Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add support opt-in regional STS endpoints #2838

Merged
merged 8 commits into from Sep 6, 2019

Conversation

@AllanFly120
Copy link
Contributor

commented Sep 5, 2019

This PR makes STS client supports sending requests to regional endpoints(e.g. sts.us-west-2.amazonaws.com). You can opt in by setting stsRegionalEndpoints client config or AWS_STS_REGIONAL_ENDPOINTS environment or sts_regional_endpoints config file entry to 'regional'.

Checklist
  • npm run test passes
  • .d.ts file is updated
  • changelog is added, npm run add-change
  • run bundle exec rake docs:api and inspect doc/latest/index.html if documentation is changed
@codecov-io

This comment has been minimized.

Copy link

commented Sep 5, 2019

Codecov Report

Merging #2838 into master will increase coverage by 0.03%.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master    #2838      +/-   ##
==========================================
+ Coverage   96.93%   96.96%   +0.03%     
==========================================
  Files         297      297              
  Lines        8898     8955      +57     
  Branches     1663     1676      +13     
==========================================
+ Hits         8625     8683      +58     
+ Misses        273      272       -1
Impacted Files Coverage Δ
lib/config.js 87.64% <ø> (ø) ⬆️
lib/services/sts.js 100% <100%> (ø) ⬆️
...credentials/token_file_web_identity_credentials.js 98.59% <0%> (+2.59%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 88b635b...726ace0. Read the comment docs.

@AllanFly120 AllanFly120 force-pushed the AllanFly120:feat/sts-regional branch from 4a64a04 to 59cd001 Sep 5, 2019

@AllanFly120 AllanFly120 requested a review from trivikr Sep 6, 2019

lib/services/sts.js Outdated Show resolved Hide resolved
lib/services/sts.js Outdated Show resolved Hide resolved
@trivikr
trivikr approved these changes Sep 6, 2019
@trivikr
trivikr approved these changes Sep 6, 2019

@AllanFly120 AllanFly120 merged commit 6b25f26 into aws:master Sep 6, 2019

3 of 4 checks passed

AWS CodeBuild us-west-2 (sdk-v2-github) Build started for project sdk-v2-github
Details
codecov/patch 100% of diff hit (target 96.93%)
Details
codecov/project 96.96% (target 95%)
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
@greensopinion

This comment has been minimized.

Copy link

commented Sep 9, 2019

In what looks like it's related to this change, we've started seeing the following when deploying with the serverless framework on our CI machines:

