diff --git a/.evergreen/config.yml b/.evergreen/config.yml index fc78c3e8f8..e1d85d77c7 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -243,7 +243,7 @@ functions: "iam_auth_ec2_instance_profile" : "${iam_auth_ec2_instance_profile}" } EOF - run aws auth test with regular aws credentials: + setup aws env: - command: shell.exec type: test params: @@ -252,6 +252,14 @@ functions: ${PREPARE_SHELL} cd ${DRIVERS_TOOLS}/.evergreen/auth_aws . ./activate_venv.sh + cd - + run aws auth test with regular aws credentials: + - command: shell.exec + type: test + params: + working_dir: src + script: | + cd ${DRIVERS_TOOLS}/.evergreen/auth_aws ${MONGODB_BINARIES}/mongo aws_e2e_regular_aws.js - command: shell.exec type: test @@ -329,6 +337,9 @@ functions: working_dir: src silent: true script: | + cd ${DRIVERS_TOOLS}/.evergreen/auth_aws + ${MONGODB_BINARIES}/mongo --verbose aws_e2e_regular_aws.js + cd - cat < "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh" export AWS_ACCESS_KEY_ID=${iam_auth_ecs_account} export AWS_SECRET_ACCESS_KEY=${iam_auth_ecs_secret_access_key} @@ -348,6 +359,9 @@ functions: working_dir: src silent: true script: | + cd ${DRIVERS_TOOLS}/.evergreen/auth_aws + ${MONGODB_BINARIES}/mongo --verbose aws_e2e_assume_role.js + cd - cat <<'EOF' > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh" export AWS_ACCESS_KEY_ID=$(jq -r '.AccessKeyId' ${DRIVERS_TOOLS}/.evergreen/auth_aws/creds.json) export AWS_SECRET_ACCESS_KEY=$(jq -r '.SecretAccessKey' ${DRIVERS_TOOLS}/.evergreen/auth_aws/creds.json) @@ -387,7 +401,7 @@ functions: cat setup.js . ./activate_venv.sh - mongo --nodb setup.js aws_e2e_ecs.js + ${MONGODB_BINARIES}/mongo --nodb setup.js aws_e2e_ecs.js run-ocsp-test: - command: shell.exec type: test @@ -1377,7 +1391,7 @@ tasks: - func: run-ocsp-test vars: OCSP_TLS_SHOULD_SUCCEED: 0 - - name: aws-latest-auth-test + - name: aws-latest-auth-test-run-aws-auth-test-with-regular-aws-credentials commands: - func: install dependencies - func: bootstrap mongo-orchestration @@ -1387,13 +1401,69 @@ tasks: ORCHESTRATION_FILE: auth-aws.json TOPOLOGY: server - func: add aws auth variables to file + - func: setup aws env - func: run aws auth test with regular aws credentials + - name: aws-latest-auth-test-run-aws-auth-test-with-assume-role-credentials + commands: + - func: install dependencies + - func: bootstrap mongo-orchestration + vars: + VERSION: latest + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + - func: add aws auth variables to file + - func: setup aws env - func: run aws auth test with assume role credentials + - name: aws-latest-auth-test-run-aws-auth-test-with-aws-EC2-credentials + commands: + - func: install dependencies + - func: bootstrap mongo-orchestration + vars: + VERSION: latest + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + - func: add aws auth variables to file + - func: setup aws env - func: run aws auth test with aws EC2 credentials + - name: aws-latest-auth-test-run-aws-auth-test-with-aws-credentials-as-environment-variables + commands: + - func: install dependencies + - func: bootstrap mongo-orchestration + vars: + VERSION: latest + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + - func: add aws auth variables to file + - func: setup aws env - func: run aws auth test with aws credentials as environment variables + - name: aws-latest-auth-test-run-aws-auth-test-with-aws-credentials-and-session-token-as-environment-variables + commands: + - func: install dependencies + - func: bootstrap mongo-orchestration + vars: + VERSION: latest + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + - func: add aws auth variables to file + - func: setup aws env - func: run aws auth test with aws credentials and session token as environment variables + - name: aws-latest-auth-test-run-aws-ECS-auth-test + commands: + - func: install dependencies + - func: bootstrap mongo-orchestration + vars: + VERSION: latest + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + - func: add aws auth variables to file + - func: setup aws env - func: run aws ECS auth test - - name: aws-4.4-auth-test + - name: aws-4.4-auth-test-run-aws-auth-test-with-regular-aws-credentials commands: - func: install dependencies - func: bootstrap mongo-orchestration @@ -1403,11 +1473,67 @@ tasks: ORCHESTRATION_FILE: auth-aws.json TOPOLOGY: server - func: add aws auth variables to file + - func: setup aws env - func: run aws auth test with regular aws credentials + - name: aws-4.4-auth-test-run-aws-auth-test-with-assume-role-credentials + commands: + - func: install dependencies + - func: bootstrap mongo-orchestration + vars: + VERSION: '4.4' + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + - func: add aws auth variables to file + - func: setup aws env - func: run aws auth test with assume role credentials + - name: aws-4.4-auth-test-run-aws-auth-test-with-aws-EC2-credentials + commands: + - func: install dependencies + - func: bootstrap mongo-orchestration + vars: + VERSION: '4.4' + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + - func: add aws auth variables to file + - func: setup aws env - func: run aws auth test with aws EC2 credentials + - name: aws-4.4-auth-test-run-aws-auth-test-with-aws-credentials-as-environment-variables + commands: + - func: install dependencies + - func: bootstrap mongo-orchestration + vars: + VERSION: '4.4' + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + - func: add aws auth variables to file + - func: setup aws env - func: run aws auth test with aws credentials as environment variables + - name: aws-4.4-auth-test-run-aws-auth-test-with-aws-credentials-and-session-token-as-environment-variables + commands: + - func: install dependencies + - func: bootstrap mongo-orchestration + vars: + VERSION: '4.4' + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + - func: add aws auth variables to file + - func: setup aws env - func: run aws auth test with aws credentials and session token as environment variables + - name: aws-4.4-auth-test-run-aws-ECS-auth-test + commands: + - func: install dependencies + - func: bootstrap mongo-orchestration + vars: + VERSION: '4.4' + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + - func: add aws auth variables to file + - func: setup aws env - func: run aws ECS auth test - name: run-checks tags: @@ -1994,5 +2120,15 @@ buildvariants: expansions: NODE_LTS_NAME: carbon tasks: - - aws-latest-auth-test - - aws-4.4-auth-test + - aws-latest-auth-test-run-aws-auth-test-with-regular-aws-credentials + - aws-latest-auth-test-run-aws-auth-test-with-assume-role-credentials + - aws-latest-auth-test-run-aws-auth-test-with-aws-EC2-credentials + - aws-latest-auth-test-run-aws-auth-test-with-aws-credentials-as-environment-variables + - aws-latest-auth-test-run-aws-auth-test-with-aws-credentials-and-session-token-as-environment-variables + - aws-latest-auth-test-run-aws-ECS-auth-test + - aws-4.4-auth-test-run-aws-auth-test-with-regular-aws-credentials + - aws-4.4-auth-test-run-aws-auth-test-with-assume-role-credentials + - aws-4.4-auth-test-run-aws-auth-test-with-aws-EC2-credentials + - aws-4.4-auth-test-run-aws-auth-test-with-aws-credentials-as-environment-variables + - aws-4.4-auth-test-run-aws-auth-test-with-aws-credentials-and-session-token-as-environment-variables + - aws-4.4-auth-test-run-aws-ECS-auth-test diff --git a/.evergreen/config.yml.in b/.evergreen/config.yml.in index ea2a8b9ec5..5aa2c08f8e 100644 --- a/.evergreen/config.yml.in +++ b/.evergreen/config.yml.in @@ -274,7 +274,7 @@ functions: } EOF - "run aws auth test with regular aws credentials": + "setup aws env": - command: shell.exec type: test params: @@ -283,6 +283,15 @@ functions: ${PREPARE_SHELL} cd ${DRIVERS_TOOLS}/.evergreen/auth_aws . ./activate_venv.sh + cd - + + "run aws auth test with regular aws credentials": + - command: shell.exec + type: test + params: + working_dir: "src" + script: | + cd ${DRIVERS_TOOLS}/.evergreen/auth_aws ${MONGODB_BINARIES}/mongo aws_e2e_regular_aws.js - command: shell.exec type: test @@ -363,6 +372,9 @@ functions: working_dir: "src" silent: true script: | + cd ${DRIVERS_TOOLS}/.evergreen/auth_aws + ${MONGODB_BINARIES}/mongo --verbose aws_e2e_regular_aws.js + cd - cat < "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh" export AWS_ACCESS_KEY_ID=${iam_auth_ecs_account} export AWS_SECRET_ACCESS_KEY=${iam_auth_ecs_secret_access_key} @@ -383,6 +395,9 @@ functions: working_dir: "src" silent: true script: | + cd ${DRIVERS_TOOLS}/.evergreen/auth_aws + ${MONGODB_BINARIES}/mongo --verbose aws_e2e_assume_role.js + cd - cat <<'EOF' > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh" export AWS_ACCESS_KEY_ID=$(jq -r '.AccessKeyId' ${DRIVERS_TOOLS}/.evergreen/auth_aws/creds.json) export AWS_SECRET_ACCESS_KEY=$(jq -r '.SecretAccessKey' ${DRIVERS_TOOLS}/.evergreen/auth_aws/creds.json) @@ -423,7 +438,7 @@ functions: cat setup.js . ./activate_venv.sh - mongo --nodb setup.js aws_e2e_ecs.js + ${MONGODB_BINARIES}/mongo --nodb setup.js aws_e2e_ecs.js "run-ocsp-test": - command: shell.exec diff --git a/.evergreen/generate_evergreen_tasks.js b/.evergreen/generate_evergreen_tasks.js index 037022480c..9fee00942a 100644 --- a/.evergreen/generate_evergreen_tasks.js +++ b/.evergreen/generate_evergreen_tasks.js @@ -296,10 +296,20 @@ OCSP_VERSIONS.forEach(VERSION => { const AWS_AUTH_TASKS = []; AWS_AUTH_VERSIONS.forEach(VERSION => { - const name = `aws-${VERSION}-auth-test`; - AWS_AUTH_TASKS.push(name); - TASKS.push({ - name: name, + const name = (ex) => `aws-${VERSION}-auth-test-${ex.split(' ').join('-')}`; + // AWS_AUTH_TASKS.push(name); + + const aws_funcs = [ + { func: 'run aws auth test with regular aws credentials' }, + { func: 'run aws auth test with assume role credentials' }, + { func: 'run aws auth test with aws EC2 credentials' }, + { func: 'run aws auth test with aws credentials as environment variables' }, + { func: 'run aws auth test with aws credentials and session token as environment variables' }, + { func: 'run aws ECS auth test' } + ]; + + const aws_tasks = aws_funcs.map(fn => ({ + name: name(fn.func), commands: [ { func: 'install dependencies' }, { @@ -312,14 +322,13 @@ AWS_AUTH_VERSIONS.forEach(VERSION => { } }, { func: 'add aws auth variables to file' }, - { func: 'run aws auth test with regular aws credentials' }, - { func: 'run aws auth test with assume role credentials' }, - { func: 'run aws auth test with aws EC2 credentials' }, - { func: 'run aws auth test with aws credentials as environment variables' }, - { func: 'run aws auth test with aws credentials and session token as environment variables' }, - { func: 'run aws ECS auth test' } + { func: 'setup aws env' }, + fn ] - }); + })) + + TASKS.push(...aws_tasks); + AWS_AUTH_TASKS.push(...aws_tasks.map(t => t.name)) }); const BUILD_VARIANTS = []; diff --git a/lib/core/auth/mongo_credentials.js b/lib/core/auth/mongo_credentials.js index 054e47d304..090969e540 100644 --- a/lib/core/auth/mongo_credentials.js +++ b/lib/core/auth/mongo_credentials.js @@ -49,16 +49,16 @@ class MongoCredentials { this.mechanism = options.mechanism || 'default'; this.mechanismProperties = options.mechanismProperties || {}; - if (this.mechanism.match(/MONGODB-AWS/i)) { - if (this.username == null && process.env.AWS_ACCESS_KEY_ID) { + if (/MONGODB-AWS/i.test(this.mechanism)) { + if (!this.username && process.env.AWS_ACCESS_KEY_ID) { this.username = process.env.AWS_ACCESS_KEY_ID; } - if (this.password == null && process.env.AWS_SECRET_ACCESS_KEY) { + if (!this.password && process.env.AWS_SECRET_ACCESS_KEY) { this.password = process.env.AWS_SECRET_ACCESS_KEY; } - if (this.mechanismProperties.AWS_SESSION_TOKEN == null && process.env.AWS_SESSION_TOKEN) { + if (!this.mechanismProperties.AWS_SESSION_TOKEN && process.env.AWS_SESSION_TOKEN) { this.mechanismProperties.AWS_SESSION_TOKEN = process.env.AWS_SESSION_TOKEN; } } @@ -90,7 +90,7 @@ class MongoCredentials { */ resolveAuthMechanism(ismaster) { // If the mechanism is not "default", then it does not need to be resolved - if (this.mechanism.match(/DEFAULT/i)) { + if (/DEFAULT/i.test(this.mechanism)) { return new MongoCredentials({ username: this.username, password: this.password, diff --git a/test/tools/runner/plugins/client_leak_checker.js b/test/tools/runner/plugins/client_leak_checker.js index 7a74710978..f7999c44ac 100644 --- a/test/tools/runner/plugins/client_leak_checker.js +++ b/test/tools/runner/plugins/client_leak_checker.js @@ -30,7 +30,7 @@ function unifiedTopologyIsConnected(client) { } after(function() { - const isUnifiedTopology = this.configuration.usingUnifiedTopology; + const isUnifiedTopology = !!(this.configuration && this.configuration.usingUnifiedTopology); const traces = []; const openClientCount = activeClients.reduce((count, client) => { const isConnected = isUnifiedTopology