@@ -432,7 +432,12 @@ functions:
432432 "iam_auth_assume_role_name" : "${iam_auth_assume_role_name}",
433433 "iam_auth_ec2_instance_account" : "${iam_auth_ec2_instance_account}",
434434 "iam_auth_ec2_instance_secret_access_key" : "${iam_auth_ec2_instance_secret_access_key}",
435- "iam_auth_ec2_instance_profile" : "${iam_auth_ec2_instance_profile}"
435+ "iam_auth_ec2_instance_profile" : "${iam_auth_ec2_instance_profile}",
436+ "iam_auth_assume_web_role_name": "${iam_auth_assume_web_role_name}",
437+ "iam_web_identity_issuer": "${iam_web_identity_issuer}",
438+ "iam_web_identity_rsa_key": "${iam_web_identity_rsa_key}",
439+ "iam_web_identity_jwks_uri": "${iam_web_identity_jwks_uri}",
440+ "iam_web_identity_token_file": "${iam_web_identity_token_file}"
436441 }
437442 EOF
438443
@@ -551,6 +556,76 @@ functions:
551556 mongo --nodb setup.js aws_e2e_ecs.js
552557 cd -
553558
559+ run-aws-auth-test-with-aws-web-identity-credentials :
560+ - command : shell.exec
561+ type : test
562+ params :
563+ working_dir : mongo-csharp-driver
564+ script : |
565+ ${PREPARE_SHELL}
566+ if [ "${skip_web_identity_auth_test}" = "true" ]; then
567+ echo "This platform does not support the web identity auth test, skipping..."
568+ exit 0
569+ fi
570+ cd ${DRIVERS_TOOLS}/.evergreen/auth_aws
571+ . ./activate_venv.sh
572+ mongo aws_e2e_web_identity.js
573+ command : shell.exec
574+ type : test
575+ params :
576+ working_dir : mongo-csharp-driver
577+ silent : true
578+ script : |
579+ if [ "${skip_web_identity_auth_test}" = "true" ]; then
580+ echo "This platform does not support the web identity auth test, skipping..."
581+ exit 0
582+ fi
583+ # DO NOT ECHO WITH XTRACE (which PREPARE_SHELL does)
584+ cat <<'EOF' > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
585+ export AWS_ROLE_ARN="${iam_auth_assume_web_role_name}"
586+ export AWS_WEB_IDENTITY_TOKEN_FILE="${iam_web_identity_token_file}"
587+ export MONGODB_URI="mongodb://localhost"
588+ EOF
589+ command : shell.exec
590+ type : test
591+ params :
592+ working_dir : mongo-csharp-driver
593+ script : |
594+ ${PREPARE_SHELL}
595+ if [ "${skip_web_identity_auth_test}" = "true" ]; then
596+ echo "This platform does not support the web identity auth test, skipping..."
597+ exit 0
598+ fi
599+ PROJECT_DIRECTORY=${PROJECT_DIRECTORY} OS=$OS ASSERT_NO_URI_CREDS=true evergreen/run-mongodb-aws-test.sh
600+ command : shell.exec
601+ type : test
602+ params :
603+ working_dir : mongo-csharp-driver
604+ silent : true
605+ script : |
606+ if [ "${skip_EC2_auth_test}" = "true" ]; then
607+ echo "This platform does not support the web identity auth test, skipping..."
608+ exit 0
609+ fi
610+ # DO NOT ECHO WITH XTRACE (which PREPARE_SHELL does)
611+ cat <<'EOF' > "${PROJECT_DIRECTORY}/prepare_mongodb_aws.sh"
612+ export AWS_ROLE_ARN="${iam_auth_assume_web_role_name}"
613+ export AWS_WEB_IDENTITY_TOKEN_FILE="${iam_web_identity_token_file}"
614+ export AWS_ROLE_SESSION_NAME="test"
615+ export MONGODB_URI="mongodb://localhost"
616+ EOF
617+ command : shell.exec
618+ type : test
619+ params :
620+ working_dir : mongo-csharp-driver
621+ script : |
622+ ${PREPARE_SHELL}
623+ if [ "${skip_web_identity_auth_test}" = "true" ]; then
624+ echo "This platform does not support the web identity auth test, skipping..."
625+ exit 0
626+ fi
627+ PROJECT_DIRECTORY=${PROJECT_DIRECTORY} OS=$OS ASSERT_NO_URI_CREDS=true evergreen/run-mongodb-aws-test.sh
628+
554629run-aws-auth-test-with-aws-credentials-as-environment-variables :
555630 - command : shell.exec
556631 type : test
@@ -1067,6 +1142,7 @@ tasks:
10671142 - func : run-aws-auth-test-with-aws-credentials-and-session-token-as-environment-variables
10681143 - func : run-aws-auth-test-with-aws-EC2-credentials
10691144 - func : run-aws-auth-test-with-aws-ECS-credentials
1145+ - func : run-aws-auth-test-with-aws-web-identity-credentials
10701146
10711147 - name : stable-api-tests-net472
10721148 commands :
@@ -1599,6 +1675,7 @@ axes:
15991675 variables :
16001676 OS : " windows-64"
16011677 skip_ECS_auth_test : true
1678+ skip_web_identity_auth_test : true
16021679 run_on : windows-64-vs2017-test
16031680 - id : " ubuntu-1804"
16041681 display_name : " Ubuntu 18.04"
@@ -1611,13 +1688,15 @@ axes:
16111688 OS : " macos-1100"
16121689 skip_EC2_auth_test : true
16131690 skip_ECS_auth_test : true
1691+ skip_web_identity_auth_test : true
16141692 run_on : macos-1100
16151693 - id : " macos-1100-arm64"
16161694 display_name : " macOS 11.00 M1"
16171695 variables :
16181696 OS : " macos-1100-arm64"
16191697 skip_EC2_auth_test : true
16201698 skip_ECS_auth_test : true
1699+ skip_web_identity_auth_test : true
16211700 run_on : macos-1100-arm64
16221701
16231702 - id : topology
0 commit comments