diff --git a/tools/Cargo.lock b/tools/Cargo.lock index 6ae14c31b4a..481f33ff3bf 100644 --- a/tools/Cargo.lock +++ b/tools/Cargo.lock @@ -149,7 +149,7 @@ dependencies = [ "http", "hyper", "ring", - "time 0.3.14", + "time 0.3.15", "tokio", "tower", "tracing", @@ -188,6 +188,30 @@ dependencies = [ "tracing", ] +[[package]] +name = "aws-sdk-cloudformation" +version = "0.18.0" +source = "registry+/~https://github.com/rust-lang/crates.io-index" +checksum = "cafaf0b9199f52cd69ef07c1d15fc7a57bf3ff53a8b0885cf708110fa49f6450" +dependencies = [ + "aws-endpoint", + "aws-http", + "aws-sig-auth", + "aws-smithy-async", + "aws-smithy-client", + "aws-smithy-http", + "aws-smithy-http-tower", + "aws-smithy-query", + "aws-smithy-types", + "aws-smithy-xml", + "aws-types", + "bytes", + "fastrand", + "http", + "tokio-stream", + "tower", +] + [[package]] name = "aws-sdk-ebs" version = "0.18.0" @@ -257,6 +281,34 @@ dependencies = [ "tower", ] +[[package]] +name = "aws-sdk-s3" +version = "0.18.0" +source = "registry+/~https://github.com/rust-lang/crates.io-index" +checksum = "323b9107094fc396a0116326b577af48d9cfb26ec7c09588584ec82cee057b81" +dependencies = [ + "aws-endpoint", + "aws-http", + "aws-sig-auth", + "aws-sigv4", + "aws-smithy-async", + "aws-smithy-checksums", + "aws-smithy-client", + "aws-smithy-eventstream", + "aws-smithy-http", + "aws-smithy-http-tower", + "aws-smithy-types", + "aws-smithy-xml", + "aws-types", + "bytes", + "bytes-utils", + "http", + "http-body", + "tokio-stream", + "tower", + "tracing", +] + [[package]] name = "aws-sdk-ssm" version = "0.18.0" @@ -331,6 +383,7 @@ source = "registry+/~https://github.com/rust-lang/crates.io-index" checksum = "0ee4bf20136757fd9f606bb4adafe6d19fb02bc48033a8d4f205f21d56fa783a" dependencies = [ "aws-sigv4", + "aws-smithy-eventstream", "aws-smithy-http", "aws-types", "http", @@ -343,7 +396,9 @@ version = "0.48.0" source = "registry+/~https://github.com/rust-lang/crates.io-index" checksum = "b99b21b3aceaf224cccd693b353e1f38af4ede8c5fc618b97dd458bb63238efc" dependencies = [ + "aws-smithy-eventstream", "aws-smithy-http", + "bytes", "form_urlencoded", "hex", "http", @@ -351,7 +406,7 @@ dependencies = [ "percent-encoding", "regex", "ring", - "time 0.3.14", + "time 0.3.15", "tracing", ] @@ -367,6 +422,27 @@ dependencies = [ "tokio-stream", ] +[[package]] +name = "aws-smithy-checksums" +version = "0.48.0" +source = "registry+/~https://github.com/rust-lang/crates.io-index" +checksum = "d6face4c12b335ba734a4416c15d5eeb0af88aa61182a84ff50db62bfa261183" +dependencies = [ + "aws-smithy-http", + "aws-smithy-types", + "bytes", + "crc32c", + "crc32fast", + "hex", + "http", + "http-body", + "md-5", + "pin-project-lite", + "sha1", + "sha2", + "tracing", +] + [[package]] name = "aws-smithy-client" version = "0.48.0" @@ -390,12 +466,24 @@ dependencies = [ "tracing", ] +[[package]] +name = "aws-smithy-eventstream" +version = "0.48.0" +source = "registry+/~https://github.com/rust-lang/crates.io-index" +checksum = "9b959c2c1752c2afbd863953046c06f7ee592f68d64719b7bab3193ac3b0fa77" +dependencies = [ + "aws-smithy-types", + "bytes", + "crc32fast", +] + [[package]] name = "aws-smithy-http" version = "0.48.0" source = "registry+/~https://github.com/rust-lang/crates.io-index" checksum = "23861d0b53a1369eab1e8d48c8bb3492eb3def1c2f2222dfb1bad58dd03914a5" dependencies = [ + "aws-smithy-eventstream", "aws-smithy-types", "bytes", "bytes-utils", @@ -454,7 +542,7 @@ dependencies = [ "itoa", "num-integer", "ryu", - "time 0.3.14", + "time 0.3.15", ] [[package]] @@ -509,15 +597,6 @@ version = "1.3.2" source = "registry+/~https://github.com/rust-lang/crates.io-index" checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a" -[[package]] -name = "block-buffer" -version = "0.9.0" -source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "4152116fd6e9dadb291ae18fc1ec3575ed6d84c29642d97890f4b4a3417297e4" -dependencies = [ - "generic-array", -] - [[package]] name = "block-buffer" version = "0.10.3" @@ -569,7 +648,7 @@ dependencies = [ "reqwest", "serde", "serde_plain", - "sha2 0.10.6", + "sha2", "snafu", "toml", "url", @@ -719,7 +798,7 @@ dependencies = [ "futures", "indicatif", "nix", - "sha2 0.10.6", + "sha2", "snafu", "tempfile", "tokio", @@ -727,13 +806,13 @@ dependencies = [ [[package]] name = "console" -version = "0.15.1" +version = "0.15.2" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "89eab4d20ce20cea182308bca13088fecea9c05f6776cf287205d41a0ed3c847" +checksum = "c050367d967ced717c04b65d8c619d863ef9292ce0c5760028655a2fb298718c" dependencies = [ "encode_unicode", + "lazy_static", "libc", - "once_cell", "terminal_size", "unicode-width", "winapi", @@ -764,6 +843,15 @@ dependencies = [ "libc", ] +[[package]] +name = "crc32c" +version = "0.6.3" +source = "registry+/~https://github.com/rust-lang/crates.io-index" +checksum = "3dfea2db42e9927a3845fb268a10a72faed6d416065f77873f05e411457c363e" +dependencies = [ + "rustc_version", +] + [[package]] name = "crc32fast" version = "1.3.2" @@ -796,26 +884,24 @@ dependencies = [ [[package]] name = "crossbeam-epoch" -version = "0.9.10" +version = "0.9.11" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "045ebe27666471bb549370b4b0b3e51b07f56325befa4284db65fc89c02511b1" +checksum = "f916dfc5d356b0ed9dae65f1db9fc9770aa2851d2662b988ccf4fe3516e86348" dependencies = [ "autocfg", "cfg-if", "crossbeam-utils", "memoffset", - "once_cell", "scopeguard", ] [[package]] name = "crossbeam-utils" -version = "0.8.11" +version = "0.8.12" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "51887d4adc7b564537b15adcfb307936f8075dfcd5f00dde9a9f1d29383682bc" +checksum = "edbafec5fa1f196ca66527c1b12c2ec4745ca14b50f1ad8f9f6f720b55d11fac" dependencies = [ "cfg-if", - "once_cell", ] [[package]] @@ -828,16 +914,6 @@ dependencies = [ "typenum", ] -[[package]] -name = "crypto-mac" -version = "0.11.1" -source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "b1d1a86f49236c215f271d40892d5fc950490551400b02ef360692c29815c714" -dependencies = [ - "generic-array", - "subtle", -] - [[package]] name = "ct-logs" version = "0.8.0" @@ -882,22 +958,13 @@ dependencies = [ "syn", ] -[[package]] -name = "digest" -version = "0.9.0" -source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "d3dd60d1080a57a05ab032377049e0591415d2b31afd7028356dbf3cc6dcb066" -dependencies = [ - "generic-array", -] - [[package]] name = "digest" version = "0.10.5" source = "registry+/~https://github.com/rust-lang/crates.io-index" checksum = "adfbc57365a37acbd2ebf2b64d7e69bb766e2fea813521ed536f5d0520dcf86c" dependencies = [ - "block-buffer 0.10.3", + "block-buffer", "crypto-common", ] @@ -1211,16 +1278,6 @@ version = "0.4.3" source = "registry+/~https://github.com/rust-lang/crates.io-index" checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70" -[[package]] -name = "hmac" -version = "0.11.0" -source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "2a2a2320eb7ec0ebe8da8f744d7812d9fc4cb4d09344ac01898dbcb6a20ae69b" -dependencies = [ - "crypto-mac", - "digest 0.9.0", -] - [[package]] name = "home" version = "0.5.3" @@ -1311,7 +1368,7 @@ dependencies = [ "hyper", "log", "rustls 0.19.1", - "rustls-native-certs 0.5.0", + "rustls-native-certs", "tokio", "tokio-rustls 0.22.0", "webpki 0.21.4", @@ -1325,9 +1382,7 @@ checksum = "d87c48c02e0dc5e3b849a2041db3029fd066650f8f717c07bf8ed78ccb895cac" dependencies = [ "http", "hyper", - "log", "rustls 0.20.6", - "rustls-native-certs 0.6.2", "tokio", "tokio-rustls 0.23.4", ] @@ -1413,16 +1468,17 @@ version = "0.1.0" dependencies = [ "assert-json-diff", "async-trait", + "aws-config", + "aws-sdk-cloudformation", + "aws-sdk-s3", + "aws-types", "clap 3.2.22", "hex", "log", "pubsys-config", - "rusoto_cloudformation", - "rusoto_core", - "rusoto_s3", "serde_json", "serde_yaml", - "sha2 0.10.6", + "sha2", "shell-words", "simplelog", "snafu", @@ -1590,9 +1646,9 @@ checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646" [[package]] name = "libc" -version = "0.2.133" +version = "0.2.134" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "c0f80d65747a3e43d1596c7c5492d95d5edddaabd45a7fcdb02b95f644164966" +checksum = "329c933548736bc49fd575ee68c89e8be4d260064184389a5b77517cddd99ffb" [[package]] name = "linked-hash-map" @@ -1627,13 +1683,11 @@ checksum = "3e2e65a1a2e43cfcb47a895c4c8b10d1f4a61097f9f254f183aee60cad9c651d" [[package]] name = "md-5" -version = "0.9.1" +version = "0.10.5" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "7b5a279bb9607f9f53c22d496eade00d138d1bdcccd07d74650387cf94942a15" +checksum = "6365506850d44bff6e2fbcb5176cf63650e48bd45ef2fe2665ae1570e0f4b9ca" dependencies = [ - "block-buffer 0.9.0", - "digest 0.9.0", - "opaque-debug", + "digest", ] [[package]] @@ -1814,17 +1868,11 @@ version = "1.15.0" source = "registry+/~https://github.com/rust-lang/crates.io-index" checksum = "e82dad04139b71a90c080c8463fe0dc7902db5192d939bd0950f074d014339e1" -[[package]] -name = "opaque-debug" -version = "0.3.0" -source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5" - [[package]] name = "openssl" -version = "0.10.41" +version = "0.10.42" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "618febf65336490dfcf20b73f885f5651a0c89c64c2d4a8c3662585a70bf5bd0" +checksum = "12fc0523e3bd51a692c8850d075d74dc062ccf251c0110668cbd921917118a13" dependencies = [ "bitflags", "cfg-if", @@ -1854,9 +1902,9 @@ checksum = "ff011a302c396a5197692431fc1948019154afc178baf7d8e37367442a4601cf" [[package]] name = "openssl-sys" -version = "0.9.75" +version = "0.9.76" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "e5f9bd0c2710541a3cda73d6f9ac4f1b240de4ae261065d309dbe73d9dceb42f" +checksum = "5230151e44c0f05157effb743e8d517472843121cf9243e8b81393edb5acd9ce" dependencies = [ "autocfg", "cc", @@ -2034,9 +2082,9 @@ dependencies = [ [[package]] name = "proc-macro2" -version = "1.0.44" +version = "1.0.46" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "7bd7356a8122b6c4a24a82b278680c73357984ca2fc79a0f9fa6dea7dced7c58" +checksum = "94e2ef8dbfc347b10c094890f778ee2e36ca9bb4262e86dc99cd217e35f3470b" dependencies = [ "unicode-ident", ] @@ -2110,7 +2158,7 @@ dependencies = [ "log", "pubsys-config", "reqwest", - "sha2 0.10.6", + "sha2", "shell-words", "simplelog", "snafu", @@ -2283,102 +2331,6 @@ dependencies = [ "winapi", ] -[[package]] -name = "rusoto_cloudformation" -version = "0.48.0" -source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "fd30fadf72299e6d385ed4e32b1b765cb1c20e359b05ff14fa35dd2d7dd6a229" -dependencies = [ - "async-trait", - "bytes", - "futures", - "rusoto_core", - "serde_urlencoded", - "xml-rs", -] - -[[package]] -name = "rusoto_core" -version = "0.48.0" -source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "1db30db44ea73551326269adcf7a2169428a054f14faf9e1768f2163494f2fa2" -dependencies = [ - "async-trait", - "base64", - "bytes", - "crc32fast", - "futures", - "http", - "hyper", - "hyper-rustls 0.23.0", - "lazy_static", - "log", - "rusoto_credential", - "rusoto_signature", - "rustc_version", - "serde", - "serde_json", - "tokio", - "xml-rs", -] - -[[package]] -name = "rusoto_credential" -version = "0.48.0" -source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "ee0a6c13db5aad6047b6a44ef023dbbc21a056b6dab5be3b79ce4283d5c02d05" -dependencies = [ - "async-trait", - "chrono", - "dirs-next", - "futures", - "hyper", - "serde", - "serde_json", - "shlex", - "tokio", - "zeroize", -] - -[[package]] -name = "rusoto_s3" -version = "0.48.0" -source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "7aae4677183411f6b0b412d66194ef5403293917d66e70ab118f07cc24c5b14d" -dependencies = [ - "async-trait", - "bytes", - "futures", - "rusoto_core", - "xml-rs", -] - -[[package]] -name = "rusoto_signature" -version = "0.48.0" -source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "a5ae95491c8b4847931e291b151127eccd6ff8ca13f33603eb3d0035ecb05272" -dependencies = [ - "base64", - "bytes", - "chrono", - "digest 0.9.0", - "futures", - "hex", - "hmac", - "http", - "hyper", - "log", - "md-5", - "percent-encoding", - "pin-project-lite", - "rusoto_credential", - "rustc_version", - "serde", - "sha2 0.9.9", - "tokio", -] - [[package]] name = "rustc-demangle" version = "0.1.21" @@ -2431,18 +2383,6 @@ dependencies = [ "security-framework", ] -[[package]] -name = "rustls-native-certs" -version = "0.6.2" -source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "0167bac7a9f490495f3c33013e7722b53cb087ecbe082fb0c6387c96f634ea50" -dependencies = [ - "openssl-probe", - "rustls-pemfile", - "schannel", - "security-framework", -] - [[package]] name = "rustls-pemfile" version = "1.0.1" @@ -2479,9 +2419,9 @@ dependencies = [ [[package]] name = "schemars" -version = "0.8.10" +version = "0.8.11" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "1847b767a3d62d95cbf3d8a9f0e421cf57a0d8aa4f411d4b16525afb0284d4ed" +checksum = "2a5fb6c61f29e723026dc8e923d94c694313212abbecbbe5f55a7748eec5b307" dependencies = [ "dyn-clone", "schemars_derive", @@ -2491,9 +2431,9 @@ dependencies = [ [[package]] name = "schemars_derive" -version = "0.8.10" +version = "0.8.11" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "af4d7e1b012cb3d9129567661a63755ea4b8a7386d339dc945ae187e403c6743" +checksum = "f188d036977451159430f3b8dc82ec76364a42b7e289c2b18a9a18f4470058e9" dependencies = [ "proc-macro2", "quote", @@ -2663,20 +2603,18 @@ checksum = "028f48d513f9678cda28f6e4064755b3fbb2af6acd672f2c209b62323f7aea0f" dependencies = [ "cfg-if", "cpufeatures", - "digest 0.10.5", + "digest", ] [[package]] -name = "sha2" -version = "0.9.9" +name = "sha1" +version = "0.10.5" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "4d58a1e1bf39749807d89cf2d98ac2dfa0ff1cb3faa38fbb64dd88ac8013d800" +checksum = "f04293dc80c3993519f2d7f6f511707ee7094fe0c6d3406feb330cdb3540eba3" dependencies = [ - "block-buffer 0.9.0", "cfg-if", "cpufeatures", - "digest 0.9.0", - "opaque-debug", + "digest", ] [[package]] @@ -2687,7 +2625,7 @@ checksum = "82e6b795fe2e3b1e845bafcb27aa35405c4d47cdfc92af5fc8d3002f76cebdc0" dependencies = [ "cfg-if", "cpufeatures", - "digest 0.10.5", + "digest", ] [[package]] @@ -2706,12 +2644,6 @@ version = "1.1.0" source = "registry+/~https://github.com/rust-lang/crates.io-index" checksum = "24188a676b6ae68c3b2cb3a01be17fbf7240ce009799bb56d5b1409051e78fde" -[[package]] -name = "shlex" -version = "1.1.0" -source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "43b2853a4d09f215c24cc5489c992ce46052d359b5109343cbafbf26bc62f8a3" - [[package]] name = "signal-hook-registry" version = "1.4.0" @@ -2729,7 +2661,7 @@ checksum = "48dfff04aade74dd495b007c831cd6f4e0cee19c344dd9dc0884c0289b70a786" dependencies = [ "log", "termcolor", - "time 0.3.14", + "time 0.3.15", ] [[package]] @@ -2743,9 +2675,9 @@ dependencies = [ [[package]] name = "smallvec" -version = "1.9.0" +version = "1.10.0" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "2fd0db749597d91ff862fd1d55ea87f7855a744a8425a64695b6fca237d1dad1" +checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0" [[package]] name = "snafu" @@ -2822,12 +2754,6 @@ dependencies = [ "syn", ] -[[package]] -name = "subtle" -version = "2.4.1" -source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601" - [[package]] name = "syn" version = "1.0.101" @@ -2945,18 +2871,18 @@ checksum = "949517c0cf1bf4ee812e2e07e08ab448e3ae0d23472aee8a06c985f0c8815b16" [[package]] name = "thiserror" -version = "1.0.36" +version = "1.0.37" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "0a99cb8c4b9a8ef0e7907cd3b617cc8dc04d571c4e73c8ae403d80ac160bb122" +checksum = "10deb33631e3c9018b9baf9dcbbc4f737320d2b576bac10f6aefa048fa407e3e" dependencies = [ "thiserror-impl", ] [[package]] name = "thiserror-impl" -version = "1.0.36" +version = "1.0.37" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "3a891860d3c8d66fec8e73ddb3765f90082374dbaaa833407b904a94f1a7eb43" +checksum = "982d17546b47146b28f7c22e3d08465f6b8903d0ea13c1660d9d84a6e7adcdbb" dependencies = [ "proc-macro2", "quote", @@ -2976,9 +2902,9 @@ dependencies = [ [[package]] name = "time" -version = "0.3.14" +version = "0.3.15" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "3c3f9a28b618c3a6b9251b6908e9c99e04b9e5c02e6581ccbb67d59c34ef7f9b" +checksum = "d634a985c4d4238ec39cacaed2e7ae552fbd3c476b552c1deac3021b7d7eaf0c" dependencies = [ "itoa", "libc", @@ -3019,9 +2945,9 @@ checksum = "cda74da7e1a664f795bb1f8a87ec406fb89a02522cf6e50620d016add6dbbf5c" [[package]] name = "tokio" -version = "1.21.1" +version = "1.21.2" source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "0020c875007ad96677dcc890298f4b942882c5d4eb7cc8f439fc3bf813dc9c95" +checksum = "a9e03c497dc955702ba729190dc4aac6f2a0ce97f913e5b1b5912fc5039d9099" dependencies = [ "autocfg", "bytes", @@ -3029,7 +2955,6 @@ dependencies = [ "memchr", "mio", "num_cpus", - "once_cell", "parking_lot", "pin-project-lite", "signal-hook-registry", @@ -3645,12 +3570,6 @@ dependencies = [ "winapi", ] -[[package]] -name = "xml-rs" -version = "0.8.4" -source = "registry+/~https://github.com/rust-lang/crates.io-index" -checksum = "d2d7d3948613f75c98fd9328cfdcc45acc4d360655289d0a7d4ec931392200a3" - [[package]] name = "xmlparser" version = "0.13.3" diff --git a/tools/deny.toml b/tools/deny.toml index 9e050d23521..03982790433 100644 --- a/tools/deny.toml +++ b/tools/deny.toml @@ -63,9 +63,6 @@ skip = [ ] skip-tree = [ - # rusoto_signature uses an older version of sha2 - { name = "rusoto_signature" }, - # structopt pulls in an older version of clap { name = "structopt", version = "0.3.26" }, diff --git a/tools/infrasys/Cargo.toml b/tools/infrasys/Cargo.toml index 7b982a0a317..f0e9dae7d8a 100644 --- a/tools/infrasys/Cargo.toml +++ b/tools/infrasys/Cargo.toml @@ -12,9 +12,10 @@ clap = "3.1" hex = "0.4.0" log = "0.4.14" pubsys-config = { path = "../pubsys-config/", version = "0.1.0" } -rusoto_cloudformation = { version = "0.48.0", default-features = false, features = ["rustls"] } -rusoto_core = { version = "0.48.0", default-features = false, features = ["rustls"] } -rusoto_s3 = { version = "0.48.0", default-features = false, features = ["rustls"] } +aws-config = "0.48.0" +aws-types = "0.48.0" +aws-sdk-cloudformation = "0.18.0" +aws-sdk-s3 = "0.18.0" serde_json = "1.0.66" serde_yaml = "0.8.17" sha2 = "0.10" diff --git a/tools/infrasys/src/error.rs b/tools/infrasys/src/error.rs index 20bbdc01fc9..f5624ddfff2 100644 --- a/tools/infrasys/src/error.rs +++ b/tools/infrasys/src/error.rs @@ -1,3 +1,4 @@ +use aws_sdk_s3::types::SdkError; use snafu::Snafu; use std::io; use std::path::PathBuf; @@ -14,7 +15,7 @@ pub enum Error { CreateStack { stack_name: String, region: String, - source: rusoto_core::RusotoError, + source: SdkError, }, #[snafu(display( @@ -40,6 +41,9 @@ pub enum Error { ))] CreateStackTimeout { stack_name: String, region: String }, + #[snafu(display("No stack data returned for CFN stack '{}' in {}", stack_name, region))] + MissingStack { stack_name: String, region: String }, + #[snafu(display( "Failed to fetch stack details for CFN stack '{}' in '{}': {}", stack_name, @@ -49,7 +53,7 @@ pub enum Error { DescribeStack { stack_name: String, region: String, - source: rusoto_core::RusotoError, + source: SdkError, }, #[snafu(display("Missing environment variable '{}'", var))] @@ -117,11 +121,11 @@ pub enum Error { source: std::num::ParseIntError, }, - #[snafu(display("Failed to parse '{}' to