feat(NODE-5054): add AssumeRoleWithWebIdentity support to 4x driver #3566
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
baileympearson
force-pushed
the
NODE-5054-eks-auth-4x-branch
branch
from
f7787ad
to
4413b7b
Compare
dariakp
added
the
Primary Review
dariakp
reviewed
Feb 14, 2023
| @@ -649,6 +654,53 @@ functions: | |||
| script: | | |||
| ${PREPARE_SHELL} | |||
| ${PROJECT_DIRECTORY}/.evergreen/run-mongodb-aws-test.sh | |||
| run aws auth test AssumeRoleWithWebIdentity with AWS_ROLE_SESSION_NAME set: | |||
There was a problem hiding this comment.
Noticed that this set of changes doesn't have the addition of the install aws-credential-providers script that #3556 did - why the discrepancy?
There was a problem hiding this comment.
In version 4x, the AWS SDK was an optional dependency so it was installed by default. You'll notice here that the install step omits optional dependencies.
In version five, it is no longer installed by default so we must manually install it, so I created a separate step to install the SDK where we need it.
ksibisamir
added a commit
to SaTT-Wallet/Backend
that referenced
this pull request
Jun 9, 2023
<p>This PR was automatically created by Snyk using the credentials of a
real user.</p><br /><h3>Snyk has created this PR to upgrade mongodb from
4.14.0 to 4.16.0.</h3>
:information_source: Keep your dependencies up-to-date. This makes it
easier to fix existing vulnerabilities and to more quickly identify and
fix newly disclosed vulnerabilities when they affect your project.
<hr/>
- The recommended version is **2 versions** ahead of your current
version.
- The recommended version was released **2 months ago**, on 2023-04-18.
<details>
<summary><b>Release notes</b></summary>
<br/>
<details>
<summary>Package name: <b>mongodb</b></summary>
<ul>
<li>
<b>4.16.0</b> - <a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/releases/tag/v4.16.0">2023-04-18</a></br><p>The
MongoDB Node.js team is pleased to announce version 4.16.0 of the
<code>mongodb</code> package!</p>
<h3>Features</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-5159">NODE-5159</a>:</strong>
add FaaS env information to client metadata (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3639"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3639/hovercard">#3639</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/e0b20f1ba4c0d8826077703a3cd77936b9be7dfd">e0b20f1</a>)</li>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-5199">NODE-5199</a>:</strong>
add alternative runtime detection to client metadata (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3647"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3647/hovercard">#3647</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/fba16adb52f2ef37e87ea64bd6163711d0f09b84">fba16ad</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-5161">NODE-5161</a>:</strong>
metadata duplication in handshake (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3628"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3628/hovercard">#3628</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/b79014286c714291a1d16f12c6397e545411da0f">b790142</a>)</li>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-5200">NODE-5200</a>:</strong>
relax SRV record validation to account for a dot suffix (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3640"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3640/hovercard">#3640</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/4272c43aed8790edcc38c69004e227c97117076a">4272c43</a>)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li><a href="https://docs.mongodb.com/drivers/node/4.16/"
rel="nofollow">Reference</a></li>
<li><a href="https://mongodb.github.io/node-mongodb-native/4.16/"
rel="nofollow">API</a></li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/blob/v4.16.0/HISTORY.md">Changelog</a></li>
</ul>
<p>We invite you to try the <code>mongodb</code> library immediately,
and report any issues to the <a
href="https://jira.mongodb.org/projects/NODE" rel="nofollow">NODE
project</a>.</p>
</li>
<li>
<b>4.15.0</b> - <a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/releases/tag/v4.15.0">2023-04-04</a></br><p>The
MongoDB Node.js team is pleased to announce version 4.15.0 of the
