From 7e026e2b5d4404de375053fe4a89312c68e634de Mon Sep 17 00:00:00 2001 From: Victoria Jeffrey Date: Mon, 1 Apr 2024 15:32:02 -0600 Subject: [PATCH] =?UTF-8?q?=F0=9F=A7=B9=20remove=20unnecessary=20iam=20err?= =?UTF-8?q?or=20msg=20(credential=20report)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- providers/aws/connection/connection.go | 37 ++++++++++++++++++++++++++ providers/aws/resources/aws_iam.go | 2 -- 2 files changed, 37 insertions(+), 2 deletions(-) diff --git a/providers/aws/connection/connection.go b/providers/aws/connection/connection.go index 74bc3eb31b..b2d85154c5 100644 --- a/providers/aws/connection/connection.go +++ b/providers/aws/connection/connection.go @@ -13,6 +13,8 @@ import ( "github.com/aws/aws-sdk-go-v2/credentials/stscreds" "github.com/aws/aws-sdk-go-v2/service/ec2" "github.com/aws/aws-sdk-go-v2/service/sts" + "github.com/hashicorp/go-retryablehttp" + "github.com/rs/zerolog" "github.com/rs/zerolog/log" "github.com/spf13/afero" "go.mondoo.com/cnquery/v10/providers-sdk/v1/inventory" @@ -79,6 +81,12 @@ func NewAwsConnection(id uint32, asset *inventory.Asset, conf *inventory.Config) for _, opt := range opts { opt(c) } + // custom retry client + retryClient := retryablehttp.NewClient() + retryClient.RetryMax = 5 + retryClient.Logger = &zeroLogAdapter{} + c.awsConfigOptions = append(c.awsConfigOptions, config.WithHTTPClient(retryClient.StandardClient())) + cfg, err := config.LoadDefaultConfig(context.Background(), c.awsConfigOptions...) if err != nil { return nil, err @@ -335,3 +343,32 @@ func (h *AwsConnection) Regions() ([]string, error) { h.clientcache.Store("_regions", &CacheEntry{Data: regions}) return regions, nil } + +// zeroLogAdapter is the adapter for retryablehttp is outputting debug messages +type zeroLogAdapter struct{} + +func (l *zeroLogAdapter) Msg(msg string, keysAndValues ...interface{}) { + var e *zerolog.Event + // retry messages should only go to debug + e = log.Debug() + for i := 0; i < len(keysAndValues); i += 2 { + e = e.Interface(keysAndValues[i].(string), keysAndValues[i+1]) + } + e.Msg(msg) +} + +func (l *zeroLogAdapter) Error(msg string, keysAndValues ...interface{}) { + l.Msg(msg, keysAndValues...) +} + +func (l *zeroLogAdapter) Info(msg string, keysAndValues ...interface{}) { + l.Msg(msg, keysAndValues...) +} + +func (l *zeroLogAdapter) Debug(msg string, keysAndValues ...interface{}) { + l.Msg(msg, keysAndValues...) +} + +func (l *zeroLogAdapter) Warn(msg string, keysAndValues ...interface{}) { + l.Msg(msg, keysAndValues...) +} diff --git a/providers/aws/resources/aws_iam.go b/providers/aws/resources/aws_iam.go index 86fd573902..212b34e91f 100644 --- a/providers/aws/resources/aws_iam.go +++ b/providers/aws/resources/aws_iam.go @@ -111,8 +111,6 @@ func (a *mqlAwsIam) credentialReport() ([]interface{}, error) { break } - log.Error().Err(err).Msgf("resp %v, err: %v", rresp, err) - if errors.As(err, &ae) { if ae.ErrorCode() != "NoSuchEntity" && ae.ErrorCode() != "ReportInProgress" { return nil, errors.Wrap(err, "could not gather aws iam credential report")