cyberark-conjur-cli icon indicating copy to clipboard operation
cyberark-conjur-cli copied to clipboard

Published 20 hours ago verified publisher icon cyberark

Log error messages to stderr

Open aconic-sb opened this issue 3 years ago • 0 comments

Summary

Conjur CLI seems to be logging errors to stdout instead of stderr.

Steps to Reproduce

Steps to reproduce the behavior:

  1. Create invalid Conjur YAML file
  2. Apply it
  3. See expected error message
  4. Apply it again redirecting stdout to /dev/null
  5. No error message is shown
[myuser@myserver ~]$ cat bad-policy.yml
---
- !group
  iid: admin
[myuser@myserver ~]$ conjur policy load -b root -f bad-policy.yml
Failed to execute command. Reason: 422 Client Error: Unprocessable Entity for url: https://conjur-server.mycompany.com/policies/slsp/policy/root. The policy was empty or its contents were not in valid YAML.
Run the command again in debug mode for more information.
[myuser@myserver ~]$ echo $?
1
[myuser@myserver ~]$ conjur policy load -b root -f bad-policy.yml > /dev/null
[myuser@myserver ~]$ echo $?
1
[myuser@myserver ~]$

Expected Results

Write error messages to stderr

Actual Results (including error logs, if applicable)

Error messages are written to stdout

Reproducible

  • [x] Always
  • [ ] Sometimes
  • [ ] Non-Reproducible

Version/Tag number

Latest version of the Python implementation of Conjur CLI (v7.0.1)

Additional Information

When applying a policy sensitive information might get printed to stdout (e.g. API keys for hosts and users). I would like to redirect stdout to /dev/null but still be able to see any error messages (not just the exit code).

aconic-sb avatar Jul 12 '21 09:07 aconic-sb