Skip to content

Commit

Permalink
feat(NODE-5815): remove oidc (#3981)
Browse files Browse the repository at this point in the history
  • Loading branch information
@durran
durran committed Jan 26, 2024
1 parent f524a94 commit 4893330
Show file tree
Hide file tree
Showing 35 changed files with 9 additions and 3,752 deletions.
100 changes: 0 additions & 100 deletions .evergreen/config.in.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -132,58 +132,6 @@ functions:
env:
DRIVERS_TOOLS: ${DRIVERS_TOOLS}

"bootstrap oidc":
- command: ec2.assume_role
params:
role_arn: ${OIDC_AWS_ROLE_ARN}
- command: shell.exec
type: test
params:
working_dir: "src"
shell: bash
script: |
${PREPARE_SHELL}
cd "${DRIVERS_TOOLS}"/.evergreen/auth_oidc
# This is a bit confusing but the ec2.assume_role command before
# this task will overwrite these variables to a different value
# than we have set in our evergreen project config. As these are
# now specific to the OIDC ARN, we re-export for the python
# scripts.
export AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
export AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
export AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN}
export OIDC_TOKEN_DIR=/tmp/tokens
. ./activate-authoidcvenv.sh
python oidc_write_orchestration.py
python oidc_get_tokens.py
"setup oidc roles":
- command: subprocess.exec
params:
working_dir: src
binary: bash
args:
- .evergreen/setup-oidc-roles.sh
env:
DRIVERS_TOOLS: ${DRIVERS_TOOLS}

"run oidc tests aws":
- command: shell.exec
type: test
params:
working_dir: "src"
timeout_secs: 300
shell: bash
script: |
${PREPARE_SHELL}
OIDC_TOKEN_DIR="/tmp/tokens" \
AWS_WEB_IDENTITY_TOKEN_FILE="/tmp/tokens/test_user1" \
PROJECT_DIRECTORY="${PROJECT_DIRECTORY}" \
bash ${PROJECT_DIRECTORY}/.evergreen/run-oidc-tests.sh
"run tests":
- command: shell.exec
type: test
Expand Down Expand Up @@ -1254,26 +1202,6 @@ tasks:
args:
- src/.evergreen/run-azure-kms-tests.sh

- name: "oidc-auth-test-azure-latest"
commands:
- command: expansions.update
type: setup
params:
updates:
- { key: NPM_VERSION, value: "9" }
- func: "install dependencies"
- command: subprocess.exec
params:
working_dir: src
binary: bash
env:
DRIVERS_TOOLS: ${DRIVERS_TOOLS}
PROJECT_DIRECTORY: ${PROJECT_DIRECTORY}
AZUREOIDC_CLIENTID: ${testazureoidc_clientid}
PROVIDER_NAME: azure
args:
- .evergreen/run-oidc-tests-azure.sh

- name: "test-aws-lambda-deployed"
commands:
- command: expansions.update
Expand Down Expand Up @@ -1400,34 +1328,6 @@ task_groups:
tasks:
- test-azurekms-task

- name: testazureoidc_task_group
setup_group:
- func: fetch source
- command: shell.exec
params:
shell: bash
script: |-
set -o errexit
${PREPARE_SHELL}
export AZUREOIDC_CLIENTID="${testazureoidc_clientid}"
export AZUREOIDC_TENANTID="${testazureoic_tenantid}"
export AZUREOIDC_SECRET="${testazureoidc_secret}"
export AZUREOIDC_KEYVAULT=${testazureoidc_keyvault}
export AZUREOIDC_DRIVERS_TOOLS="$DRIVERS_TOOLS"
export AZUREOIDC_VMNAME_PREFIX="NODE_DRIVER"
$DRIVERS_TOOLS/.evergreen/auth_oidc/azure/create-and-setup-vm.sh
teardown_group:
- command: shell.exec
params:
shell: bash
script: |-
${PREPARE_SHELL}
$DRIVERS_TOOLS/.evergreen/auth_oidc/azure/delete-vm.sh
setup_group_can_fail_task: true
setup_group_timeout_secs: 1800
tasks:
- oidc-auth-test-azure-latest

