migrate EKS client from e2e to AWS SDK V2

Signed-off-by: Pankaj Walke <[email protected]>

Author: punkwalker

go.mod

@@ -12,12 +12,11 @@ require (
 	github.com/aws/aws-lambda-go v1.41.0
 	github.com/aws/aws-sdk-go v1.55.5
 	github.com/aws/aws-sdk-go-v2 v1.36.3
-	github.com/aws/aws-sdk-go-v2 v1.36.3
 	github.com/aws/aws-sdk-go-v2/config v1.27.11
 	github.com/aws/aws-sdk-go-v2/credentials v1.17.11
 	github.com/aws/aws-sdk-go-v2/service/autoscaling v1.52.4
-	github.com/aws/aws-sdk-go-v2/service/iam v1.32.0
 	github.com/aws/aws-sdk-go-v2/service/eks v1.64.0
+	github.com/aws/aws-sdk-go-v2/service/iam v1.32.0
 	github.com/aws/aws-sdk-go-v2/service/s3 v1.53.1
 	github.com/aws/aws-sdk-go-v2/service/sts v1.28.6
 	github.com/aws/smithy-go v1.22.2
@@ -83,8 +82,6 @@ require (
 	github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.1 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 // indirect
-	github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/ini v1.8.0 // indirect
 	github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.5 // indirect
 	github.com/aws/aws-sdk-go-v2/service/cloudformation v1.50.0 // indirect

pkg/cloud/services/eks/addons.go

@@ -210,6 +210,7 @@ func (s *Service) translateAPIToAddon(addons []ekscontrolplanev1.Addon) []*eksad
 	return converted
 }
 
+// WaitUntilAddonDeleted is blocking function to wait until EKS Nodegroup is Deleted.
 func (k *EKSClient) WaitUntilAddonDeleted(ctx context.Context, input *eks.DescribeAddonInput) error {
 	waiter := eks.NewAddonDeletedWaiter(k, func(o *eks.AddonDeletedWaiterOptions) {
 		o.LogWaitAttempts = true

pkg/cloud/services/eks/cluster.go

@@ -722,6 +722,7 @@ func getKeyArn(encryptionConfig ekstypes.EncryptionConfig) string {
 	return ""
 }
 
+// WaitUntilClusterActive is blocking function to wait until EKS Cluster is Active.
 func (k *EKSClient) WaitUntilClusterActive(ctx context.Context, input *eks.DescribeClusterInput) error {
 	waiter := eks.NewClusterActiveWaiter(k, func(o *eks.ClusterActiveWaiterOptions) {
 		o.LogWaitAttempts = true
@@ -730,12 +731,14 @@ func (k *EKSClient) WaitUntilClusterActive(ctx context.Context, input *eks.Descr
 	return waiter.Wait(ctx, input, maxActiveUpdateDeleteWait)
 }
 
+// WaitUntilClusterDeleted is blocking function to wait until EKS Cluster is Deleted.
 func (k *EKSClient) WaitUntilClusterDeleted(ctx context.Context, input *eks.DescribeClusterInput) error {
 	waiter := eks.NewClusterDeletedWaiter(k)
 
 	return waiter.Wait(ctx, input, maxActiveUpdateDeleteWait)
 }
 
+// WaitUntilClusterUpdating is blocking function to wait until EKS Cluster is Updating.
 func (k *EKSClient) WaitUntilClusterUpdating(ctx context.Context, input *eks.DescribeClusterInput) error {
 	waiter := eks.NewClusterActiveWaiter(k, func(o *eks.ClusterActiveWaiterOptions) {
 		o.LogWaitAttempts = true

pkg/cloud/services/eks/eks.go

@@ -33,7 +33,7 @@ import (
 )
 
 const (
-	// Maximum duration for waiting on EKS cluster state
+	// Maximum duration for waiting on EKS cluster state.
 	maxActiveUpdateDeleteWait = 15 * time.Minute
 )
 

pkg/cloud/services/eks/nodegroup.go

@@ -625,6 +625,7 @@ func (s *NodegroupService) waitForNodegroupActive(ctx context.Context) (*ekstype
 	return ng, nil
 }
 
