-
Notifications
You must be signed in to change notification settings - Fork 9.3k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
deps: Migrate from github.com/kubernetes-sigs/aws-iam-authenticator/p…
…kg/token to internal implementation (#11822) * deps: Migrate from github.com/kubernetes-sigs/aws-iam-authenticator/pkg/token to internal implementation Reference: #11697 Reference: #8453 Reference: #7438 Reference: #4904 Including the Kubernetes ecosystem dependency rather than hard copying the implementation was originally for a few concerns as noted in #4904 (comment). Since its introduction, the upstream implementation has remained stable with respects to the GetWithSTS token generator implementation we use. However, changes to the surrounding upstream package code and its broad transitive dependencies have prevented a clear upgrade path since github.com/kubernetes-sigs/[email protected] (now re-verified with v0.5.0), where Terraform AWS Provider builds cannot succeed on solaris/amd64: ```console $ gox -os='linux darwin windows freebsd openbsd solaris' -arch='386 amd64 arm' -osarch='!darwin/arm !darwin/386' -ldflags '-s -w -X aws/version.ProviderVersion=99.99.99 -X aws/version.ProtocolVersion=4' -output 'results/{{.OS}}_{{.Arch}}/terraform-provider-aws_v99.99.99_x4' . ... 1 errors occurred: --> solaris/amd64 error: exit status 2 Stderr: # github.com/gofrs/flock ../../../../go/pkg/mod/github.com/gofrs/[email protected]/flock_unix.go:28:22: undefined: syscall.LOCK_EX ../../../../go/pkg/mod/github.com/gofrs/[email protected]/flock_unix.go:39:22: undefined: syscall.LOCK_SH ../../../../go/pkg/mod/github.com/gofrs/[email protected]/flock_unix.go:56:12: undefined: syscall.Flock ../../../../go/pkg/mod/github.com/gofrs/[email protected]/flock_unix.go:66:12: undefined: syscall.Flock ../../../../go/pkg/mod/github.com/gofrs/[email protected]/flock_unix.go:96:12: undefined: syscall.Flock ../../../../go/pkg/mod/github.com/gofrs/[email protected]/flock_unix.go:96:42: undefined: syscall.LOCK_UN ../../../../go/pkg/mod/github.com/gofrs/[email protected]/flock_unix.go:118:21: undefined: syscall.LOCK_EX ../../../../go/pkg/mod/github.com/gofrs/[email protected]/flock_unix.go:130:21: undefined: syscall.LOCK_SH ../../../../go/pkg/mod/github.com/gofrs/[email protected]/flock_unix.go:149:9: undefined: syscall.Flock ../../../../go/pkg/mod/github.com/gofrs/[email protected]/flock_unix.go:149:44: undefined: syscall.LOCK_NB ../../../../go/pkg/mod/github.com/gofrs/[email protected]/flock_unix.go:149:44: too many errors ``` This issue is non-obvious to contributors and maintainers as we do not perform cross-compilation build testing in CI during pull requests since it is very time prohibitive. Rather than leave this single data source's dependency in an unstable state, instead we opt to hard copy the relevant upstream Go package and prune that package to only the code we use, removing many unnecessary dependencies. Updated via: ```console $ go mod tidy $ go mod vendor ``` Output from acceptance testing: ``` --- PASS: TestAccAWSEksClusterAuthDataSource_basic (15.00s) ``` * internal/service/eks/token: Fix linting issues from upstream code Previously: ``` aws/internal/service/eks/token/token.go:74:8: `conjuction` is a misspelling of `conjunction` (misspell) // in conjuction with CloudTrail to determine the identity of the individual ^ aws/internal/service/eks/token/token_test.go:144:20: S1019: should use make([]byte, maxTokenLenBytes + 1) instead (gosimple) b := make([]byte, maxTokenLenBytes+1, maxTokenLenBytes+1) ^ ```
- Loading branch information
Showing
146 changed files
with
375 additions
and
33,652 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
10 changes: 9 additions & 1 deletion
10
...sigs/aws-iam-authenticator/pkg/arn/arn.go → aws/internal/service/eks/token/arn.go
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,41 @@ | ||
/* | ||
This file is a hard copy of: | ||
https://github.com/kubernetes-sigs/aws-iam-authenticator/blob/7547c74e660f8d34d9980f2c69aa008eed1f48d0/pkg/arn/arn_test.go | ||
With the following modifications: | ||
- Rename package from arn to token for simplication | ||
*/ | ||
|
||
package token | ||
|
||
import ( | ||
"fmt" | ||
"testing" | ||
) | ||
|
||
var arnTests = []struct { | ||
arn string // input arn | ||
expected string // canonacalized arn | ||
err error // expected error value | ||
}{ | ||
{"NOT AN ARN", "", fmt.Errorf("Not an arn")}, | ||
{"arn:aws:iam::123456789012:user/Alice", "arn:aws:iam::123456789012:user/Alice", nil}, | ||
{"arn:aws:iam::123456789012:role/Users", "arn:aws:iam::123456789012:role/Users", nil}, | ||
{"arn:aws:sts::123456789012:assumed-role/Admin/Session", "arn:aws:iam::123456789012:role/Admin", nil}, | ||
{"arn:aws:sts::123456789012:federated-user/Bob", "arn:aws:sts::123456789012:federated-user/Bob", nil}, | ||
{"arn:aws:iam::123456789012:root", "arn:aws:iam::123456789012:root", nil}, | ||
{"arn:aws:sts::123456789012:assumed-role/Org/Team/Admin/Session", "arn:aws:iam::123456789012:role/Org/Team/Admin", nil}, | ||
} | ||
|
||
func TestUserARN(t *testing.T) { | ||
for _, tc := range arnTests { | ||
actual, err := Canonicalize(tc.arn) | ||
if err != nil && tc.err == nil || err == nil && tc.err != nil { | ||
t.Errorf("Canoncialize(%s) expected err: %v, actual err: %v", tc.arn, tc.err, err) | ||
continue | ||
} | ||
if actual != tc.expected { | ||
t.Errorf("Canonicalize(%s) expected: %s, actual: %s", tc.arn, tc.expected, actual) | ||
} | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.