New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
add config variable to explicitly ignore AWS credentials #8530
Conversation
@@ -103,9 +103,10 @@ def get_account_id_from_access_key_id(access_key_id: str) -> str: | |||
if not config.PARITY_AWS_ACCESS_KEY_ID: | |||
# If AWS_ACCESS_KEY_ID has production AWS credentials, ignore them | |||
if access_key_id.startswith("ASIA") or access_key_id.startswith("AKIA"): | |||
LOG.warning( |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I would prefer changing the log level here to debug
than adding yet another config option which simply supresses a single log message.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also ok for me
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Hard to say, I think. People are using DEBUG=1 very often, so it might still spam them. Then, on the other hand, I think warning is the correct log level, as it is something unexpected happening, not just some site note to a expected flow.
I am okay with either way. I agree with this approach not scaling in the future but on the other hand it does not really fit the "debug" logs.
In any case, I think it only solves #8380, and not the other issue (we need to investigate where these "production" credentials come from there).
630f19b
to
e606e8b
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM!
We can revisit this if this is still an issue for the users.
quick fix for #8225 and #8380
i'd like to get some input from @dfangl and @viren-nadkarni whether this makes sense and is something we can expand on.