Skip to content

Commit

Permalink
Merge branch 'v1' of github.com:mongodb/mongo-go-driver into GODRIVER…
Browse files Browse the repository at this point in the history
  • Loading branch information
blink1073 committed Nov 1, 2023
2 parents d1380c1 + b8004e6 commit aa90a41
Show file tree
Hide file tree
Showing 84 changed files with 496 additions and 563 deletions.
202 changes: 19 additions & 183 deletions .evergreen/config.yml
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,7 @@ functions:
PROJECT_DIRECTORY: "$PROJECT_DIRECTORY"
PREPARE_SHELL: |
set -o errexit
export SKIP_LEGACY_SHELL=1
export GOROOT="$GOROOT"
export GOPATH="$GOPATH"
export GOCACHE="$GOCACHE"
Expand Down Expand Up @@ -724,69 +725,29 @@ functions:
fi
add-aws-auth-variables-to-file:
- command: shell.exec
type: test
- command: ec2.assume_role
params:
shell: "bash"
working_dir: "src"
silent: true
script: |
cat <<EOF > ${DRIVERS_TOOLS}/.evergreen/auth_aws/aws_e2e_setup.json
{
"iam_auth_ecs_account" : "${iam_auth_ecs_account}",
"iam_auth_ecs_secret_access_key" : "${iam_auth_ecs_secret_access_key}",
"iam_auth_ecs_account_arn": "arn:aws:iam::557821124784:user/authtest_fargate_user",
"iam_auth_ecs_cluster": "${iam_auth_ecs_cluster}",
"iam_auth_ecs_task_definition": "${iam_auth_ecs_task_definition_ubuntu2004}",
"iam_auth_ecs_subnet_a": "${iam_auth_ecs_subnet_a}",
"iam_auth_ecs_subnet_b": "${iam_auth_ecs_subnet_b}",
"iam_auth_ecs_security_group": "${iam_auth_ecs_security_group}",
"iam_auth_assume_aws_account" : "${iam_auth_assume_aws_account}",
"iam_auth_assume_aws_secret_access_key" : "${iam_auth_assume_aws_secret_access_key}",
"iam_auth_assume_role_name" : "${iam_auth_assume_role_name}",
"iam_auth_ec2_instance_account" : "${iam_auth_ec2_instance_account}",
"iam_auth_ec2_instance_secret_access_key" : "${iam_auth_ec2_instance_secret_access_key}",
"iam_auth_ec2_instance_profile" : "${iam_auth_ec2_instance_profile}",
"iam_auth_assume_web_role_name": "${iam_auth_assume_web_role_name}",
"iam_web_identity_issuer": "${iam_web_identity_issuer}",
"iam_web_identity_rsa_key": "${iam_web_identity_rsa_key}",
"iam_web_identity_jwks_uri": "${iam_web_identity_jwks_uri}",
"iam_web_identity_token_file": "${iam_web_identity_token_file}"
}
EOF
run-aws-auth-test-with-regular-aws-credentials:
role_arn: ${aws_test_secrets_role}
- command: shell.exec
type: test
params:
include_expansions_in_env: ["AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY", "AWS_SESSION_TOKEN"]
shell: "bash"
working_dir: "src"
script: |
${PREPARE_SHELL}
cd ${DRIVERS_TOOLS}/.evergreen/auth_aws
. ./activate-authawsvenv.sh
mongo aws_e2e_regular_aws.js
- command: shell.exec
type: test
params:
shell: "bash"
working_dir: "src"
silent: true
script: |
cat <<'EOF' > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
alias urlencode='python3 -c "import sys, urllib.parse as ulp; sys.stdout.write(ulp.quote_plus(sys.argv[1]))"'
USER=$(urlencode ${iam_auth_ecs_account})
PASS=$(urlencode ${iam_auth_ecs_secret_access_key})
MONGODB_URI="mongodb://$USER:$PASS@localhost"
EOF
cd $DRIVERS_TOOLS/.evergreen/auth_aws
./setup_secrets.sh drivers/aws_auth
run-aws-auth-test-with-regular-aws-credentials:
- command: shell.exec
type: test
params:
shell: "bash"
working_dir: "src"
script: |
${PREPARE_SHELL}
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh regular
run-aws-auth-test-with-assume-role-credentials:
- command: shell.exec
Expand All @@ -796,36 +757,7 @@ functions:
working_dir: "src"
script: |
${PREPARE_SHELL}
cd ${DRIVERS_TOOLS}/.evergreen/auth_aws
. ./activate-authawsvenv.sh
mongo aws_e2e_assume_role.js
- command: shell.exec
type: test
params:
shell: "bash"
working_dir: "src"
silent: true
script: |
# DO NOT ECHO WITH XTRACE
cat <<'EOF' > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
alias urlencode='python3 -c "import sys, urllib.parse as ulp; sys.stdout.write(ulp.quote_plus(sys.argv[1]))"'
alias jsonkey='python3 -c "import json,sys;sys.stdout.write(json.load(sys.stdin)[sys.argv[1]])" < ${DRIVERS_TOOLS}/.evergreen/auth_aws/creds.json'
USER=$(jsonkey AccessKeyId)
USER=$(urlencode $USER)
PASS=$(jsonkey SecretAccessKey)
PASS=$(urlencode $PASS)
SESSION_TOKEN=$(jsonkey SessionToken)
SESSION_TOKEN=$(urlencode $SESSION_TOKEN)
MONGODB_URI="mongodb://$USER:$PASS@localhost"
EOF
- command: shell.exec
type: test
params:
shell: "bash"
working_dir: "src"
script: |
${PREPARE_SHELL}
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh assume-role
run-aws-auth-test-with-aws-EC2-credentials:
- command: shell.exec
Expand All @@ -839,70 +771,27 @@ functions:
echo "This platform does not support the EC2 auth test, skipping..."
exit 0
fi
cd ${DRIVERS_TOOLS}/.evergreen/auth_aws
. ./activate-authawsvenv.sh
mongo aws_e2e_ec2.js
- command: shell.exec
type: test
params:
shell: "bash"
working_dir: "src"
script: |
${PREPARE_SHELL}
if [ "${SKIP_EC2_AUTH_TEST}" = "true" ]; then
exit 0
fi
