Skip to content

runners; Add accountId to findAmiID #6744

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 5 commits into from
Closed

runners; Add accountId to findAmiID #6744

wants to merge 5 commits into from

Conversation

seemethere
Copy link
Member

This should resolve issues where accountId is needed for findAmiID

Resolves #6688

@seemethere
runners; Add accountId to findAmiID
a856377 
This should resolve issues where accountId is needed for findAmiID

Signed-off-by: Eli Uriegas <[email protected]>
@vercel Vercel
Copy link

vercel bot commented Jun 11, 2025
edited
Loading

The latest updates on your projects. Learn more about Vercel for Git ↗︎

1 Skipped Deployment
Name Status Preview Updated (UTC)
torchci ⬜️ Ignored (Inspect) Visit Preview Jun 13, 2025 5:17pm

@facebook-github-bot facebook-github-bot added the CLA Signed This label is managed by the Facebook bot. Authors need to sign the CLA before a PR can be reviewed. label Jun 11, 2025
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 11, 2025
View reviewed changes
@seemethere
fix whitespace
5f09f62 
Signed-off-by: Eli Uriegas <[email protected]>
@seemethere
fix whitespace
e5b3875 
Signed-off-by: Eli Uriegas <[email protected]>
@seemethere
fix format
ba7464b 
Signed-off-by: Eli Uriegas <[email protected]>
ZainRizvi
ZainRizvi requested changes Jun 11, 2025
View reviewed changes
Copy link
Contributor

@ZainRizvi ZainRizvi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Vibe coding ft(almost)w

terraform-aws-github-runner/modules/runners/lambdas/runners/src/scale-runners/runners.ts Outdated
export async function findAmiID(metrics: Metrics, region: string, filter: string, owners = 'amazon'): Promise<string> {
const ec2 = new EC2({ region: region });
const accountId = await getCurrentAccountId();
const allOwners = [accountId, owners];
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These would be a good set of owners to include in the list:

https://github.com/pytorch/ci-infra/blob/c0c1e344db9707d6a70f9f98ec086f49aead1ac5/ali/aws/391835788720/us-east-1/autoscaler-lambda.tf#L76-L81

terraform-aws-github-runner/modules/runners/lambdas/runners/src/scale-runners/runners.ts Outdated
// Helper function to get the current AWS account ID
async function getCurrentAccountId(): Promise<string> {
const sts = new STS();
const identity = await sts.getCallerIdentity().promise();
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please double check to see if the lambdas have access to this identity before checking in the code. But I suspect my comment below includes all the identities that would be needed

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Claude seemed to think that we already did

terraform-aws-github-runner/modules/runners/lambdas/runners/src/scale-runners/runners.ts Outdated
export async function findAmiID(metrics: Metrics, region: string, filter: string, owners = 'amazon'): Promise<string> {
const ec2 = new EC2({ region: region });
const accountId = await getCurrentAccountId();
const allOwners = [accountId, owners];
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Also, note that the function definition has "owners" passed in here as an optional parameter that no caller actually uses.

Consider changing that optional parameter's type to a list of strings and moving this owner identification code to a higher state of being 😇

atalman
atalman reviewed Jun 11, 2025
View reviewed changes
terraform-aws-github-runner/modules/runners/lambdas/runners/src/scale-runners/runners.ts Outdated
const sts = new STS();
const identity = await sts.getCallerIdentity().promise();
if (!identity.Account) {
throw new Error('Unable to retrieve AWS account ID');
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of failing with error, should we just log the error and fallback to Amazon only images ?

@atalman
Copy link
Contributor

atalman commented Jun 11, 2025

What is our test plan on deploying this ? Is there a way to test it in canary only ?

@seemethere
address comments
688fc91 
Signed-off-by: Eli Uriegas <[email protected]>
github-advanced-security[bot]
github-advanced-security bot found potential problems Jun 13, 2025
View reviewed changes
jeanschmidt
jeanschmidt reviewed Aug 13, 2025
View reviewed changes
terraform-aws-github-runner/modules/runners/lambdas/runners/src/scale-runners/runners.ts
const ec2 = new EC2({ region: region });
const accountId = await getCurrentAccountId();
const lfAccountId = '391835788720';
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why is lf account hardcoded? Seems like a bug, something that would possibly not work in all cases (ali deployed in LF, using an image from Meta)

@jeanschmidt
Copy link
Contributor

One note, maybe you want to specify the acc number somehow if you don't want to use amazon by default. Searching on all accounts simultaneously can be problematic if multiple accounts have a image with the same name.

It is not obvious that you will use the one from both accounts with the later date. And it can be confusing in some cases and a bug hard to detect.

@seemethere seemethere closed this Aug 26, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jeanschmidt jeanschmidt jeanschmidt left review comments

@atalman atalman atalman left review comments

@ZainRizvi ZainRizvi ZainRizvi requested changes

Assignees
No one assigned
Labels
CLA Signed This label is managed by the Facebook bot. Authors need to sign the CLA before a PR can be reviewed.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Autoscaler] The autoscaler experiments are unable to find custom AMIs when they're set as an experiment
5 participants
@seemethere @atalman @jeanschmidt @ZainRizvi @facebook-github-bot