mongodb package!</p>
<h3>Features</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-5054">NODE-5054</a>:</strong>
add AssumeRoleWithWebIdentity support to 4x driver (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3566"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3566/hovercard">#3566</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/8a8c386a8dc9263aa68826a8705c7800752a7153">8a8c386</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-5097">NODE-5097</a>:</strong>
set timeout on write and reset on message (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3590"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3590/hovercard">#3590</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/2d3576bf154843f0b8f63710c530d07cdc7a2ea6">2d3576b</a>)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li>Reference: <a href="https://docs.mongodb.com/drivers/node/current/"
rel="nofollow">https://docs.mongodb.com/drivers/node/current/</a></li>
<li>API: <a href="https://mongodb.github.io/node-mongodb-native/4.15/"
rel="nofollow">https://mongodb.github.io/node-mongodb-native/4.15/</a></li>
<li>Changelog: <a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/blob/v4.15.0/HISTORY.md">HISTORY.md</a></li>
</ul>
<p>We invite you to try the mongodb library immediately, and report any
issues to the <a href="https://jira.mongodb.org/projects/NODE"
rel="nofollow">NODE project</a>.</p>
</li>
<li>
<b>4.14.0</b> - <a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/releases/tag/v4.14.0">2023-02-07</a></br><p>The
MongoDB Node.js team is pleased to announce version 4.14.0 of the
mongodb package!</p>
<h3>Deprecations</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4992">NODE-4992</a>:</strong>
Deprecate methods and options that reference legacy logger (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3532"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3532/hovercard">#3532</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/6c94b4a826f51796a23d26f0d1976e5dfcd88d88">6c94b4a</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-4999">NODE-4999</a>:</strong>
Write Concern 0 Must Not Affect Read Operations (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3541"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3541/hovercard">#3541</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/ddfc2b9bc0475b3d18db355ed73cebfccaf6b874">ddfc2b9</a>)</li>
<li><strong><a class="issue-link js-issue-link notranslate"
rel="noopener noreferrer nofollow"
href="https://jira.mongodb.org/browse/NODE-5026">NODE-5026</a>:</strong>
revert "ensure that MessageStream is destroyed when connections are
destroyed" (<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/issues/3551"
data-hovercard-type="pull_request"
data-hovercard-url="/mongodb/node-mongodb-native/pull/3551/hovercard">#3551</a>)
(<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/c4da623b1b30439521ce59e4d9db810ea7d213e2">c4da623</a>)</li>
</ul>
<h2>Documentation</h2>
<ul>
<li>Reference: <a href="https://docs.mongodb.com/drivers/node/current/"
rel="nofollow">https://docs.mongodb.com/drivers/node/current/</a></li>
<li>API: <a href="https://mongodb.github.io/node-mongodb-native/4.14/"
rel="nofollow">https://mongodb.github.io/node-mongodb-native/4.14/</a></li>
<li>Changelog: <a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/blob/v4.14.0/HISTORY.md">HISTORY.md</a></li>
</ul>
<p>We invite you to try the mongodb library immediately, and report any
issues to the <a href="https://jira.mongodb.org/projects/NODE"
rel="nofollow">NODE project</a>.</p>
</li>
</ul>
from <a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/releases">mongodb
GitHub release notes</a>
</details>
</details>
<details>
<summary><b>Commit messages</b></summary>
</br>
<details>
<summary>Package name: <b>mongodb</b></summary>
<ul>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/134d32ffe0b37977d71508a2f4484ba60139c9fc">134d32f</a>
chore(release): 4.16.0</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/fba16adb52f2ef37e87ea64bd6163711d0f09b84">fba16ad</a>
feat(NODE-5199): add alternative runtime detection to client metadata
