Skip to content

fix: match EC2 instance type to source AMI architecture in dry run #649

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
gnought wants to merge 1 commit into
base: main
Choose a base branch
from
+9 −1
Open

fix: match EC2 instance type to source AMI architecture in dry run #649

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 9 additions & 1 deletion common/step_iam_instance_profile.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -187,6 +187,14 @@ func (s *StepIamInstanceProfile) Run(ctx context.Context, state multistep.StateB
return multistep.ActionHalt
}
sourceImage := sourceImageRaw.(*ec2types.Image)
instanceType := map[ec2types.ArchitectureValues]ec2types.InstanceType{
ec2types.ArchitectureValuesArm64: ec2types.InstanceTypeT4gNano,
ec2types.ArchitectureValuesX8664Mac: ec2types.InstanceTypeMac1Metal,
ec2types.ArchitectureValuesArm64Mac: ec2types.InstanceTypeMac2Metal,
}[sourceImage.Architecture]
if instanceType == "" {
instanceType = ec2types.InstanceTypeT3Nano
}
Comment on lines +190 to +197
Copy link

Copilot AI Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The dry-run now selects mac1.metal/mac2.metal for *_mac AMIs, but the RunInstancesInput here does not include any placement/tenancy/host parameters. Since this step treats any non-DryRunOperation error as “instance profile not visible yet”, missing placement settings can cause false failures unrelated to IAM propagation. Consider either (a) skipping the EC2 dry-run IAM visibility check for mac architectures, or (b) threading the builder’s placement/tenancy/host settings into this step and using them in the dry-run call so validation matches the real launch parameters.

Copilot uses AI. Check for mistakes.
Comment on lines +190 to +197
Copy link

Copilot AI Apr 6, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This PR introduces architecture-to-instance-type selection logic, but there’s no unit test coverage to ensure the mapping and default fallback behave as expected (e.g., arm64 => t4g.nano, unknown/empty => t3.nano). Adding a focused test for this selection would help prevent regressions and make future architecture additions safer.

Copilot uses AI. Check for mistakes.

err = retry.Config{
Tries: 11,
Expand All @@ -205,7 +213,7 @@ func (s *StepIamInstanceProfile) Run(ctx context.Context, state multistep.StateB
ImageId: sourceImage.ImageId,
MinCount: aws.Int32(1),
MaxCount: aws.Int32(1),
InstanceType: ec2types.InstanceTypeT3Nano,
InstanceType: instanceType,
DryRun: aws.Bool(true),
IamInstanceProfile: &ec2types.IamInstanceProfileSpecification{
Name: aws.String(s.createdInstanceProfileName),
Expand Down
Loading