feat: test-suite (#1315)

* chore!: Require Swift 5.7, fix deprecation warnings (#1173)

* feat: support initial-response in RPC based event streams (#1165)

* chore: bump models (#1178)

Co-authored-by: Sichan Yoo <chanyoo@amazon.com>

* chore: Updates version to 0.28.0

* add visionOS support to useragent (#1182)

* chore: Remove all models before copying in latest versions (#1185)

* chore: update models (#1187)

* chore: Update to aws-crt-swift 0.15.0 (#1188)

* chore: Updates version to 0.29.0

* chore: Update swiftlint to 0.53.0 (#1192)

* chore: End the SDK package manifest with a newline (#1203)

* fix: Update CRT dependency to 0.17.0 (#1210)

* chore: Updates version to 0.30.0

* chore: Clean up unnecessary TODOs + move test functions to a better location (#1209)

* feat: expose presign / presignURL methods in Models.swift to service client object (#1198)

* Add codegen to expose presign / presignURL methods on service client object.

---------

Co-authored-by: Sichan Yoo <chanyoo@amazon.com>

* chore: Bump models in prep for release 0.31.0 (#1218)

* chore: Updates version to 0.31.0

* fix: add s3 control to list of service clients that should have useSignedBodyHeader (#1219)

* Add customizations to auth resolve process.

Rules-based auth scheme resolver work wrap-up.

Wrap-up rules-based resolver customization and presign / presign-url flow refactors.

Refactor eventstream signing.

Update test cases to include auth schemes & auth scheme resolver in middleware context construction, and to include auth scheme middleware and signer middleware in operation stack.

Move requestSignature getter, setter, and attribute key to generic middleware context in smithy-swift.

Update event stream test cases.

Move setting signing algorithm property from auth scheme resolver to auth scheme customization hook.

Add necessary enum import for rules based auth scheme resolver codegen.

Add codegen test for rules based auth scheme resolver generation.

* Fix swiftlint.

* Fix swiftlint.

* Refactor setUpBidirectionalStreaming in HttpContext extension to make it more readable.

* Add SigV4Util and refactor signing properties customization of SigV4 and SigV4A AuthSchemes to make it more scalable.

* Remove duplicate presign flag logic.

* Refactor eventstream message signing to accept any custom signer that conforms to ClientRuntime.Signer protocol.

* Fix swiftlint.

* Fix method name in SigV4Util and update usage in auth schemes accordingly. Also, remove duplicate AttributeKey (expiration) from AWS's HttpContext extension.

* Add tests for SigV4AuthScheme signing properties customization, as well as SigV4Util.

* Refactor or delete deprecated signing components and tests.

- Rename `AWSSigningMiddleware.kt` to `SigV4Utils.kt` and delete generator code for `SigV4Middleware`. Update companion object method calls and import statements in other files accordingly.
- Refactor tests for `AWSSigningMiddlewareTests.kt` and change name to `SigV4UtilsTests.kt` to only test for companion object methods.
- Delete `AWSSigningParams.kt` and all of its tests, including tests for `SigV4Configurator`. These tests have been moved to Swift side, in tests for auth schemes.

* Delete SigV4Config and SigV4Middleware.

* SigV4Signer tests - wip.

* update SQS to latest model that uses aws json protocol + add integration test (#1233)

* fix: Fix tests related to operation doc header (#1231)

* fix: Codegen issues re: recursion, Swift keywords in unions (#1237)

* fix: Integration test crashes on failure, build warning (#1239)

* feat!: Replace the XML encoder with a custom Smithy implementation (#1224)

* chore: Modernize the codegen-build-test CI workflow (#1240)

* chore: Modernize the codegen-build-test-on-comment CI workflow (#1243)

* fix: Fix ref used for smithy-swift checkout in codegen-build-test-on-comment (#1244)

* feat!: Use closures for processing HTTP response (#1242)

* add IsTruncated pagination customization for S3 ListParts (#1245)

* feat: Publish documentation to public distribution (#1232)

* fix: Fix script for extracting version from GH ref (#1247)

* chore: Codegen dev script takes args for manifest generator (#1246)

* fix: Use bash to run doc generator version step (#1248)

* chore: Update models (#1252)

