From f4d8274821d6e17f464a21b1137c8d0a4223e9f2 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Tue, 25 Feb 2025 20:42:33 -0600 Subject: [PATCH 01/35] PYTHON-5157 Convert aws tests to use python scripts --- .evergreen/config.yml | 126 -------- .evergreen/generated_configs/tasks.yml | 310 ++++++++++++++++++++ .evergreen/generated_configs/variants.yml | 58 +--- .evergreen/scripts/generate_config.py | 42 ++- .evergreen/scripts/run-aws-ecs-auth-test.sh | 12 - .evergreen/scripts/run-mongodb-aws-test.sh | 28 -- .evergreen/scripts/run_tests.py | 7 +- .evergreen/scripts/setup_tests.py | 3 + 8 files changed, 355 insertions(+), 231 deletions(-) delete mode 100755 .evergreen/scripts/run-aws-ecs-auth-test.sh delete mode 100755 .evergreen/scripts/run-mongodb-aws-test.sh diff --git a/.evergreen/config.yml b/.evergreen/config.yml index 4c12e8bdb2..5d8926c95e 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -1159,132 +1159,6 @@ tasks: OCSP_ALGORITHM: "ecdsa" OCSP_TLS_SHOULD_SUCCEED: "false" - - name: "aws-auth-test-4.4" - commands: - - func: "bootstrap mongo-orchestration" - vars: - AUTH: "auth" - ORCHESTRATION_FILE: "auth-aws.json" - TOPOLOGY: "server" - VERSION: "4.4" - - func: "assume ec2 role" - - func: "get aws auth secrets" - - func: "run aws auth test with regular aws credentials" - - func: "run aws auth test with assume role credentials" - - func: "run aws auth test with aws credentials as environment variables" - - func: "run aws auth test with aws credentials and session token as environment variables" - - func: "run aws auth test with aws EC2 credentials" - - func: "run aws auth test with aws web identity credentials" - - func: "run aws ECS auth test" - - - name: "aws-auth-test-5.0" - commands: - - func: "bootstrap mongo-orchestration" - vars: - AUTH: "auth" - ORCHESTRATION_FILE: "auth-aws.json" - TOPOLOGY: "server" - VERSION: "5.0" - - func: "assume ec2 role" - - func: "get aws auth secrets" - - func: "run aws auth test with regular aws credentials" - - func: "run aws auth test with assume role credentials" - - func: "run aws auth test with aws credentials as environment variables" - - func: "run aws auth test with aws credentials and session token as environment variables" - - func: "run aws auth test with aws EC2 credentials" - - func: "run aws auth test with aws web identity credentials" - - func: "run aws ECS auth test" - - - name: "aws-auth-test-6.0" - commands: - - func: "bootstrap mongo-orchestration" - vars: - AUTH: "auth" - ORCHESTRATION_FILE: "auth-aws.json" - TOPOLOGY: "server" - VERSION: "6.0" - - func: "assume ec2 role" - - func: "get aws auth secrets" - - func: "run aws auth test with regular aws credentials" - - func: "run aws auth test with assume role credentials" - - func: "run aws auth test with aws credentials as environment variables" - - func: "run aws auth test with aws credentials and session token as environment variables" - - func: "run aws auth test with aws EC2 credentials" - - func: "run aws auth test with aws web identity credentials" - - func: "run aws ECS auth test" - - - name: "aws-auth-test-7.0" - commands: - - func: "bootstrap mongo-orchestration" - vars: - AUTH: "auth" - ORCHESTRATION_FILE: "auth-aws.json" - TOPOLOGY: "server" - VERSION: "7.0" - - func: "assume ec2 role" - - func: "get aws auth secrets" - - func: "run aws auth test with regular aws credentials" - - func: "run aws auth test with assume role credentials" - - func: "run aws auth test with aws credentials as environment variables" - - func: "run aws auth test with aws credentials and session token as environment variables" - - func: "run aws auth test with aws EC2 credentials" - - func: "run aws auth test with aws web identity credentials" - - func: "run aws ECS auth test" - - - name: "aws-auth-test-8.0" - commands: - - func: "bootstrap mongo-orchestration" - vars: - AUTH: "auth" - ORCHESTRATION_FILE: "auth-aws.json" - TOPOLOGY: "server" - VERSION: "8.0" - - func: "assume ec2 role" - - func: "get aws auth secrets" - - func: "run aws auth test with regular aws credentials" - - func: "run aws auth test with assume role credentials" - - func: "run aws auth test with aws credentials as environment variables" - - func: "run aws auth test with aws credentials and session token as environment variables" - - func: "run aws auth test with aws EC2 credentials" - - func: "run aws auth test with aws web identity credentials" - - func: "run aws ECS auth test" - - - name: "aws-auth-test-rapid" - commands: - - func: "bootstrap mongo-orchestration" - vars: - AUTH: "auth" - ORCHESTRATION_FILE: "auth-aws.json" - TOPOLOGY: "server" - VERSION: "rapid" - - func: "assume ec2 role" - - func: "get aws auth secrets" - - func: "run aws auth test with regular aws credentials" - - func: "run aws auth test with assume role credentials" - - func: "run aws auth test with aws credentials as environment variables" - - func: "run aws auth test with aws credentials and session token as environment variables" - - func: "run aws auth test with aws EC2 credentials" - - func: "run aws auth test with aws web identity credentials" - - func: "run aws ECS auth test" - - - name: "aws-auth-test-latest" - commands: - - func: "bootstrap mongo-orchestration" - vars: - AUTH: "auth" - ORCHESTRATION_FILE: "auth-aws.json" - TOPOLOGY: "server" - VERSION: "latest" - - func: "assume ec2 role" - - func: "get aws auth secrets" - - func: "run aws auth test with regular aws credentials" - - func: "run aws auth test with assume role credentials" - - func: "run aws auth test with aws credentials as environment variables" - - func: "run aws auth test with aws credentials and session token as environment variables" - - func: "run aws auth test with aws EC2 credentials" - - func: "run aws auth test with aws web identity credentials" - - func: "run aws ECS auth test" - - name: "oidc-auth-test" commands: - func: "run oidc auth test with test credentials" diff --git a/.evergreen/generated_configs/tasks.yml b/.evergreen/generated_configs/tasks.yml index b7aab80b30..49696fa080 100644 --- a/.evergreen/generated_configs/tasks.yml +++ b/.evergreen/generated_configs/tasks.yml @@ -1,4 +1,314 @@ tasks: + # Aws tests + - name: test-auth-aws-4.4 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: "4.4" + - func: assume ec2 role + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: regular + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: assume-role + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: ec2 + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: env-creds + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: session-creds + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: web-identity + tags: [auth-aws, "4.4"] + - name: test-auth-aws-ecs-4.4 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: "4.4" + - func: run aws ECS auth test + tags: [auth-aws-ecs, "4.4"] + - name: test-auth-aws-5.0 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: "5.0" + - func: assume ec2 role + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: regular + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: assume-role + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: ec2 + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: env-creds + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: session-creds + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: web-identity + tags: [auth-aws, "5.0"] + - name: test-auth-aws-ecs-5.0 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: "5.0" + - func: run aws ECS auth test + tags: [auth-aws-ecs, "5.0"] + - name: test-auth-aws-6.0 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: "6.0" + - func: assume ec2 role + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: regular + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: assume-role + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: ec2 + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: env-creds + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: session-creds + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: web-identity + tags: [auth-aws, "6.0"] + - name: test-auth-aws-ecs-6.0 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: "6.0" + - func: run aws ECS auth test + tags: [auth-aws-ecs, "6.0"] + - name: test-auth-aws-7.0 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: "7.0" + - func: assume ec2 role + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: regular + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: assume-role + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: ec2 + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: env-creds + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: session-creds + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: web-identity + tags: [auth-aws, "7.0"] + - name: test-auth-aws-ecs-7.0 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: "7.0" + - func: run aws ECS auth test + tags: [auth-aws-ecs, "7.0"] + - name: test-auth-aws-8.0 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: "8.0" + - func: assume ec2 role + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: regular + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: assume-role + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: ec2 + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: env-creds + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: session-creds + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: web-identity + tags: [auth-aws, "8.0"] + - name: test-auth-aws-ecs-8.0 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: "8.0" + - func: run aws ECS auth test + tags: [auth-aws-ecs, "8.0"] + - name: test-auth-aws-rapid + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: rapid + - func: assume ec2 role + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: regular + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: assume-role + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: ec2 + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: env-creds + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: session-creds + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: web-identity + tags: [auth-aws, rapid] + - name: test-auth-aws-ecs-rapid + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: rapid + - func: run aws ECS auth test + tags: [auth-aws-ecs, rapid] + - name: test-auth-aws-latest + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: latest + - func: assume ec2 role + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: regular + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: assume-role + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: ec2 + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: env-creds + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: session-creds + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: web-identity + tags: [auth-aws, latest] + - name: test-auth-aws-ecs-latest + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: latest + - func: run aws ECS auth test + tags: [auth-aws-ecs, latest] + # Kms tests - name: test-gcpkms commands: diff --git a/.evergreen/generated_configs/variants.yml b/.evergreen/generated_configs/variants.yml index 88c564909f..0526baa179 100644 --- a/.evergreen/generated_configs/variants.yml +++ b/.evergreen/generated_configs/variants.yml @@ -107,13 +107,8 @@ buildvariants: # Aws auth tests - name: auth-aws-ubuntu-20-python3.9 tasks: - - name: aws-auth-test-4.4 - - name: aws-auth-test-5.0 - - name: aws-auth-test-6.0 - - name: aws-auth-test-7.0 - - name: aws-auth-test-8.0 - - name: aws-auth-test-rapid - - name: aws-auth-test-latest + - name: .auth-aws + - name: .auth-aws-ecs display_name: Auth AWS Ubuntu-20 Python3.9 run_on: - ubuntu2004-small @@ -121,13 +116,8 @@ buildvariants: PYTHON_BINARY: /opt/python/3.9/bin/python3 - name: auth-aws-ubuntu-20-python3.13 tasks: - - name: aws-auth-test-4.4 - - name: aws-auth-test-5.0 - - name: aws-auth-test-6.0 - - name: aws-auth-test-7.0 - - name: aws-auth-test-8.0 - - name: aws-auth-test-rapid - - name: aws-auth-test-latest + - name: .auth-aws + - name: .auth-aws-ecs display_name: Auth AWS Ubuntu-20 Python3.13 run_on: - ubuntu2004-small @@ -135,67 +125,35 @@ buildvariants: PYTHON_BINARY: /opt/python/3.13/bin/python3 - name: auth-aws-win64-python3.9 tasks: - - name: aws-auth-test-4.4 - - name: aws-auth-test-5.0 - - name: aws-auth-test-6.0 - - name: aws-auth-test-7.0 - - name: aws-auth-test-8.0 - - name: aws-auth-test-rapid - - name: aws-auth-test-latest + - name: .auth-aws display_name: Auth AWS Win64 Python3.9 run_on: - windows-64-vsMulti-small expansions: - skip_ECS_auth_test: "true" PYTHON_BINARY: C:/python/Python39/python.exe - name: auth-aws-win64-python3.13 tasks: - - name: aws-auth-test-4.4 - - name: aws-auth-test-5.0 - - name: aws-auth-test-6.0 - - name: aws-auth-test-7.0 - - name: aws-auth-test-8.0 - - name: aws-auth-test-rapid - - name: aws-auth-test-latest + - name: .auth-aws display_name: Auth AWS Win64 Python3.13 run_on: - windows-64-vsMulti-small expansions: - skip_ECS_auth_test: "true" PYTHON_BINARY: C:/python/Python313/python.exe - name: auth-aws-macos-python3.9 tasks: - - name: aws-auth-test-4.4 - - name: aws-auth-test-5.0 - - name: