diff --git a/config/qa.env b/config/qa.env index 29c54603..8806f79b 100644 --- a/config/qa.env +++ b/config/qa.env @@ -12,7 +12,7 @@ ENCRYPTED_NYPL_OAUTH_SECRET=AQECAHh7ea2tyZ6phZgT4B9BDKwguhlFtRC6hgt+7HbmeFsrsgAA NYPL_CORE_VERSION=v2.21 -LOG_LEVEL=info +LOG_LEVEL=debug FEATURES=on-site-edd SEARCH_ITEMS_SIZE=3 diff --git a/lib/kms-helper.js b/lib/kms-helper.js index a320e290..81cfd762 100644 --- a/lib/kms-helper.js +++ b/lib/kms-helper.js @@ -1,4 +1,5 @@ const { KMSClient, DecryptCommand } = require('@aws-sdk/client-kms') +const logger = require('./logger') let awsCredentials @@ -16,6 +17,7 @@ async function decrypt (encrypted) { // Use credentials if given (local invocations). Otherwise rely on // environment (deployed code): if (awsCredentials) { + logger.debug('KMS decrypt using local AWS credentials') config.credentials = awsCredentials } const client = new KMSClient(config) diff --git a/lib/load-config.js b/lib/load-config.js index e0915171..bce305c1 100644 --- a/lib/load-config.js +++ b/lib/load-config.js @@ -57,7 +57,7 @@ module.exports.decryptEncryptedConfig = () => { const keyWithoutPrefix = key.replace(/^ENCRYPTED_/, '') const decrypted = await decrypt(process.env[key]) .catch((e) => { - logger.error(`Load-config: Failed to decrypt ${key}`) + logger.error(`Load-config: Failed to decrypt ${key}: ${e}`) }) logger.debug(`Load-config: Decrypted ${key}`) process.env[keyWithoutPrefix] = decrypted