a valid rusoto region: {}", what, source))] - ParseRegion { - what: String, - source: rusoto_core::region::ParseRegionError, - }, + #[snafu(display("Failed to find default region"))] + DefaultRegion, + + #[snafu(display("Unable to parse stack status"))] + ParseStatus, #[snafu(display( "Failed to find field '{}' after attempting to create resource '{}'", @@ -139,7 +143,7 @@ pub enum Error { #[snafu(display("Failed to push object to bucket '{}': {}", bucket_name, source))] PutObject { bucket_name: String, - source: rusoto_core::RusotoError, + source: SdkError, }, #[snafu(display( @@ -149,7 +153,7 @@ pub enum Error { ))] PutPolicy { bucket_name: String, - source: rusoto_core::RusotoError, + source: SdkError, }, #[snafu(display("Failed to create async runtime: {}", source))] diff --git a/tools/infrasys/src/keys.rs b/tools/infrasys/src/keys.rs index 15afde39902..a00283c2537 100644 --- a/tools/infrasys/src/keys.rs +++ b/tools/infrasys/src/keys.rs @@ -1,10 +1,9 @@ use async_trait::async_trait; +use aws_sdk_cloudformation::Client as CloudFormationClient; +use aws_types::region::Region; use pubsys_config::{KMSKeyConfig, SigningKeyConfig}; -use rusoto_cloudformation::{CloudFormation, CloudFormationClient, CreateStackInput}; -use rusoto_core::Region; use snafu::{OptionExt, ResultExt}; use std::fs; -use std::str::FromStr; use super::{error, shared, Result}; @@ -34,7 +33,7 @@ pub fn check_signing_key_config(signing_key_config: &SigningKeyConfig) -> Result SigningKeyConfig::file { .. } => (), SigningKeyConfig::kms { config, .. } => { let config = config.as_ref().context(error::MissingConfigSnafu { - missing: "config field for a kms key", + missing: "config field for kms keys", })?; match ( @@ -89,9 +88,13 @@ impl KMSKeyConfigExt for KMSKeyConfig { missing: "key_alias", })? ); - let cfn_client = CloudFormationClient::new( - Region::from_str(region).context(error::ParseRegionSnafu { what: region })?, - ); + + let config = aws_config::from_env() + .region(Region::new(region.to_owned())) + .load() + .await; + let cfn_client = CloudFormationClient::new(&config); + let cfn_filepath = format!( "{}/infrasys/cloudformation-templates/kms_key_setup.yml", shared::getenv("BUILDSYS_TOOLS_DIR")? @@ -100,20 +103,19 @@ impl KMSKeyConfigExt for KMSKeyConfig { .context(error::FileReadSnafu { path: cfn_filepath })?; let stack_result = cfn_client - .create_stack(CreateStackInput { - parameters: Some(vec![shared::create_parameter( - "Alias".to_string(), - self.key_alias - .as_ref() - .context(error::KeyConfigSnafu { - missing: "key_alias", - })? - .to_string(), - )]), - stack_name: stack_name.clone(), - template_body: Some(cfn_template.clone()), - ..Default::default() - }) + .create_stack() + .parameters(shared::create_parameter( + "Alias".to_string(), + self.key_alias + .as_ref() + .context(error::KeyConfigSnafu { + missing: "key_alias", + })? + .to_string(), + )) + .stack_name(stack_name.clone()) + .template_body(cfn_template.clone()) + .send() .await .context(error::CreateStackSnafu { stack_name: &stack_name, diff --git a/tools/infrasys/src/main.rs b/tools/infrasys/src/main.rs index 83cf4c34234..13f74085377 100644 --- a/tools/infrasys/src/main.rs +++ b/tools/infrasys/src/main.rs @@ -4,12 +4,13 @@ mod root; mod s3; mod shared; +use aws_sdk_cloudformation::Region; use error::Result; use log::{error, info}; use pubsys_config::{InfraConfig, RepoConfig, S3Config, SigningKeyConfig}; use sha2::{Digest, Sha512}; use shared::KeyRole; -use simplelog::{Config as LogConfig, LevelFilter, SimpleLogger}; +use simplelog::{CombinedLogger, Config as LogConfig, ConfigBuilder, LevelFilter, SimpleLogger}; use snafu::{ensure, OptionExt, ResultExt}; use std::collections::HashMap; use std::num::NonZeroUsize; @@ -62,7 +63,35 @@ fn run() -> Result<()> { // Parse and store the args passed to the program let args = Args::from_args(); - SimpleLogger::init(args.log_level, LogConfig::default()).context(error::LoggerSnafu)?; + match args.log_level { + // Set log level for AWS SDK to error to reduce verbosity. + LevelFilter::Info => { + CombinedLogger::init(vec![ + SimpleLogger::new( + LevelFilter::Info, + ConfigBuilder::new() + .add_filter_ignore_str("aws_config") + .add_filter_ignore_str("aws_smithy") + .add_filter_ignore_str("tracing::span") + .build(), + ), + SimpleLogger::new( + LevelFilter::Warn, + ConfigBuilder::new() + .add_filter_allow_str("aws_config") + .add_filter_allow_str("aws_smithy") + .add_filter_allow_str("tracing::span") + .build(), + ), + ]) + .context(error::LoggerSnafu)?; + } + + // Set the supplied log level across the whole crate. + _ => { + SimpleLogger::init(args.log_level, LogConfig::default()).context(error::LoggerSnafu)? + } + } match args.subcommand { SubCommand::CreateInfra(ref run_task_args) => { @@ -124,7 +153,7 @@ async fn create_infra(toml_path: &Path, root_role_path: &Path) -> Result<()> { // Upload root.json. info!