Version v2.36.16 removes logs for the --credential-process flag
seraco opened this issue · 2 comments
What
Version v2.36.16 stopped producing logs when the --credential-process flag is passed to the login command. This stops showing the MFA number necessary for logging in.
Points to note:
- We are using the ADFS provider.
- We use MFA in conjunction with
saml2awsin credential helper mode. - We use the MFA mode where the phone app prompts for a two-digit number (the user has to read that two digit number from the
saml2awslogs). - The version v2.36.16 breaks the auth flow for us and maybe for other MFA users?
- If the change is intentional, is there an alternative approach?
- We are happy to raise a PR for any solution we agree on with you.
Why
In the following lines version v2.36.16 added a conditional check to exclude the logs:
if *quiet || (command == cmdLogin.FullCommand() && loginFlags.CredentialProcess) {
log.SetOutput(io.Discard)
logrus.SetOutput(io.Discard)
}Hi @seraco , thank you for raising this issue. It had been under my radar for a while and it appears there is quite a number of support, so I made it a priority to take a investigate it. Sorry for not getting back to you sooner.
Found the actual PR that caused this issue and in conclusion, and would be happy if you just updated the line of code you have discovered to remove the 2nd half of the OR condition of the if statement, it shouldn't break the feature that introduced this undesired side-effect.
If the change is intentional, is there an alternative approach?
No, it wasn't intentional.
We are happy to raise a PR for any solution we agree on with you.
Yes please. We are due to cut a new release soon but more than happy to wait for this to go through.