New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Conditionally redirect stderr for exec auth provider #1377
Conditionally redirect stderr for exec auth provider #1377
Conversation
|
Welcome @bianyifan! |
See this PR on why this was added, #1267 (comment) |
I can understand back in time the stderr messages are catched and being used in exception messages, but that got changed in #1267; nothing reads redirected stderr stream now and prompts in stderr got lost. And for error handling, I believe we should check |
It has been a little time since that PR, however, I believe that approach would cause the process to hang as Kubelogin waits for you to log into a http based url and won't exit until the process is killed or the login has occurred. Grab kubelogin and try https://github.com/Azure/kubelogin/releases kubelogin get-token --environment AzurePublicCloud --server-id 6dae42f8-4368-4678-94ff-3960e28e3630 --client-id 80faf920-1908-4b52-b5ef-a8e7bedfc67a --tenant-id b82075ce-f897-4df8-8624-47b71a1fd251 --login devicecode Maybe we could set RedirectStandardError to true only if ExecStdError is not null? |
seems a customizable |
Codecov Report
❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more. @@ Coverage Diff @@
## master #1377 +/- ##
=========================================
Coverage ? 70.51%
=========================================
Files ? 89
Lines ? 2683
Branches ? 0
=========================================
Hits ? 1892
Misses ? 791
Partials ? 0 📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more |
Exactly, I am not able to login without a prompt and kubelogin keeps waiting for user interaction.
Let me try summarize:
Thanks for your input and I will make an update! |
99575a1
to
0c409cc
Compare
Updated. |
lets do a proposal to remove static? |
I'd like to understand the purpose of capturing stderr. If the purpose is just to include stderr output into exception messages in non-user-interactive scenarios, ideally we could just use So, currently I am thinking:
If this plan looks good to you, I can start another PR for that. |
One more thing to note, when the exception occurs, we need to keep the kubelogin process around if it doesn't exit on its own, otherwise the login process will not complete. However there is a concern that we could spawn many zombie processes. |
I believe this is only a concern in the try-block around |
any additional comments? @IvanJosipovic |
good to merge @IvanJosipovic ? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
/LGTM
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: bianyifan, tg123 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Thanks @tg123 ! I will work on removing static stderr handler as we have discussed before soon. |
External command authentication provider may prompt user interaction in stderr (e.g. Azure/kubelogin device code flow).
If stderr is redirected, users won't be able to see the prompt in the console.
Globally searching for
ExecStdError
didn't yield any meaningful result, so I would just remove that event handler and disable stderr redirection.