Skip to content

Commit 49d6d1e

Browse files
baileympearsonbaileympearson
committed
all passing...????
1 parent 1d0b2b4 commit 49d6d1e

File tree

6 files changed

+323
-442
lines changed

6 files changed

+323
-442
lines changed

.evergreen/config.in.yml

Lines changed: 84 additions & 206 deletions
Original file line numberDiff line numberDiff line change
@@ -487,6 +487,11 @@ functions:
487487
}
488488
EOF
489489
490+
"assume secrets manager identity":
491+
- command: ec2.assume_role
492+
params:
493+
role_arn: ${OIDC_AWS_ROLE_ARN}
494+
490495
"setup aws env":
491496
- command: shell.exec
492497
type: test
@@ -500,256 +505,129 @@ functions:
500505
cd -
501506
502507
"run aws auth test with regular aws credentials":
503-
- command: shell.exec
504-
type: test
505-
params:
506-
working_dir: "src"
507-
shell: bash
508-
script: |
509-
${PREPARE_SHELL}
510-
set -ex
511-
cd ${DRIVERS_TOOLS}/.evergreen/auth_aws
512-
. ./activate-authawsvenv.sh
513-
python aws_tester.py regular
514-
- command: shell.exec
515-
type: test
516-
params:
517-
working_dir: "src"
518-
silent: true
519-
script: |
520-
cat <<'EOF' > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
521-
alias urlencode='python3 -c "import sys, urllib.parse as ulp; sys.stdout.write(ulp.quote_plus(sys.argv[1]))"'
522-
USER=$(urlencode ${iam_auth_ecs_account})
523-
PASS=$(urlencode ${iam_auth_ecs_secret_access_key})
524-
export MONGODB_URI="mongodb://$USER:$PASS@localhost:27017/aws?authMechanism=MONGODB-AWS"
525-
EOF
526-
- command: shell.exec
508+
- command: subprocess.exec
527509
type: test
528510
params:
511+
include_expansions_in_env:
512+
- MONGODB_URI
513+
- DRIVERS_TOOLS
514+
- MONGODB_AWS_SDK
529515
env:
530-
MONGODB_AWS_SDK: ${MONGODB_AWS_SDK}
516+
AWS_CREDENTIAL_TYPE: regular
531517
working_dir: "src"
532-
script: |
533-
${PREPARE_SHELL}
534-
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh
518+
binary: bash
519+
args:
520+
- .evergreen/run-mongodb-aws-test.sh
535521

536522
"run aws auth test with assume role credentials":
537-
- command: shell.exec
538-
type: test
539-
params:
540-
working_dir: "src"
541-
shell: bash
542-
script: |
543-
${PREPARE_SHELL}
544-
set -ex
545-
cd ${DRIVERS_TOOLS}/.evergreen/auth_aws
546-
. ./activate-authawsvenv.sh
547-
python aws_tester.py assume-role
548-
- command: shell.exec
549-
type: test
550-
params:
551-
working_dir: "src"
552-
silent: true
553-
script: |
554-
cat <<'EOF' > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
555-
alias urlencode='python3 -c "import sys, urllib.parse as ulp; sys.stdout.write(ulp.quote_plus(sys.argv[1]))"'
556-
alias jsonkey='python3 -c "import json,sys;sys.stdout.write(json.load(sys.stdin)[sys.argv[1]])" < ${DRIVERS_TOOLS}/.evergreen/auth_aws/creds.json'
557-
USER=$(jsonkey AccessKeyId)
558-
USER=$(urlencode $USER)
559-
PASS=$(jsonkey SecretAccessKey)
560-
PASS=$(urlencode $PASS)
561-
SESSION_TOKEN=$(jsonkey SessionToken)
562-
SESSION_TOKEN=$(urlencode $SESSION_TOKEN)
563-
export MONGODB_URI="mongodb://$USER:$PASS@localhost:27017/aws?authMechanism=MONGODB-AWS&authMechanismProperties=AWS_SESSION_TOKEN:$SESSION_TOKEN"
564-
EOF
565-
- command: shell.exec
523+
- command: subprocess.exec
566524
type: test
567525
params:
526+
include_expansions_in_env:
527+
- MONGODB_URI
528+
- DRIVERS_TOOLS
529+
- MONGODB_AWS_SDK
568530
env:
569-
MONGODB_AWS_SDK: ${MONGODB_AWS_SDK}
531+
AWS_CREDENTIAL_TYPE: assume-role
570532
working_dir: "src"
571-
script: |
572-
${PREPARE_SHELL}
573-
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh
533+
binary: bash
534+
args:
535+
- .evergreen/run-mongodb-aws-test.sh
574536