aws-auth-test-6.0 - - name: aws-auth-test-7.0 - - name: aws-auth-test-8.0 - - name: aws-auth-test-rapid - - name: aws-auth-test-latest + - name: .auth-aws display_name: Auth AWS macOS Python3.9 run_on: - macos-14 expansions: - skip_ECS_auth_test: "true" - skip_EC2_auth_test: "true" - skip_web_identity_auth_test: "true" PYTHON_BINARY: /Library/Frameworks/Python.Framework/Versions/3.9/bin/python3 - name: auth-aws-macos-python3.13 tasks: - - name: aws-auth-test-4.4 - - name: aws-auth-test-5.0 - - name: aws-auth-test-6.0 - - name: aws-auth-test-7.0 - - name: aws-auth-test-8.0 - - name: aws-auth-test-rapid - - name: aws-auth-test-latest + - name: .auth-aws display_name: Auth AWS macOS Python3.13 run_on: - macos-14 expansions: - skip_ECS_auth_test: "true" - skip_EC2_auth_test: "true" - skip_web_identity_auth_test: "true" PYTHON_BINARY: /Library/Frameworks/Python.Framework/Versions/3.13/bin/python3 # Compression tests diff --git a/.evergreen/scripts/generate_config.py b/.evergreen/scripts/generate_config.py index 4d4d29c6dd..ea2459fc8f 100644 --- a/.evergreen/scripts/generate_config.py +++ b/.evergreen/scripts/generate_config.py @@ -734,23 +734,12 @@ def create_atlas_connect_variants(): def create_aws_auth_variants(): variants = [] - tasks = [ - "aws-auth-test-4.4", - "aws-auth-test-5.0", - "aws-auth-test-6.0", - "aws-auth-test-7.0", - "aws-auth-test-8.0", - "aws-auth-test-rapid", - "aws-auth-test-latest", - ] for host_name, python in product(["ubuntu20", "win64", "macos"], MIN_MAX_PYTHON): expansions = dict() - if host_name != "ubuntu20": - expansions["skip_ECS_auth_test"] = "true" - if host_name == "macos": - expansions["skip_EC2_auth_test"] = "true" - expansions["skip_web_identity_auth_test"] = "true" + tasks = [".auth-aws"] + if host_name == "ubuntu20": + tasks += [".auth-aws-ecs"] host = HOSTS[host_name] variant = create_variant( tasks, @@ -854,6 +843,31 @@ def create_kms_tasks(): return tasks +def create_aws_tasks(): + tasks = [] + aws_test_types = ["regular", "assume-role", "ec2", "env-creds", "session-creds", "web-identity"] + for version in get_versions_from("4.4"): + name = f"test-auth-aws-{version}" + tags = ["auth-aws", version] + bootstrap_vars = dict( + AUTH="auth", ORCHESTRATION_FILE="auth-aws.json", TOPOLOGY="server", VERSION=version + ) + bootstrap_func = FunctionCall(func="bootstrap mongo-orchestration", vars=bootstrap_vars) + assume_func = FunctionCall(func="assume ec2 role") + test_funcs = [] + for test_type in aws_test_types: + test_vars = dict(TEST_AUTH_AWS="true", AWS_TEST_TYPE=test_type) + test_funcs.append(FunctionCall(func="run tests", vars=test_vars)) + funcs = [bootstrap_func, assume_func, *test_funcs] + tasks.append(EvgTask(name=name, tags=tags, commands=funcs)) + + ecs_name = f"test-auth-aws-ecs-{version}" + ecs_func = FunctionCall(func="run aws ECS auth test") + tags = ["auth-aws-ecs", version] + tasks.append(EvgTask(name=ecs_name, tags=tags, commands=[bootstrap_func, ecs_func])) + return tasks + + ################## # Generate Config ################## diff --git a/.evergreen/scripts/run-aws-ecs-auth-test.sh b/.evergreen/scripts/run-aws-ecs-auth-test.sh deleted file mode 100755 index b8197c4da5..0000000000 --- a/.evergreen/scripts/run-aws-ecs-auth-test.sh +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/bash - -# shellcheck disable=SC2154 -if [ "${skip_ECS_auth_test}" = "true" ]; then - echo "This platform does not support the ECS auth test, skipping..." - exit 0 -fi -set -ex -cd "$DRIVERS_TOOLS"/.evergreen/auth_aws -. ./activate-authawsvenv.sh -. aws_setup.sh ecs -cd - diff --git a/.evergreen/scripts/run-mongodb-aws-test.sh b/.evergreen/scripts/run-mongodb-aws-test.sh deleted file mode 100755 index fd38574db8..0000000000 --- a/.evergreen/scripts/run-mongodb-aws-test.sh +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash - -set -o xtrace -set -o errexit # Exit the script with error if any of the commands fail - -############################################ -# Main Program # -############################################ - -# Supported/used environment variables: -# MONGODB_URI Set the URI, including an optional username/password to use -# to connect to the server via MONGODB-AWS authentication -# mechanism. -# PYTHON_BINARY The Python version to use. - -# shellcheck disable=SC2154 -if [ "${skip_EC2_auth_test:-}" = "true" ] && { [ "$1" = "ec2" ] || [ "$1" = "web-identity" ]; }; then - echo "This platform does not support the EC2 auth test, skipping..." - exit 0 -fi - -echo "Running MONGODB-AWS authentication tests for $1" - -# Handle credentials and environment setup. -. "$DRIVERS_TOOLS"/.evergreen/auth_aws/aws_setup.sh "$1" - -bash ./.evergreen/just.sh setup-tests auth_aws $1 -bash ./.evergreen/just.sh run-tests diff --git a/.evergreen/scripts/run_tests.py b/.evergreen/scripts/run_tests.py index ceae46d343..9f77880db8 100644 --- a/.evergreen/scripts/run_tests.py +++ b/.evergreen/scripts/run_tests.py @@ -8,7 +8,7 @@ from datetime import datetime import pytest -from utils import LOGGER, ROOT +from utils import DRIVERS_TOOLS, LOGGER, ROOT, run_command AUTH = os.environ.get("AUTH", "noauth") SSL = os.environ.get("SSL", "nossl") @@ -106,6 +106,11 @@ def run() -> None: test_kms_remote(SUB_TEST_NAME) return + # Run remote ecs tests. + if TEST_NAME == "auth_aws" and SUB_TEST_NAME == "ecs": + run_command(f"{DRIVERS_TOOLS}/.evergreen/auth_aws/aws_setup.sh ecs") + return + # Run local tests. pytest.main(TEST_ARGS) diff --git a/.evergreen/scripts/setup_tests.py b/.evergreen/scripts/setup_tests.py index 615f07320a..5a43459394 100644 --- a/.evergreen/scripts/setup_tests.py +++ b/.evergreen/scripts/setup_tests.py @@ -369,7 +369,10 @@ def handle_test_env() -> None: write_env("OCSP_TLS_SHOULD_SUCCEED", os.environ["OCSP_TLS_SHOULD_SUCCEED"]) if test_name == "auth_aws": + run_command(f"{DRIVERS_TOOLS}/.evergreen/auth_aws/setup-secrets.sh") write_env("MONGODB_URI", os.environ["MONGODB_URI"]) + if sub_test_name != "ecs": + run_command(f"{DRIVERS_TOOLS}/.evergreen/auth_aws/aws_setup.sh ${sub_test_name}") if test_name == "perf": # PYTHON-4769 Run perf_test.py directly otherwise pytest's test collection negatively From 750404f812be9b1a9c79f644bced29242035e565 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Tue, 25 Feb 2025 20:47:22 -0600 Subject: [PATCH 02/35] incorporate changes from drivers-tools --- .evergreen/run-mongodb-aws-ecs-test.sh | 2 +- .evergreen/scripts/configure-env.sh | 2 +- .evergreen/scripts/setup_tests.py | 10 +++++++--- 3 files changed, 9 insertions(+), 5 deletions(-) diff --git a/.evergreen/run-mongodb-aws-ecs-test.sh b/.evergreen/run-mongodb-aws-ecs-test.sh index ef7e0ba333..09fa571959 100755 --- a/.evergreen/run-mongodb-aws-ecs-test.sh +++ b/.evergreen/run-mongodb-aws-ecs-test.sh @@ -30,5 +30,5 @@ export SET_XTRACE_ON=1 cd src rm -rf .venv rm -f .evergreen/scripts/test-env.sh || true -bash ./.evergreen/just.sh setup-tests auth_aws ecs +bash ./.evergreen/just.sh setup-tests auth_aws ecs-remote bash .evergreen/just.sh run-tests diff --git a/.evergreen/scripts/configure-env.sh b/.evergreen/scripts/configure-env.sh index 5515413562..2ed805b389 100755 --- a/.evergreen/scripts/configure-env.sh +++ b/.evergreen/scripts/configure-env.sh @@ -76,7 +76,7 @@ EOT # Write the .env file for drivers-tools. rm -rf $DRIVERS_TOOLS -git clone https://github.com/mongodb-labs/drivers-evergreen-tools.git $DRIVERS_TOOLS +git clone --branch https://github.com/blink1073/drivers-evergreen-tools.git $DRIVERS_TOOLS cat < ${DRIVERS_TOOLS}/.env SKIP_LEGACY_SHELL=1 diff --git a/.evergreen/scripts/setup_tests.py b/.evergreen/scripts/setup_tests.py index 5a43459394..ab5cf46fd7 100644 --- a/.evergreen/scripts/setup_tests.py +++ b/.evergreen/scripts/setup_tests.py @@ -368,11 +368,15 @@ def handle_test_env() -> None: write_env("CA_FILE", os.environ["CA_FILE"]) write_env("OCSP_TLS_SHOULD_SUCCEED", os.environ["OCSP_TLS_SHOULD_SUCCEED"]) - if test_name == "auth_aws": + if test_name == "auth_aws" and sub_test_name != "ecs-remote": run_command(f"{DRIVERS_TOOLS}/.evergreen/auth_aws/setup-secrets.sh") - write_env("MONGODB_URI", os.environ["MONGODB_URI"]) + aws_setup = f"{DRIVERS_TOOLS}/.evergreen/auth_aws/aws_setup.sh" + aws_test_type = os.environ["AWS_TEST_TYPE"] if sub_test_name != "ecs": - run_command(f"{DRIVERS_TOOLS}/.evergreen/auth_aws/aws_setup.sh ${sub_test_name}") + run_command(f"{aws_setup} {aws_test_type}") + creds = read_env(f"{DRIVERS_TOOLS}.evergreen/auth_aws/test-env.sh") + for name, value in creds.items(): + write_env(name, value) if test_name == "perf": # PYTHON-4769 Run perf_test.py directly otherwise pytest's test collection negatively From 480ea9bd77344003d5e06007932069d3c60a37f2 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Tue, 25 Feb 2025 20:54:06 -0600 Subject: [PATCH 03/35] cleanup --- .evergreen/generated_configs/tasks.yml | 99 ++++++++++---------------- .evergreen/scripts/generate_config.py | 12 ++-- .evergreen/scripts/setup_tests.py | 2 + 3 files changed, 47 insertions(+), 66 deletions(-) diff --git a/.evergreen/generated_configs/tasks.yml b/.evergreen/generated_configs/tasks.yml index 49696fa080..fb7cc247b4 100644 --- a/.evergreen/generated_configs/tasks.yml +++ b/.evergreen/generated_configs/tasks.yml @@ -33,17 +33,12 @@ tasks: vars: TEST_AUTH_AWS: "true" AWS_TEST_TYPE: web-identity - tags: [auth-aws, "4.4"] - - name: test-auth-aws-ecs-4.4 - commands: - - func: bootstrap mongo-orchestration + - func: run tests vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server - VERSION: "4.4" - - func: run aws ECS auth test - tags: [auth-aws-ecs, "4.4"] + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: web-identity + AWS_ROLE_SESSION_NAME: test + tags: [auth-aws, "4.4"] - name: test-auth-aws-5.0 commands: - func: bootstrap mongo-orchestration @@ -77,17 +72,12 @@ tasks: vars: TEST_AUTH_AWS: "true" AWS_TEST_TYPE: web-identity - tags: [auth-aws, "5.0"] - - name: test-auth-aws-ecs-5.0 - commands: - - func: bootstrap mongo-orchestration + - func: run tests vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server - VERSION: "5.0" - - func: run aws ECS auth test - tags: [auth-aws-ecs, "5.0"] + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: web-identity + AWS_ROLE_SESSION_NAME: test + tags: [auth-aws, "5.0"] - name: test-auth-aws-6.0 commands: - func: bootstrap mongo-orchestration @@ -121,17 +111,12 @@ tasks: vars: TEST_AUTH_AWS: "true" AWS_TEST_TYPE: web-identity - tags: [auth-aws, "6.0"] - - name: test-auth-aws-ecs-6.0 - commands: - - func: bootstrap mongo-orchestration + - func: run tests vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server - VERSION: "6.0" - - func: run aws ECS auth test - tags: [auth-aws-ecs, "6.0"] + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: web-identity + AWS_ROLE_SESSION_NAME: test + tags: [auth-aws, "6.0"] - name: test-auth-aws-7.0 commands: - func: bootstrap mongo-orchestration @@ -165,17 +150,12 @@ tasks: vars: TEST_AUTH_AWS: "true" AWS_TEST_TYPE: web-identity - tags: [auth-aws, "7.0"] - - name: test-auth-aws-ecs-7.0 - commands: - - func: bootstrap mongo-orchestration + - func: run tests vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server - VERSION: "7.0" - - func: run aws ECS auth test - tags: [auth-aws-ecs, "7.0"] + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: web-identity + AWS_ROLE_SESSION_NAME: test + tags: [auth-aws, "7.0"] - name: test-auth-aws-8.0 commands: - func: bootstrap mongo-orchestration @@ -209,17 +189,12 @@ tasks: vars: TEST_AUTH_AWS: "true" AWS_TEST_TYPE: web-identity - tags: [auth-aws, "8.0"] - - name: test-auth-aws-ecs-8.0 - commands: - - func: bootstrap mongo-orchestration + - func: run tests vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server - VERSION: "8.0" - - func: run aws ECS auth test - tags: [auth-aws-ecs, "8.0"] + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: web-identity + AWS_ROLE_SESSION_NAME: test + tags: [auth-aws, "8.0"] - name: test-auth-aws-rapid commands: - func: bootstrap mongo-orchestration @@ -253,17 +228,12 @@ tasks: vars: TEST_AUTH_AWS: "true" AWS_TEST_TYPE: web-identity - tags: [auth-aws, rapid] - - name: test-auth-aws-ecs-rapid - commands: - - func: bootstrap mongo-orchestration + - func: run tests vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server - VERSION: rapid - - func: run aws ECS auth test - tags: [auth-aws-ecs, rapid] + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: web-identity + AWS_ROLE_SESSION_NAME: test + tags: [auth-aws, rapid] - name: test-auth-aws-latest commands: - func: bootstrap mongo-orchestration @@ -297,8 +267,13 @@ tasks: vars: TEST_AUTH_AWS: "true" AWS_TEST_TYPE: web-identity + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: web-identity + AWS_ROLE_SESSION_NAME: test tags: [auth-aws, latest] - - name: test-auth-aws-ecs-latest + - name: test-auth-aws-ecs commands: - func: bootstrap mongo-orchestration vars: @@ -307,7 +282,7 @@ tasks: TOPOLOGY: server VERSION: latest - func: run aws ECS auth test - tags: [auth-aws-ecs, latest] + tags: [auth-aws-ecs] # Kms tests - name: test-gcpkms diff --git a/.evergreen/scripts/generate_config.py b/.evergreen/scripts/generate_config.py index ea2459fc8f..07a5475bf5 100644 --- a/.evergreen/scripts/generate_config.py +++ b/.evergreen/scripts/generate_config.py @@ -858,13 +858,17 @@ def create_aws_tasks(): for test_type in aws_test_types: test_vars = dict(TEST_AUTH_AWS="true", AWS_TEST_TYPE=test_type) test_funcs.append(FunctionCall(func="run tests", vars=test_vars)) + test_vars = dict( + TEST_AUTH_AWS="true", AWS_TEST_TYPE="web-identity", AWS_ROLE_SESSION_NAME="test" + ) + test_funcs.append(FunctionCall(func="run tests", vars=test_vars)) funcs = [bootstrap_func, assume_func, *test_funcs] tasks.append(EvgTask(name=name, tags=tags, commands=funcs)) - ecs_name = f"test-auth-aws-ecs-{version}" - ecs_func = FunctionCall(func="run aws ECS auth test") - tags = ["auth-aws-ecs", version] - tasks.append(EvgTask(name=ecs_name, tags=tags, commands=[bootstrap_func, ecs_func])) + ecs_name = "test-auth-aws-ecs" + ecs_func = FunctionCall(func="run aws ECS auth test") + tags = ["auth-aws-ecs"] + tasks.append(EvgTask(name=ecs_name, tags=tags, commands=[bootstrap_func, ecs_func])) return tasks diff --git a/.evergreen/scripts/setup_tests.py b/.evergreen/scripts/setup_tests.py index ab5cf46fd7..0a1a7457ad 100644 --- a/.evergreen/scripts/setup_tests.py +++ b/.evergreen/scripts/setup_tests.py @@ -372,6 +372,8 @@ def handle_test_env() -> None: run_command(f"{DRIVERS_TOOLS}/.evergreen/auth_aws/setup-secrets.sh") aws_setup = f"{DRIVERS_TOOLS}/.evergreen/auth_aws/aws_setup.sh" aws_test_type = os.environ["AWS_TEST_TYPE"] + if "AWS_ROLE_SESSION_NAME" in os.environ: + write_env("AWS_ROLE_SESSION_NAME") if sub_test_name != "ecs": run_command(f"{aws_setup} {aws_test_type}") creds = read_env(f"{DRIVERS_TOOLS}.evergreen/auth_aws/test-env.sh") From 1a191b5636d963b189706bcb8d8dc13e2b11c56f Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Tue, 25 Feb 2025 20:58:33 -0600 Subject: [PATCH 04/35] fix checkout --- .evergreen/scripts/configure-env.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.evergreen/scripts/configure-env.sh b/.evergreen/scripts/configure-env.sh index 2ed805b389..26dfcb265e 100755 --- a/.evergreen/scripts/configure-env.sh +++ b/.evergreen/scripts/configure-env.sh @@ -76,7 +76,7 @@ EOT # Write the .env file for drivers-tools. rm -rf $DRIVERS_TOOLS -git clone --branch https://github.com/blink1073/drivers-evergreen-tools.git $DRIVERS_TOOLS +git clone --branch aws-output-file https://github.com/blink1073/drivers-evergreen-tools.git $DRIVERS_TOOLS cat < ${DRIVERS_TOOLS}/.env SKIP_LEGACY_SHELL=1 From 8dd60bb67c5ff8f43dc94cd8333b8f1862f9fe11 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Tue, 25 Feb 2025 21:02:46 -0600 Subject: [PATCH 05/35] fix ecs --- .evergreen/config.yml | 10 ---------- .evergreen/generated_configs/tasks.yml | 5 ++++- .evergreen/scripts/generate_config.py | 3 ++- 3 files changed, 6 insertions(+), 12 deletions(-) diff --git a/.evergreen/config.yml b/.evergreen/config.yml index 5d8926c95e..4fb013a377 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -411,16 +411,6 @@ functions: args: - ${PROJECT_DIRECTORY}/.evergreen/run-mongodb-oidc-remote-test.sh - "run aws ECS auth test": - - command: subprocess.exec - type: test - params: - binary: bash - working_dir: "src" - args: - - .evergreen/scripts/run-with-env.sh - - .evergreen/scripts/run-aws-ecs-auth-test.sh - "cleanup": - command: subprocess.exec params: diff --git a/.evergreen/generated_configs/tasks.yml b/.evergreen/generated_configs/tasks.yml index fb7cc247b4..9650a960f5 100644 --- a/.evergreen/generated_configs/tasks.yml +++ b/.evergreen/generated_configs/tasks.yml @@ -281,7 +281,10 @@ tasks: ORCHESTRATION_FILE: auth-aws.json TOPOLOGY: server VERSION: latest - - func: run aws ECS auth test + - func: run tests + vars: + TEST_AUTH_AWS: "true" + AWS_TEST_TYPE: ecs tags: [auth-aws-ecs] # Kms tests diff --git a/.evergreen/scripts/generate_config.py b/.evergreen/scripts/generate_config.py index 07a5475bf5..7bd05c9a91 100644 --- a/.evergreen/scripts/generate_config.py +++ b/.evergreen/scripts/generate_config.py @@ -866,7 +866,8 @@ def create_aws_tasks(): tasks.append(EvgTask(name=name, tags=tags, commands=funcs)) ecs_name = "test-auth-aws-ecs" - ecs_func = FunctionCall(func="run aws ECS auth test") + test_vars = dict(TEST_AUTH_AWS="true", AWS_TEST_TYPE="ecs") + ecs_func = FunctionCall(func="run tests", vars=test_vars) tags = ["auth-aws-ecs"] tasks.append(EvgTask(name=ecs_name, tags=tags, commands=[bootstrap_func, ecs_func])) return tasks From 75b5d506f59130bc657fad92faa078783fa42760 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Tue, 25 Feb 2025 21:08:24 -0600 Subject: [PATCH 06/35] fix invocation --- .evergreen/generated_configs/tasks.yml | 100 ++++++++++++------------- .evergreen/scripts/generate_config.py | 6 +- 2 files changed, 53 insertions(+), 53 deletions(-) diff --git a/.evergreen/generated_configs/tasks.yml b/.evergreen/generated_configs/tasks.yml index 9650a960f5..351ebbc377 100644 --- a/.evergreen/generated_configs/tasks.yml +++ b/.evergreen/generated_configs/tasks.yml @@ -11,31 +11,31 @@ tasks: - func: assume ec2 role - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: regular - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: assume-role - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: ec2 - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: env-creds - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: session-creds - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: web-identity - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, "4.4"] @@ -50,31 +50,31 @@ tasks: - func: assume ec2 role - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: regular - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: assume-role - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: ec2 - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: env-creds - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: session-creds - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: web-identity - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, "5.0"] @@ -89,31 +89,31 @@ tasks: - func: assume ec2 role - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: regular - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: assume-role - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: ec2 - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: env-creds - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: session-creds - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: web-identity - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, "6.0"] @@ -128,31 +128,31 @@ tasks: - func: assume ec2 role - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: regular - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: assume-role - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: ec2 - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: env-creds - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: session-creds - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: web-identity - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, "7.0"] @@ -167,31 +167,31 @@ tasks: - func: assume ec2 role - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: regular - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: assume-role - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: ec2 - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: env-creds - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: session-creds - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: web-identity - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, "8.0"] @@ -206,31 +206,31 @@ tasks: - func: assume ec2 role - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: regular - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: assume-role - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: ec2 - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: env-creds - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: session-creds - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: web-identity - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, rapid] @@ -245,31 +245,31 @@ tasks: - func: assume ec2 role - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: regular - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: assume-role - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: ec2 - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: env-creds - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: session-creds - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: web-identity - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, latest] @@ -283,7 +283,7 @@ tasks: VERSION: latest - func: run tests vars: - TEST_AUTH_AWS: "true" + TEST_TYPE: auth_aws AWS_TEST_TYPE: ecs tags: [auth-aws-ecs] diff --git a/.evergreen/scripts/generate_config.py b/.evergreen/scripts/generate_config.py index 7bd05c9a91..adef9bb1ef 100644 --- a/.evergreen/scripts/generate_config.py +++ b/.evergreen/scripts/generate_config.py @@ -856,17 +856,17 @@ def create_aws_tasks(): assume_func = FunctionCall(func="assume ec2 role") test_funcs = [] for test_type in aws_test_types: - test_vars = dict(TEST_AUTH_AWS="true", AWS_TEST_TYPE=test_type) + test_vars = dict(TEST_TYPE="auth_aws", AWS_TEST_TYPE=test_type) test_funcs.append(FunctionCall(func="run tests", vars=test_vars)) test_vars = dict( - TEST_AUTH_AWS="true", AWS_TEST_TYPE="web-identity", AWS_ROLE_SESSION_NAME="test" + TEST_TYPE="auth_aws", AWS_TEST_TYPE="web-identity", AWS_ROLE_SESSION_NAME="test" ) test_funcs.append(FunctionCall(func="run tests", vars=test_vars)) funcs = [bootstrap_func, assume_func, *test_funcs] tasks.append(EvgTask(name=name, tags=tags, commands=funcs)) ecs_name = "test-auth-aws-ecs" - test_vars = dict(TEST_AUTH_AWS="true", AWS_TEST_TYPE="ecs") + test_vars = dict(TEST_TYPE="auth_aws", AWS_TEST_TYPE="ecs") ecs_func = FunctionCall(func="run tests", vars=test_vars) tags = ["auth-aws-ecs"] tasks.append(EvgTask(name=ecs_name, tags=tags, commands=[bootstrap_func, ecs_func])) From b6bffc850d86747a80a6ffffbfb978f128871fcf Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Tue, 25 Feb 2025 21:11:56 -0600 Subject: [PATCH 07/35] fix invocation --- .evergreen/generated_configs/tasks.yml | 200 ++++++++++++------------- .evergreen/scripts/generate_config.py | 6 +- 2 files changed, 103 insertions(+), 103 deletions(-) diff --git a/.evergreen/generated_configs/tasks.yml b/.evergreen/generated_configs/tasks.yml index 351ebbc377..28a5af6f40 100644 --- a/.evergreen/generated_configs/tasks.yml +++ b/.evergreen/generated_configs/tasks.yml @@ -11,32 +11,32 @@ tasks: - func: assume ec2 role - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: regular + TEST_NAME: auth_aws + SUB_TEST_NAME: regular - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: assume-role + TEST_NAME: auth_aws + SUB_TEST_NAME: assume-role - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: ec2 + TEST_NAME: auth_aws + SUB_TEST_NAME: ec2 - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: env-creds + TEST_NAME: auth_aws + SUB_TEST_NAME: env-creds - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: session-creds + TEST_NAME: auth_aws + SUB_TEST_NAME: session-creds - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: web-identity + TEST_NAME: auth_aws + SUB_TEST_NAME: web-identity - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: web-identity + TEST_NAME: auth_aws + SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, "4.4"] - name: test-auth-aws-5.0 @@ -50,32 +50,32 @@ tasks: - func: assume ec2 role - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: regular + TEST_NAME: auth_aws + SUB_TEST_NAME: regular - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: assume-role + TEST_NAME: auth_aws + SUB_TEST_NAME: assume-role - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: ec2 + TEST_NAME: auth_aws + SUB_TEST_NAME: ec2 - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: env-creds + TEST_NAME: auth_aws + SUB_TEST_NAME: env-creds - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: session-creds + TEST_NAME: auth_aws + SUB_TEST_NAME: session-creds - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: web-identity + TEST_NAME: auth_aws + SUB_TEST_NAME: web-identity - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: web-identity + TEST_NAME: auth_aws + SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, "5.0"] - name: test-auth-aws-6.0 @@ -89,32 +89,32 @@ tasks: - func: assume ec2 role - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: regular + TEST_NAME: auth_aws + SUB_TEST_NAME: regular - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: assume-role + TEST_NAME: auth_aws + SUB_TEST_NAME: assume-role - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: ec2 + TEST_NAME: auth_aws + SUB_TEST_NAME: ec2 - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: env-creds + TEST_NAME: auth_aws + SUB_TEST_NAME: env-creds - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: session-creds + TEST_NAME: auth_aws + SUB_TEST_NAME: session-creds - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: web-identity + TEST_NAME: auth_aws + SUB_TEST_NAME: web-identity - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: web-identity + TEST_NAME: auth_aws + SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, "6.0"] - name: test-auth-aws-7.0 @@ -128,32 +128,32 @@ tasks: - func: assume ec2 role - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: regular + TEST_NAME: auth_aws + SUB_TEST_NAME: regular - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: assume-role + TEST_NAME: auth_aws + SUB_TEST_NAME: assume-role - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: ec2 + TEST_NAME: auth_aws + SUB_TEST_NAME: ec2 - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: env-creds + TEST_NAME: auth_aws + SUB_TEST_NAME: env-creds - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: session-creds + TEST_NAME: auth_aws + SUB_TEST_NAME: session-creds - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: web-identity + TEST_NAME: auth_aws + SUB_TEST_NAME: web-identity - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: web-identity + TEST_NAME: auth_aws + SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, "7.0"] - name: test-auth-aws-8.0 @@ -167,32 +167,32 @@ tasks: - func: assume ec2 role - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: regular + TEST_NAME: auth_aws + SUB_TEST_NAME: regular - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: assume-role + TEST_NAME: auth_aws + SUB_TEST_NAME: assume-role - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: ec2 + TEST_NAME: auth_aws + SUB_TEST_NAME: ec2 - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: env-creds + TEST_NAME: auth_aws + SUB_TEST_NAME: env-creds - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: session-creds + TEST_NAME: auth_aws + SUB_TEST_NAME: session-creds - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: web-identity + TEST_NAME: auth_aws + SUB_TEST_NAME: web-identity - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: web-identity + TEST_NAME: auth_aws + SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, "8.0"] - name: test-auth-aws-rapid @@ -206,32 +206,32 @@ tasks: - func: assume ec2 role - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: regular + TEST_NAME: auth_aws + SUB_TEST_NAME: regular - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: assume-role + TEST_NAME: auth_aws + SUB_TEST_NAME: assume-role - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: ec2 + TEST_NAME: auth_aws + SUB_TEST_NAME: ec2 - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: env-creds + TEST_NAME: auth_aws + SUB_TEST_NAME: env-creds - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: session-creds + TEST_NAME: auth_aws + SUB_TEST_NAME: session-creds - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: web-identity + TEST_NAME: auth_aws + SUB_TEST_NAME: web-identity - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: web-identity + TEST_NAME: auth_aws + SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, rapid] - name: test-auth-aws-latest @@ -245,32 +245,32 @@ tasks: - func: assume ec2 role - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: regular + TEST_NAME: auth_aws + SUB_TEST_NAME: regular - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: assume-role + TEST_NAME: auth_aws + SUB_TEST_NAME: assume-role - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: ec2 + TEST_NAME: auth_aws + SUB_TEST_NAME: ec2 - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: env-creds + TEST_NAME: auth_aws + SUB_TEST_NAME: env-creds - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: session-creds + TEST_NAME: auth_aws + SUB_TEST_NAME: session-creds - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: web-identity + TEST_NAME: auth_aws + SUB_TEST_NAME: web-identity - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: web-identity + TEST_NAME: auth_aws + SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, latest] - name: test-auth-aws-ecs @@ -283,8 +283,8 @@ tasks: VERSION: latest - func: run tests vars: - TEST_TYPE: auth_aws - AWS_TEST_TYPE: ecs + TEST_NAME: auth_aws + SUB_TEST_NAME: ecs tags: [auth-aws-ecs] # Kms tests diff --git a/.evergreen/scripts/generate_config.py b/.evergreen/scripts/generate_config.py index adef9bb1ef..c49b5371f6 100644 --- a/.evergreen/scripts/generate_config.py +++ b/.evergreen/scripts/generate_config.py @@ -856,17 +856,17 @@ def create_aws_tasks(): assume_func = FunctionCall(func="assume ec2 role") test_funcs = [] for test_type in aws_test_types: - test_vars = dict(TEST_TYPE="auth_aws", AWS_TEST_TYPE=test_type) + test_vars = dict(TEST_NAME="auth_aws", SUB_TEST_NAME=test_type) test_funcs.append(FunctionCall(func="run tests", vars=test_vars)) test_vars = dict( - TEST_TYPE="auth_aws", AWS_TEST_TYPE="web-identity", AWS_ROLE_SESSION_NAME="test" + TEST_NAME="auth_aws", SUB_TEST_NAME="web-identity", AWS_ROLE_SESSION_NAME="test" ) test_funcs.append(FunctionCall(func="run tests", vars=test_vars)) funcs = [bootstrap_func, assume_func, *test_funcs] tasks.append(EvgTask(name=name, tags=tags, commands=funcs)) ecs_name = "test-auth-aws-ecs" - test_vars = dict(TEST_TYPE="auth_aws", AWS_TEST_TYPE="ecs") + test_vars = dict(TEST_NAME="auth_aws", SUB_TEST_NAME="ecs") ecs_func = FunctionCall(func="run tests", vars=test_vars) tags = ["auth-aws-ecs"] tasks.append(EvgTask(name=ecs_name, tags=tags, commands=[bootstrap_func, ecs_func])) From 6778a83a9d59e02e89efa5568fe24642fab87e3a Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Tue, 25 Feb 2025 21:15:38 -0600 Subject: [PATCH 08/35] fix setup --- .evergreen/scripts/setup_tests.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.evergreen/scripts/setup_tests.py b/.evergreen/scripts/setup_tests.py index 0a1a7457ad..6b44ffc3c7 100644 --- a/.evergreen/scripts/setup_tests.py +++ b/.evergreen/scripts/setup_tests.py @@ -371,11 +371,10 @@ def handle_test_env() -> None: if test_name == "auth_aws" and sub_test_name != "ecs-remote": run_command(f"{DRIVERS_TOOLS}/.evergreen/auth_aws/setup-secrets.sh") aws_setup = f"{DRIVERS_TOOLS}/.evergreen/auth_aws/aws_setup.sh" - aws_test_type = os.environ["AWS_TEST_TYPE"] if "AWS_ROLE_SESSION_NAME" in os.environ: write_env("AWS_ROLE_SESSION_NAME") if sub_test_name != "ecs": - run_command(f"{aws_setup} {aws_test_type}") + run_command(f"{aws_setup} {sub_test_name}") creds = read_env(f"{DRIVERS_TOOLS}.evergreen/auth_aws/test-env.sh") for name, value in creds.items(): write_env(name, value) From b2b69348f288546c844a2f7506681bf9902cd537 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Tue, 25 Feb 2025 21:19:43 -0600 Subject: [PATCH 09/35] fix setup --- .evergreen/scripts/setup_tests.py | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/.evergreen/scripts/setup_tests.py b/.evergreen/scripts/setup_tests.py index 6b44ffc3c7..99a4978a53 100644 --- a/.evergreen/scripts/setup_tests.py +++ b/.evergreen/scripts/setup_tests.py @@ -369,13 +369,14 @@ def handle_test_env() -> None: write_env("OCSP_TLS_SHOULD_SUCCEED", os.environ["OCSP_TLS_SHOULD_SUCCEED"]) if test_name == "auth_aws" and sub_test_name != "ecs-remote": - run_command(f"{DRIVERS_TOOLS}/.evergreen/auth_aws/setup-secrets.sh") - aws_setup = f"{DRIVERS_TOOLS}/.evergreen/auth_aws/aws_setup.sh" + auth_aws_dir = f"{DRIVERS_TOOLS}/.evergreen/auth_aws" + run_command(f"{auth_aws_dir}/setup-secrets.sh") + aws_setup = f"{auth_aws_dir}/aws_setup.sh" if "AWS_ROLE_SESSION_NAME" in os.environ: write_env("AWS_ROLE_SESSION_NAME") if sub_test_name != "ecs": run_command(f"{aws_setup} {sub_test_name}") - creds = read_env(f"{DRIVERS_TOOLS}.evergreen/auth_aws/test-env.sh") + creds = read_env(f"{auth_aws_dir}/test-env.sh") for name, value in creds.items(): write_env(name, value) From 7dd27f1bedc4621619e93c2a92847d531f619d21 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Tue, 25 Feb 2025 21:32:16 -0600 Subject: [PATCH 10/35] cleanup --- .evergreen/config.yml | 8 +-- .evergreen/generated_configs/tasks.yml | 80 +++++++++++++++++++++++++- .evergreen/scripts/generate_config.py | 10 ++-- .evergreen/scripts/teardown_tests.py | 6 +- 4 files changed, 90 insertions(+), 14 deletions(-) diff --git a/.evergreen/config.yml b/.evergreen/config.yml index 4fb013a377..9d93470a27 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -270,6 +270,7 @@ functions: type: test params: working_dir: "src" + include_expansions_in_env: [AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN] binary: bash args: [.evergreen/just.sh, run-tests] @@ -421,13 +422,6 @@ functions: - .evergreen/scripts/cleanup.sh "teardown system": - - command: subprocess.exec - params: - binary: bash - working_dir: "src" - args: - # Ensure the instance profile is reassigned for aws tests. - - ${DRIVERS_TOOLS}/.evergreen/auth_aws/teardown.sh - command: subprocess.exec params: binary: bash diff --git a/.evergreen/generated_configs/tasks.yml b/.evergreen/generated_configs/tasks.yml index 28a5af6f40..13f004b497 100644 --- a/.evergreen/generated_configs/tasks.yml +++ b/.evergreen/generated_configs/tasks.yml @@ -39,6 +39,19 @@ tasks: SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, "4.4"] + - name: test-auth-aws-ecs-4.4 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: "4.4" + - func: run tests + vars: + TEST_NAME: auth_aws + SUB_TEST_NAME: ecs + tags: [auth-aws-ecs] - name: test-auth-aws-5.0 commands: - func: bootstrap mongo-orchestration @@ -78,6 +91,19 @@ tasks: SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, "5.0"] + - name: test-auth-aws-ecs-5.0 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: "5.0" + - func: run tests + vars: + TEST_NAME: auth_aws + SUB_TEST_NAME: ecs + tags: [auth-aws-ecs] - name: test-auth-aws-6.0 commands: - func: bootstrap mongo-orchestration @@ -117,6 +143,19 @@ tasks: SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, "6.0"] + - name: test-auth-aws-ecs-6.0 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: "6.0" + - func: run tests + vars: + TEST_NAME: auth_aws + SUB_TEST_NAME: ecs + tags: [auth-aws-ecs] - name: test-auth-aws-7.0 commands: - func: bootstrap mongo-orchestration @@ -156,6 +195,19 @@ tasks: SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, "7.0"] + - name: test-auth-aws-ecs-7.0 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: "7.0" + - func: run tests + vars: + TEST_NAME: auth_aws + SUB_TEST_NAME: ecs + tags: [auth-aws-ecs] - name: test-auth-aws-8.0 commands: - func: bootstrap mongo-orchestration @@ -195,6 +247,19 @@ tasks: SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, "8.0"] + - name: test-auth-aws-ecs-8.0 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: "8.0" + - func: run tests + vars: + TEST_NAME: auth_aws + SUB_TEST_NAME: ecs + tags: [auth-aws-ecs] - name: test-auth-aws-rapid commands: - func: bootstrap mongo-orchestration @@ -234,6 +299,19 @@ tasks: SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, rapid] + - name: test-auth-aws-ecs-rapid + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH: auth + ORCHESTRATION_FILE: auth-aws.json + TOPOLOGY: server + VERSION: rapid + - func: run tests + vars: + TEST_NAME: auth_aws + SUB_TEST_NAME: ecs + tags: [auth-aws-ecs] - name: test-auth-aws-latest commands: - func: bootstrap mongo-orchestration @@ -273,7 +351,7 @@ tasks: SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test tags: [auth-aws, latest] - - name: test-auth-aws-ecs + - name: test-auth-aws-ecs-latest commands: - func: bootstrap mongo-orchestration vars: diff --git a/.evergreen/scripts/generate_config.py b/.evergreen/scripts/generate_config.py index c49b5371f6..926a18294c 100644 --- a/.evergreen/scripts/generate_config.py +++ b/.evergreen/scripts/generate_config.py @@ -865,11 +865,11 @@ def create_aws_tasks(): funcs = [bootstrap_func, assume_func, *test_funcs] tasks.append(EvgTask(name=name, tags=tags, commands=funcs)) - ecs_name = "test-auth-aws-ecs" - test_vars = dict(TEST_NAME="auth_aws", SUB_TEST_NAME="ecs") - ecs_func = FunctionCall(func="run tests", vars=test_vars) - tags = ["auth-aws-ecs"] - tasks.append(EvgTask(name=ecs_name, tags=tags, commands=[bootstrap_func, ecs_func])) + tags = ["auth-aws-ecs"] + name = f"test-auth-aws-ecs-{version}" + test_vars = dict(TEST_NAME="auth_aws", SUB_TEST_NAME="ecs") + ecs_func = FunctionCall(func="run tests", vars=test_vars) + tasks.append(EvgTask(name=name, tags=tags, commands=[bootstrap_func, ecs_func])) return tasks diff --git a/.evergreen/scripts/teardown_tests.py b/.evergreen/scripts/teardown_tests.py index fc1a937de0..e354755ad7 100644 --- a/.evergreen/scripts/teardown_tests.py +++ b/.evergreen/scripts/teardown_tests.py @@ -9,7 +9,7 @@ LOGGER.info(f"Tearing down tests of type '{TEST_NAME}'...") -# Shut down csfle servers if applicable +# Shut down csfle servers if applicable. if TEST_NAME == "encryption": run_command(f"bash {DRIVERS_TOOLS}/.evergreen/csfle/stop-servers.sh") @@ -23,4 +23,8 @@ teardown_kms(SUB_TEST_NAME) +# Tear down auth_aws if applicable. +elif TEST_NAME == "auth_aws": + run_command(f"bash {DRIVERS_TOOLS}/.evergreen/auth_aws/teardown.sh") + LOGGER.info(f"Tearing down tests of type '{TEST_NAME}'... done.") From 56bc17da5b73265e43e16b92c6fb7edad435a22e Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Wed, 26 Feb 2025 06:40:08 -0600 Subject: [PATCH 11/35] debug --- .evergreen/config.yml | 1 - pyproject.toml | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/.evergreen/config.yml b/.evergreen/config.yml index 9d93470a27..32310a62e1 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -270,7 +270,6 @@ functions: type: test params: working_dir: "src" - include_expansions_in_env: [AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN] binary: bash args: [.evergreen/just.sh, run-tests] diff --git a/pyproject.toml b/pyproject.toml index c898169895..ca76cfa2c0 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -118,7 +118,7 @@ filterwarnings = [ # https://github.com/eventlet/eventlet/issues/818 "module:please use dns.resolver.Resolver.resolve:DeprecationWarning", # https://github.com/dateutil/dateutil/issues/1314 - "module:datetime.datetime.utc:DeprecationWarning:dateutil", + "module:datetime.datetime.utc:DeprecationWarning", ] markers = [ "auth_aws: tests that rely on pymongo-auth-aws", From ca7722f3aeed60b512e346c60171368732448ea0 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Wed, 26 Feb 2025 06:48:18 -0600 Subject: [PATCH 12/35] debug --- .evergreen/scripts/setup_tests.