Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(NODE-5054): add AssumeRoleWithWebIdentity support to 4x driver #3566

Merged
merged 3 commits into from
Feb 14, 2023

Conversation

baileympearson
Copy link
Contributor

@baileympearson baileympearson commented Feb 13, 2023

Description

This PR backports testing for AWS EKS requests.

What is changing?

Is there new documentation needed for these changes?

No.

Double check the following

  • Ran npm run check:lint script
  • Self-review completed using the steps outlined here
  • PR title follows the correct format: type(NODE-xxxx)[!]: description
    • Example: feat(NODE-1234)!: rewriting everything in coffeescript
  • Changes are covered by tests
  • New TODOs have a related JIRA ticket

@baileympearson baileympearson marked this pull request as ready for review February 13, 2023 20:30
@dariakp dariakp added the Primary Review In Review with primary reviewer, not yet ready for team's eyes label Feb 14, 2023
@dariakp dariakp self-assigned this Feb 14, 2023
@@ -649,6 +654,53 @@ functions:
script: |
${PREPARE_SHELL}
${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh
run aws auth test AssumeRoleWithWebIdentity with AWS_ROLE_SESSION_NAME set:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Noticed that this set of changes doesn't have the addition of the install aws-credential-providers script that #3556 did - why the discrepancy?

Copy link
Contributor Author

@baileympearson baileympearson Feb 14, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In version 4x, the AWS SDK was an optional dependency so it was installed by default. You'll notice here that the install step omits optional dependencies.

In version five, it is no longer installed by default so we must manually install it, so I created a separate step to install the SDK where we need it.

package.json Outdated Show resolved Hide resolved
@dariakp dariakp merged commit 8a8c386 into 4.x Feb 14, 2023
@dariakp dariakp deleted the NODE-5054-eks-auth-4x-branch branch February 14, 2023 16:59
ksibisamir added a commit to SaTT-Wallet/Backend that referenced this pull request Jun 9, 2023
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to upgrade mongodb from
4.14.0 to 4.16.0.</h3>

:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>

- The recommended version is **2 versions** ahead of your current
version.
- The recommended version was released **2 months ago**, on 2023-04-18.


<details>
<summary><b>Release notes</b></summary>
<br/>
  <details>
    <summary>Package name: <b>mongodb</b></summary>
    <ul>
      <li>
<b>4.16.0</b> - <a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/releases/tag/v4.16.0">2023-04-18</a></br><p>The
MongoDB Node.js team is pleased to announce version 4.16.0 of the
<code>mongodb</code> package!</p>
<h3>Features</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-5159">NODE-5159</a>:</strong>
add FaaS env information to client metadata (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3639"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3639/hovercard">#3639</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/e0b20f1ba4c0d8826077703a3cd77936b9be7dfd">e0b20f1</a>)</li>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-5199">NODE-5199</a>:</strong>
add alternative runtime detection to client metadata (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3647"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3647/hovercard">#3647</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/fba16adb52f2ef37e87ea64bd6163711d0f09b84">fba16ad</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-5161">NODE-5161</a>:</strong>
metadata duplication in handshake (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3628"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3628/hovercard">#3628</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/b79014286c714291a1d16f12c6397e545411da0f">b790142</a>)</li>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-5200">NODE-5200</a>:</strong>
relax SRV record validation to account for a dot suffix (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3640"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3640/hovercard">#3640</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/4272c43aed8790edcc38c69004e227c97117076a">4272c43</a>)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li><a href="https://docs.mongodb.com/drivers/node/4.16/"
rel="nofollow">Reference</a></li>
<li><a href="https://mongodb.github.io/node-mongodb-native/4.16/"
rel="nofollow">API</a></li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/blob/v4.16.0/HISTORY.md">Changelog</a></li>
</ul>
<p>We invite you to try the <code>mongodb</code> library immediately,
and report any issues to the <a
href="https://jira.mongodb.org/projects/NODE" rel="nofollow">NODE
project</a>.</p>
      </li>
      <li>
<b>4.15.0</b> - <a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/releases/tag/v4.15.0">2023-04-04</a></br><p>The
MongoDB Node.js team is pleased to announce version 4.15.0 of the
mongodb package!</p>
<h3>Features</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-5054">NODE-5054</a>:</strong>
add AssumeRoleWithWebIdentity support to 4x driver (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3566"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3566/hovercard">#3566</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/8a8c386a8dc9263aa68826a8705c7800752a7153">8a8c386</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-5097">NODE-5097</a>:</strong>
set timeout on write and reset on message (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3590"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3590/hovercard">#3590</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/2d3576bf154843f0b8f63710c530d07cdc7a2ea6">2d3576b</a>)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li>Reference: <a href="https://docs.mongodb.com/drivers/node/current/"
rel="nofollow">https://docs.mongodb.com/drivers/node/current/</a></li>
<li>API: <a href="https://mongodb.github.io/node-mongodb-native/4.15/"
rel="nofollow">https://mongodb.github.io/node-mongodb-native/4.15/</a></li>
<li>Changelog: <a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/blob/v4.15.0/HISTORY.md">HISTORY.md</a></li>
</ul>
<p>We invite you to try the mongodb library immediately, and report any
issues to the <a href="https://jira.mongodb.org/projects/NODE"
rel="nofollow">NODE project</a>.</p>
      </li>
      <li>
<b>4.14.0</b> - <a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/releases/tag/v4.14.0">2023-02-07</a></br><p>The
MongoDB Node.js team is pleased to announce version 4.14.0 of the
mongodb package!</p>
<h3>Deprecations</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4992">NODE-4992</a>:</strong>
Deprecate methods and options that reference legacy logger (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3532"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3532/hovercard">#3532</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/6c94b4a826f51796a23d26f0d1976e5dfcd88d88">6c94b4a</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4999">NODE-4999</a>:</strong>
Write Concern 0 Must Not Affect Read Operations (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3541"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3541/hovercard">#3541</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/ddfc2b9bc0475b3d18db355ed73cebfccaf6b874">ddfc2b9</a>)</li>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-5026">NODE-5026</a>:</strong>
revert "ensure that MessageStream is destroyed when connections are
destroyed" (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3551"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3551/hovercard">#3551</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/c4da623b1b30439521ce59e4d9db810ea7d213e2">c4da623</a>)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li>Reference: <a href="https://docs.mongodb.com/drivers/node/current/"
rel="nofollow">https://docs.mongodb.com/drivers/node/current/</a></li>
<li>API: <a href="https://mongodb.github.io/node-mongodb-native/4.14/"
rel="nofollow">https://mongodb.github.io/node-mongodb-native/4.14/</a></li>
<li>Changelog: <a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/blob/v4.14.0/HISTORY.md">HISTORY.md</a></li>
</ul>
<p>We invite you to try the mongodb library immediately, and report any
issues to the <a href="https://jira.mongodb.org/projects/NODE"
rel="nofollow">NODE project</a>.</p>
      </li>
    </ul>
from <a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/releases">mongodb
GitHub release notes</a>
  </details>
</details>


