feat(credential-provider-node): use credential_process from profile (#…

…1773) * feat(credential-provider-node): use credential_process from profile fixes #1772 * feat(credential-provider-node): add testcase
aws · Dec 19, 2020 · 842e2a0 · 842e2a0
1 parent 8785ad4
commit 842e2a0
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 1 deletion.
diff --git a/packages/credential-provider-node/src/index.spec.ts b/packages/credential-provider-node/src/index.spec.ts
@@ -395,5 +395,26 @@ describe("defaultProvider", () => {
       expect((fromContainerMetadata() as any).mock.calls.length).toBe(0);
       expect((fromInstanceMetadata() as any).mock.calls.length).toBe(0);
     });
+
+    it("should consult the process provider if no credentials are found in the ini provider", async () => {
+      const creds = {
+        accessKeyId: "foo",
+        secretAccessKey: "bar",
+      };
+
+      (fromEnv() as any).mockImplementation(() => Promise.reject(new Error("PANIC")));
+      (fromIni() as any).mockImplementation(() => Promise.reject(new ProviderError("Nothing here!")));
+      (fromProcess() as any).mockImplementation(() => Promise.resolve(creds));
+      (fromInstanceMetadata() as any).mockImplementation(() => Promise.reject(new Error("PANIC")));
+      (fromContainerMetadata() as any).mockImplementation(() => Promise.reject(new Error("PANIC")));
+
+      process.env[ENV_PROFILE] = "foo";
+      expect(await defaultProvider()()).toEqual(creds);
+      expect((fromEnv() as any).mock.calls.length).toBe(0);
+      expect((fromIni() as any).mock.calls.length).toBe(1);
+      expect((fromProcess() as any).mock.calls.length).toBe(1);
+      expect((fromContainerMetadata() as any).mock.calls.length).toBe(0);
+      expect((fromInstanceMetadata() as any).mock.calls.length).toBe(0);
+    });
   });
 });
diff --git a/packages/credential-provider-node/src/index.ts b/packages/credential-provider-node/src/index.ts
@@ -44,7 +44,7 @@ export const ENV_IMDS_DISABLED = "AWS_EC2_METADATA_DISABLED";
 export function defaultProvider(init: FromIniInit & RemoteProviderInit & FromProcessInit = {}): CredentialProvider {
   const { profile = process.env[ENV_PROFILE] } = init;
   const providerChain = profile
-    ? fromIni(init)
+    ? chain(fromIni(init), fromProcess(init))
     : chain(fromEnv(), fromIni(init), fromProcess(init), remoteProvider(init));
 
   return memoize(