575537
"run aws auth test with aws EC2 credentials":
576-
- command: shell.exec
577-
type: test
578-
params:
579-
working_dir: "src"
580-
shell: bash
581-
script: |
582-
${PREPARE_SHELL}
583-
# Write an empty prepare_mongodb_aws so no auth environment variables
584-
# are set.
585-
echo "" > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
586-
set -ex
587-
cd ${DRIVERS_TOOLS}/.evergreen/auth_aws
588-
. ./activate-authawsvenv.sh
589-
python aws_tester.py ec2
590-
- command: shell.exec
538+
- command: subprocess.exec
591539
type: test
592540
params:
541+
include_expansions_in_env:
542+
- MONGODB_URI
543+
- DRIVERS_TOOLS
544+
- MONGODB_AWS_SDK
593545
env:
594-
MONGODB_AWS_SDK: ${MONGODB_AWS_SDK}
595-
working_dir: "src"
596-
script: |
597-
${PREPARE_SHELL}
598-
export IS_EC2=true
599-
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh
546+
AWS_CREDENTIAL_TYPE: ec2
547+
IS_EC2: 'true'
548+
working_dir: src
549+
binary: bash
550+
args:
551+
- .evergreen/run-mongodb-aws-test.sh
600552

601553
"run aws auth test with aws credentials as environment variables":
602-
- command: shell.exec
603-
type: test
604-
params:
605-
working_dir: "src"
606-
silent: true
607-
shell: bash
608-
script: |
609-
set -ex
610-
cd ${DRIVERS_TOOLS}/.evergreen/auth_aws
611-
. ./activate-authawsvenv.sh
612-
python aws_tester.py regular
613-
cd -
614-
cat <<EOF > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
615-
export AWS_ACCESS_KEY_ID=${iam_auth_ecs_account}
616-
export AWS_SECRET_ACCESS_KEY=${iam_auth_ecs_secret_access_key}
617-
export MONGODB_URI="mongodb://localhost:27017/aws?authMechanism=MONGODB-AWS"
618-
EOF
619-
- command: shell.exec
554+
- command: subprocess.exec
620555
type: test
621556
params:
557+
include_expansions_in_env:
558+
- MONGODB_URI
559+
- DRIVERS_TOOLS
560+
- MONGODB_AWS_SDK
622561
env:
623-
MONGODB_AWS_SDK: ${MONGODB_AWS_SDK}
562+
AWS_CREDENTIAL_TYPE: env-creds
624563
working_dir: "src"
625-
script: |
626-
${PREPARE_SHELL}
627-
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh
564+
binary: bash
565+
args:
566+
- .evergreen/run-mongodb-aws-test.sh
628567

629568
"run aws auth test with aws credentials and session token as environment variables":
630-
- command: shell.exec
631-
type: test
632-
params:
633-
working_dir: "src"
634-
silent: true
635-
shell: bash
636-
script: |
637-
set -ex
638-
cd ${DRIVERS_TOOLS}/.evergreen/auth_aws
639-
. ./activate-authawsvenv.sh
640-
python aws_tester.py assume-role
641-
cd -
642-
cat <<'EOF' > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
643-
export AWS_ACCESS_KEY_ID=$(jq -r '.AccessKeyId' ${DRIVERS_TOOLS}/.evergreen/auth_aws/creds.json)
644-
export AWS_SECRET_ACCESS_KEY=$(jq -r '.SecretAccessKey' ${DRIVERS_TOOLS}/.evergreen/auth_aws/creds.json)
645-
export AWS_SESSION_TOKEN=$(jq -r '.SessionToken' ${DRIVERS_TOOLS}/.evergreen/auth_aws/creds.json)
646-
export MONGODB_URI="mongodb://localhost:27017/aws?authMechanism=MONGODB-AWS"
647-
EOF
648-
- command: shell.exec
569+
- command: subprocess.exec
649570
type: test
650571
params:
651-
add_expansions_to_env: true
572+
include_expansions_in_env:
573+
- MONGODB_URI
574+
- DRIVERS_TOOLS
575+
- MONGODB_AWS_SDK
576+
env:
577+
AWS_CREDENTIAL_TYPE: session-creds
652578
working_dir: "src"
653-
script: |
654-
${PREPARE_SHELL}
655-
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh
579+
binary: bash
580+
args:
581+
- .evergreen/run-mongodb-aws-test.sh
656582

657583
"run aws auth test AssumeRoleWithWebIdentity with AWS_ROLE_SESSION_NAME set":
658-
- command: shell.exec
659-
type: test
660-
params:
661-
working_dir: "src"
662-
silent: true
663-
shell: bash
664-
script: |
665-
set -ex
666-
cd ${DRIVERS_TOOLS}/.evergreen/auth_aws
667-
. ./activate-authawsvenv.sh
668-
python aws_tester.py web-identity
669-
cd -
670-
cat <<'EOF' > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
671-
export AWS_WEB_IDENTITY_TOKEN_FILE=${iam_web_identity_token_file}
672-
export AWS_ROLE_ARN=${iam_auth_assume_web_role_name}
673-
export AWS_ROLE_SESSION_NAME='test'
674-
export MONGODB_URI="mongodb://localhost:27017/aws?authMechanism=MONGODB-AWS"
675-
EOF
676-
- command: shell.exec
584+
- command: subprocess.exec
677585
type: test
678586
params:
587+
include_expansions_in_env:
588+
- MONGODB_URI
589+
- DRIVERS_TOOLS
590+
- MONGODB_AWS_SDK
679591
env:
680-
MONGODB_AWS_SDK: ${MONGODB_AWS_SDK}
592+
AWS_CREDENTIAL_TYPE: web-identity
593+
AWS_ROLE_SESSION_NAME: test
681594
working_dir: "src"
682-
script: |
683-
${PREPARE_SHELL}
684-
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh
595+
binary: bash
596+
args:
597+
- .evergreen/run-mongodb-aws-test.sh
685598

