Merge branch v2.6 into v2.7

2022-05-04 10:20:46 +02:00 · 2022-05-04 10:20:46 +02:00 · 619621f239
commit 619621f239
parent 73ba7ed2d2 ff5cd9b592
11 changed files with 258 additions and 18 deletions
--- a/pkg/provider/acme/provider.go
+++ b/pkg/provider/acme/provider.go
@ -538,7 +538,7 @@ func (p *Provider) addCertificateForDomain(domain types.Domain, certificate, key
 // The second (RenewInterval) is the interval between renew attempts.
 func getCertificateRenewDurations(certificatesDuration int) (time.Duration, time.Duration) {
 	switch {
-	case certificatesDuration >= 265*24: // >= 1 year
+	case certificatesDuration >= 365*24: // >= 1 year
 		return 4 * 30 * 24 * time.Hour, 7 * 24 * time.Hour // 4 month, 1 week
 	case certificatesDuration >= 3*30*24: // >= 90 days
 		return 30 * 24 * time.Hour, 24 * time.Hour // 30 days, 1 day
--- a/pkg/provider/acme/provider_test.go
+++ b/pkg/provider/acme/provider_test.go
@ -608,11 +608,17 @@ func Test_getCertificateRenewDurations(t *testing.T) {
 			expectRenewInterval:   time.Minute,
 		},
 		{
-			desc:                  "1 Year certificates: 2 months renew period, 1 week renew interval",
+			desc:                  "1 Year certificates: 4 months renew period, 1 week renew interval",
 			certificatesDurations: 24 * 365,
 			expectRenewPeriod:     time.Hour * 24 * 30 * 4,
 			expectRenewInterval:   time.Hour * 24 * 7,
 		},
+		{
+			desc:                  "265 Days certificates: 30 days renew period, 1 day renew interval",
+			certificatesDurations: 24 * 265,
+			expectRenewPeriod:     time.Hour * 24 * 30,
+			expectRenewInterval:   time.Hour * 24,
+		},
 		{
 			desc:                  "90 Days certificates: 30 days renew period, 1 day renew interval",
 			certificatesDurations: 24 * 90,
--- a/pkg/provider/ecs/ecs.go
+++ b/pkg/provider/ecs/ecs.go
@ -392,6 +392,13 @@ func (p *Provider) lookupEc2Instances(ctx context.Context, client *awsClient, cl

 		for _, container := range resp.ContainerInstances {
 			instanceIds[aws.StringValue(container.Ec2InstanceId)] = aws.StringValue(container.ContainerInstanceArn)
+			// Disallow Instance IDs of the form mi-*
+			// This prevents considering external instances in ECS Anywhere setups
+			// and getting InvalidInstanceID.Malformed error when calling the describe-instances endpoint.
+			if strings.HasPrefix(aws.StringValue(container.Ec2InstanceId), "mi-") {
+				continue
+			}
+
 			instanceArns = append(instanceArns, container.Ec2InstanceId)
 		}
 	}