fails to read cached SSO token when AWS profile config includes a `sso_session` attribute

awslabs / amazon-ecr-credential-helper

Automatically gets credentials for Amazon ECR on docker push/docker pull

Apache License 2.0

2.45k stars 335 forks source link

fails to read cached SSO token when AWS profile config includes a `sso_session` attribute #771

Open schrobot opened 3 months ago

schrobot commented 3 months ago

see https://github.com/aws/aws-sdk-go/issues/5184

Reproduction Steps

Create an AWS profile in ~/.aws/config enabled for SSO, that has a session-name
Run aws sso login --profile <that profile>
Try to pull a docker image, and it fails
Remove the session_name attribute, and login again
It will work

schrobot commented 2 months ago

From this issue it seems like if a new release is cut from the current source on main, the issue may be resolved. The released version's aws-sdk-go-v2 dependency is much older than what is currently on main.

austinvazquez commented 1 month ago

Hi @schrobot, version 0.8.0 has been released; however, I was unable to reproduce the issue on the previous v0.7.1 version. Can you confirm the Amazon ECR credential helper version you encountered the issue? i.e. output from docker-credential-ecr-login -v

Also as a sanity check, can you confirm you set the AWS_PROFILE environment variable to the named profile for which the session was configured?