("Uploading root.json to S3 bucket..."); s3::upload_file( - repo_info.s3_region, + &repo_info.s3_region, &bucket_name, &repo_info.prefix, root_role_path, @@ -187,7 +216,7 @@ struct ValidRepoInfo<'a> { root_key_threshold: &'a NonZeroUsize, root_keys: &'a mut SigningKeyConfig, root_role_url: &'a mut Option, - s3_region: &'a String, + s3_region: Region, s3_stack_name: String, signing_keys: &'a mut SigningKeyConfig, stack_arn: &'a mut Option, @@ -204,20 +233,22 @@ impl<'a> ValidRepoInfo<'a> { let s3_stack_name = repo_config .file_hosting_config_name - .as_ref() + .to_owned() .context(error::MissingConfigSnafu { missing: "file_hosting_config_name", })?; let s3_info = s3_info_map - .get_mut(s3_stack_name) + .get_mut(&s3_stack_name) .context(error::MissingConfigSnafu { missing: format!("aws.s3 config with name {}", s3_stack_name), })?; Ok(ValidRepoInfo { s3_stack_name: s3_stack_name.to_string(), - s3_region: s3_info.region.as_ref().context(error::MissingConfigSnafu { - missing: format!("region for '{}' s3 config", s3_stack_name), - })?, + s3_region: Region::new(s3_info.region.as_ref().cloned().context( + error::MissingConfigSnafu { + missing: format!("region for '{}' s3 config", s3_stack_name), + }, + )?), bucket_name: &mut s3_info.bucket_name, stack_arn: &mut s3_info.stack_arn, vpce_id: s3_info @@ -262,11 +293,11 @@ async fn create_repo_infrastructure( // Create S3 bucket info!("Creating S3 bucket..."); let (s3_stack_arn, bucket_name, bucket_rdn) = - s3::create_s3_bucket(repo_info.s3_region, &repo_info.s3_stack_name).await?; + s3::create_s3_bucket(&repo_info.s3_region, &repo_info.s3_stack_name).await?; // Add Bucket Policy to newly created bucket s3::add_bucket_policy( - repo_info.s3_region, + &repo_info.s3_region, &bucket_name, &repo_info.prefix, repo_info.vpce_id, diff --git a/tools/infrasys/src/root.rs b/tools/infrasys/src/root.rs index e447f045965..bd0c6108305 100644 --- a/tools/infrasys/src/root.rs +++ b/tools/infrasys/src/root.rs @@ -1,7 +1,7 @@ use super::{error, KeyRole, Result}; +use aws_config::meta::region::RegionProviderChain; use log::{trace, warn}; use pubsys_config::SigningKeyConfig; -use rusoto_core::Region; use snafu::{ensure, OptionExt, ResultExt}; use std::collections::HashMap; use std::fs; @@ -39,6 +39,21 @@ pub fn check_root(root_role_path: &Path) -> Result<()> { }); Ok(()) } +pub fn get_region() -> Result { + let rt = tokio::runtime::Runtime::new().context(error::RuntimeSnafu)?; + rt.block_on(async { async_get_region().await }) +} + +async fn async_get_region() -> Result { + let default_region_fallback = "us-east-1"; + let default_region = RegionProviderChain::default_provider() + .or_else(default_region_fallback) + .region() + .await + .context(error::DefaultRegionSnafu)? + .to_string(); + Ok(default_region) +} /// Creates the directory where root.json will live and creates root.json itself according to details specified in root-role-path pub fn create_root(root_role_path: &Path) -> Result<()> { @@ -48,14 +63,12 @@ pub fn create_root(root_role_path: &Path) -> Result<()> { thing: "root role", })?; fs::create_dir_all(role_dir).context(error::MkdirSnafu { path: role_dir })?; + let default_region = get_region()?; + // Initialize root + tuftool!(&default_region, "root init '{}'", root_role_path.display()); tuftool!( - Region::default().name(), - "root init '{}'", - root_role_path.display() - ); - tuftool!( - Region::default().name(), + &default_region, // TODO: expose expiration date as a configurable parameter "root expire '{}' 'in 52 weeks'", root_role_path.display() @@ -63,7 +76,7 @@ pub fn create_root(root_role_path: &Path) -> Result<()> { Ok(()) } -/// Adds keys to root.json according to key type +/// Adds keys to root.json according to key type pub fn add_keys( signing_key_config: &mut SigningKeyConfig, role: &KeyRole, @@ -108,11 +121,11 @@ fn add_keys_kms( num_keys: (*available_keys).len(), } ); - + let default_region = get_region()?; match role { KeyRole::Root => { tuftool!( - Region::default().name(), + &default_region, "root set-threshold '{}' root '{}' ", filepath, threshold.to_string() @@ -128,19 +141,19 @@ fn add_keys_kms( } KeyRole::Publication => { tuftool!( - Region::default().name(), + &default_region, "root set-threshold '{}' snapshot '{}' ", filepath, threshold.to_string() ); tuftool!( - Region::default().name(), + &default_region, "root set-threshold '{}' targets '{}' ", filepath, threshold.to_string() ); tuftool!