🧹 remove unnecessary iam error msg (credential report)

mondoohq · Apr 1, 2024 · 7e026e2 · 7e026e2
1 parent 9006248
commit 7e026e2
Show file tree

Hide file tree

Showing 2 changed files with 37 additions and 2 deletions.
diff --git a/providers/aws/connection/connection.go b/providers/aws/connection/connection.go
@@ -13,6 +13,8 @@ import (
 	"github.com/aws/aws-sdk-go-v2/credentials/stscreds"
 	"github.com/aws/aws-sdk-go-v2/service/ec2"
 	"github.com/aws/aws-sdk-go-v2/service/sts"
+	"github.com/hashicorp/go-retryablehttp"
+	"github.com/rs/zerolog"
 	"github.com/rs/zerolog/log"
 	"github.com/spf13/afero"
 	"go.mondoo.com/cnquery/v10/providers-sdk/v1/inventory"
@@ -79,6 +81,12 @@ func NewAwsConnection(id uint32, asset *inventory.Asset, conf *inventory.Config)
 	for _, opt := range opts {
 		opt(c)
 	}
+	// custom retry client
+	retryClient := retryablehttp.NewClient()
+	retryClient.RetryMax = 5
+	retryClient.Logger = &zeroLogAdapter{}
+	c.awsConfigOptions = append(c.awsConfigOptions, config.WithHTTPClient(retryClient.StandardClient()))
+
 	cfg, err := config.LoadDefaultConfig(context.Background(), c.awsConfigOptions...)
 	if err != nil {
 		return nil, err
@@ -335,3 +343,32 @@ func (h *AwsConnection) Regions() ([]string, error) {
 	h.clientcache.Store("_regions", &CacheEntry{Data: regions})
 	return regions, nil
 }
+
+// zeroLogAdapter is the adapter for retryablehttp is outputting debug messages
+type zeroLogAdapter struct{}
+
+func (l *zeroLogAdapter) Msg(msg string, keysAndValues ...interface{}) {
+	var e *zerolog.Event
+	// retry messages should only go to debug
+	e = log.Debug()
+	for i := 0; i < len(keysAndValues); i += 2 {
+		e = e.Interface(keysAndValues[i].(string), keysAndValues[i+1])
+	}
+	e.Msg(msg)
+}
+
+func (l *zeroLogAdapter) Error(msg string, keysAndValues ...interface{}) {
+	l.Msg(msg, keysAndValues...)
+}
+
+func (l *zeroLogAdapter) Info(msg string, keysAndValues ...interface{}) {
+	l.Msg(msg, keysAndValues...)
+}
+
+func (l *zeroLogAdapter) Debug(msg string, keysAndValues ...interface{}) {
+	l.Msg(msg, keysAndValues...)
+}
+
+func (l *zeroLogAdapter) Warn(msg string, keysAndValues ...interface{}) {
+	l.Msg(msg, keysAndValues...)
+}
diff --git a/providers/aws/resources/aws_iam.go b/providers/aws/resources/aws_iam.go
@@ -111,8 +111,6 @@ func (a *mqlAwsIam) credentialReport() ([]interface{}, error) {
 				break
 			}
 
-			log.Error().Err(err).Msgf("resp %v, err: %v", rresp, err)
-
 			if errors.As(err, &ae) {
 				if ae.ErrorCode() != "NoSuchEntity" && ae.ErrorCode() != "ReportInProgress" {
 					return nil, errors.Wrap(err, "could not gather aws iam credential report")