Open paulrobello opened 1 year ago
iwahbe
commented
1 year ago Hi @paulrobello. I'm sorry to hear that. Was this always broken for you, or did something change in your program or environment? I see that you're using both aws 6.0.2 and aws 5.42.0. Are you getting the same error from both providers?
Thanks for investigating the hash behavior. That's helpful!
paulrobello
commented
1 year ago i have never tried to use pulumi with aws sso before this test project. this is my package.json
{
"name": "pt2",
"devDependencies": {
"@types/node": "^20"
},
"dependencies": {
"@pulumi/aws": "^6.0.2",
"@pulumi/aws-apigateway": "^1.0.1",
"@pulumi/awsx": "^1.0.5",
"@pulumi/pulumi": "^3.79.0",
"typescript": "^4.0.0"
}
}
torrottum
commented
11 months ago +1. Same problem here with v5 provider:
❯ export AWS_PROFILE="some-profile"
❯ pulumi login s3://<redacted>
error: problem logging in: read ".pulumi/meta.yaml": blob (key ".pulumi/meta.yaml") (code=Unknown): SSOProviderInvalidToken: the SSO session has expired or is invalid
caused by: open /home/tor/.aws/sso/cache/64c617cc9ffe5acce72ea3f39172622410ec899f.json: no such file or directory
# AWS CLI works fine though:
❯ aws s3 ls s3://<redacted>
PRE .pulumi/
❯ ln -s ~/.aws/sso/cache/e880436e045d29884fc18887312993ade8cbffe1.json ~/.aws/sso/cache/64c617cc9ffe5acce72ea3f39172622410ec899f.json
❯ pulumi login s3://<redacted>
Logged in to torrot-thinkpad as tor (s3://<redacted>)❯ pulumi about
CLI
Version 3.72.2
Go Version go1.20.5
Go Compiler gc
Plugins
NAME VERSION
aws 5.28.0
awsx 1.0.1
docker 3.6.1
nodejs unknown
Host
OS arch
Version
Arch x86_64
This project is written in nodejs: executable='/home/tor/.nvm/versions/node/v18.15.0/bin/node' version='v18.15.0'
Backend
Name torrot-thinkpad
URL s3://<redacted>
User tor
Organizations
Dependencies:
NAME VERSION
eslint 8.32.0
@live/functionbeat 1.1.0
@pulumi/aws 5.28.0
@pulumi/awsx 1.0.1
@pulumi/pulumi 3.53.0
@types/node 18.11.18
@typescript-eslint/eslint-plugin 5.49.0
@typescript-eslint/parser 5.49.0
What happened?
Error: failed to refresh cached credentials, the SSO session has expired or is invalid: open C:\Users\XXXX.aws\sso\cache\0737203535d073e3924972a314bfc9090500c4e8.json: The system cannot find the file specified.
Expected Behavior
Pulumi deploys requested aws resources when logged into aws sso via cli.
Steps to reproduce
mkdir dev && cd dev pulumi new serverless-aws-typescript aws sso login --profile dev-admin pulumi up
Output of
pulumi aboutCLI Version 3.79.0 Go Version go1.21.0 Go Compiler gc
Plugins NAME VERSION aws 6.0.2 aws 5.42.0 aws 5.42.0 aws-apigateway 1.0.1 awsx 1.0.5 docker 3.6.1 nodejs unknown
Host OS Microsoft Windows 11 Pro Version 10.0.22621 Build 22621 Arch x86_64
This project is written in nodejs: executable='C:\Program Files\nodejs\node.exe' version='v20.5.1'
Current Stack: paulrobello/pt2/dev
Found no resources associated with dev
Found no pending operations associated with dev
Backend Name pulumi.com URL https://app.pulumi.com/paulrobello User paulrobello Organizations paulrobello
Additional context
I am using aws-cli/2.13.14 Python/3.11.4 Windows/10 exe/AMD64
The provider appears to be computing the hash by computing the sha of the sso_start_url When i do this for my start url using: echo -n START_URL | shasum -a 1 | awk '{print $1}' I get the same hash in the error message. I checked and a file with that hash does not exist. If I locate the correct file and symlink it with the hash pulumi is looking for then everything works as expected.
Contributing
Vote on this issue by adding a 👍 reaction. To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).