Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

@aws-sdk/credential-providers has trouble reading config files from home-relative paths #5876

Closed
jbreckmckye opened this issue Feb 20, 2024 · 3 comments
Closed

@aws-sdk/credential-providers has trouble reading config files from home-relative paths #5876

jbreckmckye opened this issue Feb 20, 2024 · 3 comments
Labels
bug This issue is a bug. p3 This is a minor priority issue queued This issues is on the AWS team's backlog

Comments

@jbreckmckye
Copy link

jbreckmckye commented Feb 20, 2024
edited
Loading

Describe the bug

I think there may be a bug with the SSO credentials library, or in its chain of dependencies. I'm raising the issue here as this is the SDK actually affected.

When using the fromSSO function, if I pass a home-relative path string toconfigFilepath, loading the credentials from ambient INI files fails. For example ~/.aws.config as opposed to /Users/jbreckmckye/.aws/config

If I pass a root-relative path to the same file, or omit the configFilepath, it works fine and picks up the credentials from the ini.

Expected Behavior

Expected: to retrieve the credentials already set up with aws sso login --profile MyProfileName, by using the files populated already in ~/.aws/credentials, ~/.aws/config

Current Behavior

The SDK throws a CredentialsProviderError due to, it seems, being unable to load un-path-resolved files

Reproduction Steps

import { fromSSO } from '@aws-sdk/credential-providers'
import { S3Client, ListBucketsCommand } from '@aws-sdk/client-s3'

async function main() {
  const client = new S3Client({
    region: 'eu-west-1',
    credentials: fromSSO({
      profile: 'EngineerBeta',
      filepath: '~/.aws/credentials',
      configFilepath: '~/.aws/config', // works IF this is omitted, OR is the `realpath` of this same file
    }),
  } as any)

  const cmd = new ListBucketsCommand({})

  await client.send(cmd as any)
}

The ENV_CONFIG_PATH env var is unset.

I was able to trace the code as far as Smithy's loadSharedConfigFiles function:

  • I found that configFile and credentialsFile are resolved to their root-relative paths in the 'good' cases
  • but they are left as unresolved ~/.aws/... home-relative paths specifically when configFilepath is a home-relative path

Possible Solution

I wasn't able to trace the logic further than the shared-ini-file-loader package in the Smithy namespace.

Additional Information/Context

No response

SDK version used

@aws-sdk/credential-providers version 3.509.0

Environment details (OS name and version, etc.)

MacOS Sonoma
@jbreckmckye jbreckmckye added bug This issue is a bug. needs-triage This issue or PR still needs to be triaged. labels Feb 20, 2024
@RanVaknin RanVaknin transferred this issue from aws/aws-sdk-js Mar 8, 2024
@RanVaknin RanVaknin self-assigned this Mar 8, 2024
@RanVaknin RanVaknin removed the needs-triage This issue or PR still needs to be triaged. label Mar 18, 2024
@RanVaknin
Copy link
Contributor

Hi @jbreckmckye ,

Thanks for reaching out and the in-depth repro steps. I agree that since the distinction about home relative or root relative path was never mentioned in our docs, this should be marked as a bug.

Will add to our backlog.

Thanks,
Ran~

@RanVaknin RanVaknin added p3 This is a minor priority issue queued This issues is on the AWS team's backlog labels Mar 18, 2024
@kuhe
Copy link
Contributor

kuhe commented Jun 17, 2024

tagging @Flackus

This was referenced Jun 21, 2024
Merged
Merged
@Flackus Flackus mentioned this issue Jul 10, 2024
Merged
@RanVaknin RanVaknin removed their assignment Aug 5, 2024
@kuhe kuhe closed this as completed Aug 12, 2024
@github-actions GitHub Actions
Copy link

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 27, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug This issue is a bug. p3 This is a minor priority issue queued This issues is on the AWS team's backlog
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kuhe @jbreckmckye @RanVaknin