Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

awscli forces upper bound on rsa version #6774

Open
achave11-ucsc opened this issue Dec 19, 2024 · 3 comments
Open

awscli forces upper bound on rsa version #6774

achave11-ucsc opened this issue Dec 19, 2024 · 3 comments
Assignees
Labels
- [priority] Medium bug [type] A defect preventing use of the system as specified debt [type] A defect incurring continued engineering cost infra [subject] Project infrastructure like CI/CD, build and deployment scripts needs spike [process] Needs to be spiked before it can be solved orange [process] Done by the Azul team

Comments

@achave11-ucsc
Copy link
Member

achave11-ucsc commented Dec 19, 2024

… which causes the make requirements_update target to fail if the rsa requirement is updated to a version >= 4.8.

INFO: pip is looking at multiple versions of awscli to determine which version is compatible with other requirements. This could take a while.
Cannot install -r requirements.dev.txt (line 2) and rsa==4.9 because these package versions have conflicting dependencies.

The conflict is caused by:
    The user requested rsa==4.9
    awscli 1.36.25 depends on rsa<4.8 and >=3.1.2

To fix this you could try to:
1. loosen the range of package versions you've specified
2. remove package versions to allow pip to attempt to solve the dependency conflict

ERROR: ResolutionImpossible: for help visit https://pip.pypa.io/en/latest/topics/dependency-resolution/#dealing-with-dependency-conflicts
make: *** [Makefile:33: requirements_deps] Error 1

@achave11-ucsc achave11-ucsc added the orange [process] Done by the Azul team label Dec 19, 2024
@achave11-ucsc achave11-ucsc changed the title Python dependency, awscli has upper bound limits on rsa Python dependency, awscli has upper bound limit on rsa Dec 19, 2024
@achave11-ucsc achave11-ucsc changed the title Python dependency, awscli has upper bound limit on rsa Python dependency, awscli has upper bound limit on rsa version Dec 19, 2024
@hannes-ucsc hannes-ucsc changed the title Python dependency, awscli has upper bound limit on rsa version Dev dependency awscli has upper bound limit on rsa version Dec 20, 2024
@hannes-ucsc hannes-ucsc changed the title Dev dependency awscli has upper bound limit on rsa version Dependency awscli has upper bound limit on rsa version Dec 20, 2024
@hannes-ucsc hannes-ucsc changed the title Dependency awscli has upper bound limit on rsa version Dependency awscli has upper bound on rsa version Dec 20, 2024
@hannes-ucsc
Copy link
Member

See aws/aws-cli#8152

We should upgrade to v2 of the AWS CLI. It can't be installed with pip (not hosted on pypi) so we have to remove it and the rsa entry from requirements.dev.txt. v2 bundles a Python interpreter and can be installed via Homebrew. README should be updated accordingly. Add version check to common.mk and checklist item to upgrade issue template.

Spike to test installing v2 and making sure that our _login and envhook still work. Our _login tries to share credentials between AWS CLI and boto3/botocore. It also calls aws ecr get-login-password to log into ECR.

@hannes-ucsc
Copy link
Member

There are currently no concrete plans to EOL v1 so we can probably wait.

See also aws/aws-cli#5294

@hannes-ucsc hannes-ucsc added bug [type] A defect preventing use of the system as specified debt [type] A defect incurring continued engineering cost infra [subject] Project infrastructure like CI/CD, build and deployment scripts - [priority] Medium labels Dec 20, 2024
@hannes-ucsc hannes-ucsc removed their assignment Dec 20, 2024
@hannes-ucsc hannes-ucsc added the needs spike [process] Needs to be spiked before it can be solved label Dec 20, 2024
@hannes-ucsc hannes-ucsc changed the title Dependency awscli has upper bound on rsa version awscli has upper bound on rsa version Dec 20, 2024
@hannes-ucsc hannes-ucsc changed the title awscli has upper bound on rsa version awscli forces upper bound on rsa version Dec 20, 2024
@achave11-ucsc
Copy link
Member Author

Assignee to monitor aws/aws-cli#5294.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
- [priority] Medium bug [type] A defect preventing use of the system as specified debt [type] A defect incurring continued engineering cost infra [subject] Project infrastructure like CI/CD, build and deployment scripts needs spike [process] Needs to be spiked before it can be solved orange [process] Done by the Azul team
Projects
None yet
Development

No branches or pull requests

2 participants