TypeError: Cannot convert undefined or null to object 
    at hasOwnProperty (<anonymous>) 
    at features.constructor.validateRegionalEndpointsFlag (/usr/local/lib/node_modules/serverless/node_modules/aws-sdk/lib/services/sts.js:92:41) 
    at features.constructor.optInRegionalEndpoint (/usr/local/lib/node_modules/serverless/node_modules/aws-sdk/lib/services/sts.js:106:10) 
    at features.constructor.validateService (/usr/local/lib/node_modules/serverless/node_modules/aws-sdk/lib/services/sts.js:124:10) 
    at features.constructor.initialize (/usr/local/lib/node_modules/serverless/node_modules/aws-sdk/lib/service.js:52:10) 
    at features.constructor.Service [as constructor] (/usr/local/lib/node_modules/serverless/node_modules/aws-sdk/lib/service.js:40:10) 
    at features.constructor (/usr/local/lib/node_modules/serverless/node_modules/aws-sdk/lib/util.js:624:24) 
    at new features.constructor (/usr/local/lib/node_modules/serverless/node_modules/aws-sdk/lib/util.js:624:24) 
    at features.constructor.Service [as constructor] (/usr/local/lib/node_modules/serverless/node_modules/aws-sdk/lib/service.js:31:17) 
    at new features.constructor (/usr/local/lib/node_modules/serverless/node_modules/aws-sdk/lib/util.js:624:24) 
    at persistentRequest (/usr/local/lib/node_modules/serverless/lib/plugins/aws/provider/awsProvider.js:268:26) 
    at doCall (/usr/local/lib/node_modules/serverless/lib/plugins/aws/provider/awsProvider.js:226:9) 
    at BbPromise (/usr/local/lib/node_modules/serverless/lib/plugins/aws/provider/awsProvider.js:243:14) 
    at persistentRequest (/usr/local/lib/node_modules/serverless/lib/plugins/aws/provider/awsProvider.js:224:38) 
    at Object.request.requestQueue.add [as promiseGenerator] (/usr/local/lib/node_modules/serverless/lib/plugins/aws/provider/awsProvider.js:264:49) 
    at Queue._dequeue (/usr/local/lib/node_modules/serverless/node_modules/promise-queue/lib/index.js:153:30) 
    at /usr/local/lib/node_modules/serverless/node_modules/promise-queue/lib/index.js:109:18 
From previous event: 
    at Queue.add (/usr/local/lib/node_modules/serverless/node_modules/promise-queue/lib/index.js:94:16) 
    at AwsProvider.request (/usr/local/lib/node_modules/serverless/lib/plugins/aws/provider/awsProvider.js:264:39) 
    at AwsProvider.getAccountInfo (/usr/local/lib/node_modules/serverless/lib/plugins/aws/provider/awsProvider.js:462:17) 
    at AwsProvider.getAccountId (/usr/local/lib/node_modules/serverless/lib/plugins/aws/provider/awsProvider.js:457:17) 
    at AwsDeploy.checkLogGroupSubscriptionFilterResourceLimitExceeded (/usr/local/lib/node_modules/serverless/lib/plugins/aws/deploy/lib/checkForChanges.js:151:26) 
    at AwsDeploy.BbPromise.bind.then.then.then.then (/usr/local/lib/node_modules/serverless/lib/plugins/aws/deploy/lib/checkForChanges.js:29:21) 
    at FSReqWrap.readFileAfterClose [as oncomplete] (internal/fs/read_file_context.js:53:3) 
From previous event: 
    at AwsDeploy.checkForChanges (/usr/local/lib/node_modules/serverless/lib/plugins/aws/deploy/lib/checkForChanges.js:23:8) 
From previous event: 
    at Object.aws:deploy:deploy:checkForChanges [as hook] (/usr/local/lib/node_modules/serverless/lib/plugins/aws/deploy/index.js:104:10) 
    at BbPromise.reduce (/usr/local/lib/node_modules/serverless/lib/classes/PluginManager.js:408:55) 
From previous event: 
    at PluginManager.invoke (/usr/local/lib/node_modules/serverless/lib/classes/PluginManager.js:408:22) 
    at PluginManager.spawn (/usr/local/lib/node_modules/serverless/lib/classes/PluginManager.js:426:17) 
    at AwsDeploy.BbPromise.bind.then (/usr/local/lib/node_modules/serverless/lib/plugins/aws/deploy/index.js:93:48) 
From previous event: 
    at Object.deploy:deploy [as hook] (/usr/local/lib/node_modules/serverless/lib/plugins/aws/deploy/index.js:89:10) 
    at BbPromise.reduce (/usr/local/lib/node_modules/serverless/lib/classes/PluginManager.js:408:55) 
From previous event: 
    at PluginManager.invoke (/usr/local/lib/node_modules/serverless/lib/classes/PluginManager.js:408:22) 
    at PluginManager.run (/usr/local/lib/node_modules/serverless/lib/classes/PluginManager.js:439:17) 
    at variables.populateService.then (/usr/local/lib/node_modules/serverless/lib/Serverless.js:109:33) 
    at runCallback (timers.js:705:18) 
    at tryOnImmediate (timers.js:676:5) 
    at processImmediate (timers.js:658:5) 
    at process.topLevelDomainCallback (domain.js:121:23) 
From previous event: 
    at Serverless.run (/usr/local/lib/node_modules/serverless/lib/Serverless.js:96:6) 
    at serverless.init.then (/usr/local/lib/node_modules/serverless/bin/serverless:43:28) 
    at /usr/local/lib/node_modules/serverless/node_modules/graceful-fs/graceful-fs.js:136:16 
    at /usr/local/lib/node_modules/serverless/node_modules/graceful-fs/graceful-fs.js:57:14 
    at FSReqWrap.oncomplete (fs.js:141:20) 

It's not clear to me if this is a new defect, or something wrong with our use of the AWS SDK.
It works fine with version 2.457.0 but fails with 2.525.0

@greensopinion

This comment has been minimized.

Copy link

commented Sep 9, 2019

Updating the serverless CLI from 1.41.1 to 1.51.0 has resolved the issue.

@greensopinion

This comment has been minimized.

Copy link

commented Sep 9, 2019

Updating the serverless CLI from 1.41.1 to 1.51.0 has resolved the issue.

Actually, it has only resolved the issue for those that have a .aws/config with a [default] section

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
4 participants
You can’t perform that action at this time.