@@ -2,18 +2,20 @@ package endpointvpc
22
33import (
44 "context"
5+ "errors"
56 "fmt"
67 "reflect"
78 "sort"
89
9- "github.com/aws/aws-sdk-go/aws"
10- "github.com/aws/aws-sdk-go/aws/awserr"
11- "github.com/aws/aws-sdk-go/service/ec2"
10+ "github.com/aws/aws-sdk-go-v2/aws"
11+ "github.com/aws/aws-sdk-go-v2/service/ec2"
12+ ec2types "github.com/aws/aws-sdk-go-v2/service/ec2/types"
13+ "github.com/aws/smithy-go"
1214
1315 hivev1 "github.com/openshift/hive/apis/hive/v1"
1416 "github.com/openshift/hive/contrib/pkg/awsprivatelink/common"
1517 awsutils "github.com/openshift/hive/contrib/pkg/utils/aws"
16- "github.com/openshift/hive/pkg/awsclient "
18+ awsclient "github.com/openshift/hive/pkg/awsclientv2 "
1719
1820 log "github.com/sirupsen/logrus"
1921 "github.com/spf13/cobra"
@@ -108,15 +110,15 @@ func (o *endpointVPCAddOptions) Complete(cmd *cobra.Command, args []string) erro
108110func (o * endpointVPCAddOptions ) Validate (cmd * cobra.Command , args []string ) error {
109111 // Check if the endpoint VPC exists
110112 if _ , err := o .endpointVpcClients .DescribeVpcs (& ec2.DescribeVpcsInput {
111- VpcIds : []* string {aws . String ( o .endpointVpcId ) },
113+ VpcIds : []string {o .endpointVpcId },
112114 }); err != nil {
113115 log .WithError (err ).Fatal ("Failed to describe endpoint VPC" )
114116 }
115117
116118 // Check if the endpoint subnets belong to the endpoint VPC
117119 err := o .endpointVpcClients .DescribeSubnetsPages (
118120 & ec2.DescribeSubnetsInput {
119- SubnetIds : aws . StringSlice ( o .endpointSubnetIds ) ,
121+ SubnetIds : o .endpointSubnetIds ,
120122 },
121123 func (page * ec2.DescribeSubnetsOutput , lastPage bool ) bool {
122124 for _ , subnet := range page .Subnets {
@@ -136,7 +138,7 @@ func (o *endpointVPCAddOptions) Validate(cmd *cobra.Command, args []string) erro
136138
137139func (o * endpointVPCAddOptions ) Run (cmd * cobra.Command , args []string ) error {
138140 // Get default SG of the endpoint VPC
139- endpointVPCDefaultSG , err := awsutils .GetDefaultSGOfVpc (o .endpointVpcClients , aws . String ( o .endpointVpcId ) )
141+ endpointVPCDefaultSG , err := awsutils .GetDefaultSGOfVpc (o .endpointVpcClients , o .endpointVpcId )
140142 if err != nil {
141143 log .WithError (err ).Fatal ("Failed to get default SG of the endpoint VPC" )
142144 }
@@ -169,30 +171,27 @@ func (o *endpointVPCAddOptions) Run(cmd *cobra.Command, args []string) error {
169171 log .Info ("Adding route to private route tables of the associated VPC" )
170172 if err = addRouteToRouteTables (
171173 associatedVpcClients ,
172- aws . String ( associatedVpcId ) ,
174+ associatedVpcId ,
173175 endpointVpcCIDR ,
174176 vpcPeeringConnectionId ,
175- & ec2 .Filter {Name : aws .String ("tag:Name" ), Values : []* string {aws . String ( "*private*" ) }},
177+ ec2types .Filter {Name : aws .String ("tag:Name" ), Values : []string {"*private*" }},
176178 ); err != nil {
177179 log .WithError (err ).Fatal ("Failed to add route to private route tables of the associated VPC" )
178180 }
179181
180182 log .Info ("Adding route to route tables of the endpoint subnets" )
181183 if err = addRouteToRouteTables (
182184 o .endpointVpcClients ,
183- aws . String ( o .endpointVpcId ) ,
185+ o .endpointVpcId ,
184186 associatedVpcCIDR ,
