Description
Currently this system does not support session tokens in the credential files. It would be helpful if it did.
Steps to reproduce the issue:
- setup an AWS profile that uses access key id, access key, and session token
- run:
docker context create ecs <new name> and select the AWS Profile with the token
- try to bring up a docker compose definition with the new context. Observe failure...
Describe the results you received:
[I] ➜ docker compose -f docker-compose-turn.yml up
NoCredentialProviders: no valid providers in chain. Deprecated.
For verbose messaging see aws.Config.CredentialsChainVerboseErrors
Describe the results you expected:
For the docker compose file to be brought up in AWS
Additional information you deem important (e.g. issue happens only occasionally):
Output of docker version:
[I] ➜ docker version
Client: Docker Engine - Community
Cloud integration: 1.0.7
Version: 20.10.2
API version: 1.41
Go version: go1.13.15
Git commit: 2291f61
Built: Mon Dec 28 16:17:43 2020
OS/Arch: linux/amd64
Context: pennecs
Experimental: true
Server: Docker Engine - Community
Engine:
Version: 20.10.2
API version: 1.41 (minimum version 1.12)
Go version: go1.13.15
Git commit: 8891c58
Built: Mon Dec 28 16:15:19 2020
OS/Arch: linux/amd64
Experimental: false
containerd:
Version: 1.4.3
GitCommit: 269548fa27e0089a8b8278fc4fc781d7f65a939b
runc:
Version: 1.0.0-rc92
GitCommit: ff819c7e9184c13b7c2607fe6c30ae19403a7aff
docker-init:
Version: 0.19.0
GitCommit: de40ad0
Output of docker context show:
You can also run docker context inspect context-name to give us more details but don't forget to remove sensitive content.
[I] ➜ docker context show
pennecs
Output of docker info:
[I] ➜ docker info
Command "info" not available in current context (pennecs), you can use the "default" context to run this command
Additional environment details (AWS ECS, Azure ACI, local, etc.):
In AWS ECS
Reading through the code for this, it looks like the token is never used in the auth pipeline: https://github.com/docker/compose-cli/blob/54020db51730a43289f2d314919e2a3977a236b6/ecs/context.go
Description
Currently this system does not support session tokens in the credential files. It would be helpful if it did.
Steps to reproduce the issue:
docker context create ecs <new name>and select the AWS Profile with the tokenDescribe the results you received:
Describe the results you expected:
For the docker compose file to be brought up in AWS
Additional information you deem important (e.g. issue happens only occasionally):
Output of
docker version:Output of
docker context show:You can also run
docker context inspect context-nameto give us more details but don't forget to remove sensitive content.Output of
docker info:Additional environment details (AWS ECS, Azure ACI, local, etc.):
In AWS ECS
Reading through the code for this, it looks like the token is never used in the auth pipeline: https://github.com/docker/compose-cli/blob/54020db51730a43289f2d314919e2a3977a236b6/ecs/context.go