Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Panic when using EcsContainer and AWS_CONTAINER_CREDENTIALS_FULL_URI #4572

Open
rnett opened this issue Sep 27, 2022 · 1 comment
Open

Panic when using EcsContainer and AWS_CONTAINER_CREDENTIALS_FULL_URI #4572

rnett opened this issue Sep 27, 2022 · 1 comment
Assignees
@RanVaknin
Labels
bug This issue is a bug. p2 This is a standard priority issue p3 This is a minor priority issue queued This issues is on the AWS team's backlog

Comments

@rnett
Copy link

rnett commented Sep 27, 2022

Describe the bug

According to the AWS docs AWS_CONTAINER_CREDENTIALS_FULL_URI should be used when AWS_CONTAINER_CREDENTIALS_RELATIVE_URI is not set. However the SDK does not seem to do this. Instead, it panics.

Expected Behavior

When EcsContainer is used as the credential source but AWS_CONTAINER_CREDENTIALS_RELATIVE_URI is not set, the SDK falls back to using AWS_CONTAINER_CREDENTIALS_FULL_URI.

Current Behavior

It panics when EcsContainer is used as the credential source but AWS_CONTAINER_CREDENTIALS_RELATIVE_URI is not set:

panic: SharedConfigErr: EcsContainer was specified as the credential_source, but 'AWS_CONTAINER_CREDENTIALS_RELATIVE_URI' was not set

goroutine 1 [running]:
github.com/aws/aws-sdk-go/aws/session.Must(...)
        github.com/aws/aws-sdk-go@v1.44.35/aws/session/session.go:381
github.com/weaveworks/eksctl/pkg/eks.(*ClusterProvider).newSession(0xc0005cc1e0, 0xc0001b59a8)
        github.com/weaveworks/eksctl/pkg/eks/api.go:514 +0x6e5
github.com/weaveworks/eksctl/pkg/eks.New({0x549dac8, 0xc00012c008}, 0xc0001b59a8, 0xc00027afc0)
        github.com/weaveworks/eksctl/pkg/eks/api.go:150 +0xda
github.com/weaveworks/eksctl/pkg/ctl/cmdutils.(*Cmd).NewCtl(0xc0001b5970)

Reproduction Steps

Use eksctl version 0.112.0 on Cloud Shell with the following config in ~/.aws/config:

[profile test]
    role_arn = // some role to assume
    credential_source = EcsContainer

then run

export AWS_PROFILE=test
 eksctl create cluster --name test

I don't expect the actual command to matter.

Possible Solution

Respect the documented behavior.

Additional Information/Context

No response

AWS Go SDK V2 Module Versions Used

Whatever eksctl version 0.112.0 uses.

Compiler and Version used

Whatever eksctl version 0.112.0 uses.

Operating System and version

Linux, 4.14.287-215.504.amzn2.x86_64 (AWS Cloud Shell)
@rnett rnett added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Sep 27, 2022
@Purnaak Purnaak self-assigned this Sep 28, 2022
@skmcgrail skmcgrail transferred this issue from aws/aws-sdk-go-v2 Sep 29, 2022
@RanVaknin RanVaknin added the p2 This is a standard priority issue label Mar 29, 2023
@yenfryherrerafeliz yenfryherrerafeliz self-assigned this Aug 30, 2023
@yenfryherrerafeliz yenfryherrerafeliz self-assigned this Oct 2, 2023
@RanVaknin
Copy link
Contributor

Hi @rnett,

Sorry for the long response time. It looks like the behavior you described does match the credential provider code here.

There is no fallback case.

However I do see that in v2 we do have that fallback functionality, so I encourage you to use v2.

Thanks,
Ran~

@RanVaknin RanVaknin added p3 This is a minor priority issue queued This issues is on the AWS team's backlog and removed needs-triage This issue or PR still needs to be triaged. labels Nov 29, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@RanVaknin RanVaknin

Labels
bug This issue is a bug. p2 This is a standard priority issue p3 This is a minor priority issue queued This issues is on the AWS team's backlog
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@rnett @yenfryherrerafeliz @RanVaknin @Purnaak