Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ensure s3 bucket issue 495 - Bucket Tags #497

Open
wants to merge 12 commits into
base: master
Choose a base branch
from

Conversation

GarisonLotus
Copy link
Contributor

I ended up using the exisiting functions to perform the tagging by pulling in the tags from context. Let me know if this is the right path, or if you wanted me to change something.

@GarisonLotus
Copy link
Contributor Author

This sets the tags on every run, just like with cloudformation.

@GarisonLotus
Copy link
Contributor Author

The CI failure looks like an IAM role issue of some sort, or AWS issue. Let me know if I'm wrong with that assumption and need to revisit this PR.

@GarisonLotus
Copy link
Contributor Author

@phobologic - I went over this with @troyready this morning and came up with a concern with the path I went down to solve this. I want to take another stab at this by adding a TLK for bucket tags.

My Thought process on this is that a stacker end-user could have seperate configuration files within the same stacker environment/namespace that contain different cost tags. (DB tier, App Tier, Web tier w/ different tags, as an example.) In reality, these seperate configurations might want to have the same cost tag for the bucket used vs the deployed resources. Originally I thought this would only be needed for the aws_lambda module, but now I'm convinced that we should have it overall.

New Idea: Have a TLK "bucket_tags" that if specified, will tag the S3 bucket with the tags supplied. If not, it will fail back to context.tags like it does in this PR. Thoughts?

@GarisonLotus GarisonLotus changed the title Ensure s3 bucket pr495 Ensure s3 bucket issue 495 Oct 23, 2017
@phobologic
Copy link
Member

Thanks @GarisonLotus - quick question, what is TLK? :)

@GarisonLotus
Copy link
Contributor Author

GarisonLotus commented Oct 23, 2017

@phobologic - TLK was shorthand for "Top Level Keyword". I have amended my PR to include a new TLK for "bucket_tags" that falls back to the tags behavior if not set. I also updated tags while I was there to add the stacker_namespace tag if not included, while allowing the a blank tag set (via tags: {}) to still be set. I updated the existing tests to include the new behavior.

This PR now resolves #495 and #496.

I'm not too sure we want to actually solve #496, now that I have played with it. The unintended side effect of this is if you did specify "tags" previously without also including the stacker_namespace tag, you would now have a new stack update that would be required. In other words, it would look like everything is being updated after updating stacker... and to a user who doesn't exact that, they might freak out and cancel the run thinking stacker screwed something up.

I don't really know how to get around that, without just reverting back to the old behavior. The lines in question are:

https://github.com/GarisonLotus/stacker/blob/2780cc0362636d6e5716250e94fe518c64e3d5ca/stacker/context.py#L99-L105

Thoughts? or is the new behavior alright to force on users? (I know it's actually safe to do, but it's the experience I'm worried about)

Maybe I add a logger note?

@GarisonLotus GarisonLotus changed the title Ensure s3 bucket issue 495 Ensure s3 bucket issue 495 and tag issue 496 Oct 23, 2017
@troyready
Copy link
Contributor

My 2c: I'd be in favor of putting off #496 until Stacker v2, to minimize the changes to currently deployed stacks. It's not really A Big Deal, but since the current behavior isn't really a bug I think there's value in postponing it.

@GarisonLotus
Copy link
Contributor Author

That's how I was leaning... I think it's a good idea to hold off on #496 until later, but perhaps put in a deprecation warning instead. This way, people can know it's going to happen and have time to add the tag into their deployments done with 1.1.1. @phobologic, opinion?

@phobologic
Copy link
Member

Yeah, lets hold off on #496 till 2.0. I'm starting to think more about that, and this sounds like a good candidate for it.

@GarisonLotus GarisonLotus force-pushed the ensure_s3_bucket_pr495 branch from e052d09 to 1660c94 Compare November 7, 2017 03:12
@GarisonLotus GarisonLotus changed the title Ensure s3 bucket issue 495 and tag issue 496 Ensure s3 bucket issue 495 Nov 7, 2017
@GarisonLotus GarisonLotus changed the title Ensure s3 bucket issue 495 Ensure s3 bucket issue 495 - Bucket Tags Nov 7, 2017
@GarisonLotus GarisonLotus force-pushed the ensure_s3_bucket_pr495 branch 3 times, most recently from d07e69f to 574a692 Compare November 8, 2017 17:50
@GarisonLotus GarisonLotus force-pushed the ensure_s3_bucket_pr495 branch from 574a692 to cda591b Compare November 9, 2017 14:49
stacker/util.py Outdated
class SourceProcessor(object):
"""Makes remote python package sources available in current environment."""

ISO8601_FORMAT = '%Y%m%dT%H%M%SZ'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like an error in rebasing here -- this class variable shouldn't go away.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

update to fix this... a little scary that no tests caught this though. Makes me think this could use some more tests w/ stubber. I'll take a poke at that in a bit.

@phobologic
Copy link
Member

Hey @GarisonLotus - I merged from master upstream, and everything seems to pass now :)

@phobologic
Copy link
Member

Ok, I've done a little bit of cleaning up - but I think this is close. @GarisonLotus can you add some tests for setting tags with the new config setting?

@ejholmes
Copy link
Contributor

ejholmes commented Feb 16, 2018

I was thinking a bit about this recently. What if we just allowed people to create their stacker bucket, with stacker? I was thinking of supporting something like this in the config:

# Normally, this accepts a string, but it could accept a `stacker.config.Stack`
# dict like this:
stacker_bucket:
  name: stacker-bucket
  class_path: stacker.blueprints.StackerBucket
  tags:
    whatever: "you want"

So, if stacker_bucket is a dict, it gets parsed as a stacker.config.Stack, which gets added to the dependency graph and creates a ${namespace}-stacker-bucket stack. This stack would be expected to output BucketId, which stacker would lookup and use as the stacker bucket.

By default, the StackerBucket blueprint would just create a bucket similar to how stacker does right now, but people could override it and add anything extra to it that they want, as long as it continues to include the BucketId output.

@ejholmes ejholmes added this to the 1.3 milestone Mar 1, 2018
@ejholmes
Copy link
Contributor

So, we (internally) actually switched over to a method similar to what I outlined above, without any changes to stacker. Our stacker config now has a stack that creates a stacker bucket (and also does some stuff like setup a BucketPolicy for supporting cross account access for CloudFormation). Once the stack is created, we just updated stacker_bucket to reference the stack. Not completely automated, but it only happens once and gives us unlimited flexibility in managing the bucket.

What do you guys think about just documenting that? We could also provide a base "StackerBucket" blueprint to make it a little easier (although, it's pretty trivial since it just creates an s3 bucket).

@troyready
Copy link
Contributor

@ejholmes I really like your previous PoC (putting the stacker bucket stack in the dag), but I'm way fine with this simple recommendation as well.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants