Skip to content
This repository was archived by the owner on Nov 27, 2023. It is now read-only.
This repository was archived by the owner on Nov 27, 2023. It is now read-only.

Session Token Support #1186

Closed
grrapport/compose-cli
#1
Closed
Session Token Support#1186
grrapport/compose-cli
#1
Labels
ecsstaleInactive issue
@mjsobrep

Description

@mjsobrep
mjsobrep
opened on Jan 28, 2021

Description
Currently this system does not support session tokens in the credential files. It would be helpful if it did.

Steps to reproduce the issue:

  1. setup an AWS profile that uses access key id, access key, and session token
  2. run: docker context create ecs <new name> and select the AWS Profile with the token
  3. try to bring up a docker compose definition with the new context. Observe failure...

Describe the results you received:

[I] docker compose -f docker-compose-turn.yml up
NoCredentialProviders: no valid providers in chain. Deprecated.
	For verbose messaging see aws.Config.CredentialsChainVerboseErrors

Describe the results you expected:
For the docker compose file to be brought up in AWS

Additional information you deem important (e.g. issue happens only occasionally):

Output of docker version:

[I] docker version
Client: Docker Engine - Community
 Cloud integration: 1.0.7
 Version:           20.10.2
 API version:       1.41
 Go version:        go1.13.15
 Git commit:        2291f61
 Built:             Mon Dec 28 16:17:43 2020
 OS/Arch:           linux/amd64
 Context:           pennecs
 Experimental:      true

Server: Docker Engine - Community
 Engine:
  Version:          20.10.2
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.13.15
  Git commit:       8891c58
  Built:            Mon Dec 28 16:15:19 2020
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.4.3
  GitCommit:        269548fa27e0089a8b8278fc4fc781d7f65a939b
 runc:
  Version:          1.0.0-rc92
  GitCommit:        ff819c7e9184c13b7c2607fe6c30ae19403a7aff
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

Output of docker context show:
You can also run docker context inspect context-name to give us more details but don't forget to remove sensitive content.

[I] docker context show
pennecs

Output of docker info:

[I] docker info
Command "info" not available in current context (pennecs), you can use the "default" context to run this command

Additional environment details (AWS ECS, Azure ACI, local, etc.):
In AWS ECS

Reading through the code for this, it looks like the token is never used in the auth pipeline: https://github.com/docker/compose-cli/blob/54020db51730a43289f2d314919e2a3977a236b6/ecs/context.go

Metadata

Metadata

Assignees

No one assigned

    Labels

    ecsstaleInactive issue

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions