1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
|
package config
import (
"context"
"github.com/aws/aws-sdk-go-v2/credentials/stscreds"
"github.com/aws/aws-sdk-go-v2/internal/awstesting"
"os"
"path/filepath"
"runtime"
"strings"
"testing"
)
// see https://github.com/aws/aws-sdk-go-v2/issues/2015
func TestResolveWebIdentityWithOptions(t *testing.T) {
t.Run("token from env", func(t *testing.T) {
restoreEnv := initConfigTestEnv()
defer awstesting.PopEnv(restoreEnv)
var tokenFile = filepath.Join("testdata", "wit.txt")
os.Setenv("AWS_WEB_IDENTITY_TOKEN_FILE", tokenFile)
os.Setenv("AWS_REGION", "us-east-1")
_, err := LoadDefaultConfig(context.Background(),
WithWebIdentityRoleCredentialOptions(func(options *stscreds.WebIdentityRoleOptions) {
options.RoleARN = "test-arn"
}),
)
if err != nil {
t.Fatalf("expect no error, got %v", err)
}
})
t.Run("token from profile", func(t *testing.T) {
// profile is still required to fully specify web identity properties for consistency with other SDKs/SEP
restoreEnv := initConfigTestEnv()
defer awstesting.PopEnv(restoreEnv)
var configFileForWindows = filepath.Join("testdata", "config_source_shared_for_windows")
var configFile = filepath.Join("testdata", "config_source_shared")
os.Setenv("AWS_REGION", "us-east-1")
os.Setenv("AWS_PROFILE", "webident-partial")
if runtime.GOOS == "windows" {
os.Setenv("AWS_CONFIG_FILE", configFileForWindows)
} else {
os.Setenv("AWS_CONFIG_FILE", configFile)
}
_, err := LoadDefaultConfig(context.Background())
if err == nil || !strings.Contains(err.Error(), "web_identity_token_file requires role_arn") {
t.Fatalf("expected profile parsing error, got %v", err)
}
})
}
|