(#3647)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/e0b20f1ba4c0d8826077703a3cd77936b9be7dfd">e0b20f1</a>
feat(NODE-5159): add FaaS env information to client metadata
(#3639)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/4272c43aed8790edcc38c69004e227c97117076a">4272c43</a>
fix(NODE-5200): relax SRV record validation to account for a dot suffix
(#3640)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/c11e2cf1ad6c6afc5aedc1105da82b7e01e3cb16">c11e2cf</a>
test(NODE-5181): update fle2 v2 spec tests (#3630)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/b79014286c714291a1d16f12c6397e545411da0f">b790142</a>
fix(NODE-5161): metadata duplication in handshake (#3628)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/49fa63860c1f949eb65f60abbf323534961b3552">49fa638</a>
chore(release): 4.15.0</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/00a8cff7e6bba07308f204e5bb4b196a4ef23040">00a8cff</a>
chore: update BSON to v4.7.2 (#3614)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/d6821bf72df551eb9b670bd7c817506408809c75">d6821bf</a>
test(NODE-5149): fix broken range index test (#3617)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/79d774e5d396faf52a919053674afa0cb5c50bfa">79d774e</a>
ci(NODE-5090): download node to local directory (#3591)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/2d3576bf154843f0b8f63710c530d07cdc7a2ea6">2d3576b</a>
fix(NODE-5097): set timeout on write and reset on message (#3590)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/33208b7b8c39570829306012ebbf065e3831a881">33208b7</a>
test(NODE-5093): fix fle2 collection names in legacy fle2 tests</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/8a8c386a8dc9263aa68826a8705c7800752a7153">8a8c386</a>
feat(NODE-5054): add AssumeRoleWithWebIdentity support to 4x driver
(#3566)</li>
<li><a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/commit/ed5182a32f063fa6bee230f7f1649d944d200d09">ed5182a</a>
test(NODE-5043): assert MongoClients are garbage collectable
(#3561)</li>
</ul>
<a
href="https://snyk.io/redirect/github/mongodb/node-mongodb-native/compare/908b3b6b7aad13a411439624431382aeca8ab6cd...134d32ffe0b37977d71508a2f4484ba60139c9fc">Compare</a>
</details>
</details>
<hr/>
**Note:** *You are seeing this because you or someone else with access
to this repository has authorized Snyk to open upgrade PRs.*
For more information: <img
src="https://api.segment.io/v1/pixel/track?data=eyJ3cml0ZUtleSI6InJyWmxZcEdHY2RyTHZsb0lYd0dUcVg4WkFRTnNCOUEwIiwiYW5vbnltb3VzSWQiOiI2MjI3YTQxYy1lZGRjLTRlMjUtOTk0Ni1hYjg0ZTc3NWM5ZmEiLCJldmVudCI6IlBSIHZpZXdlZCIsInByb3BlcnRpZXMiOnsicHJJZCI6IjYyMjdhNDFjLWVkZGMtNGUyNS05OTQ2LWFiODRlNzc1YzlmYSJ9fQ=="
width="0" height="0"/>
🧐 [View latest project
report](https://app.snyk.io/org/satt/project/b89486be-ad07-4d6c-a51a-2fa8a25baa00?utm_source=github&utm_medium=referral&page=upgrade-pr)
🛠 [Adjust upgrade PR
settings](https://app.snyk.io/org/satt/project/b89486be-ad07-4d6c-a51a-2fa8a25baa00/settings/integration?utm_source=github&utm_medium=referral&page=upgrade-pr)
🔕 [Ignore this dependency or unsubscribe from future upgrade
PRs](https://app.snyk.io/org/satt/project/b89486be-ad07-4d6c-a51a-2fa8a25baa00/settings/integration?pkg=mongodb&utm_source=github&utm_medium=referral&page=upgrade-pr#auto-dep-upgrades)
<!---
(snyk:metadata:{"prId":"6227a41c-eddc-4e25-9946-ab84e775c9fa","prPublicId":"6227a41c-eddc-4e25-9946-ab84e775c9fa","dependencies":[{"name":"mongodb","from":"4.14.0","to":"4.16.0"}],"packageManager":"npm","type":"auto","projectUrl":"https://app.snyk.io/org/satt/project/b89486be-ad07-4d6c-a51a-2fa8a25baa00?utm_source=github&utm_medium=referral&page=upgrade-pr","projectPublicId":"b89486be-ad07-4d6c-a51a-2fa8a25baa00","env":"prod","prType":"upgrade","vulns":[],"issuesToFix":[],"upgrade":[],"upgradeInfo":{"versionsDiff":2,"publishedDate":"2023-04-18T17:51:24.112Z"},"templateVariants":[],"hasFixes":false,"isMajorUpgrade":false,"isBreakingChange":false,"priorityScoreList":[]})
--->
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR backports testing for AWS EKS requests.
What is changing?
Is there new documentation needed for these changes?
No.
Double check the following
npm run check:lintscripttype(NODE-xxxx)[!]: descriptionfeat(NODE-1234)!: rewriting everything in coffeescript