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.evergreen/scripts/setup_tests.py b/.evergreen/scripts/setup_tests.py index 99a4978a53..23cb2b8fff 100644 --- a/.evergreen/scripts/setup_tests.py +++ b/.evergreen/scripts/setup_tests.py @@ -370,15 +370,16 @@ def handle_test_env() -> None: if test_name == "auth_aws" and sub_test_name != "ecs-remote": auth_aws_dir = f"{DRIVERS_TOOLS}/.evergreen/auth_aws" - run_command(f"{auth_aws_dir}/setup-secrets.sh") - aws_setup = f"{auth_aws_dir}/aws_setup.sh" if "AWS_ROLE_SESSION_NAME" in os.environ: write_env("AWS_ROLE_SESSION_NAME") if sub_test_name != "ecs": + aws_setup = f"{auth_aws_dir}/aws_setup.sh" run_command(f"{aws_setup} {sub_test_name}") creds = read_env(f"{auth_aws_dir}/test-env.sh") for name, value in creds.items(): write_env(name, value) + else: + run_command(f"{auth_aws_dir}/setup-secrets.sh") if test_name == "perf": # PYTHON-4769 Run perf_test.py directly otherwise pytest's test collection negatively From 26b0adf7c80463597fd15d914ed85f0c655da68e Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Wed, 26 Feb 2025 06:56:16 -0600 Subject: [PATCH 13/35] remove aws creds --- .evergreen/config.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.evergreen/config.yml b/.evergreen/config.yml index 32310a62e1..cbf706c8ad 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -260,8 +260,7 @@ functions: - command: subprocess.exec type: test params: - include_expansions_in_env: [AUTH, SSL, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, - AWS_SESSION_TOKEN, COVERAGE, PYTHON_BINARY, LIBMONGOCRYPT_URL, MONGODB_URI, + include_expansions_in_env: [AUTH, SSL, COVERAGE, PYTHON_BINARY, LIBMONGOCRYPT_URL, MONGODB_URI, DISABLE_TEST_COMMANDS, GREEN_FRAMEWORK, NO_EXT, COMPRESSORS, MONGODB_API_VERSION] binary: bash working_dir: "src" From 90bbb2f5aa4116268dcf533276e1eb19d8c61629 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Wed, 26 Feb 2025 07:22:57 -0600 Subject: [PATCH 14/35] restore aws creds --- .evergreen/config.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.evergreen/config.yml b/.evergreen/config.yml index cbf706c8ad..32310a62e1 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -260,7 +260,8 @@ functions: - command: subprocess.exec type: test params: - include_expansions_in_env: [AUTH, SSL, COVERAGE, PYTHON_BINARY, LIBMONGOCRYPT_URL, MONGODB_URI, + include_expansions_in_env: [AUTH, SSL, AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, + AWS_SESSION_TOKEN, COVERAGE, PYTHON_BINARY, LIBMONGOCRYPT_URL, MONGODB_URI, DISABLE_TEST_COMMANDS, GREEN_FRAMEWORK, NO_EXT, COMPRESSORS, MONGODB_API_VERSION] binary: bash working_dir: "src" From a3152fc32d1087d79e2ba9310c948e9b0ac4f127 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Wed, 26 Feb 2025 08:56:35 -0600 Subject: [PATCH 15/35] fix windows and macos handling --- .evergreen/generated_configs/tasks.yml | 119 +++++----------------- .evergreen/generated_configs/variants.yml | 2 - .evergreen/scripts/generate_config.py | 19 ++-- .evergreen/scripts/run_tests.py | 4 + .evergreen/scripts/setup_tests.py | 10 +- 5 files changed, 50 insertions(+), 104 deletions(-) diff --git a/.evergreen/generated_configs/tasks.yml b/.evergreen/generated_configs/tasks.yml index 13f004b497..f95f4f343d 100644 --- a/.evergreen/generated_configs/tasks.yml +++ b/.evergreen/generated_configs/tasks.yml @@ -36,22 +36,13 @@ tasks: - func: run tests vars: TEST_NAME: auth_aws - SUB_TEST_NAME: web-identity - AWS_ROLE_SESSION_NAME: test - tags: [auth-aws, "4.4"] - - name: test-auth-aws-ecs-4.4 - commands: - - func: bootstrap mongo-orchestration - vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server - VERSION: "4.4" + SUB_TEST_NAME: ecs - func: run tests vars: TEST_NAME: auth_aws - SUB_TEST_NAME: ecs - tags: [auth-aws-ecs] + SUB_TEST_NAME: web-identity + AWS_ROLE_SESSION_NAME: test + tags: [auth-aws] - name: test-auth-aws-5.0 commands: - func: bootstrap mongo-orchestration @@ -88,22 +79,13 @@ tasks: - func: run tests vars: TEST_NAME: auth_aws - SUB_TEST_NAME: web-identity - AWS_ROLE_SESSION_NAME: test - tags: [auth-aws, "5.0"] - - name: test-auth-aws-ecs-5.0 - commands: - - func: bootstrap mongo-orchestration - vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server - VERSION: "5.0" + SUB_TEST_NAME: ecs - func: run tests vars: TEST_NAME: auth_aws - SUB_TEST_NAME: ecs - tags: [auth-aws-ecs] + SUB_TEST_NAME: web-identity + AWS_ROLE_SESSION_NAME: test + tags: [auth-aws] - name: test-auth-aws-6.0 commands: - func: bootstrap mongo-orchestration @@ -140,22 +122,13 @@ tasks: - func: run tests vars: TEST_NAME: auth_aws - SUB_TEST_NAME: web-identity - AWS_ROLE_SESSION_NAME: test - tags: [auth-aws, "6.0"] - - name: test-auth-aws-ecs-6.0 - commands: - - func: bootstrap mongo-orchestration - vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server - VERSION: "6.0" + SUB_TEST_NAME: ecs - func: run tests vars: TEST_NAME: auth_aws - SUB_TEST_NAME: ecs - tags: [auth-aws-ecs] + SUB_TEST_NAME: web-identity + AWS_ROLE_SESSION_NAME: test + tags: [auth-aws] - name: test-auth-aws-7.0 commands: - func: bootstrap mongo-orchestration @@ -192,22 +165,13 @@ tasks: - func: run tests vars: TEST_NAME: auth_aws - SUB_TEST_NAME: web-identity - AWS_ROLE_SESSION_NAME: test - tags: [auth-aws, "7.0"] - - name: test-auth-aws-ecs-7.0 - commands: - - func: bootstrap mongo-orchestration - vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server - VERSION: "7.0" + SUB_TEST_NAME: ecs - func: run tests vars: TEST_NAME: auth_aws - SUB_TEST_NAME: ecs - tags: [auth-aws-ecs] + SUB_TEST_NAME: web-identity + AWS_ROLE_SESSION_NAME: test + tags: [auth-aws] - name: test-auth-aws-8.0 commands: - func: bootstrap mongo-orchestration @@ -244,22 +208,13 @@ tasks: - func: run tests vars: TEST_NAME: auth_aws - SUB_TEST_NAME: web-identity - AWS_ROLE_SESSION_NAME: test - tags: [auth-aws, "8.0"] - - name: test-auth-aws-ecs-8.0 - commands: - - func: bootstrap mongo-orchestration - vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server - VERSION: "8.0" + SUB_TEST_NAME: ecs - func: run tests vars: TEST_NAME: auth_aws - SUB_TEST_NAME: ecs - tags: [auth-aws-ecs] + SUB_TEST_NAME: web-identity + AWS_ROLE_SESSION_NAME: test + tags: [auth-aws] - name: test-auth-aws-rapid commands: - func: bootstrap mongo-orchestration @@ -296,22 +251,13 @@ tasks: - func: run tests vars: TEST_NAME: auth_aws - SUB_TEST_NAME: web-identity - AWS_ROLE_SESSION_NAME: test - tags: [auth-aws, rapid] - - name: test-auth-aws-ecs-rapid - commands: - - func: bootstrap mongo-orchestration - vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server - VERSION: rapid + SUB_TEST_NAME: ecs - func: run tests vars: TEST_NAME: auth_aws - SUB_TEST_NAME: ecs - tags: [auth-aws-ecs] + SUB_TEST_NAME: web-identity + AWS_ROLE_SESSION_NAME: test + tags: [auth-aws] - name: test-auth-aws-latest commands: - func: bootstrap mongo-orchestration @@ -348,22 +294,13 @@ tasks: - func: run tests vars: TEST_NAME: auth_aws - SUB_TEST_NAME: web-identity - AWS_ROLE_SESSION_NAME: test - tags: [auth-aws, latest] - - name: test-auth-aws-ecs-latest - commands: - - func: bootstrap mongo-orchestration - vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server - VERSION: latest + SUB_TEST_NAME: ecs - func: run tests vars: TEST_NAME: auth_aws - SUB_TEST_NAME: ecs - tags: [auth-aws-ecs] + SUB_TEST_NAME: web-identity + AWS_ROLE_SESSION_NAME: test + tags: [auth-aws] # Kms tests - name: test-gcpkms diff --git a/.evergreen/generated_configs/variants.yml b/.evergreen/generated_configs/variants.yml index 0526baa179..0dfb7d19a9 100644 --- a/.evergreen/generated_configs/variants.yml +++ b/.evergreen/generated_configs/variants.yml @@ -108,7 +108,6 @@ buildvariants: - name: auth-aws-ubuntu-20-python3.9 tasks: - name: .auth-aws - - name: .auth-aws-ecs display_name: Auth AWS Ubuntu-20 Python3.9 run_on: - ubuntu2004-small @@ -117,7 +116,6 @@ buildvariants: - name: auth-aws-ubuntu-20-python3.13 tasks: - name: .auth-aws - - name: .auth-aws-ecs display_name: Auth AWS Ubuntu-20 Python3.13 run_on: - ubuntu2004-small diff --git a/.evergreen/scripts/generate_config.py b/.evergreen/scripts/generate_config.py index 926a18294c..d51595ada8 100644 --- a/.evergreen/scripts/generate_config.py +++ b/.evergreen/scripts/generate_config.py @@ -738,8 +738,6 @@ def create_aws_auth_variants(): for host_name, python in product(["ubuntu20", "win64", "macos"], MIN_MAX_PYTHON): expansions = dict() tasks = [".auth-aws"] - if host_name == "ubuntu20": - tasks += [".auth-aws-ecs"] host = HOSTS[host_name] variant = create_variant( tasks, @@ -845,10 +843,18 @@ def create_kms_tasks(): def create_aws_tasks(): tasks = [] - aws_test_types = ["regular", "assume-role", "ec2", "env-creds", "session-creds", "web-identity"] + aws_test_types = [ + "regular", + "assume-role", + "ec2", + "env-creds", + "session-creds", + "web-identity", + "ecs", + ] for version in get_versions_from("4.4"): name = f"test-auth-aws-{version}" - tags = ["auth-aws", version] + tags = ["auth-aws"] bootstrap_vars = dict( AUTH="auth", ORCHESTRATION_FILE="auth-aws.json", TOPOLOGY="server", VERSION=version ) @@ -865,11 +871,6 @@ def create_aws_tasks(): funcs = [bootstrap_func, assume_func, *test_funcs] tasks.append(EvgTask(name=name, tags=tags, commands=funcs)) - tags = ["auth-aws-ecs"] - name = f"test-auth-aws-ecs-{version}" - test_vars = dict(TEST_NAME="auth_aws", SUB_TEST_NAME="ecs") - ecs_func = FunctionCall(func="run tests", vars=test_vars) - tasks.append(EvgTask(name=name, tags=tags, commands=[bootstrap_func, ecs_func])) return tasks diff --git a/.evergreen/scripts/run_tests.py b/.evergreen/scripts/run_tests.py index 9f77880db8..a307a07af6 100644 --- a/.evergreen/scripts/run_tests.py +++ b/.evergreen/scripts/run_tests.py @@ -82,6 +82,10 @@ def handle_pymongocrypt() -> None: def run() -> None: + if os.environ.get("SKIP_TESTS"): + LOGGER.info("Skipping tests") + return + # Handle green framework first so they can patch modules. if GREEN_FRAMEWORK: handle_green_framework() diff --git a/.evergreen/scripts/setup_tests.py b/.evergreen/scripts/setup_tests.py index 23cb2b8fff..69b72623e6 100644 --- a/.evergreen/scripts/setup_tests.py +++ b/.evergreen/scripts/setup_tests.py @@ -369,17 +369,23 @@ def handle_test_env() -> None: write_env("OCSP_TLS_SHOULD_SUCCEED", os.environ["OCSP_TLS_SHOULD_SUCCEED"]) if test_name == "auth_aws" and sub_test_name != "ecs-remote": + if sub_test_name in ["ec2", "web_identity"] and PLATFORM == "darwin": + write_env("SKIP_TESTS") + return + if sub_test_name == "ec2" and PLATFORM != "linux": + write_env("SKIP_TESTS") + return auth_aws_dir = f"{DRIVERS_TOOLS}/.evergreen/auth_aws" if "AWS_ROLE_SESSION_NAME" in os.environ: write_env("AWS_ROLE_SESSION_NAME") if sub_test_name != "ecs": aws_setup = f"{auth_aws_dir}/aws_setup.sh" - run_command(f"{aws_setup} {sub_test_name}") + run_command(f"bash {aws_setup} {sub_test_name}") creds = read_env(f"{auth_aws_dir}/test-env.sh") for name, value in creds.items(): write_env(name, value) else: - run_command(f"{auth_aws_dir}/setup-secrets.sh") + run_command(f"bash {auth_aws_dir}/setup-secrets.sh") if test_name == "perf": # PYTHON-4769 Run perf_test.py directly otherwise pytest's test collection negatively From 72879de8c007c518dad41236b6bbf3e092cd7dd5 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Wed, 26 Feb 2025 09:06:28 -0600 Subject: [PATCH 16/35] fix test skips --- .evergreen/run-tests.sh | 5 +++++ .evergreen/scripts/run_tests.py | 4 ---- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.evergreen/run-tests.sh b/.evergreen/run-tests.sh index 1c453c1d6d..5c418c4f6f 100755 --- a/.evergreen/run-tests.sh +++ b/.evergreen/run-tests.sh @@ -24,6 +24,11 @@ else exit 1 fi +if [ -n "${SKIP_TESTS:-}" ]; then + echo "Skipping tests!" + exit 0 +fi + # Source the local secrets export file if available. if [ -f "./secrets-export.sh" ]; then . "./secrets-export.sh" diff --git a/.evergreen/scripts/run_tests.py b/.evergreen/scripts/run_tests.py index a307a07af6..9f77880db8 100644 --- a/.evergreen/scripts/run_tests.py +++ b/.evergreen/scripts/run_tests.py @@ -82,10 +82,6 @@ def handle_pymongocrypt() -> None: def run() -> None: - if os.environ.get("SKIP_TESTS"): - LOGGER.info("Skipping tests") - return - # Handle green framework first so they can patch modules. if GREEN_FRAMEWORK: handle_green_framework() From 1c0b1f5f476f7fd66ca9826a9885c52876a6c032 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Wed, 26 Feb 2025 10:31:08 -0600 Subject: [PATCH 17/35] debug --- .evergreen/run-tests.