Skip to content

Commit 3e014cc

Browse files
blink1073blink1073
authored
GODRIVER-3312 Remove remaining usage of Evergreen Secrets (#1800)
1 parent 92c3d6e commit 3e014cc

File tree

1 file changed

+21
-18
lines changed

1 file changed

+21
-18
lines changed

.evergreen/config.yml

Lines changed: 21 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -58,7 +58,6 @@ functions:
5858
export PROJECT_DIRECTORY="$(pwd)"
5959
export MONGO_ORCHESTRATION_HOME="$DRIVERS_TOOLS/.evergreen/orchestration"
6060
export MONGODB_BINARIES="$DRIVERS_TOOLS/mongodb/bin"
61-
export UPLOAD_BUCKET="${project}"
6261
export PROJECT="${project}"
6362
6463
# If on Windows, convert paths with cygpath. GOROOT should not be converted as Windows expects it
@@ -70,7 +69,6 @@ functions:
7069
export PROJECT_DIRECTORY=$(cygpath -m $PROJECT_DIRECTORY)
7170
export MONGO_ORCHESTRATION_HOME=$(cygpath -m $MONGO_ORCHESTRATION_HOME)
7271
export MONGODB_BINARIES=$(cygpath -m $MONGODB_BINARIES)
73-
export UPLOAD_BUCKET=$(cygpath -m $UPLOAD_BUCKET)
7472
export PROJECT=$(cygpath -m $PROJECT)
7573
7674
# Set home variables for Windows, too.
@@ -108,7 +106,6 @@ functions:
108106
DRIVERS_TOOLS: "$DRIVERS_TOOLS"
109107
MONGO_ORCHESTRATION_HOME: "$MONGO_ORCHESTRATION_HOME"
110108
MONGODB_BINARIES: "$MONGODB_BINARIES"
111-
UPLOAD_BUCKET: "$UPLOAD_BUCKET"
112109
PROJECT_DIRECTORY: "$PROJECT_DIRECTORY"
113110
PREPARE_SHELL: |
114111
set -o errexit
@@ -120,7 +117,6 @@ functions:
120117
export PROJECT_DIRECTORY="$PROJECT_DIRECTORY"
121118
export MONGO_ORCHESTRATION_HOME="$MONGO_ORCHESTRATION_HOME"
122119
export MONGODB_BINARIES="$MONGODB_BINARIES"
123-
export UPLOAD_BUCKET="$UPLOAD_BUCKET"
124120
export PROJECT="$PROJECT"
125121
export TMPDIR="$MONGO_ORCHESTRATION_HOME/db"
126122
export PKG_CONFIG_PATH=$(pwd)/install/libmongocrypt/lib64/pkgconfig
@@ -154,24 +150,29 @@ functions:
154150
params:
155151
files:
156152
- "src/go.mongodb.org/mongo-driver/*.suite"
153+
- command: ec2.assume_role
154+
params:
155+
role_arn: ${assume_role_arn}
157156
- command: s3.put
158157
params:
159-
aws_key: ${aws_key}
160-
aws_secret: ${aws_secret}
158+
aws_key: ${AWS_ACCESS_KEY_ID}
159+
aws_secret: ${AWS_SECRET_ACCESS_KEY}
160+
aws_session_token: ${AWS_SESSION_TOKEN}
161161
local_file: ${DRIVERS_TOOLS}/.evergreen/test_logs.tar.gz
162-
remote_file: ${UPLOAD_BUCKET}/${build_variant}/${revision}/${version_id}/${build_id}/logs/${task_id}-${execution}-drivers-tools-logs.tar.gz
163-
bucket: mciuploads
162+
remote_file: ${build_variant}/${revision}/${version_id}/${build_id}/logs/${task_id}-${execution}-drivers-tools-logs.tar.gz
163+
bucket: ${aws_bucket}
164164
permissions: public-read
165165
content_type: ${content_type|application/x-gzip}
166166
display_name: "drivers-tools-logs.tar.gz"
167167
- command: s3.put
168168
params:
169-
aws_key: ${aws_key}
170-
aws_secret: ${aws_secret}
169+
aws_key: ${AWS_ACCESS_KEY_ID}
