in agent/acs/handler/payload_handler.go [183:275]
func (payloadHandler *payloadRequestHandler) addPayloadTasks(payload *ecsacs.PayloadMessage) ([]*ecsacs.IAMRoleCredentialsAckRequest, bool) {
// verify that we were able to work with all tasks in this payload so we know whether to ack the whole thing or not
allTasksOK := true
validTasks := make([]*apitask.Task, 0, len(payload.Tasks))
for _, task := range payload.Tasks {
if task == nil {
seelog.Criticalf("Received nil task for messageId: %s", aws.StringValue(payload.MessageId))
allTasksOK = false
continue
}
apiTask, err := apitask.TaskFromACS(task, payload)
if err != nil {
payloadHandler.handleUnrecognizedTask(task, err, payload)
allTasksOK = false
continue
}
if task.RoleCredentials != nil {
// The payload from ACS for the task has credentials for the
// task. Add those to the credentials manager and set the
// credentials id for the task as well
taskIAMRoleCredentials := credentials.IAMRoleCredentialsFromACS(task.RoleCredentials, credentials.ApplicationRoleType)
err = payloadHandler.credentialsManager.SetTaskCredentials(
&(credentials.TaskIAMRoleCredentials{
ARN: aws.StringValue(task.Arn),
IAMRoleCredentials: taskIAMRoleCredentials,
}))
if err != nil {
payloadHandler.handleUnrecognizedTask(task, err, payload)
allTasksOK = false
continue
}
apiTask.SetCredentialsID(taskIAMRoleCredentials.CredentialsID)
}
// Add ENI information to the task struct.
for _, acsENI := range task.ElasticNetworkInterfaces {
eni, err := apieni.ENIFromACS(acsENI)
if err != nil {
payloadHandler.handleUnrecognizedTask(task, err, payload)
allTasksOK = false
continue
}
apiTask.AddTaskENI(eni)
}
// Add the app mesh information to task struct
if task.ProxyConfiguration != nil {
appmesh, err := apiappmesh.AppMeshFromACS(task.ProxyConfiguration)
if err != nil {
payloadHandler.handleUnrecognizedTask(task, err, payload)
allTasksOK = false
continue
}
apiTask.SetAppMesh(appmesh)
}
if task.ExecutionRoleCredentials != nil {
// The payload message contains execution credentials for the task.
// Add the credentials to the credentials manager and set the
// task executionCredentials id.
taskExecutionIAMRoleCredentials := credentials.IAMRoleCredentialsFromACS(task.ExecutionRoleCredentials, credentials.ExecutionRoleType)
err = payloadHandler.credentialsManager.SetTaskCredentials(
&(credentials.TaskIAMRoleCredentials{
ARN: aws.StringValue(task.Arn),
IAMRoleCredentials: taskExecutionIAMRoleCredentials,
}))
if err != nil {
payloadHandler.handleUnrecognizedTask(task, err, payload)
allTasksOK = false
continue
}
apiTask.SetExecutionRoleCredentialsID(taskExecutionIAMRoleCredentials.CredentialsID)
}
validTasks = append(validTasks, apiTask)
}
// Add 'stop' transitions first to allow seqnum ordering to work out
// Because a 'start' sequence number should only be proceeded if all 'stop's
// of the same sequence number have completed, the 'start' events need to be
// added after the 'stop' events are there to block them.
stoppedTasksCredentialsAcks, stoppedTasksAddedOK := payloadHandler.addTasks(payload, validTasks, isTaskStatusNotStopped)
newTasksCredentialsAcks, newTasksAddedOK := payloadHandler.addTasks(payload, validTasks, isTaskStatusStopped)
if !stoppedTasksAddedOK || !newTasksAddedOK {
allTasksOK = false
}
// Construct a slice with credentials acks from all tasks
credentialsAcks := append(stoppedTasksCredentialsAcks, newTasksCredentialsAcks...)
return credentialsAcks, allTasksOK
}