coreos-assembler icon indicating copy to clipboard operation
coreos-assembler copied to clipboard
verified publisher icon coreos

Teach `plume make-amis-public` to handle making GovCloud AMIs public

Open jlebon opened this issue 3 years ago • 1 comments

Feature Request

Desired Feature

Right now, we only pass in a single set of creds to plume make-amis-public. Those creds won't work for GovCloud images. This doesn't matter right now, because we always upload as public from the start rather than at release time (the latter is when plume make-amis-public is used). But that's a configurable option, so ideally we'd handle that path.

jlebon avatar Dec 02 '22 16:12 jlebon

I think a short path to victory here is to just call plume make-amis-public twice in the pipeline (once for primary AWS partition and one for AWS Govcloud, if those credentials exist).

The only code change here in COSA would be to have plume make-amis-public ignore any AMI entries in the meta.json that were from regions that aren't valid for $this partition. We already have code in mantle that can auto-detect what regions are available given the current credentials, so all we need to do here is to get the list of regions and only operate on AMIs from those regions.

dustymabe avatar Dec 02 '22 16:12 dustymabe