- name: test_atlas_task_group
setup_group:
- func: fetch source
Expand Down
125 changes: 0 additions & 125 deletions .evergreen/config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -104,55 +104,6 @@ functions:
- .evergreen/run-azure-kms-mock-server.sh
env:
DRIVERS_TOOLS: ${DRIVERS_TOOLS}
bootstrap oidc:
- command: ec2.assume_role
params:
role_arn: ${OIDC_AWS_ROLE_ARN}
- command: shell.exec
type: test
params:
working_dir: src
shell: bash
script: |
${PREPARE_SHELL}
cd "${DRIVERS_TOOLS}"/.evergreen/auth_oidc
# This is a bit confusing but the ec2.assume_role command before
# this task will overwrite these variables to a different value
# than we have set in our evergreen project config. As these are
# now specific to the OIDC ARN, we re-export for the python
# scripts.
export AWS_ACCESS_KEY_ID=${AWS_ACCESS_KEY_ID}
export AWS_SECRET_ACCESS_KEY=${AWS_SECRET_ACCESS_KEY}
export AWS_SESSION_TOKEN=${AWS_SESSION_TOKEN}
export OIDC_TOKEN_DIR=/tmp/tokens
. ./activate-authoidcvenv.sh
python oidc_write_orchestration.py
python oidc_get_tokens.py
setup oidc roles:
- command: subprocess.exec
params:
working_dir: src
binary: bash
args:
- .evergreen/setup-oidc-roles.sh
env:
DRIVERS_TOOLS: ${DRIVERS_TOOLS}
run oidc tests aws:
- command: shell.exec
type: test
params:
working_dir: src
timeout_secs: 300
shell: bash
script: |
${PREPARE_SHELL}
OIDC_TOKEN_DIR="/tmp/tokens" \
AWS_WEB_IDENTITY_TOKEN_FILE="/tmp/tokens/test_user1" \
PROJECT_DIRECTORY="${PROJECT_DIRECTORY}" \
bash ${PROJECT_DIRECTORY}/.evergreen/run-oidc-tests.sh
run tests:
- command: shell.exec
type: test
Expand Down Expand Up @@ -1205,25 +1156,6 @@ tasks:
EXPECTED_AZUREKMS_OUTCOME: failure
args:
- src/.evergreen/run-azure-kms-tests.sh
- name: oidc-auth-test-azure-latest
commands:
- command: expansions.update
type: setup
params:
updates:
- {key: NPM_VERSION, value: '9'}
- func: install dependencies
- command: subprocess.exec
params:
working_dir: src
binary: bash
env:
DRIVERS_TOOLS: ${DRIVERS_TOOLS}
PROJECT_DIRECTORY: ${PROJECT_DIRECTORY}
AZUREOIDC_CLIENTID: ${testazureoidc_clientid}
PROVIDER_NAME: azure
args:
- .evergreen/run-oidc-tests-azure.sh
- name: test-aws-lambda-deployed
commands:
- command: expansions.update
Expand Down Expand Up @@ -1794,25 +1726,6 @@ tasks:
commands:
- func: install dependencies
- func: run ldap tests
- name: test-auth-oidc
tags:
- latest
- replica_set
- oidc
commands:
- command: expansions.update
type: setup
params:
updates:
- {key: VERSION, value: latest}
- {key: TOPOLOGY, value: replica_set}
- {key: AUTH, value: auth}
- {key: ORCHESTRATION_FILE, value: auth-oidc.json}
- func: install dependencies
- func: bootstrap oidc
- func: bootstrap mongo-orchestration
- func: setup oidc roles
- func: run oidc tests aws
- name: test-socks5
tags: []
commands:
Expand Down Expand Up @@ -3735,33 +3648,6 @@ task_groups:
- ${DRIVERS_TOOLS}/.evergreen/csfle/azurekms/delete-vm.sh
tasks:
- test-azurekms-task
- name: testazureoidc_task_group
setup_group:
- func: fetch source
- command: shell.exec
params:
shell: bash
script: |-
set -o errexit
${PREPARE_SHELL}
export AZUREOIDC_CLIENTID="${testazureoidc_clientid}"
export AZUREOIDC_TENANTID="${testazureoic_tenantid}"
export AZUREOIDC_SECRET="${testazureoidc_secret}"
export AZUREOIDC_KEYVAULT=${testazureoidc_keyvault}
export AZUREOIDC_DRIVERS_TOOLS="$DRIVERS_TOOLS"
export AZUREOIDC_VMNAME_PREFIX="NODE_DRIVER"
$DRIVERS_TOOLS/.evergreen/auth_oidc/azure/create-and-setup-vm.sh
teardown_group:
- command: shell.exec
params:
shell: bash
script: |-
${PREPARE_SHELL}
$DRIVERS_TOOLS/.evergreen/auth_oidc/azure/delete-vm.sh
setup_group_can_fail_task: true
setup_group_timeout_secs: 1800
tasks:
- oidc-auth-test-azure-latest
- name: test_atlas_task_group
setup_group:
- func: fetch source
Expand Down Expand Up @@ -3846,7 +3732,6 @@ buildvariants:
- test-6.0-load-balanced
- test-latest-load-balanced
- test-auth-ldap
- test-auth-oidc
- test-socks5
- test-socks5-csfle
- test-socks5-tls
Expand Down Expand Up @@ -3898,7 +3783,6 @@ buildvariants:
- test-6.0-load-balanced
- test-latest-load-balanced
- test-auth-ldap
- test-auth-oidc
- test-socks5
- test-socks5-csfle
- test-socks5-tls
Expand Down Expand Up @@ -3948,7 +3832,6 @@ buildvariants:
- test-6.0-load-balanced
- test-latest-load-balanced
- test-auth-ldap
- test-auth-oidc
- test-socks5
- test-socks5-csfle
- test-socks5-tls
Expand Down Expand Up @@ -3998,7 +3881,6 @@ buildvariants:
- test-6.0-load-balanced
- test-latest-load-balanced
- test-auth-ldap
- test-auth-oidc
- test-socks5
- test-socks5-csfle
- test-socks5-tls
Expand Down Expand Up @@ -4047,7 +3929,6 @@ buildvariants:
- test-6.0-load-balanced
- test-latest-load-balanced
- test-auth-ldap
- test-auth-oidc
- test-socks5
- test-socks5-csfle
- test-socks5-tls
Expand Down Expand Up @@ -4331,12 +4212,6 @@ buildvariants:
tasks:
- test_azurekms_task_group
- test-azurekms-fail-task
- name: ubuntu20-test-azure-oidc
display_name: Azure OIDC
run_on: ubuntu2004-small
batchtime: 20160
tasks:
- testazureoidc_task_group
- name: rhel8-test-atlas
display_name: Atlas Cluster Tests
run_on: rhel80-large
Expand Down
28 changes: 1 addition & 27 deletions .evergreen/generate_evergreen_tasks.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,8 +44,7 @@ const WINDOWS_SKIP_TAGS = new Set([
'atlas-connect',
'auth',
'load_balancer',
'socks5-csfle',
'oidc'
'socks5-csfle'
]);