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.evergreen/run-tests.sh b/.evergreen/run-tests.sh index 5c418c4f6f..15073d239a 100755 --- a/.evergreen/run-tests.sh +++ b/.evergreen/run-tests.sh @@ -40,4 +40,6 @@ PIP_QUIET=0 uv run ${UV_ARGS} --with pip pip list # Start the test runner. uv run ${UV_ARGS} .evergreen/scripts/run_tests.py +echo "HERE I AM!" + popd From 4afcf7256cba0028dda6cfd0468ace82cfceadac Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Wed, 26 Feb 2025 13:24:38 -0600 Subject: [PATCH 18/35] debug --- .evergreen/run-tests.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.evergreen/run-tests.sh b/.evergreen/run-tests.sh index 15073d239a..eba162a7c4 100755 --- a/.evergreen/run-tests.sh +++ b/.evergreen/run-tests.sh @@ -40,6 +40,6 @@ PIP_QUIET=0 uv run ${UV_ARGS} --with pip pip list # Start the test runner. uv run ${UV_ARGS} .evergreen/scripts/run_tests.py -echo "HERE I AM!" +echo "HERE I AM!: $?" popd From ab6d2b2435d5e244e815147ed901886762786ba6 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Wed, 26 Feb 2025 13:42:10 -0600 Subject: [PATCH 19/35] debug --- .evergreen/scripts/run_tests.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.evergreen/scripts/run_tests.py b/.evergreen/scripts/run_tests.py index 9f77880db8..81cbb65801 100644 --- a/.evergreen/scripts/run_tests.py +++ b/.evergreen/scripts/run_tests.py @@ -112,7 +112,9 @@ def run() -> None: return # Run local tests. - pytest.main(TEST_ARGS) + ret = pytest.main(TEST_ARGS) + if ret != 0: + sys.exit(ret) # Handle perf test post actions. if TEST_PERF: From 15810ba101927033abbebb4b3f49f051a21dc52c Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Wed, 26 Feb 2025 15:34:01 -0600 Subject: [PATCH 20/35] debug --- .evergreen/config.yml | 20 ++++++++++++++++++++ .evergreen/run-tests.sh | 2 -- 2 files changed, 20 insertions(+), 2 deletions(-) diff --git a/.evergreen/config.yml b/.evergreen/config.yml index 32310a62e1..c7558803d1 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -127,6 +127,26 @@ functions: include: - "./**.core" - "./**.mdmp" # Windows: minidumps + - command: shell.exec + params: + script: | + . src/.evergreen/scripts/env.sh + set -o xtrace + mkdir out_dir + find $MONGO_ORCHESTRATION_HOME -name \*.log -exec sh -c 'x="{}"; mv $x $PWD/out_dir/$(basename $(dirname $x))_$(basename $x)' \; + tar zcvf mongodb-logs.tar.gz -C out_dir/ . + rm -rf out_dir + - command: s3.put + params: + aws_key: ${AWS_ACCESS_KEY_ID} + aws_secret: ${AWS_SECRET_ACCESS_KEY} + aws_session_token: ${AWS_SESSION_TOKEN} + local_file: mongodb-logs.tar.gz + remote_file: ${build_variant}/${revision}/${version_id}/${build_id}/logs/${task_id}-${execution}-mongodb-logs.tar.gz + bucket: ${bucket_name} + permissions: public-read + content_type: ${content_type|application/x-gzip} + display_name: "mongodb-logs.tar.gz" - command: s3.put params: aws_key: ${AWS_ACCESS_KEY_ID} diff --git a/.evergreen/run-tests.sh b/.evergreen/run-tests.sh index eba162a7c4..5c418c4f6f 100755 --- a/.evergreen/run-tests.sh +++ b/.evergreen/run-tests.sh @@ -40,6 +40,4 @@ PIP_QUIET=0 uv run ${UV_ARGS} --with pip pip list # Start the test runner. uv run ${UV_ARGS} .evergreen/scripts/run_tests.py -echo "HERE I AM!: $?" - popd From 06f27c95a9a881f1cbfcaaef021b58025414791c Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 27 Feb 2025 08:32:15 -0600 Subject: [PATCH 21/35] windows fix --- .evergreen/config.yml | 20 -------------------- .evergreen/scripts/setup_tests.py | 2 +- 2 files changed, 1 insertion(+), 21 deletions(-) diff --git a/.evergreen/config.yml b/.evergreen/config.yml index c7558803d1..32310a62e1 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -127,26 +127,6 @@ functions: include: - "./**.core" - "./**.mdmp" # Windows: minidumps - - command: shell.exec - params: - script: | - . src/.evergreen/scripts/env.sh - set -o xtrace - mkdir out_dir - find $MONGO_ORCHESTRATION_HOME -name \*.log -exec sh -c 'x="{}"; mv $x $PWD/out_dir/$(basename $(dirname $x))_$(basename $x)' \; - tar zcvf mongodb-logs.tar.gz -C out_dir/ . - rm -rf out_dir - - command: s3.put - params: - aws_key: ${AWS_ACCESS_KEY_ID} - aws_secret: ${AWS_SECRET_ACCESS_KEY} - aws_session_token: ${AWS_SESSION_TOKEN} - local_file: mongodb-logs.tar.gz - remote_file: ${build_variant}/${revision}/${version_id}/${build_id}/logs/${task_id}-${execution}-mongodb-logs.tar.gz - bucket: ${bucket_name} - permissions: public-read - content_type: ${content_type|application/x-gzip} - display_name: "mongodb-logs.tar.gz" - command: s3.put params: aws_key: ${AWS_ACCESS_KEY_ID} diff --git a/.evergreen/scripts/setup_tests.py b/.evergreen/scripts/setup_tests.py index 69b72623e6..e950301f7b 100644 --- a/.evergreen/scripts/setup_tests.py +++ b/.evergreen/scripts/setup_tests.py @@ -372,7 +372,7 @@ def handle_test_env() -> None: if sub_test_name in ["ec2", "web_identity"] and PLATFORM == "darwin": write_env("SKIP_TESTS") return - if sub_test_name == "ec2" and PLATFORM != "linux": + if sub_test_name == "ecs" and PLATFORM != "linux": write_env("SKIP_TESTS") return auth_aws_dir = f"{DRIVERS_TOOLS}/.evergreen/auth_aws" From 9c7a50b725ac6488e3d06ec8f4c87f2a7b82d1d1 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 27 Feb 2025 09:52:10 -0600 Subject: [PATCH 22/35] fix teardown --- .evergreen/config.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.evergreen/config.yml b/.evergreen/config.yml index 32310a62e1..f32743a7a1 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -431,6 +431,7 @@ functions: params: binary: bash working_dir: "src" + include_expansions_in_env: [AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN] args: [.evergreen/just.sh, teardown-tests] - command: subprocess.exec params: From 36e63e98a33a75d783b9c4347f0a063bda1c9a33 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 27 Feb 2025 09:55:22 -0600 Subject: [PATCH 23/35] debug --- .evergreen/scripts/teardown-tests.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/.evergreen/scripts/teardown-tests.sh b/.evergreen/scripts/teardown-tests.sh index cd705c6b35..f8e4635c76 100755 --- a/.evergreen/scripts/teardown-tests.sh +++ b/.evergreen/scripts/teardown-tests.sh @@ -24,6 +24,7 @@ else fi # Teardown the test runner. +ls $SCRIPT_DIR uv run $SCRIPT_DIR/teardown_tests.py popd > /dev/null From e3d17bf0a5d09e2b35a498ea1a3c3317e5e312c8 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 27 Feb 2025 10:07:54 -0600 Subject: [PATCH 24/35] windows debug --- .evergreen/config.yml | 94 ---------------------------- .evergreen/scripts/teardown-tests.sh | 2 +- 2 files changed, 1 insertion(+), 95 deletions(-) diff --git a/.evergreen/config.yml b/.evergreen/config.yml index f32743a7a1..17a60bb258 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -295,100 +295,6 @@ functions: - .evergreen/scripts/run-with-env.sh - .evergreen/scripts/run-atlas-tests.sh - "get aws auth secrets": - - command: subprocess.exec - type: test - params: - include_expansions_in_env: ["AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY", "AWS_SESSION_TOKEN"] - binary: bash - args: - - ${DRIVERS_TOOLS}/.evergreen/auth_aws/setup-secrets.sh - - "run aws auth test with regular aws credentials": - - command: subprocess.exec - type: test - params: - include_expansions_in_env: ["DRIVERS_TOOLS", "skip_EC2_auth_test"] - binary: bash - working_dir: "src" - args: - - .evergreen/scripts/run-with-env.sh - - .evergreen/scripts/run-mongodb-aws-test.sh - - regular - - "run aws auth test with assume role credentials": - - command: subprocess.exec - type: test - params: - include_expansions_in_env: ["DRIVERS_TOOLS", "skip_EC2_auth_test"] - binary: bash - working_dir: "src" - args: - - .evergreen/scripts/run-with-env.sh - - .evergreen/scripts/run-mongodb-aws-test.sh - - assume-role - - "run aws auth test with aws EC2 credentials": - - command: subprocess.exec - type: test - params: - include_expansions_in_env: ["DRIVERS_TOOLS", "skip_EC2_auth_test"] - binary: bash - working_dir: "src" - args: - - .evergreen/scripts/run-with-env.sh - - .evergreen/scripts/run-mongodb-aws-test.sh - - ec2 - - "run aws auth test with aws web identity credentials": - - # Test with and without AWS_ROLE_SESSION_NAME set. - - command: subprocess.exec - type: test - params: - include_expansions_in_env: ["DRIVERS_TOOLS", "skip_EC2_auth_test"] - binary: bash - working_dir: "src" - args: - - .evergreen/scripts/run-with-env.sh - - .evergreen/scripts/run-mongodb-aws-test.sh - - web-identity - - command: subprocess.exec - type: test - params: - include_expansions_in_env: [ "DRIVERS_TOOLS", "skip_EC2_auth_test" ] - binary: bash - working_dir: "src" - env: - AWS_ROLE_SESSION_NAME: test - args: - - .evergreen/scripts/run-with-env.sh - - .evergreen/scripts/run-mongodb-aws-test.sh - - web-identity - - "run aws auth test with aws credentials as environment variables": - - command: subprocess.exec - type: test - params: - include_expansions_in_env: ["DRIVERS_TOOLS", "skip_EC2_auth_test"] - binary: bash - working_dir: "src" - args: - - .evergreen/scripts/run-with-env.sh - - .evergreen/scripts/run-mongodb-aws-test.sh - - env-creds - - "run aws auth test with aws credentials and session token as environment variables": - - command: subprocess.exec - type: test - params: - include_expansions_in_env: ["DRIVERS_TOOLS", "skip_EC2_auth_test"] - binary: bash - working_dir: "src" - args: - - .evergreen/scripts/run-with-env.sh - - .evergreen/scripts/run-mongodb-aws-test.sh - - session-creds - "run oidc auth test with test credentials": - command: subprocess.exec type: test diff --git a/.evergreen/scripts/teardown-tests.sh b/.evergreen/scripts/teardown-tests.sh index f8e4635c76..ec99f99b07 100755 --- a/.evergreen/scripts/teardown-tests.sh +++ b/.evergreen/scripts/teardown-tests.sh @@ -1,5 +1,5 @@ #!/bin/bash -set -eu +set -eux SCRIPT_DIR=$(dirname ${BASH_SOURCE:-$0}) SCRIPT_DIR="$( cd -- "$SCRIPT_DIR" > /dev/null 2>&1 && pwd )" From 612eb74b045858d0b27be1fec6bcef3822d42ca7 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 27 Feb 2025 10:29:34 -0600 Subject: [PATCH 25/35] windows debug --- .evergreen/scripts/teardown-tests.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/.evergreen/scripts/teardown-tests.sh b/.evergreen/scripts/teardown-tests.sh index ec99f99b07..998f271e68 100755 --- a/.evergreen/scripts/teardown-tests.sh +++ b/.evergreen/scripts/teardown-tests.sh @@ -22,6 +22,7 @@ if [ -f $SCRIPT_DIR/test-env.sh ]; then else echo "Missing test inputs, please run 'just setup-tests'" fi +set -x # Teardown the test runner. ls $SCRIPT_DIR From 73ad0599e69bb0b3d32070e86b95cbcb8c37ad74 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 27 Feb 2025 10:55:06 -0600 Subject: [PATCH 26/35] fix teardown windows --- .evergreen/scripts/teardown-tests.sh | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) diff --git a/.evergreen/scripts/teardown-tests.sh b/.evergreen/scripts/teardown-tests.sh index 998f271e68..f9e76a20cf 100755 --- a/.evergreen/scripts/teardown-tests.sh +++ b/.evergreen/scripts/teardown-tests.sh @@ -1,11 +1,7 @@ #!/bin/bash -set -eux +set -eu SCRIPT_DIR=$(dirname ${BASH_SOURCE:-$0}) -SCRIPT_DIR="$( cd -- "$SCRIPT_DIR" > /dev/null 2>&1 && pwd )" -ROOT_DIR="$(dirname $SCRIPT_DIR)" - -pushd $ROOT_DIR > /dev/null # Try to source the env file. if [ -f $SCRIPT_DIR/env.sh ]; then @@ -22,10 +18,6 @@ if [ -f $SCRIPT_DIR/test-env.sh ]; then else echo "Missing test inputs, please run 'just setup-tests'" fi -set -x # Teardown the test runner. -ls $SCRIPT_DIR uv run $SCRIPT_DIR/teardown_tests.py - -popd > /dev/null From d0e35520c2191b10240074390859f2d8793998ed Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Thu, 27 Feb 2025 17:52:01 -0600 Subject: [PATCH 27/35] fix teardown --- .evergreen/config.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.evergreen/config.yml b/.evergreen/config.yml index 17a60bb258..7e0f0b1956 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -337,7 +337,6 @@ functions: params: binary: bash working_dir: "src" - include_expansions_in_env: [AWS_ACCESS_KEY_ID, AWS_SECRET_ACCESS_KEY, AWS_SESSION_TOKEN] args: [.evergreen/just.sh, teardown-tests] - command: subprocess.exec params: From ab1772ffd859ad49a16ab2b9790cd66851da4f36 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Fri, 28 Feb 2025 05:52:05 -0600 Subject: [PATCH 28/35] handle macos --- .evergreen/scripts/teardown_tests.