( - Region::default().name(), + &default_region, "root set-threshold '{}' timestamp '{}' ", filepath, threshold.to_string() diff --git a/tools/infrasys/src/s3.rs b/tools/infrasys/src/s3.rs index be4645230f0..990ebcd12fd 100644 --- a/tools/infrasys/src/s3.rs +++ b/tools/infrasys/src/s3.rs @@ -1,14 +1,10 @@ -use rusoto_cloudformation::{CloudFormation, CloudFormationClient, CreateStackInput}; -use rusoto_core::Region; -use rusoto_s3::{ - GetBucketPolicyRequest, PutBucketPolicyRequest, PutObjectRequest, S3Client, StreamingBody, S3, -}; +use aws_sdk_cloudformation::{Client as CloudFormationClient, Region}; +use aws_sdk_s3::Client as S3Client; use snafu::{OptionExt, ResultExt}; use std::fs; use std::fs::File; use std::io::prelude::*; use std::path::{Path, PathBuf}; -use std::str::FromStr; use super::{error, shared, Result}; @@ -36,11 +32,17 @@ pub fn format_prefix(prefix: &str) -> String { /// Input: The region in which the bucket will be created and the name of the bucket /// Output: The stack_arn of the stack w/ the S3 bucket, the CFN allocated bucket name, /// and the bucket url (for the url fields in Infra.lock) -pub async fn create_s3_bucket(region: &str, stack_name: &str) -> Result<(String, String, String)> { +pub async fn create_s3_bucket( + region: &Region, + stack_name: &str, +) -> Result<(String, String, String)> { // TODO: Add support for accommodating pre-existing buckets (skip this creation process) - let cfn_client = CloudFormationClient::new( - Region::from_str(region).context(error::ParseRegionSnafu { what: region })?, - ); + let config = aws_config::from_env() + .region(region.to_owned()) + .load() + .await; + let cfn_client = CloudFormationClient::new(&config); + let cfn_filepath: PathBuf = format!( "{}/infrasys/cloudformation-templates/s3_setup.yml", shared::getenv("BUILDSYS_TOOLS_DIR")? @@ -48,14 +50,17 @@ pub async fn create_s3_bucket(region: &str, stack_name: &str) -> Result<(String, .into(); let cfn_template = fs::read_to_string(&cfn_filepath).context(error::FileReadSnafu { path: cfn_filepath })?; + let stack_result = cfn_client - .create_stack(CreateStackInput { - stack_name: stack_name.to_string(), - template_body: Some(cfn_template.clone()), - ..Default::default() - }) + .create_stack() + .stack_name(stack_name.to_string()) + .template_body(cfn_template.clone()) + .send() .await - .context(error::CreateStackSnafu { stack_name, region })?; + .context(error::CreateStackSnafu { + stack_name, + region: region.as_ref(), + })?; // We don't have to wait for successful stack creation to grab the stack ARN let stack_arn = stack_result .clone() @@ -66,7 +71,7 @@ pub async fn create_s3_bucket(region: &str, stack_name: &str) -> Result<(String, })?; // Grab the StackOutputs to get the Bucketname and BucketURL - let output_array = shared::get_stack_outputs(&cfn_client, stack_name, region).await?; + let output_array = shared::get_stack_outputs(&cfn_client, stack_name, region.as_ref()).await?; let bucket_name = output_array[0] .output_value .as_ref() @@ -90,21 +95,23 @@ pub async fn create_s3_bucket(region: &str, stack_name: &str) -> Result<(String, /// Adds a BucketPolicy allowing GetObject access to a specified VPC /// Input: Region, Name of bucket, which prefix root.json should be put under, and vpcid /// Note that the prefix parameter must have the format "//*" and the bucket name "" -/// Output: Doesn't need to save any metadata from this action +/// Output: Doesn't need to save any metadata from this action pub async fn add_bucket_policy( - region: &str, + region: &Region, bucket_name: &str, prefix: &str, vpcid: &str, ) -> Result<()> { // Get old policy - let s3_client = - S3Client::new(Region::from_str(region).context(error::ParseRegionSnafu { what: region })?); + let config = aws_config::from_env() + .region(region.to_owned()) + .load() + .await; + let s3_client = S3Client::new(&config); let mut policy: serde_json::Value = match s3_client - .get_bucket_policy(GetBucketPolicyRequest { - bucket: bucket_name.to_string(), - expected_bucket_owner: None, - }) + .get_bucket_policy() + .bucket(bucket_name.to_string()) + .send() .await { Ok(output) => serde_json::from_str(&output.policy.context(error::ParseResponseSnafu { @@ -153,13 +160,14 @@ pub async fn add_bucket_policy( // Push the new policy as a string s3_client - .put_bucket_policy(PutBucketPolicyRequest { - bucket: bucket_name.to_string(), - policy: serde_json::to_string(&policy).context(error::InvalidJsonSnafu { + .put_bucket_policy() + .bucket(bucket_name.to_string()) + .policy( + serde_json::to_string(&policy).context(error::InvalidJsonSnafu { what: format!("new bucket policy for {}", &bucket_name), })?, - ..Default::default() - }) + ) + .send() .await .context(error::PutPolicySnafu { bucket_name })?; @@ -171,13 +179,16 @@ pub async fn add_bucket_policy( /// Note that the prefix parameter must have the format "/" and the bucket name "" /// Output: Doesn't need to save any metadata from this action pub async fn upload_file( - region: &str, + region: &Region, bucket_name: &str, prefix: &str, file_path: &Path, ) -> Result<()> { - let s3_client = - S3Client::new(Region::from_str(region).context(error::ParseRegionSnafu { what: region })?); + let config = aws_config::from_env() + .region(region.to_owned()) + .load() + .await; + let s3_client = S3Client::new(&config); // File --> Bytes let mut file = File::open(file_path).context(error::FileOpenSnafu { path: file_path })?; @@ -186,12 +197,11 @@ pub async fn upload_file( .context(error::FileReadSnafu { path: file_path })?; s3_client - .put_object(PutObjectRequest { - bucket: format!("{}{}", bucket_name, prefix), - key: "root.json".to_string(), - body: Some(StreamingBody::from(buffer)), - ..Default::default() - }) + .put_object() + .bucket(format!("{}{}", bucket_name, prefix)) + .key("root.json".to_string()) + .body(aws_sdk_s3::types::ByteStream::from(buffer)) + .send() .await .context(error::PutObjectSnafu { bucket_name })?; @@ -215,16 +225,13 @@ mod tests { let empty = ""; let single_slash = "/"; - assert_eq!("/prefix", format_prefix(&valid.to_string())); - assert_eq!("/prefix", format_prefix(&missing_slash.to_string())); - assert_eq!("/prefix", format_prefix(&excess_ending_1.to_string())); - assert_eq!("/prefix", format_prefix(&excess_ending_2.to_string())); - assert_eq!( - "/prefix", - format_prefix(&slash_and_excess_ending.to_string()) - ); - assert_eq!("", format_prefix(&empty.to_string())); - assert_eq!("", format_prefix(&single_slash.to_string())); + assert_eq!("/prefix", format_prefix(valid)); + assert_eq!("/prefix", format_prefix(missing_slash)); + assert_eq!("/prefix", format_prefix(excess_ending_1)); + assert_eq!("/prefix", format_prefix(excess_ending_2)); + assert_eq!("/prefix", format_prefix(slash_and_excess_ending)); + assert_eq!("", format_prefix(empty)); + assert_eq!("", format_prefix(single_slash)); } #[test] @@ -247,9 +254,7 @@ mod tests { }} }} }}"#, - "test-bucket-name".to_string(), - "/test-prefix".to_string(), - "testvpc123".to_string() + "test-bucket-name", "/test-prefix", "testvpc123" )) .unwrap(); @@ -317,9 +322,7 @@ mod tests { }} }} }}"#, - "test-bucket-name".to_string(), - "/test-prefix".to_string(), - "testvpc123".to_string() + "test-bucket-name", "/test-prefix", "testvpc123" )) .unwrap(); diff --git a/tools/infrasys/src/shared.rs b/tools/infrasys/src/shared.rs index 0f147f56521..0e458191d1b 100644 --- a/tools/infrasys/src/shared.rs +++ b/tools/infrasys/src/shared.rs @@ -1,5 +1,6 @@ +use aws_sdk_cloudformation::model::{Output, Parameter}; +use aws_sdk_cloudformation::Client as CloudFormationClient; use log::info; -use rusoto_cloudformation::{CloudFormation, CloudFormationClient, DescribeStacksInput, Parameter}; use snafu::{ensure, OptionExt, ResultExt}; use std::{env, thread, time}; use structopt::StructOpt; @@ -19,11 +20,10 @@ pub fn getenv(var: &str) -> Result { /// Generates a parameter type object used to specify parameters in CloudFormation templates pub fn create_parameter(key: String, val: String) -> Parameter { - Parameter { - parameter_key: Some(key), - parameter_value: Some(val), - ..Default::default() - } + Parameter::builder() + .parameter_key(key) + .parameter_value(val) + .build() } /// Polls cfn_client for stack_name in region until it's ready @@ -32,23 +32,27 @@ pub async fn get_stack_outputs( cfn_client: &CloudFormationClient, stack_name: &str, region: &str, -) -> Result> { +) -> Result> { let mut stack_outputs = cfn_client - .describe_stacks(DescribeStacksInput { - stack_name: Some(stack_name.to_string()), - ..Default::default() - }) + .describe_stacks() + .stack_name(stack_name) + .send() .await .context(error::DescribeStackSnafu { stack_name, region })? .stacks .context(error::ParseResponseSnafu { what: "stacks", resource_name: stack_name, - })?[0] + })? + .first() + .context(error::MissingStackSnafu { stack_name, region })? .clone(); // Checking that keys have been created so we can return updated outputs - let mut status = stack_outputs.stack_status; + let mut status = stack_outputs + .stack_status() + .context(error::ParseStatusSnafu)? + .as_str(); // Max wait is 30 mins (90 attempts * 20s = 1800s = 30mins) let mut max_attempts: u32 = 90; while status != "CREATE_COMPLETE" { @@ -66,19 +70,23 @@ pub async fn get_stack_outputs( ); thread::sleep(time::Duration::from_secs(20)); stack_outputs = cfn_client - .describe_stacks(DescribeStacksInput { - stack_name: Some(stack_name.to_string()), - ..Default::default() - }) + .describe_stacks() + .stack_name(stack_name) + .send() .await .context(error::DescribeStackSnafu { stack_name, region })? .stacks .context(error::ParseResponseSnafu { what: "stacks", resource_name: stack_name, - })?[0] + })? + .first() + .context(error::MissingStackSnafu { stack_name, region })? .clone(); - status = stack_outputs.stack_status; + status = stack_outputs + .stack_status() + .context(error::ParseStatusSnafu)? + .as_str(); max_attempts -= 1; }