+// WaitUntilNodegroupDeleted is blocking function to wait until EKS Nodegroup is Deleted.
 func (k *EKSClient) WaitUntilNodegroupDeleted(ctx context.Context, input *eks.DescribeNodegroupInput) error {
 	waiter := eks.NewNodegroupDeletedWaiter(k)
 	err := waiter.Wait(ctx, input, maxActiveUpdateDeleteWait)
@@ -634,6 +635,7 @@ func (k *EKSClient) WaitUntilNodegroupDeleted(ctx context.Context, input *eks.De
 	return nil
 }
 
+// WaitUntilNodegroupActive is blocking function to wait until EKS Nodegroup is Active.
 func (k *EKSClient) WaitUntilNodegroupActive(ctx context.Context, input *eks.DescribeNodegroupInput) error {
 	waiter := eks.NewNodegroupActiveWaiter(k, func(o *eks.NodegroupActiveWaiterOptions) {
 		o.LogWaitAttempts = true

pkg/cloud/services/eks/oidc.go

@@ -93,7 +93,6 @@ func (s *Service) reconcileOIDCProvider(ctx context.Context, cluster *ekstypes.C
 }
 
 func (s *Service) reconcileTrustPolicy(ctx context.Context) error {
-
 	clusterKey := client.ObjectKey{
 		Name:      s.scope.Name(),
 		Namespace: s.scope.Namespace(),

pkg/cloud/services/eks/service.go

@@ -75,6 +75,7 @@ type EKSAPI interface {
 	WaitUntilAddonDeleted(ctx context.Context, params *eks.DescribeAddonInput) error
 }
 
+// EKSClient is a wrapper over eks.Client for implementing custom methods of EKSAPI.
 type EKSClient struct {
 	*eks.Client
 }

pkg/eks/identityprovider/plan_test.go

@@ -259,49 +259,3 @@ func createDesiredIdentityProviderWithDifferentClientID(name string, tags infrav
 	p.ClientID = "clientId2"
 	return p
 }
-
-// // identityProviderConfigMatcher Custom matcher for AssociateIdentityProviderConfigInput.
-// // As the AWS SDK V2 types have nested pointer objects and reflect.DeepEqual doesn't compare values of nested objects.
-// // Adopted from https://pkg.go.dev/github.com/golang/mock/gomock#Eq.
-// type identityProviderConfigMatcher struct {
-// 	want interface{}
-// }
-
-// func (m identityProviderConfigMatcher) Matches(got interface{}) bool {
-// 	if m.want == nil || got == nil {
-// 		return reflect.DeepEqual(m.want, got)
-// 	}
-
-// 	oidc, ok := got.(*eks.AssociateIdentityProviderConfigInput)
-// 	if !ok {
-// 		return false
-// 	}
-// 	oidc2, ok := m.want.(*eks.AssociateIdentityProviderConfigInput)
-// 	if !ok {
-// 		return false
-// 	}
-// 	config := oidc.Oidc
-// 	config2 := oidc2.Oidc
-// 	oidc.Oidc = nil
-// 	oidc2.Oidc = nil
-
-// 	if !reflect.DeepEqual(oidc, oidc) {
-// 		return false
-// 	}
-
-// 	claims := config.RequiredClaims
-// 	claims2 := config2.RequiredClaims
-// 	config.RequiredClaims = nil
-// 	config2.RequiredClaims = nil
-
-// 	if !reflect.DeepEqual(config, config2) {
-// 		return false
-// 	}
-
-// 	return cmp.Equal(claims, claims2)
-
-// }
-
-// func (m identityProviderConfigMatcher) String() string {
-// 	return fmt.Sprintf("is equal to %v (%T)", m.want, m.want)
-// }