# Truncate "prepare_mongodb_aws.sh" to zero length. If file not present, creates zero-length file.
: > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh ec2
run-aws-auth-test-with-aws-credentials-as-environment-variables:
- command: shell.exec
type: test
params:
shell: "bash"
working_dir: "src"
silent: true
script: |
# DO NOT ECHO WITH XTRACE
cat <<'EOF' > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
export AWS_ACCESS_KEY_ID=${iam_auth_ecs_account}
export AWS_SECRET_ACCESS_KEY=${iam_auth_ecs_secret_access_key}
EOF
- command: shell.exec
type: test
params:
shell: "bash"
working_dir: "src"
script: |
${PREPARE_SHELL}
PROJECT_DIRECTORY=${PROJECT_DIRECTORY} ${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh env-creds
run-aws-auth-test-with-aws-credentials-and-session-token-as-environment-variables:
- command: shell.exec
type: test
params:
shell: "bash"
working_dir: "src"
silent: true
script: |
# DO NOT ECHO WITH XTRACE
cat <<'EOF' > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
alias jsonkey='python -c "import json,sys;sys.stdout.write(json.load(sys.stdin)[sys.argv[1]])" < ${DRIVERS_TOOLS}/.evergreen/auth_aws/creds.json'
export AWS_ACCESS_KEY_ID=$(jsonkey AccessKeyId)
export AWS_SECRET_ACCESS_KEY=$(jsonkey SecretAccessKey)
export AWS_SESSION_TOKEN=$(jsonkey SessionToken)
EOF
- command: shell.exec
type: test
params:
shell: "bash"
working_dir: "src"
script: |
${PREPARE_SHELL}
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh session-creds
run-aws-ECS-auth-test:
- command: shell.exec
Expand Down Expand Up @@ -934,14 +823,9 @@ functions:
cp ${PROJECT_DIRECTORY}/main $ECS_SRC_DIR
cp ${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-ecs-test.sh $ECS_SRC_DIR/.evergreen
tar -czf $ECS_SRC_DIR/src.tgz -C $PROJECT_DIRECTORY .
cd $AUTH_AWS_DIR
. ./activate-authawsvenv.sh
cat <<EOF > setup.js
const mongo_binaries = "$MONGODB_BINARIES";
const project_dir = "$ECS_SRC_DIR";
EOF
cat setup.js
mongo --nodb setup.js aws_e2e_ecs.js
export PROJECT_DIRECTORY="$ECS_SRC_DIR"
$AUTH_AWS_DIR/aws_setup.sh ecs
run-aws-auth-test-with-aws-web-identity-credentials:
- command: shell.exec
Expand All @@ -955,56 +839,7 @@ functions:
echo "This platform does not support the web identity auth test, skipping..."
exit 0
fi
cd ${DRIVERS_TOOLS}/.evergreen/auth_aws
. ./activate_venv.sh
mongo aws_e2e_web_identity.js
- command: shell.exec
type: test
params:
shell: "bash"
working_dir: "src"
silent: true
script: |
if [ "${SKIP_WEB_IDENTITY_AUTH_TEST}" = "true" ]; then
echo "This platform does not support the web identity auth test, skipping..."
exit 0
fi
# DO NOT ECHO WITH XTRACE
cat <<'EOF' > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
export AWS_ROLE_ARN="${iam_auth_assume_web_role_name}"
export AWS_WEB_IDENTITY_TOKEN_FILE="${iam_web_identity_token_file}"
export MONGODB_URI="mongodb://localhost"
EOF
- command: shell.exec
type: test
params:
shell: "bash"
working_dir: "src"
script: |
${PREPARE_SHELL}
if [ "${SKIP_WEB_IDENTITY_AUTH_TEST}" = "true" ]; then
echo "This platform does not support the web identity auth test, skipping..."
exit 0
fi
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh
- command: shell.exec
type: test
params:
shell: "bash"
working_dir: "src"
silent: true
script: |
if [ "${SKIP_WEB_IDENTITY_AUTH_TEST}" = "true" ]; then
echo "This platform does not support the web identity auth test, skipping..."
exit 0
fi
# DO NOT ECHO WITH XTRACE
cat <<'EOF' > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
export AWS_ROLE_ARN="${iam_auth_assume_web_role_name}"
export AWS_WEB_IDENTITY_TOKEN_FILE="${iam_web_identity_token_file}"
export AWS_ROLE_SESSION_NAME="test"
export MONGODB_URI="mongodb://localhost"
EOF
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh web-identity
- command: shell.exec
type: test
params:
Expand All @@ -1016,7 +851,8 @@ functions:
echo "This platform does not support the web identity auth test, skipping..."
exit 0
fi
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh
export AWS_ROLE_SESSION_NAME="test"
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh web-identity
start-kms-mock-server:
- command: shell.exec
Expand Down
2 changes: 1 addition & 1 deletion .evergreen/ocsp-requirements.txt
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
asn1crypto==1.3.0
bottle==0.12.20
oscrypto==1.2.0
oscrypto==1.2.0
3 changes: 1 addition & 2 deletions .evergreen/run-fuzz.sh
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,7 @@ do
for CORPUS_FILE in $PARENTDIR/testdata/fuzz/$FUNC/*
do
# Check to see if the value for CORPUS_FILE is in cset.
if [[ ! " ${cset[@]} " =~ " ${CORPUS_FILE} " ]]; then
if [[ ! " ${cset[*]} " =~ " ${CORPUS_FILE} " ]]; then
# Create the directory if it doesn't exist.
if [ ! -d $PROJECT_DIRECTORY/fuzz/$FUNC ]; then
mkdir -p $PROJECT_DIRECTORY/fuzz/$FUNC
Expand All @@ -69,4 +69,3 @@ if [ -d $PROJECT_DIRECTORY/fuzz ]; then
# This will trigger a notification to be sent to the Go Driver team.
exit 1
fi

15 changes: 2 additions & 13 deletions .evergreen/run-mongodb-aws-test.sh
Original file line number Diff line number Diff line change
Expand Up @@ -12,20 +12,9 @@ set -o errexit # Exit the script with error if any of the commands fail
# mechanism.

echo "Running MONGODB-AWS authentication tests"
# ensure no secrets are printed in log files
set +x

# load the script
shopt -s expand_aliases # needed for `urlencode` alias
[ -s "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh" ] && source "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"

MONGODB_URI=${MONGODB_URI:-"mongodb://localhost"}
MONGODB_URI="${MONGODB_URI}/aws?authMechanism=MONGODB-AWS"
if [[ -n ${SESSION_TOKEN} ]]; then
MONGODB_URI="${MONGODB_URI}&authMechanismProperties=AWS_SESSION_TOKEN:${SESSION_TOKEN}"
fi

export MONGODB_URI="$MONGODB_URI"
# Handle credentials and environment setup.
. $DRIVERS_TOOLS/.evergreen/auth_aws/aws_setup.sh $1

# show test output
set -x
Expand Down
4 changes: 2 additions & 2 deletions .evergreen/run-tests.sh
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ export GOCACHE="$(pwd)/.cache"
export DRIVERS_TOOLS=${DRIVERS_TOOLS:-""}

if [ -z $DRIVERS_TOOLS ]; then
export DRIVERS_TOOLS=="$(dirname $(dirname $(dirname `pwd`)))/drivers-tools"
export DRIVERS_TOOLS="$(dirname $(dirname $(dirname `pwd`)))/drivers-tools"
fi

if [ "Windows_NT" = "$OS" ]; then
Expand Down Expand Up @@ -49,7 +49,7 @@ fi
# Using python3-venv in Ubuntu 14.04 (an OS required for legacy server version
# tasks) requires the use of apt-get, which we wish to avoid. So, we do not set
# a python3 binary on Ubuntu 14.04. Setting AWS temp credentials for legacy
# server version tasks is unneccesary, as temp credentials are only needed on 4.2+.
# server version tasks is unnecessary, as temp credentials are only needed on 4.2+.
if [ ! -z ${PYTHON3_BINARY} ]; then
export AWS_ACCESS_KEY_ID="${AWS_ACCESS_KEY_ID}"
export AWS_SECRET_ACCESS_KEY="${AWS_SECRET_ACCESS_KEY}"
Expand Down
21 changes: 21 additions & 0 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
name: GoDriver Tests

on:
push:
pull_request:

concurrency:
group: test-${{ github.ref }}
cancel-in-progress: true

defaults:
run:
shell: bash -eux {0}

jobs:
pre_commit:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: actions/setup-python@v4
- uses: pre-commit/[email protected]
Loading

0 comments on commit aa90a41

Please sign in to comment.