185187 vpcPeeringConnectionId ,
186- & ec2 .Filter {Name : aws .String ("association.subnet-id" ), Values : aws . StringSlice ( o .endpointSubnetIds ) },
188+ ec2types .Filter {Name : aws .String ("association.subnet-id" ), Values : o .endpointSubnetIds },
187189 ); err != nil {
188190 log .WithError (err ).Fatal ("Failed to add route to route tables of the endpoint subnets" )
189191 }
190192
191193 // Update SGs
192- associatedVpcWorkerSG , err := awsutils .GetWorkerSGFromVpcId (
193- associatedVpcClients ,
194- aws .String (associatedVpcId ),
195- )
194+ associatedVpcWorkerSG , err := awsutils .GetWorkerSGFromVpcId (associatedVpcClients , associatedVpcId )
196195 if err != nil {
197196 log .WithError (err ).Fatal ("Failed to get worker SG of the associated VPC" )
198197 }
@@ -210,8 +209,9 @@ func (o *endpointVPCAddOptions) Run(cmd *cobra.Command, args []string) error {
210209 aws .String (fmt .Sprintf ("Access from worker SG of associated VPC %s" , associatedVpcId )),
211210 ); err != nil {
212211 // Proceed if ingress already authorized, fail otherwise
213- switch aerr , ok := err .(awserr.Error ); {
214- case ok && aerr .Code () == "InvalidPermission.Duplicate" :
212+ var aerr smithy.APIError
213+ switch ok := errors .As (err , & aerr ); {
214+ case ok && aerr .ErrorCode () == "InvalidPermission.Duplicate" :
215215 log .Warnf ("Traffic from the associated VPC's worker SG to the endpoint VPC's default SG is already authorized" )
216216 default :
217217 log .WithError (err ).Fatal ("Failed to authorize traffic from the associated VPC's worker SG to the endpoint VPC's default SG" )
@@ -226,8 +226,9 @@ func (o *endpointVPCAddOptions) Run(cmd *cobra.Command, args []string) error {
226226 aws .String (fmt .Sprintf ("Access from default SG of endpoint VPC %s" , o .endpointVpcId )),
227227 ); err != nil {
228228 // Proceed if ingress already authorized, fail otherwise
229- switch aerr , ok := err .(awserr.Error ); {
230- case ok && aerr .Code () == "InvalidPermission.Duplicate" :
229+ var aerr smithy.APIError
230+ switch ok := errors .As (err , & aerr ); {
231+ case ok && aerr .ErrorCode () == "InvalidPermission.Duplicate" :
231232 log .Warnf ("Traffic from the endpoint VPC's default SG to the associated VPC's worker SG is already authorized" )
232233 default :
233234 log .WithError (err ).Fatal ("Failed to authorize traffic from the endpoint VPC's default SG to the associated VPC's worker SG" )
@@ -244,8 +245,9 @@ func (o *endpointVPCAddOptions) Run(cmd *cobra.Command, args []string) error {
244245 aws .String (fmt .Sprintf ("Access from CIDR block of associated VPC %s" , associatedVpcId )),
245246 ); err != nil {
246247 // Proceed if ingress already authorized, fail otherwise
247- switch aerr , ok := err .(awserr.Error ); {
248- case ok && aerr .Code () == "InvalidPermission.Duplicate" :
248+ var aerr smithy.APIError
249+ switch ok := errors .As (err , & aerr ); {
250+ case ok && aerr .ErrorCode () == "InvalidPermission.Duplicate" :
249251 log .Warnf ("Traffic from the associated VPC's CIDR block to the endpoint VPC's default SG is already authorized" )
250252 default :
251253 log .WithError (err ).Fatal ("Failed to authorize traffic from the associated VPC's CIDR block to the endpoint VPC's default SG" )