test/e2e/shared/aws.go

@@ -34,7 +34,10 @@ import (
 
 	awsv2 "github.com/aws/aws-sdk-go-v2/aws"
 	"github.com/aws/aws-sdk-go-v2/config"
-	iam "github.com/aws/aws-sdk-go-v2/service/iam"
+	awscredsv2 "github.com/aws/aws-sdk-go-v2/credentials"
+	"github.com/aws/aws-sdk-go-v2/service/eks"
+	ekstypes "github.com/aws/aws-sdk-go-v2/service/eks/types"
+	"github.com/aws/aws-sdk-go-v2/service/iam"
 	iamtypes "github.com/aws/aws-sdk-go-v2/service/iam/types"
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/client"
@@ -46,7 +49,6 @@ import (
 	"github.com/aws/aws-sdk-go/service/ec2"
 	"github.com/aws/aws-sdk-go/service/ecrpublic"
 	"github.com/aws/aws-sdk-go/service/efs"
-	"github.com/aws/aws-sdk-go/service/eks"
 	"github.com/aws/aws-sdk-go/service/elb"
 	"github.com/aws/aws-sdk-go/service/servicequotas"
 	"github.com/aws/aws-sdk-go/service/sts"
@@ -434,6 +436,55 @@ func NewAWSSessionWithKey(accessKey *iamtypes.AccessKey) client.ConfigProvider {
 	return sess
 }
 
+func NewAWSSessionV2() *awsv2.Config {
+	By("Getting an AWS IAM session - from environment")
+	region, err := credentials.ResolveRegion("")
+	Expect(err).NotTo(HaveOccurred())
+	optFns := []func(*config.LoadOptions) error{
+		config.WithRegion(region),
+		config.WithClientLogMode(awsv2.LogSigning),
+	}
+	cfg, err := config.LoadDefaultConfig(context.Background(), optFns...)
+	Expect(err).NotTo(HaveOccurred())
+	_, err = cfg.Credentials.Retrieve(context.Background())
+	Expect(err).NotTo(HaveOccurred())
+	return &cfg
+}
+
+func NewAWSSessionRepoWithKeyV2(accessKey *iamtypes.AccessKey) *awsv2.Config {
+	By("Getting an AWS IAM session - from access key")
+	region, err := credentials.ResolveRegion("us-east-1")
+	Expect(err).NotTo(HaveOccurred())
+	staticCredProvider := awscredsv2.NewStaticCredentialsProvider(awsv2.ToString(accessKey.AccessKeyId), awsv2.ToString(accessKey.SecretAccessKey), "")
+	optFns := []func(*config.LoadOptions) error{
+		config.WithRegion(region),
+		config.WithClientLogMode(awsv2.LogSigning),
+		config.WithCredentialsProvider(staticCredProvider),
+	}
+	cfg, err := config.LoadDefaultConfig(context.Background(), optFns...)
+	Expect(err).NotTo(HaveOccurred())
+	_, err = cfg.Credentials.Retrieve(context.Background())
+	Expect(err).NotTo(HaveOccurred())
+	return &cfg
+}
+
+func NewAWSSessionWithKeyV2(accessKey *iamtypes.AccessKey) *awsv2.Config {
+	By("Getting an AWS IAM session - from access key")
+	region, err := credentials.ResolveRegion("")
+	Expect(err).NotTo(HaveOccurred())
+	staticCredProvider := awscredsv2.NewStaticCredentialsProvider(awsv2.ToString(accessKey.AccessKeyId), awsv2.ToString(accessKey.SecretAccessKey), "")
+	optFns := []func(*config.LoadOptions) error{
+		config.WithRegion(region),
+		config.WithClientLogMode(awsv2.LogSigning),
+		config.WithCredentialsProvider(staticCredProvider),
+	}
+	cfg, err := config.LoadDefaultConfig(context.Background(), optFns...)
+	Expect(err).NotTo(HaveOccurred())
+	_, err = cfg.Credentials.Retrieve(context.Background())
+	Expect(err).NotTo(HaveOccurred())
+	return &cfg
+}
+
 // createCloudFormationStack ensures the cloudformation stack is up to date.
 func createCloudFormationStack(ctx context.Context, cfg awsv2.Config, prov client.ConfigProvider, t *cfn_bootstrap.Template, tags map[string]string) error {
 	By(fmt.Sprintf("Creating AWS CloudFormation stack for AWS IAM resources: stack-name=%s", t.Spec.StackName))
@@ -1051,7 +1102,7 @@ func (s *ServiceQuota) updateServiceQuotaRequestStatus(serviceQuotasClient *serv
 }
 