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.evergreen/scripts/teardown_tests.py b/.evergreen/scripts/teardown_tests.py index e354755ad7..824fc2c9bb 100644 --- a/.evergreen/scripts/teardown_tests.py +++ b/.evergreen/scripts/teardown_tests.py @@ -1,6 +1,7 @@ from __future__ import annotations import os +import sys from utils import DRIVERS_TOOLS, LOGGER, run_command @@ -24,7 +25,9 @@ teardown_kms(SUB_TEST_NAME) # Tear down auth_aws if applicable. -elif TEST_NAME == "auth_aws": +# We do not run web-identity hosts on macos, because the hosts lack permissions, +# so there is no reason to run the teardown, which would error with a 401. +elif TEST_NAME == "auth_aws" and sys.platform != "darwin": run_command(f"bash {DRIVERS_TOOLS}/.evergreen/auth_aws/teardown.sh") LOGGER.info(f"Tearing down tests of type '{TEST_NAME}'... done.") From d54bcc35edf5be14cf417e999c8f428d150dfeaa Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Sun, 2 Mar 2025 10:56:19 -0600 Subject: [PATCH 29/35] clean up aws auth server start --- .evergreen/config.yml | 2 +- .evergreen/generated_configs/tasks.yml | 28 +++++++------------------- .evergreen/scripts/generate_config.py | 4 +--- 3 files changed, 9 insertions(+), 25 deletions(-) diff --git a/.evergreen/config.yml b/.evergreen/config.yml index 7e0f0b1956..1aa27009c7 100644 --- a/.evergreen/config.yml +++ b/.evergreen/config.yml @@ -206,7 +206,7 @@ functions: params: binary: bash include_expansions_in_env: [VERSION, TOPOLOGY, AUTH, SSL, ORCHESTRATION_FILE, LOAD_BALANCER, - STORAGE_ENGINE, REQUIRE_API_VERSION, DRIVERS_TOOLS, TEST_CRYPT_SHARED] + STORAGE_ENGINE, REQUIRE_API_VERSION, DRIVERS_TOOLS, TEST_CRYPT_SHARED, AUTH_AWS] args: - src/.evergreen/scripts/bootstrap-mongo-orchestration.sh - command: expansions.update diff --git a/.evergreen/generated_configs/tasks.yml b/.evergreen/generated_configs/tasks.yml index f95f4f343d..cbe9a7f917 100644 --- a/.evergreen/generated_configs/tasks.yml +++ b/.evergreen/generated_configs/tasks.yml @@ -4,9 +4,7 @@ tasks: commands: - func: bootstrap mongo-orchestration vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server + AUTH_AWS: "1" VERSION: "4.4" - func: assume ec2 role - func: run tests @@ -47,9 +45,7 @@ tasks: commands: - func: bootstrap mongo-orchestration vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server + AUTH_AWS: "1" VERSION: "5.0" - func: assume ec2 role - func: run tests @@ -90,9 +86,7 @@ tasks: commands: - func: bootstrap mongo-orchestration vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server + AUTH_AWS: "1" VERSION: "6.0" - func: assume ec2 role - func: run tests @@ -133,9 +127,7 @@ tasks: commands: - func: bootstrap mongo-orchestration vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server + AUTH_AWS: "1" VERSION: "7.0" - func: assume ec2 role - func: run tests @@ -176,9 +168,7 @@ tasks: commands: - func: bootstrap mongo-orchestration vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server + AUTH_AWS: "1" VERSION: "8.0" - func: assume ec2 role - func: run tests @@ -219,9 +209,7 @@ tasks: commands: - func: bootstrap mongo-orchestration vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server + AUTH_AWS: "1" VERSION: rapid - func: assume ec2 role - func: run tests @@ -262,9 +250,7 @@ tasks: commands: - func: bootstrap mongo-orchestration vars: - AUTH: auth - ORCHESTRATION_FILE: auth-aws.json - TOPOLOGY: server + AUTH_AWS: "1" VERSION: latest - func: assume ec2 role - func: run tests diff --git a/.evergreen/scripts/generate_config.py b/.evergreen/scripts/generate_config.py index d51595ada8..ad8357bbaf 100644 --- a/.evergreen/scripts/generate_config.py +++ b/.evergreen/scripts/generate_config.py @@ -855,9 +855,7 @@ def create_aws_tasks(): for version in get_versions_from("4.4"): name = f"test-auth-aws-{version}" tags = ["auth-aws"] - bootstrap_vars = dict( - AUTH="auth", ORCHESTRATION_FILE="auth-aws.json", TOPOLOGY="server", VERSION=version - ) + bootstrap_vars = dict(AUTH_AWS="1", VERSION=version) bootstrap_func = FunctionCall(func="bootstrap mongo-orchestration", vars=bootstrap_vars) assume_func = FunctionCall(func="assume ec2 role") test_funcs = [] From 422852c708159df77161fd9f10a9b9ee30eac85c Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Tue, 4 Mar 2025 09:36:11 -0600 Subject: [PATCH 30/35] use upstream --- .evergreen/scripts/configure-env.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/.evergreen/scripts/configure-env.sh b/.evergreen/scripts/configure-env.sh index 673c091d7f..f23af8a811 100755 --- a/.evergreen/scripts/configure-env.sh +++ b/.evergreen/scripts/configure-env.sh @@ -78,8 +78,6 @@ EOT rm -rf $DRIVERS_TOOLS BRANCH=master ORG=mongodb-labs -BRANCH=aws-output-file -ORG=blink1073 git clone --branch $BRANCH https://github.com/$ORG/drivers-evergreen-tools.git $DRIVERS_TOOLS cat < ${DRIVERS_TOOLS}/.env From c06364e1f3286fffaa0ecc3cebc7f1cedf075af0 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Tue, 4 Mar 2025 10:13:53 -0600 Subject: [PATCH 31/35] fix test run logic --- .evergreen/scripts/run_tests.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.evergreen/scripts/run_tests.py b/.evergreen/scripts/run_tests.py index 615dfa30f5..cd781ccd70 100644 --- a/.evergreen/scripts/run_tests.py +++ b/.evergreen/scripts/run_tests.py @@ -116,7 +116,7 @@ def run() -> None: TEST_ARGS.extend(f"-o log_cli_level={logging.DEBUG} -o log_cli=1".split()) # Run local tests. - ret = pytest.main(TEST_ARGS + sys.argv[:1]) + ret = pytest.main(TEST_ARGS + sys.argv[1:]) if ret != 0: sys.exit(ret) From 68f7828e3ab74f717df9b6ba0cabe6806e9872f9 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Tue, 4 Mar 2025 10:15:03 -0600 Subject: [PATCH 32/35] disable fail-fast --- .github/workflows/test-python.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/test-python.yml b/.github/workflows/test-python.yml index 5f95aa4a5e..42f829049a 100644 --- a/.github/workflows/test-python.yml +++ b/.github/workflows/test-python.yml @@ -53,6 +53,7 @@ jobs: # supercharge/mongodb-github-action requires containers so we don't test other platforms runs-on: ${{ matrix.os }} strategy: + fail-fast: false matrix: os: [ubuntu-20.04] python-version: ["3.9", "pypy-3.10", "3.13", "3.13t"] From f3daf0414398966f555c33aac5b9b5893d236e6d Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Wed, 5 Mar 2025 06:31:31 -0600 Subject: [PATCH 33/35] separate tasks --- .evergreen/generated_configs/tasks.yml | 420 +++++++++++++++++++++- .evergreen/generated_configs/variants.yml | 8 +- .evergreen/run-tests.sh | 5 - .evergreen/scripts/configure-env.sh | 2 + .evergreen/scripts/generate_config.py | 22 +- .evergreen/scripts/setup_tests.py | 6 - 6 files changed, 428 insertions(+), 35 deletions(-) diff --git a/.evergreen/generated_configs/tasks.yml b/.evergreen/generated_configs/tasks.yml index cbe9a7f917..56fdc1aa67 100644 --- a/.evergreen/generated_configs/tasks.yml +++ b/.evergreen/generated_configs/tasks.yml @@ -1,6 +1,6 @@ tasks: # Aws tests - - name: test-auth-aws-4.4 + - name: test-auth-aws-4.4-regular commands: - func: bootstrap mongo-orchestration vars: @@ -11,37 +11,93 @@ tasks: vars: TEST_NAME: auth_aws SUB_TEST_NAME: regular + tags: [auth-aws, auth-aws-regular] + - name: test-auth-aws-4.4-assume-role + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "4.4" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: assume-role + tags: [auth-aws, auth-aws-assume-role] + - name: test-auth-aws-4.4-ec2 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "4.4" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: ec2 + tags: [auth-aws, auth-aws-ec2] + - name: test-auth-aws-4.4-env-creds + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "4.4" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: env-creds + tags: [auth-aws, auth-aws-env-creds] + - name: test-auth-aws-4.4-session-creds + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "4.4" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: session-creds + tags: [auth-aws, auth-aws-session-creds] + - name: test-auth-aws-4.4-web-identity + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "4.4" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: web-identity + tags: [auth-aws, auth-aws-web-identity] + - name: test-auth-aws-4.4-ecs + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "4.4" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: ecs + tags: [auth-aws, auth-aws-ecs] + - name: test-auth-aws-4.4-web-identity-session-name + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "4.4" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test - tags: [auth-aws] - - name: test-auth-aws-5.0 + tags: [auth-aws, auth-aws-web-identity] + - name: test-auth-aws-5.0-regular commands: - func: bootstrap mongo-orchestration vars: @@ -52,37 +108,93 @@ tasks: vars: TEST_NAME: auth_aws SUB_TEST_NAME: regular + tags: [auth-aws, auth-aws-regular] + - name: test-auth-aws-5.0-assume-role + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "5.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: assume-role + tags: [auth-aws, auth-aws-assume-role] + - name: test-auth-aws-5.0-ec2 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "5.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: ec2 + tags: [auth-aws, auth-aws-ec2] + - name: test-auth-aws-5.0-env-creds + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "5.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: env-creds + tags: [auth-aws, auth-aws-env-creds] + - name: test-auth-aws-5.0-session-creds + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "5.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: session-creds + tags: [auth-aws, auth-aws-session-creds] + - name: test-auth-aws-5.0-web-identity + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "5.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: web-identity + tags: [auth-aws, auth-aws-web-identity] + - name: test-auth-aws-5.0-ecs + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "5.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: ecs + tags: [auth-aws, auth-aws-ecs] + - name: test-auth-aws-5.0-web-identity-session-name + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "5.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test - tags: [auth-aws] - - name: test-auth-aws-6.0 + tags: [auth-aws, auth-aws-web-identity] + - name: test-auth-aws-6.0-regular commands: - func: bootstrap mongo-orchestration vars: @@ -93,37 +205,93 @@ tasks: vars: TEST_NAME: auth_aws SUB_TEST_NAME: regular + tags: [auth-aws, auth-aws-regular] + - name: test-auth-aws-6.0-assume-role + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "6.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: assume-role + tags: [auth-aws, auth-aws-assume-role] + - name: test-auth-aws-6.0-ec2 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "6.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: ec2 + tags: [auth-aws, auth-aws-ec2] + - name: test-auth-aws-6.0-env-creds + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "6.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: env-creds + tags: [auth-aws, auth-aws-env-creds] + - name: test-auth-aws-6.0-session-creds + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "6.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: session-creds + tags: [auth-aws, auth-aws-session-creds] + - name: test-auth-aws-6.0-web-identity + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "6.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: web-identity + tags: [auth-aws, auth-aws-web-identity] + - name: test-auth-aws-6.0-ecs + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "6.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: ecs + tags: [auth-aws, auth-aws-ecs] + - name: test-auth-aws-6.0-web-identity-session-name + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "6.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test - tags: [auth-aws] - - name: test-auth-aws-7.0 + tags: [auth-aws, auth-aws-web-identity] + - name: test-auth-aws-7.0-regular commands: - func: bootstrap mongo-orchestration vars: @@ -134,37 +302,93 @@ tasks: vars: TEST_NAME: auth_aws SUB_TEST_NAME: regular + tags: [auth-aws, auth-aws-regular] + - name: test-auth-aws-7.0-assume-role + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "7.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: assume-role + tags: [auth-aws, auth-aws-assume-role] + - name: test-auth-aws-7.0-ec2 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "7.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: ec2 + tags: [auth-aws, auth-aws-ec2] + - name: test-auth-aws-7.0-env-creds + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "7.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: env-creds + tags: [auth-aws, auth-aws-env-creds] + - name: test-auth-aws-7.0-session-creds + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "7.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: session-creds + tags: [auth-aws, auth-aws-session-creds] + - name: test-auth-aws-7.0-web-identity + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "7.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: web-identity + tags: [auth-aws, auth-aws-web-identity] + - name: test-auth-aws-7.0-ecs + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "7.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: ecs + tags: [auth-aws, auth-aws-ecs] + - name: test-auth-aws-7.0-web-identity-session-name + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "7.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test - tags: [auth-aws] - - name: test-auth-aws-8.0 + tags: [auth-aws, auth-aws-web-identity] + - name: test-auth-aws-8.0-regular commands: - func: bootstrap mongo-orchestration vars: @@ -175,37 +399,93 @@ tasks: vars: TEST_NAME: auth_aws SUB_TEST_NAME: regular + tags: [auth-aws, auth-aws-regular] + - name: test-auth-aws-8.0-assume-role + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "8.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: assume-role + tags: [auth-aws, auth-aws-assume-role] + - name: test-auth-aws-8.0-ec2 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "8.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: ec2 + tags: [auth-aws, auth-aws-ec2] + - name: test-auth-aws-8.0-env-creds + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "8.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: env-creds + tags: [auth-aws, auth-aws-env-creds] + - name: test-auth-aws-8.0-session-creds + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "8.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: session-creds + tags: [auth-aws, auth-aws-session-creds] + - name: test-auth-aws-8.0-web-identity + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "8.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: web-identity + tags: [auth-aws, auth-aws-web-identity] + - name: test-auth-aws-8.0-ecs + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "8.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: ecs + tags: [auth-aws, auth-aws-ecs] + - name: test-auth-aws-8.0-web-identity-session-name + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: "8.0" + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test - tags: [auth-aws] - - name: test-auth-aws-rapid + tags: [auth-aws, auth-aws-web-identity] + - name: test-auth-aws-rapid-regular commands: - func: bootstrap mongo-orchestration vars: @@ -216,37 +496,93 @@ tasks: vars: TEST_NAME: auth_aws SUB_TEST_NAME: regular + tags: [auth-aws, auth-aws-regular] + - name: test-auth-aws-rapid-assume-role + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: rapid + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: assume-role + tags: [auth-aws, auth-aws-assume-role] + - name: test-auth-aws-rapid-ec2 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: rapid + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: ec2 + tags: [auth-aws, auth-aws-ec2] + - name: test-auth-aws-rapid-env-creds + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: rapid + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: env-creds + tags: [auth-aws, auth-aws-env-creds] + - name: test-auth-aws-rapid-session-creds + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: rapid + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: session-creds + tags: [auth-aws, auth-aws-session-creds] + - name: test-auth-aws-rapid-web-identity + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: rapid + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: web-identity + tags: [auth-aws, auth-aws-web-identity] + - name: test-auth-aws-rapid-ecs + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: rapid + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: ecs + tags: [auth-aws, auth-aws-ecs] + - name: test-auth-aws-rapid-web-identity-session-name + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: rapid + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test - tags: [auth-aws] - - name: test-auth-aws-latest + tags: [auth-aws, auth-aws-web-identity] + - name: test-auth-aws-latest-regular commands: - func: bootstrap mongo-orchestration vars: @@ -257,36 +593,92 @@ tasks: vars: TEST_NAME: auth_aws SUB_TEST_NAME: regular + tags: [auth-aws, auth-aws-regular] + - name: test-auth-aws-latest-assume-role + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: latest + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: assume-role + tags: [auth-aws, auth-aws-assume-role] + - name: test-auth-aws-latest-ec2 + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: latest + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: ec2 + tags: [auth-aws, auth-aws-ec2] + - name: test-auth-aws-latest-env-creds + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: latest + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: env-creds + tags: [auth-aws, auth-aws-env-creds] + - name: test-auth-aws-latest-session-creds + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: latest + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: session-creds + tags: [auth-aws, auth-aws-session-creds] + - name: test-auth-aws-latest-web-identity + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: latest + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: web-identity + tags: [auth-aws, auth-aws-web-identity] + - name: test-auth-aws-latest-ecs + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: latest + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: ecs + tags: [auth-aws, auth-aws-ecs] + - name: test-auth-aws-latest-web-identity-session-name + commands: + - func: bootstrap mongo-orchestration + vars: + AUTH_AWS: "1" + VERSION: latest + - func: assume ec2 role - func: run tests vars: TEST_NAME: auth_aws SUB_TEST_NAME: web-identity AWS_ROLE_SESSION_NAME: test - tags: [auth-aws] + tags: [auth-aws, auth-aws-web-identity] # Kms tests - name: test-gcpkms diff --git a/.evergreen/generated_configs/variants.yml b/.evergreen/generated_configs/variants.yml index 0dfb7d19a9..e48281b8c1 100644 --- a/.evergreen/generated_configs/variants.yml +++ b/.evergreen/generated_configs/variants.yml @@ -107,7 +107,7 @@ buildvariants: # Aws auth tests - name: auth-aws-ubuntu-20-python3.9 tasks: - - name: .auth-aws + - name: .auth-aws !.auth-aws-ecs display_name: Auth AWS Ubuntu-20 Python3.9 run_on: - ubuntu2004-small @@ -115,7 +115,7 @@ buildvariants: PYTHON_BINARY: /opt/python/3.9/bin/python3 - name: auth-aws-ubuntu-20-python3.13 tasks: - - name: .auth-aws + - name: .auth-aws !.auth-aws-ecs display_name: Auth AWS Ubuntu-20 Python3.13 run_on: - ubuntu2004-small @@ -139,7 +139,7 @@ buildvariants: PYTHON_BINARY: C:/python/Python313/python.exe - name: auth-aws-macos-python3.9 tasks: - - name: .auth-aws + - name: .auth-aws !.auth-aws-web-identity !.auth-aws-ecs display_name: Auth AWS macOS Python3.9 run_on: - macos-14 @@ -147,7 +147,7 @@ buildvariants: PYTHON_BINARY: /Library/Frameworks/Python.Framework/Versions/3.9/bin/python3 - name: auth-aws-macos-python3.13 tasks: - - name: .auth-aws + - name: .auth-aws !.auth-aws-web-identity !.auth-aws-ecs display_name: Auth AWS macOS Python3.13 run_on: - macos-14 diff --git a/.evergreen/run-tests.sh b/.evergreen/run-tests.sh index b9c3340930..61d505d45a 100755 --- a/.evergreen/run-tests.sh +++ b/.evergreen/run-tests.sh @@ -24,11 +24,6 @@ else exit 1 fi -if [ -n "${SKIP_TESTS:-}" ]; then - echo "Skipping tests!" - exit 0 -fi - # Source the local secrets export file if available. if [ -f "./secrets-export.sh" ]; then . "./secrets-export.sh" diff --git a/.evergreen/scripts/configure-env.sh b/.evergreen/scripts/configure-env.sh index f23af8a811..c8972af963 100755 --- a/.evergreen/scripts/configure-env.sh +++ b/.evergreen/scripts/configure-env.sh @@ -78,6 +78,8 @@ EOT rm -rf $DRIVERS_TOOLS BRANCH=master ORG=mongodb-labs +BRANCH=PYTHON-5157-redux +ORG=blink1073 git clone --branch $BRANCH https://github.com/$ORG/drivers-evergreen-tools.git $DRIVERS_TOOLS cat < ${DRIVERS_TOOLS}/.env diff --git a/.evergreen/scripts/generate_config.py b/.evergreen/scripts/generate_config.py index ad8357bbaf..753b3042a0 100644 --- a/.evergreen/scripts/generate_config.py +++ b/.evergreen/scripts/generate_config.py @@ -738,6 +738,10 @@ def create_aws_auth_variants(): for host_name, python in product(["ubuntu20", "win64", "macos"], MIN_MAX_PYTHON): expansions = dict() tasks = [".auth-aws"] + if host_name == "macos": + tasks = [".auth-aws !.auth-aws-web-identity !.auth-aws-ecs"] + elif host_name == "ubuntu20": + tasks = [".auth-aws !.auth-aws-ecs"] host = HOSTS[host_name] variant = create_variant( tasks, @@ -853,20 +857,26 @@ def create_aws_tasks(): "ecs", ] for version in get_versions_from("4.4"): - name = f"test-auth-aws-{version}" - tags = ["auth-aws"] + base_name = f"test-auth-aws-{version}" + base_tags = ["auth-aws"] bootstrap_vars = dict(AUTH_AWS="1", VERSION=version) bootstrap_func = FunctionCall(func="bootstrap mongo-orchestration", vars=bootstrap_vars) assume_func = FunctionCall(func="assume ec2 role") - test_funcs = [] for test_type in aws_test_types: + tags = [*base_tags, f"auth-aws-{test_type}"] + name = f"{base_name}-{test_type}" test_vars = dict(TEST_NAME="auth_aws", SUB_TEST_NAME=test_type) - test_funcs.append(FunctionCall(func="run tests", vars=test_vars)) + test_func = FunctionCall(func="run tests", vars=test_vars) + funcs = [bootstrap_func, assume_func, test_func] + tasks.append(EvgTask(name=name, tags=tags, commands=funcs)) + + tags = [*base_tags, "auth-aws-web-identity"] + name = f"{base_name}-web-identity-session-name" test_vars = dict( TEST_NAME="auth_aws", SUB_TEST_NAME="web-identity", AWS_ROLE_SESSION_NAME="test" ) - test_funcs.append(FunctionCall(func="run tests", vars=test_vars)) - funcs = [bootstrap_func, assume_func, *test_funcs] + test_func = FunctionCall(func="run tests", vars=test_vars) + funcs = [bootstrap_func, assume_func, test_func] tasks.append(EvgTask(name=name, tags=tags, commands=funcs)) return tasks diff --git a/.evergreen/scripts/setup_tests.py b/.evergreen/scripts/setup_tests.py index f4bdecdbfb..eff7bed773 100644 --- a/.evergreen/scripts/setup_tests.py +++ b/.evergreen/scripts/setup_tests.py @@ -369,12 +369,6 @@ def handle_test_env() -> None: write_env("OCSP_TLS_SHOULD_SUCCEED", os.environ["OCSP_TLS_SHOULD_SUCCEED"]) if test_name == "auth_aws" and sub_test_name != "ecs-remote": - if sub_test_name in ["ec2", "web_identity"] and PLATFORM == "darwin": - write_env("SKIP_TESTS") - return - if sub_test_name == "ecs" and PLATFORM != "linux": - write_env("SKIP_TESTS") - return auth_aws_dir = f"{DRIVERS_TOOLS}/.evergreen/auth_aws" if "AWS_ROLE_SESSION_NAME" in os.environ: write_env("AWS_ROLE_SESSION_NAME") From f6234c2c4d22ccba53602bf499f9db2f51dcae82 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Wed, 5 Mar 2025 07:36:03 -0600 Subject: [PATCH 34/35] fix selectors --- .evergreen/generated_configs/variants.yml | 12 ++++++------ .evergreen/scripts/generate_config.py | 4 ++-- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.evergreen/generated_configs/variants.yml b/.evergreen/generated_configs/variants.yml index e48281b8c1..0126c779b4 100644 --- a/.evergreen/generated_configs/variants.yml +++ b/.evergreen/generated_configs/variants.yml @@ -107,7 +107,7 @@ buildvariants: # Aws auth tests - name: auth-aws-ubuntu-20-python3.9 tasks: - - name: .auth-aws !.auth-aws-ecs + - name: .auth-aws display_name: Auth AWS Ubuntu-20 Python3.9 run_on: - ubuntu2004-small @@ -115,7 +115,7 @@ buildvariants: PYTHON_BINARY: /opt/python/3.9/bin/python3 - name: auth-aws-ubuntu-20-python3.13 tasks: - - name: .auth-aws !.auth-aws-ecs + - name: .auth-aws display_name: Auth AWS Ubuntu-20 Python3.13 run_on: - ubuntu2004-small @@ -123,7 +123,7 @@ buildvariants: PYTHON_BINARY: /opt/python/3.13/bin/python3 - name: auth-aws-win64-python3.9 tasks: - - name: .auth-aws + - name: .auth-aws !.auth-aws-ecs display_name: Auth AWS Win64 Python3.9 run_on: - windows-64-vsMulti-small @@ -131,7 +131,7 @@ buildvariants: PYTHON_BINARY: C:/python/Python39/python.exe - name: auth-aws-win64-python3.13 tasks: - - name: .auth-aws + - name: .auth-aws !.auth-aws-ecs display_name: Auth AWS Win64 Python3.13 run_on: - windows-64-vsMulti-small @@ -139,7 +139,7 @@ buildvariants: PYTHON_BINARY: C:/python/Python313/python.exe - name: auth-aws-macos-python3.9 tasks: - - name: .auth-aws !.auth-aws-web-identity !.auth-aws-ecs + - name: .auth-aws !.auth-aws-web-identity !.auth-aws-ecs !.auth-aws-ec2 display_name: Auth AWS macOS Python3.9 run_on: - macos-14 @@ -147,7 +147,7 @@ buildvariants: PYTHON_BINARY: /Library/Frameworks/Python.Framework/Versions/3.9/bin/python3 - name: auth-aws-macos-python3.13 tasks: - - name: .auth-aws !.auth-aws-web-identity !.auth-aws-ecs + - name: .auth-aws !.auth-aws-web-identity !.auth-aws-ecs !.auth-aws-ec2 display_name: Auth AWS macOS Python3.13 run_on: - macos-14 diff --git a/.evergreen/scripts/generate_config.py b/.evergreen/scripts/generate_config.py index 753b3042a0..9943f491fb 100644 --- a/.evergreen/scripts/generate_config.py +++ b/.evergreen/scripts/generate_config.py @@ -739,8 +739,8 @@ def create_aws_auth_variants(): expansions = dict() tasks = [".auth-aws"] if host_name == "macos": - tasks = [".auth-aws !.auth-aws-web-identity !.auth-aws-ecs"] - elif host_name == "ubuntu20": + tasks = [".auth-aws !.auth-aws-web-identity !.auth-aws-ecs !.auth-aws-ec2"] + elif host_name == "win64": tasks = [".auth-aws !.auth-aws-ecs"] host = HOSTS[host_name] variant = create_variant( From 352b047c250aa0d77127229595e611dfa7ef1591 Mon Sep 17 00:00:00 2001 From: Steven Silvester Date: Wed, 5 Mar 2025 07:52:04 -0600 Subject: [PATCH 35/35] use upstream --- .evergreen/scripts/configure-env.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/.evergreen/scripts/configure-env.sh b/.evergreen/scripts/configure-env.sh index c8972af963..f23af8a811 100755 --- a/.evergreen/scripts/configure-env.sh +++ b/.evergreen/scripts/configure-env.sh @@ -78,8 +78,6 @@ EOT rm -rf $DRIVERS_TOOLS BRANCH=master ORG=mongodb-labs -BRANCH=PYTHON-5157-redux -ORG=blink1073 git clone --branch $BRANCH https://github.com/$ORG/drivers-evergreen-tools.git $DRIVERS_TOOLS cat < ${DRIVERS_TOOLS}/.env