@@ -260,8 +262,9 @@ func (o *endpointVPCAddOptions) Run(cmd *cobra.Command, args []string) error {
260262 aws .String (fmt .Sprintf ("Access from CIDR block of endpoint VPC %s" , o .endpointVpcId )),
261263 ); err != nil {
262264 // Proceed if ingress already authorized, fail otherwise
263- switch aerr , ok := err .(awserr.Error ); {
264- case ok && aerr .Code () == "InvalidPermission.Duplicate" :
265+ var aerr smithy.APIError
266+ switch ok := errors .As (err , & aerr ); {
267+ case ok && aerr .ErrorCode () == "InvalidPermission.Duplicate" :
265268 log .Warnf ("Traffic from the endpoint VPC's CIDR block to the associated VPC's worker SG is already authorized" )
266269 default :
267270 log .WithError (err ).Fatal ("Failed to authorize traffic from the endpoint VPC's CIDR block to the associated VPC's worker SG" )
@@ -283,7 +286,7 @@ func (o *endpointVPCAddOptions) addEndpointVpcToHiveConfig() {
283286 var endpointSubnets []hivev1.AWSPrivateLinkSubnet
284287 if err := o .endpointVpcClients .DescribeSubnetsPages (
285288 & ec2.DescribeSubnetsInput {
286- SubnetIds : aws . StringSlice ( o .endpointSubnetIds ) ,
289+ SubnetIds : o .endpointSubnetIds ,
287290 },
288291 func (page * ec2.DescribeSubnetsOutput , lastPage bool ) bool {
289292 for _ , subnet := range page .Subnets {
@@ -335,13 +338,13 @@ func (o *endpointVPCAddOptions) addEndpointVpcToHiveConfig() {
335338
336339func addRouteToRouteTables (
337340 vpcClients awsclient.Client ,
338- vpcId , peerCIDR , VpcPeeringConnectionId * string ,
339- additionalFiltersForRouteTables ... * ec2 .Filter ,
341+ vpcId string , peerCIDR , VpcPeeringConnectionId * string ,
342+ additionalFiltersForRouteTables ... ec2types .Filter ,
340343) error {
341- filters := append ([]* ec2 .Filter {
344+ filters := append ([]ec2types .Filter {
342345 {
343346 Name : aws .String ("vpc-id" ),
344- Values : []* string {vpcId },
347+ Values : []string {vpcId },
345348 },
346349 }, additionalFiltersForRouteTables ... )
347350
@@ -358,8 +361,9 @@ func addRouteToRouteTables(
358361 })
359362 if err != nil {
360363 // Proceed if route already exists, fail otherwise
361- switch aerr , ok := err .(awserr.Error ); {
362- case ok && aerr .Code () == "RouteAlreadyExists" :
364+ var aerr smithy.APIError
365+ switch ok := errors .As (err , & aerr ); {
366+ case ok && aerr .ErrorCode () == "RouteAlreadyExists" :
363367 log .Warnf ("Route already exists in route table %v" , * routeTable .RouteTableId )
364368 default :
365369 log .WithError (err ).Fatalf ("Failed to create route for route table %v" , * routeTable .RouteTableId )
@@ -389,10 +393,11 @@ func setupVpcPeeringConnection(
389393 if err != nil {
390394 return nil , err
391395 }
396+ // TODO: Nil pointer check?
392397 log .Debugf ("VPC peering connection %v requested" , * createVpcPeeringConnectionOutput .VpcPeeringConnection .VpcPeeringConnectionId )
393398
394399 err = endpointVpcClients .WaitUntilVpcPeeringConnectionExists (& ec2.DescribeVpcPeeringConnectionsInput {
395- VpcPeeringConnectionIds : []* string {createVpcPeeringConnectionOutput .VpcPeeringConnection .VpcPeeringConnectionId },
400+ VpcPeeringConnectionIds : []string {* createVpcPeeringConnectionOutput .VpcPeeringConnection .VpcPeeringConnectionId },
396401 })
397402 if err != nil {
398403 return nil , err
0 commit comments