686599
"run aws auth test AssumeRoleWithWebIdentity with AWS_ROLE_SESSION_NAME unset":
687-
- command: shell.exec
688-
type: test
689-
params:
690-
working_dir: "src"
691-
silent: true
692-
shell: bash
693-
script: |
694-
set -ex
695-
cd ${DRIVERS_TOOLS}/.evergreen/auth_aws
696-
. ./activate-authawsvenv.sh
697-
python aws_tester.py web-identity
698-
cd -
699-
cat <<'EOF' > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
700-
export AWS_WEB_IDENTITY_TOKEN_FILE=${iam_web_identity_token_file}
701-
export AWS_ROLE_ARN=${iam_auth_assume_web_role_name}
702-
export MONGODB_URI="mongodb://localhost:27017/aws?authMechanism=MONGODB-AWS"
703-
EOF
704-
- command: shell.exec
600+
- command: subprocess.exec
705601
type: test
706602
params:
603+
include_expansions_in_env:
604+
- MONGODB_URI
605+
- DRIVERS_TOOLS
606+
- MONGODB_AWS_SDK
707607
env:
708-
MONGODB_AWS_SDK: ${MONGODB_AWS_SDK}
608+
AWS_CREDENTIAL_TYPE: web-identity
709609
working_dir: "src"
710-
script: |
711-
${PREPARE_SHELL}
712-
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh
610+
binary: bash
611+
args:
612+
- .evergreen/run-mongodb-aws-test.sh
713613

714614
"run aws ECS auth test":
715-
- command: shell.exec
615+
- command: subprocess.exec
716616
type: test
717617
params:
718-
working_dir: src
618+
include_expansions_in_env:
619+
- DRIVERS_TOOLS
620+
- MONGODB_AWS_SDK
621+
- PROJECT_DIRECTORY
622+
- MONGODB_BINARIES
719623
env:
720-
MONGODB_AWS_SDK: ${MONGODB_AWS_SDK}
721-
shell: bash
722-
script: |
723-
${PREPARE_SHELL}
724-
AUTH_AWS_DIR=${DRIVERS_TOOLS}/.evergreen/auth_aws
725-
ECS_SRC_DIR=$AUTH_AWS_DIR/src
726-
727-
# pack up project directory to ssh it to the container
728-
mkdir -p $ECS_SRC_DIR/.evergreen
729-
730-
set -ex
731-
732-
echo "export MONGODB_AWS_SDK=$MONGODB_AWS_SDK" >> $PROJECT_DIRECTORY/.evergreen/run-mongodb-aws-ecs-test.sh
733-
echo "if [ $MONGODB_AWS_SDK = 'false' ]; then rm -rf ./node_modules/@aws-sdk/credential-providers; fi" >> $PROJECT_DIRECTORY/.evergreen/run-mongodb-aws-ecs-test.sh
734-
echo "npm run check:aws" >> $PROJECT_DIRECTORY/.evergreen/run-mongodb-aws-ecs-test.sh
735-
736-
cp $PROJECT_DIRECTORY/.evergreen/run-mongodb-aws-ecs-test.sh $ECS_SRC_DIR/.evergreen
737-
738-
cd ..
739-
tar -czf src.tgz src drivers-tools
740-
mv src.tgz $ECS_SRC_DIR/src.tgz
741-
742-
743-
cd ${DRIVERS_TOOLS}/.evergreen/auth_aws
744-
. ./activate-authawsvenv.sh
745-
export MONGODB_BINARIES="${MONGODB_BINARIES}";
746-
export PROJECT_DIRECTORY=$ECS_SRC_DIR;
747-
python aws_tester.py ecs
748-
624+
AWS_CREDENTIAL_TYPE: web-identity
625+
working_dir: "src"
626+
binary: bash
627+
args:
628+
- .evergreen/prepare-mongodb-aws-ecs-auth.sh
629+
749630
"run custom csfle tests":
750-
- command: ec2.assume_role
751-
params:
752-
role_arn: ${OIDC_AWS_ROLE_ARN}
753631
- command: subprocess.exec
754632
type: test
755633
params:

0 commit comments

Comments
 (0)