const TASKS = [];
Expand Down Expand Up @@ -188,23 +187,6 @@ TASKS.push(
tags: ['auth', 'ldap'],
commands: [{ func: 'install dependencies' }, { func: 'run ldap tests' }]
},
{
name: 'test-auth-oidc',
tags: ['latest', 'replica_set', 'oidc'],
commands: [
updateExpansions({
VERSION: 'latest',
TOPOLOGY: 'replica_set',
AUTH: 'auth',
ORCHESTRATION_FILE: 'auth-oidc.json'
}),
{ func: 'install dependencies' },
{ func: 'bootstrap oidc' },
{ func: 'bootstrap mongo-orchestration' },
{ func: 'setup oidc roles' },
{ func: 'run oidc tests aws' }
]
},
{
name: 'test-socks5',
tags: [],
Expand Down Expand Up @@ -701,14 +683,6 @@ BUILD_VARIANTS.push({
tasks: ['test_azurekms_task_group', 'test-azurekms-fail-task']
});

BUILD_VARIANTS.push({
name: 'ubuntu20-test-azure-oidc',
display_name: 'Azure OIDC',
run_on: UBUNTU_20_OS,
batchtime: 20160,
tasks: ['testazureoidc_task_group']
});

BUILD_VARIANTS.push({
name: 'rhel8-test-atlas',
display_name: 'Atlas Cluster Tests',
Expand Down
11 changes: 0 additions & 11 deletions .evergreen/run-oidc-tests-azure.sh
View file

This file was deleted.

0 comments on commit 4893330

Please sign in to comment.