<details>
  <summary><b>Commit messages</b></summary>
  </br>
  <details>
    <summary>Package name: <b>mongodb</b></summary>
    <ul>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/134d32ffe0b37977d71508a2f4484ba60139c9fc">134d32f</a>
chore(release): 4.16.0</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/fba16adb52f2ef37e87ea64bd6163711d0f09b84">fba16ad</a>
feat(NODE-5199): add alternative runtime detection to client metadata
(#3647)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/e0b20f1ba4c0d8826077703a3cd77936b9be7dfd">e0b20f1</a>
feat(NODE-5159): add FaaS env information to client metadata
(#3639)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/4272c43aed8790edcc38c69004e227c97117076a">4272c43</a>
fix(NODE-5200): relax SRV record validation to account for a dot suffix
(#3640)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/c11e2cf1ad6c6afc5aedc1105da82b7e01e3cb16">c11e2cf</a>
test(NODE-5181): update fle2 v2 spec tests (#3630)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/b79014286c714291a1d16f12c6397e545411da0f">b790142</a>
fix(NODE-5161): metadata duplication in handshake (#3628)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/49fa63860c1f949eb65f60abbf323534961b3552">49fa638</a>
chore(release): 4.15.0</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/00a8cff7e6bba07308f204e5bb4b196a4ef23040">00a8cff</a>
chore: update BSON to v4.7.2 (#3614)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/d6821bf72df551eb9b670bd7c817506408809c75">d6821bf</a>
test(NODE-5149): fix broken range index test (#3617)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/79d774e5d396faf52a919053674afa0cb5c50bfa">79d774e</a>
ci(NODE-5090): download node to local directory (#3591)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/2d3576bf154843f0b8f63710c530d07cdc7a2ea6">2d3576b</a>
fix(NODE-5097): set timeout on write and reset on message (#3590)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/33208b7b8c39570829306012ebbf065e3831a881">33208b7</a>
test(NODE-5093): fix fle2 collection names in legacy fle2 tests</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/8a8c386a8dc9263aa68826a8705c7800752a7153">8a8c386</a>
feat(NODE-5054): add AssumeRoleWithWebIdentity support to 4x driver
(#3566)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/ed5182a32f063fa6bee230f7f1649d944d200d09">ed5182a</a>
test(NODE-5043): assert MongoClients are garbage collectable
(#3561)</li>
    </ul>

<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/compare/908b3b6b7aad13a411439624431382aeca8ab6cd...134d32ffe0b37977d71508a2f4484ba60139c9fc">Compare</a>
  </details>
</details>
<hr/>

**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*

For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI2MjI3YTQxYy1lZGRjLTRlMjUtOTk0Ni1hYjg0ZTc3NWM5ZmEiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjYyMjdhNDFjLWVkZGMtNGUyNS05OTQ2LWFiODRlNzc1YzlmYSJ9fQ=="
width="0" height="0"/>

🧐 [View latest project
report](https://app.snyk.io/org/satt/project/b89486be-ad07-4d6c-a51a-2fa8a25baa00?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/satt/project/b89486be-ad07-4d6c-a51a-2fa8a25baa00/settings/integration?utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr)

🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/satt/project/b89486be-ad07-4d6c-a51a-2fa8a25baa00/settings/integration?pkg&#x3D;mongodb&amp;utm_source&#x3D;github&amp;utm_medium&#x3D;referral&amp;page&#x3D;upgrade-pr#auto-dep-upgrades)

<!---
(snyk:metadata:{"prId":"6227a41c-eddc-4e25-9946-ab84e775c9fa","prPublicId":"6227a41c-eddc-4e25-9946-ab84e775c9fa","dependencies":[{"name":"mongodb","from":"4.14.0","to":"4.16.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/satt/project/b89486be-ad07-4d6c-a51a-2fa8a25baa00?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"b89486be-ad07-4d6c-a51a-2fa8a25baa00","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":2,"publishedDate":"2023-04-18T17:51:24.112Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]})
--->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Primary Review In Review with primary reviewer, not yet ready for team's eyes
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants