Closed lnguyen closed 1 year ago
👋 @lnguyen,
Thank you so much for this PR.
❓ Can you please add (1) tests and (2) docs for this change?
Hello @ameowlia ! I don't think there's a great way for us to test this without creating an assume role for the pipeline for this and using that. I did however changed the field to be assume_role_arn
instead of role_arn
and added it to readme
Thanks for updating the readme @lnguyen 👍
I don't think there's a great way for us to test this without creating an assume role for the pipeline for this and using that.
This surprises me. I am definitely not an expert here and I am just trying to help give quick feedback on PRs. So take all of this with a grain of salt. But I think this is a unit test for the component you are updating which does not require real AWS credentials. I think it just tests that the driver is configured properly. You are not making any new AWS calls in your PR, which leads me to believe that a real AWS account is not necessary for unit testing. I would suspect that you could write a similar unit test that AssumeRoleArn is present, then that credential is included in the driver.
😄 I started looking at this PR because I was working on a track of work that is blocked by it and I am (perhaps too) quick to give my opinions. We should definitely also have a concourse expert (@rui42?) look at it as well.
I was able to use the forked repo with the AssumeRole changes and test it in a pipeline.
My steps:
Ran docker build to get an image with Assume Role feature, tagged the image and pushed it to an image registry.
docker build -t semver-resource -f dockerfiles/ubuntu/Dockerfile .
docker tag semver-resource:latest image-registry
docker push image-registry
Created a test pipeline to use the newly created semver-resource image and used that image to do testing with assume role access keys.
resource_types:
- name: semver
type: docker-image
source:
repository: YOUR-IMAGE-REGISTRY/semver-resource
resources:
- name: semver-fork
type: semver
source:
driver: s3
bucket: semver-testing
key: version
access_key_id: ((access_key_id))
secret_access_key: ((secret_access_key))
assume_role_arn: ((assume_role_arn))
region_name: us-east-2
initial_version: 0.0.1
jobs:
- name: some-job
plan:
- get: semver-fork
params:
bump: major
- put: semver-fork
params: {file: semver-fork/version}
Wow thanks for helping out, BOSH folks!