Skip to content

Fail fast on invalid region#75

Closed
iainelder wants to merge 1 commit intoconnelldave:masterfrom
iainelder:fail-on-invalid-region
Closed

Fail fast on invalid region#75
iainelder wants to merge 1 commit intoconnelldave:masterfrom
iainelder:fail-on-invalid-region

Conversation

@iainelder
Copy link
Collaborator

Resolves #55 by assuming any region is valid until evidence to the contrary. If a request raises an EndpointConnectionError and the region isn't in Boto3's model, then in all liklihood, the region doesn't exist.

@iainelder iainelder requested a review from connelldave as a code owner June 19, 2023 20:49
Copy link
Owner

@connelldave connelldave left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like a much cleaner change and implementation than previous discussions in most part, but I'm unsure what value it really adds: does it fail fast enough? Is it clear that this (if I understand right) will throw and all other exceptions will be supressed on raise_exceptions=False but also be an implied default with raise_exceptions=True?

My concern is that this is overly niche at the cost of less clear API behaviour of the library

logger.exception(cove_session.format_cove_error(e))
raise InvalidRegion(account_session_info["Region"]) from e

if self.raise_exception is True:
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Needs to be refactored to support this flag: I assume we want to just propogate the error to the Cove output unless this flag is also set?

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

suggest just flipping to

Suggested change
if self.raise_exception is True:
if self.raise_exception is False:
continue

or something other kind of short circuit

Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

or perhaps this is incorrect and contradicts the point of the change?

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

with this change the raise_exception flag is a bit of a misnomer. I think of it as "raise exception caused by some error in the client's function". I don't want to change the behavior for any of these exceptions.

The new condition being checked is to "raise exception caused by a misconfigured boto3 session".

Because of how boto3 works, the region isn't actually validated until the first API call is made. If cove gets bad input for the region, then the client's function is doomed before it even executes because it has been given a misconfigured session.

We couldn't find a sane way to validate the region inputs before this point, so bailing out here is the next best place.

does it fail fast enough?

The reason for this PR is to fail faster than botocove currently does with an invalid region name. Currently what happens is that botocove will try every account once for the bad region, and pause for several seconds for each one. When I first saw that happening, I had assumed there was some network error that was causing botocove to slow to a crawl. In any case, it was taking so long to process the accounts that I just had to cancel it anyway and then try to figure out what was wrong (and I didn't always realise that it was because I had mispelled a region name).

FailedAssumeRole: List[Dict[str, Any]]


class BotocoveError(Exception):
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unused - no-op unless it defines some behaviour different to it's parent class

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fair enough. I was following the advice in the Python Exceptions documentation:

When creating a module that can raise several distinct errors, a common practice is to create a base class for exceptions defined by that module, and subclass that to create specific exception classes for different error conditions.

The only real custom error is InvalidRegion, so I suppose the base class is just cruft.

Comment on lines +85 to +86
logger.exception(cove_session.format_cove_error(e))
raise InvalidRegion(account_session_info["Region"]) from e
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Premature optimisation/gold plating here? We can just logger.exception what's happened and re-raise botocore's EndpointConnectionError

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It may not be immediately obvious that an EndpointConnectionError is caused by an invalid region. You can read the region name from the error message, but it's a bit harder to parse. If you think we don't need the custom exception I can remove it.


except Exception as e:

if isinstance(e, EndpointConnectionError):
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is a strange enough thing to look for that it seems worth commenting exactly why we're checking

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I thought I had commented it somewhere, but I seem to have lost that text before pushing. I agree. I'll add something.

@iainelder
Copy link
Collaborator Author

My concern is that this is overly niche at the cost of less clear API behaviour of the library

Yes, I think that is enough to reject this implementation. The fact that it raises so many doubts would be bad for long-term maintenance. What exactly would raise_exception mean?

I will close this for now unless you think there is any reason to keep it open.

I have a simpler suggestion in #76 .

@iainelder iainelder closed this Jun 29, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Validate regions from a known set

2 participants