search

thomasmichaelwallace / serverless-better-credentials

Better AWS credentials resolution plugin for serverless
MIT License
54 stars 9 forks source link

`Cannot read property 'getPromise' of undefined` when using Serverless ci/cd #5

Closed danemauland closed 2 years ago

danemauland commented 2 years ago

Describe the bug When using Serverless's CI/CD feature to deploy, serverless-better-credentials raises a "TypeError: Cannot read property 'getPromise' of undefined" in the init method of the ServerlessBetterCredentials class. This happens even when serverless-better-credentials as the first plugin listed.

To Reproduce Steps to reproduce the behavior:

  1. Set up serverless CI/CD following this guide: https://www.serverless.com/framework/docs/guides/cicd, but using the "automatic" setup for a provider
  2. Trigger an automatic deployment
  3. In the serverless dashboard, go to "ci/cd", click the most recent deployment, then navigate to the build log
  4. You should see the referenced error

Expected behavior I expected the build to succeed and for serverless-better-credentials to not throw an error.

Screenshots image

Desktop (please complete the following information):

Additional context I think that when using the CI/CD pipeline, serverless may be initializing the provider.cachedCredentials variable (used in the getCredentials method) before serverless-better-credentials is able to. This leads to the cachedCredentials being returned before the getCredentials method can format it, so it is not in the structure expected by the ServerlessBetterCredentials init method.

thomasmichaelwallace commented 2 years ago

Hi - thanks for reporting.

I don't actually use serverless for deployment - but I think you're analysis is right, they're making use of the (also) undocumented cachedCredentials property to override the default resolution mechanism.

serverless-better-credentials@1.1.2 should fix this.

I've put a guard in, and a warning. This does mean that you won't get serverless-better-credentials resolution when you run it in the serverless ci/cd pipeline, but presumably this is OK because they're already taking control of the credential resolution...