-
Notifications
You must be signed in to change notification settings - Fork 170
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Silence logs generated by aws-vault on the AWS shell plugin #297
Conversation
There is another place where you could see the logs, in the aws-vault importer. Let's handle that as well. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
After some testing I've spotted 3 places where we need to add ExecuteSilently
-
The first log which appears in that screenshot comes from function
configLoader.LoadFromProfile(profile)
. This means that silencingconfighelpers.LoadConfigFromEnv
is not enough. We need to silence our wholegetAWSAuthConfigurationForProfile
(run cmd + F insts_provisioner.go
with the function name to find where it's called) function. -
The second log comes from
p.AssumeRoleProvider.Retrieve(ctx)
(run cmd + F insts_provisioner.go
withp.AssumeRoleProvider.Retrieve(ctx)
to find where it's called). We need to silence this as well using the generic function. -
Similar to 2 we have
p.SessionTokenProvider.Retrieve(ctx)
(run cmd + F insts_provisioner.go
withp.SessionTokenProvider.Retrieve(ctx)
to find where it's called) which could output a log, so let's silence that as well with the generic silencing function
UPDATE: Instead of silencing 2 and 3 individually, let's silence at a higher-up level: tempCredentialsProvider.Retrieve(ctx)
in Provision
. This is because sometimes assume role provider uses session token provider and the way our silencing function works, in this case the session token provider will remove silencing for assume role provider when it's done. (tested this locally)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tested latest changes locally and no logs are shown.
Also code LGTM
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Love the approach with generics!
Code looks good to me. (I did not functionally test, let me know if you'd like more validation there as well).
…tion silently, without outputting any logs to the console
…ently, by suppressing the additional logs
…that to wrap various aws-vault function calls
…ntialsProvider call
9b24b86
to
9a43fdc
Compare
Overview
When any
aws
command is run, the shell plugin currently outputs some additional logs related to the config file reader/importer. With the changes proposed on this PR, we'd hide those logs for now, but a long-term effort would be to identify why those logs are appearing and not printing them in the first place.I have used the same solution that @williamhpark outlined on the issue.
Type of change
Related Issue(s)
How To Test
make aws/build
op plugin init aws
aws s3 ls
aws s3 ls
's output appears.Here's how it looks for me with the proposed changes:
Changelog
Silence AWS config file import logs while running any aws commands