-
Notifications
You must be signed in to change notification settings - Fork 70
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Exit codes are not reported #59
Comments
This issue has implication in the AWS Copilot CLI (see aws/copilot-cli#4317). |
Hi Guys, I don't suppose there was any progress on this, it seems like a pretty basic piece of functionality and fundamentally is blocking us from removing SSH from our estate. Anything we can do to help progress this? |
Hi @shanet , By running Cheers, |
@yuting-fan Yes, I understand what I don't believe this issue should be closed for the reason you've given: that the exit code can be checked within the session. The whole point is that in order to use SSM in a script you need to know if the remote command was successful or not and this is currently impossible. |
Hi @yuting-fan, |
Hi @shanet , @noefroidevaux , Session Manager is not implemented on top of SSH, and the intent is to provide interactive shell-like access based on IAM permissions, instead of SSH protocol. The exit code of start-session command returns zero because the AWS CLI call succeeds - this is by current design, and not a bug. I understand your use case, and I will reopen to capture it as a feature request internally. We have a list of backlog items and feature requests to prioritize. Please stay tuned and we will post here when there is any update on this request. Cheers, |
Additionally, there are some workarounds you could try out in order to get the exit code of a command execution with SSM:
|
For reference, my use case is the following: I have a deploy script that needs to run database migrations within an ECS container running on an EC2 host. This is a fully automated process, but the shell is still interactive in case it needs to be manually cancelled or something goes wrong and a rollback needs to be manually initiated. SSM is used for running all of the remote commands needed for the database migrations on the ECS container. There is some additional complexity in that an SSM shell is first opened with the EC2 host and then an additional shell within the relevant Docker container running on that host.
How would this work within a script that executes a remote command on a host via SSM? I don't believe SSM has the ability to download a file from a host/container so there wouldn't be a way to automate this.
Yes, this is the current workaround that I'm using. I have to wait for the session log to be present on S3 after the session ends, download the log, and parse its output for a failure message. That's many moving parts to just get the exit code of a process, requires additional S3 permissions, slows down the pipeline, and also relies on the failure text being present exactly as expected.
In my case, this won't work because the shell needs to be interactive so I'm using the |
Ugly hacky workaround:
If the "inner" command succeeded, we'll echo The string can be whatever you want, it doesn't have to be |
Would appreciate any attention on this one. Even using ssm send-command is quite cumbersome because of its async nature, it's a multi step process to submit the command, monitor and wait for it to finish, then read the output. start-session with a command is almost a drop-in for running commands on a remote server and would be very CI/CD friendly. |
If you pass
|
Sessions opened with the session manager plugin always report an exit code of zero even when the last executed command within the session returns a non-zero value. For example:
Compare this to SSH where the exit code is carried over:
Not reporting the exit code makes scripting extremely difficult since there's no way to tell if a given command was successful or not. Reporting the exit code of the last command run in the session would be more inline with other standard tools.
The text was updated successfully, but these errors were encountered: