From 80e2941d52b242c9f54548aa4c0e79df2bcf2430 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Fri, 1 Sep 2023 06:06:06 -0500 Subject: [PATCH] GODRIVER-2958 Use AWS Secrets for Atlas tests (#1365) * GODRIVER-2958 Use AWS Secrets for Atlas tests * fix handling of shell * fix cleanup * print finished * try wip branch * cleanup * cleanup * cleanup * cleanup * clean up secrets handling * GODRIVER-2958 Use AWS Secrets for Atlas tests * restore drivers-eg-tools checkout --- .evergreen/config.yml | 31 ++++++------------------------- .gitignore | 8 ++++++++ Makefile | 5 ----- cmd/testatlas/main.go | 6 ++++++ etc/get_aws_secrets.sh | 12 ++++++++++++ etc/run-atlas-test.sh | 11 +++++++++++ 6 files changed, 43 insertions(+), 30 deletions(-) create mode 100644 etc/get_aws_secrets.sh create mode 100644 etc/run-atlas-test.sh diff --git a/.evergreen/config.yml b/.evergreen/config.yml index 81738eb513..0603f385ac 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -437,37 +437,18 @@ functions: make -s evg-test-enterprise-auth run-atlas-test: + - command: ec2.assume_role + params: + role_arn: "${aws_test_secrets_role}" - command: shell.exec type: test params: shell: "bash" working_dir: src/go.mongodb.org/mongo-driver + include_expansions_in_env: ["AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY", "AWS_SESSION_TOKEN"] script: | - # DO NOT ECHO WITH XTRACE - if [ "Windows_NT" = "$OS" ]; then - export GOPATH=$(cygpath -w $(dirname $(dirname $(dirname `pwd`)))) - export GOCACHE=$(cygpath -w "$(pwd)/.cache") - else - export GOPATH=$(dirname $(dirname $(dirname `pwd`))) - export GOCACHE="$(pwd)/.cache" - fi; - export GOPATH="$GOPATH" - export GOROOT="${GO_DIST}" - export GOCACHE="$GOCACHE" - export PATH="${GCC_PATH}:${GO_DIST}/bin:$PATH" - export ATLAS_FREE="${atlas_free_tier_uri}" - export ATLAS_REPLSET="${atlas_replica_set_uri}" - export ATLAS_SHARD="${atlas_sharded_uri}" - export ATLAS_TLS11="${atlas_tls_v11_uri}" - export ATLAS_TLS12="${atlas_tls_v12_uri}" - export ATLAS_FREE_SRV="${atlas_free_tier_uri_srv}" - export ATLAS_REPLSET_SRV="${atlas_replica_set_uri_srv}" - export ATLAS_SHARD_SRV="${atlas_sharded_uri_srv}" - export ATLAS_TLS11_SRV="${atlas_tls_v11_uri_srv}" - export ATLAS_TLS12_SRV="${atlas_tls_v12_uri_srv}" - export ATLAS_SERVERLESS="${atlas_serverless_uri}" - export ATLAS_SERVERLESS_SRV="${atlas_serverless_uri_srv}" - make -s evg-test-atlas + ${PREPARE_SHELL} + bash etc/run-atlas-test.sh run-ocsp-test: - command: shell.exec diff --git a/.gitignore b/.gitignore index de80e76416..16b52325e4 100644 --- a/.gitignore +++ b/.gitignore @@ -21,3 +21,11 @@ internal/test/faas/awslambda/events/event.json # Ignore compiled binaries from the compilecheck internal/test/compilecheck/compilecheck internal/test/compilecheck/compilecheck.so + +# Ignore