Update hypershift.py

cloud-bulldozer · Apr 3, 2024 · 9fa019e · 9fa019e
1 parent ac90c07
commit 9fa019e
Showing 1 changed file with 9 additions and 0 deletions.
diff --git a/libs/platforms/rosa/hypershift/hypershift.py b/libs/platforms/rosa/hypershift/hypershift.py
@@ -396,6 +396,14 @@ def _wait_for_workers(
         result.append("")
         return result
 
+        def _get_aws_account_id(self):
+        # Required by OCM-3187 (https://issues.redhat.com/browse/OCM-3187), remove when fixed
+        (acc_id_code, acc_id_out, acc_id_err) = self.utils.subprocess_exec("aws sts get-caller-identity --output json | jq -r '.Account'")
+        if acc_id_code == 0:
+            return acc_id_out
+        self.logging.error(f"Cannot find AWS Account information for the given credentials")
+        return None
+
     def create_cluster(self, platform, cluster_name):
         super().create_cluster(platform, cluster_name)
         cluster_info = platform.environment["clusters"][cluster_name]
@@ -453,6 +461,7 @@ def create_cluster(self, platform, cluster_name):
         # Required by OCM-3187 (https://issues.redhat.com/browse/OCM-3187), remove when fixed
         self.logging.info(f"Getting kube-controller-manager role for cluster {cluster_name}")
         aws_role_name = self._get_aws_role_name(cluster_name)
+        aws_account_id = self._get_aws_account_id()
         self.logging.info(f"Found kube-controller-manager role {aws_role_name} for cluster {cluster_name}")
         (aws_policy_code, aws_policy_out, aws_policy_err) = self.utils.subprocess_exec("aws iam attach-role-policy --role-name " + aws_role_name + " --policy-arn arn:aws:iam::415909267177:policy/hack-414-custom-policy")
         if aws_policy_code != 0: