search

aws-actions / configure-aws-credentials

Configure AWS credential environment variables for use in other GitHub Actions.
MIT License
2.48k stars 471 forks source link

Add more debug statements #861

Open michalfurmanek opened 1 year ago

michalfurmanek commented 1 year ago

Describe the feature

Hello all,

I need your help with understanding log output that is throwing us an error:

##[debug]Result: '***'
##[debug]Loading env
Run aws-actions/configure-aws-credentials@v4
  with:
    aws-access-key-id: ***
    aws-secret-access-key: ***
    aws-region: ***
    role-to-assume: ***
    role-duration-seconds: 1200
    role-skip-session-tagging: true
    audience: sts.amazonaws.com
::add-mask::***
::add-mask::***
Error: connect ETIMEDOUT 52.94.X.X:443

it's failing right after evaluating all secrets from GH. For sure this is some connectivity problem but we are trying to understand what is this address 52.94.X.X and why this script is trying to connect there? We are running on our self hosted runner on ec2 which already has proxy variables configured.

Is it possible to increase debug level to see in which part of the code it is failing?

Thanks

Use Case

whenever we are initializing new job on self hosted GH runner

Proposed Solution

No response

Other Information

No response

Acknowledgements

peterwoodworth commented 1 year ago

Hey @michalfurmanek,

If you have specific places in mind where you think debug statements make sense to place, feel free to call them out. I think it would be great to have more debug statements if they can be helpful, we can look into that on our end too

If you'd like to debug yourself, feel free to fork this repo and clone it, install packages, add changes to the src/*.ts files, package with npm run package, and then push back to your fork and then run the action from your fork.

If you provide more specific reproduction steps, we can look to see if it's an issue on our end that needs fixing. We had to change how the proxy implementation works migrating from v2 to v3 due to migrating the JS AWS SDK to v3. I'm curious if you could also try v2 to see if that works

michalfurmanek commented 1 year ago

Thanks for you response @peterwoodworth. Looks like with v2 it worked without any problems.

peterwoodworth commented 1 year ago

Ok @michalfurmanek, thanks for the response. It seems then that there's some issue with how we've implemented the proxy with v3. Would you be able to provide details on how you setup your proxy on EC2 so I can try to reproduce with the setup you have?

michalfurmanek commented 1 year ago

sure - we have script that's located at /etc/profile.d/proxy.sh with following content and format:

export HTTP_PROXY=XXX
export HTTPS_PROXY=XXX
export NO_PROXY=XXX
export http_proxy=XXX
export https_proxy=XXX
export no_proxy=XXX

it's in user-data, so when instance is launched we're just executing source /etc/profile.d/proxy.sh

RaviVadera commented 7 months ago

Is there any update on this? Facing the same issue with v4 behind proxy.

peterwoodworth commented 7 months ago

I'm not a maintainer here anymore, @tim-finnigan this issue might need relabeling or merging with another issue (if there is a similar issue open, not sure)

RaviVadera commented 6 months ago

@peterwoodworth @tim-finnigan I would suggest changing the labels for the issue, this is a breaking thing from v2. So should be considered as bug / defect rather than feature request and maybe on high/urgent priority? We can't migrate to v4 which also adds support for node 20 required by GitHub Actions.

tim-finnigan commented 6 months ago

@RaviVadera could you elaborate on the breaking nature of this issue? I'm wondering if a new issue is necessary for what you're asking about. From what I can tell this issue is originally a request to add more debug statements.

RaviVadera commented 6 months ago

Ok @michalfurmanek, thanks for the response. It seems then that there's some issue with how we've implemented the proxy with v3. Would you be able to provide details on how you setup your proxy on EC2 so I can try to reproduce with the setup you have?

The request to add more debug statements was to trace the reason for failure but from the quoted statement it seems the problem is caused by the proxy implementation. The symptom we are observing at the moment is drop-in replacement to v4 from v2 does not work, particularly beihnd a proxy. Not sure which would be appropriate, separate issue / changing this issue's description.

tim-finnigan commented 6 months ago

Thanks @RaviVadera - @michalfurmanek do you have any updates on your end regarding this issue? @RaviVadera I think it might be best to create a new issue and add your full steps to reproduce there.

Regarding proxy support that was added in https://github.com/aws-actions/configure-aws-credentials/pull/246 and documented here. We can look into this further with more info like the specific error and steps to reproduce it.

RaviVadera commented 6 months ago

Thanks @tim-finnigan, I created separate #1061