-
Notifications
You must be signed in to change notification settings - Fork 559
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(property-provider): stop memoizing rejected provider #2680
Conversation
expect(await memoized()).toStrictEqual(mockReturn); | ||
expect(provider).toHaveBeenCalledTimes(1); | ||
} | ||
}); | ||
|
||
it("should always return the same promise", () => { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This unit test is removed. We cannot return the same promise because the memoize() now needs to await the provider to resolve(). The unit test was introduced in #56 but with no explicit purpose. I have run the integration test to make sure it feature doesn't affect the SDK now.
Codecov Report
@@ Coverage Diff @@
## main #2680 +/- ##
=======================================
Coverage ? 58.87%
=======================================
Files ? 521
Lines ? 28945
Branches ? 7175
=======================================
Hits ? 17040
Misses ? 11905
Partials ? 0 Continue to review full report at Codecov.
|
AWS CodeBuild CI Report
Powered by github-codebuild-logs, available on the AWS Serverless Application Repository |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread. |
We notice some customers are getting intermittent failures while fetching credentials from STS. This issue became more prevalent in US-EAST-1 region using Amazon EKS managed AWS Identity and Access Management (IAM) OpenID Connect (OIDC) external identity provider (IdP). The client-side root cause of this issue is that when the SDK fetch the credentials coinsides the STS server-side errors, the SDK will incorrectly cache the errored response. Thus the SDK will continuously throw credential fetching errors even after the STS server-side is back up. This code change fixes the issue(available since 3.27.0). If you have similar issue, please attempt to upgrade the SDK to the latest version. If the issue persists, please open a bug report to the support team. |
This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs and link to relevant comments in this thread. |
Resolves: #2659
Description
Previously
memoize()
cached the provider promise no matter whether the promise is rejected. When the credential provider throws, the client will keep throwing the credential error even after the underlying credential provider resumes.With this change the
memoize()
only caches the successfully resolved credentials. If the credential provider errors out, it will retry the provider in next API call as no credential is available still.Testing
Unit test, integration test
Additional context
JS-2740
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.