From 694d42733775e602fb645427f3456544b8ee6003 Mon Sep 17 00:00:00 2001
From: Rackspace SDLF Clonebot <robot@example.com>
Date: Thu, 26 Aug 2021 13:09:26 -0400
Subject: [PATCH 1/2] Play defense

---
 pyproject.toml          |  2 +-
 tfworker/backends/s3.py | 13 +++++++++++++
 2 files changed, 14 insertions(+), 1 deletion(-)

diff --git a/pyproject.toml b/pyproject.toml
index 5a9f0c2..8ae4f99 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "terraform-worker"
-version = "0.10.9"
+version = "0.10.10"
 description = "An orchestration tool for Terraform"
 authors = [
     "Richard Maynard <richard.maynard@gmail.com>",
diff --git a/tfworker/backends/s3.py b/tfworker/backends/s3.py
index 90978bb..ced1f8e 100644
--- a/tfworker/backends/s3.py
+++ b/tfworker/backends/s3.py
@@ -64,6 +64,12 @@ def __init__(self, authenticators, definitions, deployment=None):
             self._s3_client.head_bucket(Bucket=self._authenticator.bucket)
         except botocore.exceptions.ClientError as err:
             err_str = str(err)
+            if "Forbidden" in err_str:
+                click.secho(
+                    "Possibly re-using a bucket name? Bucket names should be globally unique.",
+                    fg="red",
+                )
+
             if "Not Found" not in err_str:
                 raise err
             if self._authenticator.create_backend_bucket:
@@ -89,6 +95,13 @@ def __init__(self, authenticators, definitions, deployment=None):
                         if "PYTEST_CURRENT_TEST" not in os.environ:
                             click.secho(err_str, fg="red")
                             sys.exit(4)
+                    elif "conflicting conditional operation" in err_str:
+                        click.secho(
+                            "Possibly a recent bucket delete operation in another account has not completed.",
+                            fg="red",
+                        )
+                        click.secho(err, fg="red")
+                        sys.exit(5)
                     elif "BucketAlreadyOwnedByYou" not in err_str:
                         raise err
 

From d56c1a74c7dc59bd9703dd22a0e861248807b5ee Mon Sep 17 00:00:00 2001
From: Rackspace SDLF Clonebot <robot@example.com>
Date: Thu, 26 Aug 2021 13:15:25 -0400
Subject: [PATCH 2/2] Don't show stack trace on forbidden

---
 tfworker/backends/s3.py | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/tfworker/backends/s3.py b/tfworker/backends/s3.py
index ced1f8e..73c25f3 100644
--- a/tfworker/backends/s3.py
+++ b/tfworker/backends/s3.py
@@ -69,7 +69,8 @@ def __init__(self, authenticators, definitions, deployment=None):
                     "Possibly re-using a bucket name? Bucket names should be globally unique.",
                     fg="red",
                 )
-
+                click.secho(err, fg="red")
+                sys.exit(5)
             if "Not Found" not in err_str:
                 raise err
             if self._authenticator.create_backend_bucket:
@@ -101,7 +102,7 @@ def __init__(self, authenticators, definitions, deployment=None):
                             fg="red",
                         )
                         click.secho(err, fg="red")
-                        sys.exit(5)
+                        sys.exit(6)
                     elif "BucketAlreadyOwnedByYou" not in err_str:
                         raise err