[BUG] etcdbrctl
fails to make use of the shared credential file for AWS S3, and the process does not exit gracefully on error
#724
Labels
Describe the bug:
When
etcdbrctl
is run with neitherAWS_APPLICATION_CREDENTIALS
norAWS_APPLICATION_CREDENTIALS_JSON
set, it errors right when it attempts to take the first full snapshot after the command is run with theserver
subcommand. The process does not exit and instead retries forever with no backoff to take a snapshot, and fails.Expected behavior:
etcdbrctl
should pick up AWS credentials from the shared credential file in the.aws
directory, and should be able to take the first full snapshot, and all the subsequent delta snapshots successfully, without erroring.If no credentials are present in the shared credential file, the process must exit gracefully instead of repeatedly trying to take snapshots and failing. Another option is that it exponentially backs off the frequency at which it retries taking snapshots.
How To Reproduce (as minimally and precisely as possible):
Do not set the
AWS_APPLICATION_CREDENTIALS
orAWS_APPLICATION_CREDENTIALS_JSON
environment variables, to ensureetcdbrctl
picks up the shared credential file in the.aws
directory for authentication.Build the binary with the master branch at 17e447b (or any commit after 6958118), and run the following command:
Logs:
Environment (please complete the following information):
Anything else we need to know?:
Why this bug occurs?
Prior to #670, the function
snapstore.S3SnapStoreHash()
returnednil
as the error when neitherAWS_APPLICATION_CREDENTIALS
orAWS_APPLICATION_CREDENTIALS_JSON
environment variables were set:etcd-backup-restore/pkg/snapstore/s3_snapstore.go
Lines 498 to 517 in 635dd4d
This
nil
error was found to be non-idiomatic, and was changed to return a non-nil error in #670:etcd-backup-restore/pkg/snapstore/s3_snapstore.go
Lines 489 to 514 in 17e447b
However, this
nil
error return was relied on by all the functions which are invoked before this in the call stack, and this specific case was not accounted for when the error handling was being rewritten correctly. Thus, all full (and delta) snapshots which check if the credentials have changed will see a non-nil
error before taking a snapshot, and will therefore fail.How to fix it?
The fact that credentials can be fetched from the shared credential file at startup should be accounted for, and if the credentials were fetched from the shared credential file, it should be stored in the state of the program. Until 635dd4d,
SnapStore
was not updated at all for full and delta snapshots under this authentication, and this could be improved on by recreatingSnapStore
for every full and delta snapshot. If this is not preferred, then theSnapStore
instance is created once and it is never updated; as it was until 635dd4d.The text was updated successfully, but these errors were encountered: