You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
While it'd be great to unwind if this key munging is needed in general and remove it, it seems that's gonna take some historical digging because its been that way for a very long time. A workaround for this specific case might be to take a different approach to role fetching. Instead of trusting the return from fetch_metadata which munges keys and parsing the keys to derive the role name, we remove that. We create a separate fetch_role method in the ec2_metadata mixin which fetches the metadata and walks down it similarly to fetch_metadata but only to get security-credentials and the role, that method can avoid munging the key and return the role name only. The plugin can add in the role name where it currently is in the returned ohai data. Since it ends up as a value not a key, there's no risk of whatever that munging was trying to protect us from. It does mean fetching and walking part of the metadata a second time, so there's a performance penalty of 3 extra http calls.
Description
AWS EC2 ohai plugin replaces - with _ in metadata keys. For example if I have role named
my-iam-role
ohai plugin changes it tomy_iam_role
.I believe below code does this conversion. Is it possible to fix this?
https://github.com/chef/ohai/blob/master/lib/ohai/mixin/ec2_metadata.rb#L229
Ohai Version
Ohai: 13.10.0
Platform Version
CentOS Stream release 8
Ohai Output
Ohai output:
AWS meta-data:
The text was updated successfully, but these errors were encountered: