coderazzi / aws_codeartifact_maven

Support to update AWS CodeArtifact credentials on maven IDEA projects.
MIT License
6 stars 7 forks source link

Error accessing commands in PATH #11

Closed skhelishalnev closed 1 year ago

skhelishalnev commented 1 year ago

Hi Lu! I'm having this error right off the bat, the AWS cli package is installed via brew and in the PATH.

Am I missing some basic config for the plugin?

image image

TIA Eli

coderazzi commented 1 year ago

Hi, Eli, Can you include the full AWS path in the "AWS cli path" location? Likely the AWS localization where brew installed it is not visible to the IDE. Best, Lu

On Wed, Sep 20, 2023, 16:41 Eli Shalnev @.***> wrote:

Hi Lu! I'm having this error right off the bat, the AWS cli package is installed via brew and in the PATH.

Am I missing some basic config for the plugin?

[image: image] https://user-images.githubusercontent.com/134416718/269319697-9bffcaef-4ded-44b4-8534-9033aa67ff8b.png [image: image] https://user-images.githubusercontent.com/134416718/269321172-d8607ffb-4999-4a10-9eb1-a629e8c73f62.png

TIA Eli

— Reply to this email directly, view it on GitHub https://github.com/coderazzi/aws_codeartifact_maven/issues/11, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAH54IJXU4EIYW63B7WF3U3X3L6APANCNFSM6AAAAAA5ABOO6I . You are receiving this because you are subscribed to this thread.Message ID: @.***>

skhelishalnev commented 1 year ago

Hi Lu,

Yes the full path is working, but since I'm using credential_process with AWS config file, that invoke another executable in path like aws-vault, it fails the same on that executable, do you have the control over PATH var within the plugin scope?

coderazzi commented 1 year ago

Hi, Eli, Let me see if I understand the issue: you invoke AWS from the plugin, using the complete path, then AWS is going to use the credentials process and call AWS_VAULT, but it doesn't find it in the path? And AWS_VAUT is specified in the profile using its full path? If so, is AWS_VAULT invoking itself AWS, which it cannot find in the path?

Best, Luis

On Thu, Sep 21, 2023 at 6:34 AM Eli Shalnev @.***> wrote:

Hi Lu,

Yes the full path is working, but since I'm using credential_process https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sourcing-external.html with AWS config file, that invoke another executable in path like aws-vault https://github.com/99designs/aws-vault, it fails the same on that executable, is the PATH is something you control within the plugin scope?

— Reply to this email directly, view it on GitHub https://github.com/coderazzi/aws_codeartifact_maven/issues/11#issuecomment-1728937989, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAH54IK5VN4S6SR5TUDUSYTX3PNX3ANCNFSM6AAAAAA5ABOO6I . You are receiving this because you commented.Message ID: @.***>

coderazzi commented 1 year ago

Hi, Eli, I am eeally interested in understanding the cause of the issue, have you found the solution? Best, Lu.

On Thu, Sep 21, 2023 at 11:28 AM coderazzi @.***> wrote:

Hi, Eli, Let me see if I understand the issue: you invoke AWS from the plugin, using the complete path, then AWS is going to use the credentials process and call AWS_VAULT, but it doesn't find it in the path? And AWS_VAUT is specified in the profile using its full path? If so, is AWS_VAULT invoking itself AWS, which it cannot find in the path?

Best, Luis

On Thu, Sep 21, 2023 at 6:34 AM Eli Shalnev @.***> wrote:

Hi Lu,

Yes the full path is working, but since I'm using credential_process https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sourcing-external.html with AWS config file, that invoke another executable in path like aws-vault https://github.com/99designs/aws-vault, it fails the same on that executable, is the PATH is something you control within the plugin scope?

— Reply to this email directly, view it on GitHub https://github.com/coderazzi/aws_codeartifact_maven/issues/11#issuecomment-1728937989, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAH54IK5VN4S6SR5TUDUSYTX3PNX3ANCNFSM6AAAAAA5ABOO6I . You are receiving this because you commented.Message ID: @.***>

skhelishalnev commented 1 year ago

Oh sorry, I had no chance to test yet.

Answering your question, the credential_process executable aws-vault is called by name since it is already in PATH, when called from terminal. aws vault itself leverages the aws SDK so every time i call aws cli with specific profile the available credentials are temporary ones.

I'll try to test a workaround tomorrow by using the full path for aws-vault in aws config file and will post back. It's interesting tho to get to the bottom of the issue and understand why a PATH available to the plugin is different.

skhelishalnev commented 1 year ago

Hey Lu, Just checked and your suggestion works, when adding full paths the plugin is able to get and configure token.

However, it would be great to understand how we can modify the PATH that plugin receive from the environment so we can use commands without specifying the full path (apparently managed by IDEA itself).

coderazzi commented 1 year ago

Hi, Eli, glad to see that the solution was possible through the full paths. The PATH option could be useful, but I am very partial to always using full paths, and, to avoid making more convoluted the plugin interface. The plugin is calling a CLI utility, and overriding the path could be as easy as creating yet another script that first sets the PATH, and then invokes the 'real' aws / aws-vault script. Of course, if everybody was using this script hop, adding the PATH option would be indeed useful, but for the time being, I would prefer to leave the interface as it is. Thanks for your time working and reporting this issue! Best, Lu.

On Thu, Sep 28, 2023 at 1:59 PM Eli Shalnev @.***> wrote:

Hey Lu, Just checked and your suggestion works, when adding full paths the plugin is able to get and configure token.

However, it would be great to understand how we can modify the PATH that plugin receieve from the environment (apparently managed by IDEA itself)

— Reply to this email directly, view it on GitHub https://github.com/coderazzi/aws_codeartifact_maven/issues/11#issuecomment-1739005978, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAH54IOU37JEE7CQ7YPPNTTX4VRAHANCNFSM6AAAAAA5ABOO6I . You are receiving this because you commented.Message ID: @.***>