-
Notifications
You must be signed in to change notification settings - Fork 468
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Retry behavior causes failure to take too long with invalid parameters, without ability to configure retry behavior #683
Comments
facing the same issue. while it takes a long time to fail, it doesn't state anything other than |
We implemented an exponential backoff method because multiple workflows attempting to assume a role at the same time (at least with OIDC) can result in errors. We currently don't have a way to opt out of, or modify this behavior in any way. The approach the original PR took to solve this was to implement a blanket exponential backoff method regardless of authentication method. Given this was only reported for OIDC, and that it throws a certain error in those cases, there seems to be potential for optimizing when we use a retry or not, and for how long when we do. However, this could be risky and result in side effects Would people want this exponential backoff behavior to be configurable? If so, in what ways? The easiest thing to do would be to allow for an input which configures the Function defined here configure-aws-credentials/index.js Line 247 in 0e613a0
Called here configure-aws-credentials/index.js Line 358 in 0e613a0
|
Allow max retries to be configurable. If you try something and it fails the first time, and the second time, and the third time, and the forth time, and the fifth time, and the sixth time, and the seventh time, and the eighth time....etc you might want to reconsider what you're doing with your short time on this earth. |
+1 having this exact same issue. I also noticed that this might have something to do with Alternatively, after a while with the hardcoded value it started failing and when I reverted back to pass aws-region as a secret it worked fine. aws-region passed as a secret :
aws-region value hardcoded :
|
Any update on this issue? I am consistently getting this failure msg now. I've tried experimenting with different versions of Workflow setup :
Trust Policy configuration :
Note: I am using this role to authenticate multiple repos. Error:
|
I made this option configurable. Hopefully #777 gets merged soon. In the meantime, feel free to test this with |
A couple things I forgot to mention. I changed as little as I had to to implement this functionality, so take note that |
This is now configurable in |
** Note ** |
Describe the bug
Hello.
It takes too long time to fail in case of invalid parameters.
Took 1 minute 20 seconds to fail...
Wrong audience also have the same issue.
How to configure to fail immediately?
Expected Behavior
It should fail immediately.
Current Behavior
Took 1 minute 20 seconds to fail.
Reproduction Steps
Ex) Workflow logs in no provider is configured: https://github.com/retzero/oidc-test/actions/runs/4330883414/jobs/7562381435
Possible Solution
No response
Additional Information/Context
No response
The text was updated successfully, but these errors were encountered: