Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(cwl): Remove wrapping pre-stream exceptions and just letting them throw #5976

Merged
merged 1 commit into from
Nov 11, 2024
Merged

fix(cwl): Remove wrapping pre-stream exceptions and just letting them throw #5976

merged 1 commit into from
Nov 11, 2024

Conversation

keeganirby
Copy link
Contributor

Problem

Exceptions can occur pre-stream (the synchronous portion of a StartLiveTail call that establishes the streaming connection). Currently, we are calling StartLiveTail in a try-catch, catching errrors, and throwing them as a ToolkitException. These are not chaining the root exception. This means when an error occurs, its root cause is being swallowed - causing user's to not know why their LiveTall command is failing.

Solution

Given that we are just rethrowing err. There's probably no point to this catch. Removing it, and letting the root exception throw.

Forced pre-stream exception to throw with an IAM permission violation and this change applied. More clear as to what the actual problem is:
Pop-up: Failed to run command: aws.cwl.tailLogGroup: User: arn:aws:sts::203607498903:assumed-role/NoLiveTail/keegani-Isengard is not authorized to perform: logs:StartLiveTail on resource: arn:aws:logs:us-east-1:203607498903:log-group:/aws/codebuild/BATSSandboxCodeBuildPr-bf0a23097fbc3948a2c5b26f1616f7d32b622cba because no identity-based policy allows the logs:StartLiveTail action

Full log:

2024-11-11 13:00:04.310 [error] aws.cwl.tailLogGroup: [AccessDeniedException: User: arn:aws:sts::203607498903:assumed-role/NoLiveTail/keegani-Isengard is not authorized to perform: logs:StartLiveTail on resource: arn:aws:logs:us-east-1:203607498903:log-group:/aws/codebuild/BATSSandboxCodeBuildPr-bf0a23097fbc3948a2c5b26f1616f7d32b622cba because no identity-based policy allows the logs:StartLiveTail action
	at de_AccessDeniedExceptionRes (/Users/keegani/workplace/aws-toolkit-vscode-release/aws-toolkit-vscode/node_modules/@aws-sdk/client-cloudwatch-logs/dist-cjs/index.js:2249:21)
	at de_CommandError (/Users/keegani/workplace/aws-toolkit-vscode-release/aws-toolkit-vscode/node_modules/@aws-sdk/client-cloudwatch-logs/dist-cjs/index.js:2203:19)
	at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
	at async /Users/keegani/workplace/aws-toolkit-vscode-release/aws-toolkit-vscode/node_modules/@aws-sdk/client-cloudwatch-logs/node_modules/@smithy/middleware-serde/dist-cjs/index.js:35:20
	at async /Users/keegani/workplace/aws-toolkit-vscode-release/aws-toolkit-vscode/node_modules/@smithy/core/dist-cjs/index.js:168:18
	at async /Users/keegani/workplace/aws-toolkit-vscode-release/aws-toolkit-vscode/node_modules/@aws-sdk/client-cloudwatch-logs/node_modules/@smithy/middleware-retry/dist-cjs/index.js:320:38
	at async /Users/keegani/workplace/aws-toolkit-vscode-release/aws-toolkit-vscode/node_modules/@aws-sdk/client-cloudwatch-logs/node_modules/@aws-sdk/middleware-logger/dist-cjs/index.js:34:22
	at async LiveTailSession.startLiveTailSession (/Users/keegani/workplace/aws-toolkit-vscode-release/aws-toolkit-vscode/packages/core/dist/src/awsService/cloudWatchLogs/registry/liveTailSession.js:70:31)
	at async tailLogGroup (/Users/keegani/workplace/aws-toolkit-vscode-release/aws-toolkit-vscode/packages/core/dist/src/awsService/cloudWatchLogs/commands/tailLogGroup.js:58:20)
	at async /Users/keegani/workplace/aws-toolkit-vscode-release/aws-toolkit-vscode/packages/core/dist/src/awsService/cloudWatchLogs/activation.js:91:9
	at async runCommand (/Users/keegani/workplace/aws-toolkit-vscode-release/aws-toolkit-vscode/packages/core/dist/src/shared/vscode/commands2.js:445:16)
	at async Y0.h (file:///Applications/Visual%20Studio%20Code.app/Contents/Resources/app/out/vs/workbench/api/node/extensionHostProcess.js:114:32825)] {
  '$fault': 'client',
  '$metadata': [Object],
  __type: 'AccessDeniedException'
}

License: I confirm that my contribution is made under the terms of the Apache 2.0 license.

@keeganirby keeganirby requested a review from a team as a code owner November 11, 2024 21:02
@github-actions GitHub Actions
Copy link

  • This pull request modifies code in src/* but no tests were added/updated.
    • Confirm whether tests should be added or ensure the PR description explains why tests are not required.
  • This pull request implements a feat or fix, so it must include a changelog entry (unless the fix is for an unreleased feature). Review the changelog guidelines.
    • Note: beta or "experiment" features that have active users should announce fixes in the changelog.
    • If this is not a feature or fix, use an appropriate type from the title guidelines. For example, telemetry-only changes should use the telemetry type.

@hayemaxi hayemaxi merged commit ca25202 into aws:feature/cwltail Nov 11, 2024
20 of 25 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hayemaxi hayemaxi hayemaxi approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@keeganirby @hayemaxi