Skip to content

fix: Reuse existing unattached remotepy SG instead of failing#88

Merged
ivyleavedtoadflax merged 4 commits into
mainfrom
fix/85-sg-add-existing-unattached
Mar 30, 2026
Merged

fix: Reuse existing unattached remotepy SG instead of failing#88
ivyleavedtoadflax merged 4 commits into
mainfrom
fix/85-sg-add-existing-unattached

Conversation

@ivyleavedtoadflax
Copy link
Copy Markdown
Owner

@ivyleavedtoadflax ivyleavedtoadflax commented Mar 29, 2026

Summary

Fixes #85.

  • find_or_create_remotepy_sg() now checks for an existing remotepy-{name} security group in the VPC before attempting to create a new one
  • If an unattached SG is found (e.g. left over from a terminated instance with the same name), it is attached to the instance and reused
  • Only creates a new SG if none exists anywhere in the VPC

Test plan

  • New test: test_finds_existing_unattached_sg_in_vpc — verifies the VPC lookup and attach path
  • Updated test: test_creates_and_attaches_when_missing — now also mocks the VPC lookup returning empty results
  • All 1119 tests pass, linting clean

@ivyleavedtoadflax
fix: Reuse existing unattached remotepy SG instead of failing (#85)
e1d96bf 
When a remotepy-{name} security group already existed in the VPC but
wasn't attached to the instance (e.g. after replacing an instance),
sg add would fail with InvalidGroup.Duplicate. Now find_or_create_remotepy_sg
checks for unattached SGs in the VPC before attempting to create a new one.
@ivyleavedtoadflax
fix: Clear stale rules from orphan SGs, handle race condition
aed064e 
- Clear all inbound rules from orphaned SGs before reattaching so they
  behave like freshly created ones (prevents stale IP whitelists)
- Warn when multiple SGs with the same name exist in the VPC
- Handle InvalidGroup.Duplicate race condition when two processes try to
  create the same SG simultaneously
- Use aws_error_code attribute instead of string matching for reliability
- Add comprehensive tests for all new paths
@ivyleavedtoadflax
style: Apply ruff formatting
34fee67
@ivyleavedtoadflax
fix: Resolve mypy type error for revoke_security_group_ingress
f8955e4
@ivyleavedtoadflax ivyleavedtoadflax merged commit b1b5fbc into main Mar 30, 2026
3 checks passed
@ivyleavedtoadflax ivyleavedtoadflax deleted the fix/85-sg-add-existing-unattached branch March 30, 2026 20:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

sg add fails when remotepy-{name} SG already exists but isn't attached

1 participant

@ivyleavedtoadflax