 // DumpEKSClusters dumps the EKS clusters in the environment.
-func DumpEKSClusters(_ context.Context, e2eCtx *E2EContext) {
+func DumpEKSClusters(ctx context.Context, e2eCtx *E2EContext) {
 	name := "no-bootstrap-cluster"
 	if e2eCtx.Environment.BootstrapClusterProxy != nil {
 		name = e2eCtx.Environment.BootstrapClusterProxy.GetName()
@@ -1063,36 +1114,36 @@ func DumpEKSClusters(_ context.Context, e2eCtx *E2EContext) {
 	fmt.Fprintf(GinkgoWriter, "Folder created for eks clusters: %q\n", logPath)
 
 	input := &eks.ListClustersInput{}
-	var eksClient *eks.EKS
-	if e2eCtx.BootstrapUserAWSSession == nil && e2eCtx.AWSSession != nil {
-		eksClient = eks.New(e2eCtx.AWSSession)
-	} else if e2eCtx.BootstrapUserAWSSession != nil {
-		eksClient = eks.New(e2eCtx.BootstrapUserAWSSession)
+	var eksClient *eks.Client
+	if e2eCtx.BootstrapUserAWSSessionV2 == nil && e2eCtx.AWSSessionV2 != nil {
+		eksClient = eks.NewFromConfig(*e2eCtx.AWSSessionV2)
+	} else if e2eCtx.BootstrapUserAWSSessionV2 != nil {
+		eksClient = eks.NewFromConfig(*e2eCtx.BootstrapUserAWSSessionV2)
 	} else {
 		Fail("Couldn't list EKS clusters: no AWS client was set up (please look at previous errors)")
 		return
 	}
 
-	output, err := eksClient.ListClusters(input)
+	output, err := eksClient.ListClusters(ctx, input)
 	if err != nil {
 		fmt.Fprintf(GinkgoWriter, "Couldn't list EKS clusters: err=%s\n", err)
 		return
 	}
 
 	for _, clusterName := range output.Clusters {
 		describeInput := &eks.DescribeClusterInput{
-			Name: clusterName,
+			Name: aws.String(clusterName),
 		}
-		describeOutput, err := eksClient.DescribeCluster(describeInput)
+		describeOutput, err := eksClient.DescribeCluster(ctx, describeInput)
 		if err != nil {
-			fmt.Fprintf(GinkgoWriter, "Couldn't describe EKS clusters: name=%q err=%s\n", *clusterName, err)
+			fmt.Fprintf(GinkgoWriter, "Couldn't describe EKS clusters: name=%q err=%s\n", clusterName, err)
 			continue
 		}
 		dumpEKSCluster(describeOutput.Cluster, logPath)
 	}
 }
 
-func dumpEKSCluster(cluster *eks.Cluster, logPath string) {
+func dumpEKSCluster(cluster *ekstypes.Cluster, logPath string) {
 	clusterYAML, err := yaml.Marshal(cluster)
 	if err != nil {
 		fmt.Fprintf(GinkgoWriter, "Couldn't marshal cluster to yaml: name=%q err=%s\n", *cluster.Name, err)

test/e2e/shared/context.go

@@ -69,7 +69,9 @@ type E2EContext struct {
 	AWSConfig awsv2.Config
 	// BootstrapUserAWSSession is the AWS session for the bootstrap user.
 	BootstrapUserAWSSession client.ConfigProvider
-	// IsManaged indicates that this is for the managed part of the provider.
+	// BootstrapUserAWSSessionV2 is the AWS SDK V2 session for the bootstrap user.
+	BootstrapUserAWSSessionV2 *awsv2.Config
+	// IsManaged indicates that this is for the managed part of the provider. This is until the V2 migration is done.
 	IsManaged bool
 	// CloudFormationTemplate is the rendered template created for the test.
 	CloudFormationTemplate *cloudformation.Template