170+
aws_secret: ${AWS_SECRET_ACCESS_KEY}
171+
aws_session_token: ${AWS_SESSION_TOKEN}
171172
optional: true
172173
local_file: ${PROJECT_DIRECTORY}/fuzz.tgz
173-
remote_file: ${UPLOAD_BUCKET}/${build_variant}/${revision}/${version_id}/${build_id}/${task_id}-${execution}-fuzz.tgz
174-
bucket: mciuploads
174+
remote_file: ${build_variant}/${revision}/${version_id}/${build_id}/${task_id}-${execution}-fuzz.tgz
175+
bucket: ${aws_bucket}
175176
permissions: public-read
176177
content_type: application/x-gzip
177178
display_name: "fuzz.tgz"
@@ -184,12 +185,13 @@ functions:
184185
find . -name \*.suite | xargs tar czf test_suite.tgz
185186
- command: s3.put
186187
params:
187-
aws_key: ${aws_key}
188-
aws_secret: ${aws_secret}
188+
aws_key: ${AWS_ACCESS_KEY_ID}
189+
aws_secret: ${AWS_SECRET_ACCESS_KEY}
190+
aws_session_token: ${AWS_SESSION_TOKEN}
189191
local_file: src/go.mongodb.org/mongo-driver/test_suite.tgz
190192
optional: true
191-
remote_file: ${UPLOAD_BUCKET}/${build_variant}/${revision}/${version_id}/${build_id}/logs/${task_id}-${execution}-test_suite.tgz
192-
bucket: mciuploads
193+
remote_file: ${build_variant}/${revision}/${version_id}/${build_id}/logs/${task_id}-${execution}-test_suite.tgz
194+
bucket: ${aws_bucket}
193195
permissions: public-read
194196
content_type: ${content_type|text/plain}
195197
display_name: "test_suite.tgz"
@@ -1825,7 +1827,7 @@ tasks:
18251827
script: |
18261828
${PREPARE_SHELL}
18271829
source $DRIVERS_TOOLS/.evergreen/csfle/azurekms/secrets-export.sh
1828-
AZUREKMS_CMD="LD_LIBRARY_PATH=./install/libmongocrypt/lib64 MONGODB_URI='mongodb://localhost:27017' PROVIDER='azure' AZUREKMS_KEY_NAME='${AZUREKMS_KEY_NAME}' AZUREKMS_KEY_VAULT_ENDPOINT='${AZUREKMS_KEY_VAULT_ENDPOINT}' ./testkms" $DRIVERS_TOOLS/.evergreen/csfle/azurekms/run-command.sh
1830+
AZUREKMS_CMD="LD_LIBRARY_PATH=./install/libmongocrypt/lib64 MONGODB_URI='mongodb://localhost:27017' PROVIDER='azure' AZUREKMS_KEY_NAME=$AZUREKMS_KEYNAME AZUREKMS_KEY_VAULT_ENDPOINT=$AZUREKMS_KEYVAULTENDPOINT ./testkms" $DRIVERS_TOOLS/.evergreen/csfle/azurekms/run-command.sh
18291831
18301832
- name: "testazurekms-fail-task"
18311833
# testazurekms-fail-task runs without environment variables.
@@ -1844,10 +1846,11 @@ tasks:
18441846
make build-kms-test
18451847
echo "Building build-kms-test ... end"
18461848
1849+
. ${DRIVERS_TOOLS}/.evergreen/csfle/azurekms/setup-secrets.sh
18471850
LD_LIBRARY_PATH=./install/libmongocrypt/lib64 \
18481851
MONGODB_URI='mongodb://localhost:27017' \
18491852
EXPECT_ERROR='unable to retrieve azure credentials' \
1850-
PROVIDER='azure' AZUREKMS_KEY_NAME='${AZUREKMS_KEY_NAME}' AZUREKMS_KEY_VAULT_ENDPOINT='${AZUREKMS_KEY_VAULT_ENDPOINT}' \
1853+
PROVIDER='azure' AZUREKMS_KEY_NAME=$AZUREKMS_KEYNAME AZUREKMS_KEY_VAULT_ENDPOINT=$AZUREKMS_KEYVAULTENDPOINT \
18511854
./testkms
18521855
18531856
- name: "test-fuzz"

0 commit comments

Comments
 (0)