ -26,7 +26,7 @@ def __init__(self, cfg): self.bucket = cfg.get('bucket') client_vars = { 'config': Config( - retries={'max_attempts': 0, 'mode': 'standard'}, + retries={'max_attempts': 10, 'mode': 'standard'}, signature_version='s3v4', ), 'service_name': 's3', From ea84eece86312e4f4270c6282634a1a148f88468 Mon Sep 17 00:00:00 2001 From: Samkeet Jain Date: Fri, 2 Aug 2024 10:13:53 +0530 Subject: [PATCH 2/4] Version bump --- basepair/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/basepair/__init__.py b/basepair/__init__.py index 972b204f..b6b9d470 100644 --- a/basepair/__init__.py +++ b/basepair/__init__.py @@ -12,7 +12,7 @@ # Exposing the storage wrapper __title__ = 'basepair' -__version__ = '2.1.5rc1' +__version__ = '2.1.6rc1' __copyright__ = 'Copyright [2017] - [2022] Basepair INC' From ec67beb133eff353a03b80aaf2753d265d7156c4 Mon Sep 17 00:00:00 2001 From: Samkeet Jain Date: Fri, 2 Aug 2024 15:16:15 +0530 Subject: [PATCH 3/4] Added policy to fetch worker image --- basepair/modules/aws/policy.py | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/basepair/modules/aws/policy.py b/basepair/modules/aws/policy.py index 4c12304f..6c2446e0 100644 --- a/basepair/modules/aws/policy.py +++ b/basepair/modules/aws/policy.py @@ -44,6 +44,24 @@ def ecr_bio_modules(repository_settings): 'aws:ResourceTag/Type': 'Bio' } } + }, { + 'Effect': 'Allow', + 'Action': [ + 'ecr:BatchCheckLayerAvailability', + 'ecr:GetDownloadUrlForLayer', + 'ecr:GetRepositoryPolicy', + 'ecr:DescribeRepositories', + 'ecr:ListImages', + 'ecr:DescribeImages', + 'ecr:BatchGetImage', + 'ecr:GetLifecyclePolicy', + 'ecr:GetLifecyclePolicyPreview', + 'ecr:ListTagsForResource', + 'ecr:DescribeImageScanFindings' + ], + 'Resource': [ + f"arn:aws:ecr:*:{repository_settings.get('account')}:repository/worker*", + ] }, { 'Effect': 'Allow', 'Action': 'ecr:GetAuthorizationToken', From f44cfb25bb806d9ba51b82664d0d6d5fa1555ed3 Mon Sep 17 00:00:00 2001 From: Samkeet Jain Date: Fri, 2 Aug 2024 15:16:44 +0530 Subject: [PATCH 4/4] version bump --- basepair/__init__.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/basepair/__init__.py b/basepair/__init__.py index b6b9d470..b48fc213 100644 --- a/basepair/__init__.py +++ b/basepair/__init__.py @@ -12,7 +12,7 @@ # Exposing the storage wrapper __title__ = 'basepair' -__version__ = '2.1.6rc1' +__version__ = '2.1.6rc2' __copyright__ = 'Copyright [2017] - [2022] Basepair INC'