Skip to content

Commit

Permalink
Merge pull request #361 from hashicorp/b-authentication-retry
Browse files Browse the repository at this point in the history
Removes no-op retryer for authentication
  • Loading branch information
gdavison authored Feb 10, 2023
2 parents 1f80358 + b71623d commit 5869613
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 12 deletions.
21 changes: 13 additions & 8 deletions aws_config.go
Original file line number Diff line number Diff line change
Expand Up @@ -65,19 +65,31 @@ func GetAwsConfig(ctx context.Context, c *Config) (context.Context, aws.Config,
if err != nil {
return ctx, aws.Config{}, err
}

// The providers set `MaxRetries` to a very large value.
// Add retries here so that authentication has a reasonable number of retries
if c.MaxRetries != 0 {
loadOptions = append(
loadOptions,
config.WithRetryMaxAttempts(c.MaxRetries),
)
}

loadOptions = append(
loadOptions,
config.WithCredentialsProvider(credentialsProvider),
)

if initialSource == ec2rolecreds.ProviderName {
loadOptions = append(
loadOptions,
config.WithEC2IMDSRegion(),
)
}

awsConfig, err := config.LoadDefaultConfig(baseCtx, loadOptions...)
if err != nil {
return ctx, awsConfig, fmt.Errorf("loading configuration: %w", err)
return ctx, aws.Config{}, fmt.Errorf("loading configuration: %w", err)
}

resolveRetryer(baseCtx, &awsConfig)
Expand Down Expand Up @@ -225,13 +237,6 @@ func commonLoadOptions(ctx context.Context, c *Config) ([]func(*config.LoadOptio
config.WithEC2IMDSClientEnableState(c.EC2MetadataServiceEnableState),
}

if c.MaxRetries != 0 {
loadOptions = append(
loadOptions,
config.WithRetryMaxAttempts(c.MaxRetries),
)
}

if !c.SuppressDebugLog {
loadOptions = append(
loadOptions,
Expand Down
4 changes: 0 additions & 4 deletions credentials.go
Original file line number Diff line number Diff line change
Expand Up @@ -26,10 +26,6 @@ func getCredentialsProvider(ctx context.Context, c *Config) (aws.CredentialsProv
}
loadOptions = append(
loadOptions,
// Bypass retries when validating authentication
config.WithRetryer(func() aws.Retryer {
return aws.NopRetryer{}
}),
// The endpoint resolver is added here instead of in commonLoadOptions() so that it
// is not included in the aws.Config returned to the caller
config.WithEndpointResolverWithOptions(credentialsEndpointResolver(ctx, c)),
Expand Down

0 comments on commit 5869613

Please sign in to comment.