Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DRIVERS-2616 Fix path handling for Windows #349

Merged
merged 11 commits into from
Sep 6, 2023
Merged

DRIVERS-2616 Fix path handling for Windows #349

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
11 commits
Select commit Hold shift + click to select a range
77848e0
DRIVERS-2616 Fix path handling for Windows
blink1073 Sep 5, 2023
5e747ce
fix makedirs
blink1073 Sep 5, 2023
888a505
clean up oidc_get_tokens.sh
blink1073 Sep 5, 2023
4655dc0
add debug print
blink1073 Sep 6, 2023
b692204
fix debug
blink1073 Sep 6, 2023
9ef3285
debug
blink1073 Sep 6, 2023
8ce38de
fix handling of temp dir
blink1073 Sep 6, 2023
872881e
syntax
blink1073 Sep 6, 2023
d84549b
try again
blink1073 Sep 6, 2023
6019af9
merge from master
blink1073 Sep 6, 2023
cae3602
address review
blink1073 Sep 6, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
12 changes: 8 additions & 4 deletions .evergreen/auth_aws/aws_tester.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,11 @@

HERE = os.path.abspath(os.path.dirname(__file__))

sys.path.insert(0, os.path.join(HERE, 'lib'))
def join(*parts):
return os.path.join(*parts).replace(os.sep, '/')


sys.path.insert(0, join(HERE, 'lib'))
from util import get_key as _get_key
from aws_assume_role import _assume_role
from aws_assume_web_role import _assume_role_with_web_identity
Expand All @@ -28,7 +32,7 @@
_USE_AWS_SECRETS = False

try:
with open(os.path.join(HERE, 'aws_e2e_setup.json')) as fid:
with open(join(HERE, 'aws_e2e_setup.json')) as fid:
CONFIG = json.load(fid)
get_key = partial(_get_key, uppercase=False)
except FileNotFoundError:
Expand Down Expand Up @@ -62,7 +66,7 @@ def setup_assume_role():

role_name = CONFIG[get_key("iam_auth_assume_role_name")]
creds = _assume_role(role_name)
with open(os.path.join(HERE, 'creds.json'), 'w') as fid:
with open(join(HERE, 'creds.json'), 'w') as fid:
json.dump(creds, fid)

# Create the user.
Expand Down Expand Up @@ -139,7 +143,7 @@ def setup_web_identity():
os.environ['AWS_ROLE_ARN'] = CONFIG[get_key("iam_auth_assume_web_role_name")]

creds = _assume_role_with_web_identity()
with open(os.path.join(HERE, 'creds.json'), 'w') as fid:
with open(join(HERE, 'creds.json'), 'w') as fid:
json.dump(creds, fid)

# Create the user.
Expand Down
1 change: 1 addition & 0 deletions .evergreen/auth_aws/lib/aws_handle_oidc_creds.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -105,6 +105,7 @@ def get_id_token(config=None, expires=None):
token = response["id_token"]
if config['token_file']:
with open(config['token_file'], 'w') as fid:
print(f"Writing token file: {config['token_file']}")
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Is this intended to be used for debugging?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, it was too opaque before.

fid.write(token)
return token

Expand Down
16 changes: 8 additions & 8 deletions .evergreen/auth_oidc/oidc_get_tokens.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,11 +3,11 @@

HERE = os.path.abspath(os.path.dirname(__file__))
sys.path.insert(0, HERE)
from utils import get_secrets, get_id_token, DEFAULT_CLIENT
from utils import get_secrets, get_id_token, DEFAULT_CLIENT, join


def main():
token_dir = os.environ['OIDC_TOKEN_DIR']
token_dir = os.environ['OIDC_TOKEN_DIR'].replace(os.sep, '/')
os.makedirs(token_dir, exist_ok=True)
secrets = get_secrets()
config = {
Expand All @@ -18,26 +18,26 @@ def main():
'client_id': DEFAULT_CLIENT,
'client_secret': secrets['oidc_client_secret'],
'username': 'test_user1',
'token_file': os.path.join(token_dir, 'test_user1')
'token_file': join(token_dir, 'test_user1')
}
get_id_token(config)
for i in range(2):
config['token_file'] = os.path.join(token_dir, f'test_user1_{i+1}')
config['token_file'] = join(token_dir, f'test_user1_{i+1}')
get_id_token(config)
config['issuer'] = secrets['oidc_issuer_2_uri']
config['username'] = 'test_user2'
config['token_file'] = os.path.join(token_dir, 'test_user2')
config['token_file'] = join(token_dir, 'test_user2')
get_id_token(config)
for i in range(2):
config['token_file'] = os.path.join(token_dir, f'test_user2_{i+1}')
config['token_file'] = join(token_dir, f'test_user2_{i+1}')
get_id_token(config)
config['issuer'] = secrets['oidc_issuer_1_uri']
config['username'] = 'test_user1'
config['token_file'] = os.path.join(token_dir, 'test_user1_expires')
config['token_file'] = join(token_dir, 'test_user1_expires')
get_id_token(config, expires=60)

print(f"Wrote tokens to {token_dir}")


if __name__ == '__main__':
main()
main()
21 changes: 10 additions & 11 deletions .evergreen/auth_oidc/oidc_get_tokens.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,15 @@
#!/usr/bin/env bash
#
# Bootstrapping file to launch a local oidc-enabled server and create
# OIDC tokens that can be used for local testing. See README for
# prequisites and usage.
# Get the set of OIDC tokens in the OIDC_TOKEN_DIR.
#
set -eux
if [[ -z "${AWS_ROLE_ARN}" || -z "${AWS_ACCESS_KEY_ID}" || -z "${AWS_SECRET_ACCESS_KEY}" ]]; then
echo "Missing AWS credentials"
exit 1
set -ex
if [ -z "$OIDC_TOKEN_DIR" ]; then
if [ "Windows_NT" = "$OS" ]; then
export OIDC_TOKEN_DIR=C:/Temp/tokens
else
export OIDC_TOKEN_DIR=/tmp/tokens
fi
fi
export OIDC_TOKEN_DIR=${OIDC_TOKEN_DIR:-/tmp/tokens}

rm -rf authoidcvenv
mkdir -p $OIDC_TOKEN_DIR
. ./activate-authoidcvenv.sh
python oidc_get_tokens.py
python oidc_get_tokens.py
8 changes: 6 additions & 2 deletions .evergreen/auth_oidc/utils.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -5,10 +5,14 @@
import boto3

HERE = os.path.abspath(os.path.dirname(__file__))
aws_lib = os.path.join(os.path.dirname(HERE), 'auth_aws', 'lib')

def join(*args):
return os.path.join(*args).replace(os.sep, '/')

aws_lib = join(os.path.dirname(HERE), 'auth_aws', 'lib')
sys.path.insert(0, aws_lib)
from aws_handle_oidc_creds import get_id_token, MOCK_ENDPOINT
aws_root = os.path.join(os.path.dirname(HERE), 'auth_aws')
aws_root = join(os.path.dirname(HERE), 'auth_aws')
sys.path.insert(0, aws_root)
from setup_secrets import get_secrets as root_get_secrets

Expand Down
Loading