in src/lib/sdkutils.ts [75:178]
public static async createAndConfigureSdkClient(
awsService: any,
awsServiceOpts: any,
taskParams: AWSConnectionParameters,
logger: (msg: string) => void
): Promise<any> {
awsService.prototype.customizeRequests((request: any) => {
const logRequestData = taskParams.logRequestData
const logResponseData = taskParams.logResponseData
const operation = request.operation
request.on('complete', (response: any) => {
try {
logger(`AWS ${operation} request ID: ${response.requestId}`)
const httpRequest = response.request.httpRequest
const httpResponse = response.httpResponse
// For integration testing we validate that the user agent string we rely on for
// usage metrics was set. An environment variable allows us to easily enable/disable
// validation across all build tests if needed instead of using a per-definition build
// variable. We validate the agent in all builds (so we catch an error from any test)
// but only output that we've done the check in one so as to not spam the output from all
// requests in all tests.
if (process.env[this.validateUserAgentEnvVariable]) {
const agent: string = httpRequest.headers[this.userAgentHeader]
if (
agent.startsWith(`${this.userAgentPrefix}/`) &&
agent.includes(`${this.userAgentSuffix}-`)
) {
// Note: only displays if system.debug variable set true on the build
logger(`User-Agent ${agent} validated successfully`)
} else {
throw new Error(`User-Agent was not configured correctly for tools: ${agent}`)
}
}
// Choosing to not log request or response body content at this stage, partly to avoid
// having to detect and avoid streaming content or object uploads, and partly to avoid
// the possibility of logging sensitive data
if (logRequestData) {
logger(`---Request data for ${response.requestId}---`)
logger(` Path: ${httpRequest.path}`)
logger(' Headers:')
Object.keys(httpRequest.headers).forEach(element => {
logger(` ${element}=${httpRequest.headers[element]}`)
})
}
if (logResponseData) {
logger(`---Response data for request ${response.requestId}---`)
logger(` Status code: ${httpResponse.statusCode}`)
if (response.httpResponse.headers) {
logger(' Headers:')
for (const k of Object.keys(httpResponse.headers)) {
logger(` ${k}=${httpResponse.headers[k]}`)
}
}
}
} catch (err) {
logger(` Error inspecting request/response data, ${err}`)
}
})
})
// If not already set for the service, poke any obtained credentials and/or
// region into the service options. If credentials remain undefined, the sdk
// will attempt to auto-infer from the host environment variables or, if EC2,
// instance metadata
if (awsServiceOpts) {
if (!awsServiceOpts.credentials) {
const creds = await getCredentials(taskParams)
if (creds) {
awsServiceOpts.credentials = creds
}
}
if (!awsServiceOpts.region) {
awsServiceOpts.region = await getRegion()
}
return new awsService(awsServiceOpts)
}
const credentials = await getCredentials(taskParams)
// resolve credentials
await credentials?.getPromise()
// Mask credentials from logs if they are accidentially printed somehow
if (credentials?.accessKeyId) {
tl.setSecret(credentials?.accessKeyId)
}
if (credentials?.secretAccessKey) {
tl.setSecret(credentials?.secretAccessKey)
}
if (credentials?.sessionToken) {
tl.setSecret(credentials?.sessionToken)
}
return new awsService({
credentials: credentials ? credentials.getPromise() : undefined,
region: await getRegion()
})
}