diff --git a/.evergreen/config.yml b/.evergreen/config.yml index 4d337eb61d..a1ea000098 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -543,40 +543,22 @@ functions: bash ${PROJECT_DIRECTORY}/.evergreen/tox.sh -m test-eg "run atlas tests": - - command: shell.exec - type: test + - command: ec2.assume_role params: - silent: true - working_dir: "src" - script: | - cat < prepare_atlas_connectivity.sh - export ATLAS_FREE='${atlas_free}' - export ATLAS_REPL='${atlas_repl}' - export ATLAS_SHRD='${atlas_shrd}' - export ATLAS_TLS11='${atlas_tls11}' - export ATLAS_TLS12='${atlas_tls12}' - export ATLAS_SERVERLESS='${atlas_serverless}' - export ATLAS_SRV_FREE='${atlas_srv_free}' - export ATLAS_SRV_REPL='${atlas_srv_repl}' - export ATLAS_SRV_SHRD='${atlas_srv_shrd}' - export ATLAS_SRV_TLS11='${atlas_srv_tls11}' - export ATLAS_SRV_TLS12='${atlas_srv_tls12}' - export ATLAS_SRV_SERVERLESS='${atlas_srv_serverless}' - EOT + role_arn: ${aws_test_secrets_role} - command: shell.exec type: test params: + add_expansions_to_env: true working_dir: "src" script: | # Disable xtrace for security reasons (just in case it was accidentally set). set +x - - . ./prepare_atlas_connectivity.sh - rm -f ./prepare_atlas_connectivity.sh - set -o errexit set -o xtrace - ${PYTHON_BINARY} -m tox -m test-atlas + + bash ${PROJECT_DIRECTORY}/.evergreen/tox.sh -m aws-secrets -- drivers/atlas_connect + TEST_ATLAS=1 bash ${PROJECT_DIRECTORY}/.evergreen/tox.sh -m test-eg "add aws auth variables to file": - command: shell.exec diff --git a/.evergreen/run-tests.sh b/.evergreen/run-tests.sh index d3a24f628c..daeb9b1dcd 100755 --- a/.evergreen/run-tests.sh +++ b/.evergreen/run-tests.sh @@ -26,6 +26,7 @@ set -o errexit # Exit the script with error if any of the commands fail # TEST_PERF If non-empty, run performance tests # TEST_OCSP If non-empty, run OCSP tests # TEST_ENCRYPTION_PYOPENSSL If non-empy, test encryption with PyOpenSSL +# TEST_ATLAS If non-empty, test Atlas connections if [ -n "${SET_XTRACE_ON}" ]; then set -o xtrace @@ -205,6 +206,10 @@ if [ -n "$TEST_DATA_LAKE" ] && [ -z "$TEST_ARGS" ]; then TEST_ARGS="test/test_data_lake.py" fi +if [ -n "$TEST_ATLAS" ]; then + TEST_ARGS="test/atlas/test_connection.py" +fi + if [ -n "$TEST_OCSP" ]; then python -m pip install ".[ocsp]" TEST_ARGS="test/ocsp/test_ocsp.py" @@ -229,6 +234,11 @@ fi echo "Running $AUTH tests over $SSL with python $PYTHON" python -c 'import sys; print(sys.version)' +# Try to source exported AWS Secrets +if [ -f ./secrets-export.sh ]; then + source ./secrets-export.sh +fi + # Run the tests, and store the results in Evergreen compatible XUnit XML # files in the xunit-results/ directory. diff --git a/.gitignore b/.gitignore index 3096d460ba..2663e31757 100644 --- a/.gitignore +++ b/.gitignore @@ -17,6 +17,8 @@ mongocryptd.pid .idea/ .nova/ venv/ +secrets-expansion.yml +secrets-export.sh # Lambda temp files test/lambda/.aws-sam diff --git a/tox.ini b/tox.ini index 11913a8832..55545c54f0 100644 --- a/tox.ini +++ b/tox.ini @@ -38,8 +38,8 @@ labels = # Use labels and -m instead of -e so that tox -m