api report files +api-report.md +api-report.txt + +# Ignore secrets files +secrets-expansion.yml +secrets-export.sh diff --git a/Makefile b/Makefile index f3d3b88292..6087516ec5 100644 --- a/Makefile +++ b/Makefile @@ -1,4 +1,3 @@ -ATLAS_URIS = "$(ATLAS_FREE)" "$(ATLAS_REPLSET)" "$(ATLAS_SHARD)" "$(ATLAS_TLS11)" "$(ATLAS_TLS12)" "$(ATLAS_FREE_SRV)" "$(ATLAS_REPLSET_SRV)" "$(ATLAS_SHARD_SRV)" "$(ATLAS_TLS11_SRV)" "$(ATLAS_TLS12_SRV)" "$(ATLAS_SERVERLESS)" "$(ATLAS_SERVERLESS_SRV)" TEST_TIMEOUT = 1800 ### Utility targets. ### @@ -124,10 +123,6 @@ build-aws-ecs-test: evg-test: go test -exec "env PKG_CONFIG_PATH=$(PKG_CONFIG_PATH) LD_LIBRARY_PATH=$(LD_LIBRARY_PATH)" $(BUILD_TAGS) -v -timeout $(TEST_TIMEOUT)s -p 1 ./... >> test.suite -.PHONY: evg-test-atlas -evg-test-atlas: - go run ./cmd/testatlas/main.go $(ATLAS_URIS) - .PHONY: evg-test-atlas-data-lake evg-test-atlas-data-lake: ATLAS_DATA_LAKE_INTEGRATION_TEST=true go test -v ./mongo/integration -run TestUnifiedSpecs/atlas-data-lake-testing >> spec_test.suite diff --git a/cmd/testatlas/main.go b/cmd/testatlas/main.go index 83ced7a60f..120c470816 100644 --- a/cmd/testatlas/main.go +++ b/cmd/testatlas/main.go @@ -23,7 +23,11 @@ func main() { uris := flag.Args() ctx := context.Background() + fmt.Printf("Running atlas tests for %d uris\n", len(uris)) + for idx, uri := range uris { + fmt.Printf("Running test %d\n", idx) + // Set a low server selection timeout so we fail fast if there are errors. clientOpts := options.Client(). ApplyURI(uri). @@ -41,6 +45,8 @@ func main() { panic(fmt.Sprintf("error running test with tlsInsecure at index %d: %v", idx, err)) } } + + fmt.Println("Finished!") } func runTest(ctx context.Context, clientOpts *options.ClientOptions) error { diff --git a/etc/get_aws_secrets.sh b/etc/get_aws_secrets.sh new file mode 100644 index 0000000000..894016553b --- /dev/null +++ b/etc/get_aws_secrets.sh @@ -0,0 +1,12 @@ +#!/usr/bin/env bash +# get-aws-secrets +# Gets AWS secrets from the vault +set -eu + +if [ -z "$DRIVERS_TOOLS" ]; then + echo "Please define DRIVERS_TOOLS variable" + exit 1 +fi + +bash $DRIVERS_TOOLS/.evergreen/auth_aws/setup_secrets.sh $@ +. ./secrets-export.sh diff --git a/etc/run-atlas-test.sh b/etc/run-atlas-test.sh new file mode 100644 index 0000000000..aa89b2dd4b --- /dev/null +++ b/etc/run-atlas-test.sh @@ -0,0 +1,11 @@ +#!/usr/bin/env bash +# run-atlas-test +# Run atlas connectivity tests. +set -eu +set +x + +# Get the atlas secrets. +. etc/get_aws_secrets.sh drivers/atlas_connect + +echo "Running cmd/testatlas/main.go" +go run ./cmd/testatlas/main.go "$ATLAS_REPL" "$ATLAS_SHRD" "$ATLAS_FREE" "$ATLAS_TLS11" "$ATLAS_TLS12" "$ATLAS_SERVERLESS" "$ATLAS_SRV_REPL" "$ATLAS_SRV_SHRD" "$ATLAS_SRV_FREE" "$ATLAS_SRV_TLS11" "$ATLAS_SRV_TLS12" "$ATLAS_SRV_SERVERLESS"