Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(cli): support WebIdentityCredentials (as used by EKS) #11559

Merged
merged 66 commits into from
Nov 30, 2020
Merged

feat(cli): support WebIdentityCredentials (as used by EKS) #11559

merged 66 commits into from
Nov 30, 2020

Conversation

markussiebert
Copy link
Contributor

@markussiebert markussiebert commented Nov 18, 2020
edited
Loading

Fixes #11543

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@gitpod-io
Copy link

gitpod-io bot commented Nov 18, 2020
edited
Loading

@markussiebert markussiebert changed the title fix: Add EKSCredentials to provider chain Fixes #11543 featx: Add EKSCredentials to provider chain Nov 18, 2020
@markussiebert markussiebert changed the title featx: Add EKSCredentials to provider chain feat: Add EKSCredentials to provider chain Nov 18, 2020
@nwesoccer
Copy link

We just hit this limitation and it has put our project on hold. Would love to see this in the next release!

@henrysachs
Copy link

Would love to see this in the next release. Long awaited feature for out Gitlab Runners on EKS! 🎉

@nwesoccer
Copy link

@Markus7811 Is this not being approved/merged because it's failing the test maybe?

Build Logs
aws-cdk: FAIL test/api/sdk-provider.test.js (13.112 s) aws-cdk: â—� can assume role with eks credentials aws-cdk: expect(jest.fn()).toHaveBeenCalled() aws-cdk: Expected number of calls: >= 1 aws-cdk: Received number of calls: 0

@markussiebert
Copy link
Contributor Author

@nwesoccer thank you for your feedback. I can't se the build protocolls.. :-/ Have to check

@nwesoccer
Copy link

@Markus7811 Sounds good, thank you for championing this change...and keeping up with merging of master in!

@markussiebert
Copy link
Contributor Author

markussiebert commented Nov 19, 2020
edited
Loading

Ok, pushed a fix, that will fix the test (but isn't testing EKS-Credentials), but at the moment, i don't have any idea how to test the WEB_IDENTITY_TOKEN, because the way it's handled for ecs and ec2 isn't working for eks:

https://docs.aws.amazon.com/credref/latest/refdocs/setting-global-credential_source.html

@markussiebert
Copy link
Contributor Author

markussiebert commented Nov 22, 2020
edited
Loading

So I think I implemented all of your comments. Thank you so much @iliapolo @hoegertn

rix0rrr
rix0rrr previously requested changes Nov 23, 2020
View reviewed changes
packages/aws-cdk/lib/api/aws-auth/awscli-compatible.ts Outdated Show resolved Hide resolved
@mergify mergify bot dismissed rix0rrr’s stale review November 24, 2020 06:33

Pull request has been modified.

@markussiebert markussiebert marked this pull request as draft November 25, 2020 14:59
@markussiebert markussiebert marked this pull request as ready for review November 25, 2020 14:59
@henrysachs
Copy link

@rix0rrr, @iliapolo whats the current state of the issue? I would like to have this in the next cdk release. :)

@hoegertn
Copy link
Contributor

@iamhopaul123 do have any opinions on this?

@rix0rrr rix0rrr changed the title feat(cli): Add EKSCredentials to provider chain feat(cli): support WebIdentityCredentials (as used by EKS) Nov 30, 2020
@github-actions github-actions bot added the package/tools Related to AWS CDK Tools or CLI label Nov 30, 2020
@mergify
Copy link
Contributor

mergify bot commented Nov 30, 2020

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildProject6AEA49D1-qxepHUsryhcu
  • Commit ID: e57eabc
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@mergify
Copy link
Contributor

mergify bot commented Nov 30, 2020

Thank you for contributing! Your pull request will be updated from master and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit 5cfbe6c into aws:master Nov 30, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@iliapolo iliapolo iliapolo left review comments

@hoegertn hoegertn hoegertn left review comments

@nwesoccer nwesoccer nwesoccer approved these changes

@rix0rrr rix0rrr rix0rrr approved these changes

Assignees

@rix0rrr rix0rrr

@iliapolo iliapolo

Labels
package/tools Related to AWS CDK Tools or CLI pr-linter/exempt-readme The PR linter will not require README changes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[core] cdk deploy won't use AWS_WEB_IDENTITY_TOKEN_FILE
7 participants
@markussiebert @nwesoccer @henrysachs @hoegertn @aws-cdk-automation @rix0rrr @iliapolo