* chore: Updates version to 0.32.0

* fix: DocC post-testing fixes (#1249)

* chore: Run tvOS old & new in CI (#1253)

* feat: Package manifest generator improvements (#1250)

* fix: Use new manifest generator options to run protocol & unit tests in CI (#1257)

* chore: remove use of HttpBody and replace with ByteStream (#1254)

* fix: Remove codegen-build-test-on-comment workflow (#1262)

* chore: update smithy to 1.42.0 (#1261)

* feat: Add codegen-build-test workflow to pull requests (#1263)

* fix: codegen-build-test with workflow dispatch & custom branch names (#1265)

* fix integration tests (#1268)

* chore: bump models (#1270)

* chore: Updates version to 0.33.0

* fix: Batch documentation modules properly (#1274)

* chore: Update to aws-crt-swift 0.20.0 (#1275)

* fix: update partitions to latest fixes failing endpoints tests (#1277)

* feat: handle errors in 200 response from S3 (#1266)

* chore: Use Xcode 15.1 as CI latest version (#1286)

* Delete unnecessary TODO item. (#1288)

Co-authored-by: Sichan Yoo <chanyoo@amazon.com>

* feat!: Use Foundation-based HTTP client on Apple platforms (#1282)

* fix integration tests to conform to latest HTTPClient change (#1295)

* chore: update to CRT 0.22.0 (#1296)

* chore: Update smithy-swift to 0.38.0 (#1298)

* chore: Update .spi.yml (#1297)

* Delete bundle region provider. (#1290)

Co-authored-by: Sichan Yoo <chanyoo@amazon.com>

* fix!: Refactor resolveRegion method name to getRegion for consistency. (#1291)

* Refactor resolveRegion method name to getRegion for consistency.

---------

Co-authored-by: Sichan Yoo <chanyoo@amazon.com>

* Add tests for SigV4Util::setS3SpecificFlags method.

* Add do-catch to tests for changed method header.

* Add in missing try keyword.

* Add a way to fix a date for AWSSigV4Signer::signRequest, and add tests for AWSSigV4Signer::signRequest.

* Add SigV4 x Presigned Request integration tests using STS::getCallerIdentity and S3::putObject.

* Rename integration test directory and file for STS to be more specific.

* Update S3ErrorWith200 middleware to fix S3XCTestCase::tearDown(). Delete tearDown() from presigned request integration test now that it is redundant.

* chore: Update models (#1301)

* fix: Preserve data after reading response body stream in S3/200 middleware (#1303)

* chore: Updates version to 0.34.0

* Add EventStream Sigv4A integration test & add a test target dependency to Package.Base.swift.

* Improve comments and variable names on the EventBridge integration test.

* Update documentation comment to mention correct description of the test class.

* Remove unncessary string literal in code.

* Increase pause timer to prevent spurious failures.

* Add SigV4A integration test that uses S3's multi-region access point.

* feat: Add integration tests to CI (#1308)

* Finish SigV4A integration tests that use S3 MRAP.

* Add SigV4A signing flow integration test that uses CloudFrontKeyValueStore.

* Fix SQS interation test that wasn't working in main branch either; client initializer needed a region specified.

* Add auth scheme resolving step for convenience inits of client config in case they aren't provided.

* Fix ktlint.

* feat!: Provide HTTP request components by closure instead of protocol (#1317)

* Address PR comments from Josh.

* Update models to match ones in main branch.

* Add newly necessary services to integration test sdk.properties.

* Fix undefined variable.

* Add conditional import for URLRequest.

* Fix SigV4A EventBridge integration test.

* Add time buffer between MRAP deletion completion and deleting buckets. Integ test fails in CI saying bucket has MRAP associated, but MRAP is deleted when checked in console. Perhaps attempting to delete bucket as soon as MRAP deletion completes is causing this error.

* Fix data type.

* Fix method used to check MRAP deletion completion from checking against a literal integer 1, to checking against list ofMRAP names existing on account.

* Copy generated SDK code from feat/sra-identity-and-auth so it doesn't show up in github diff.

* Address Josh's PR comments.

* Fix typo on variable name.

* Fix swiftlint.

* Merge updated CRT version from main into feat/test-suite.

---------

Co-authored-by: Josh Elkins <jbelkins@users.noreply.github.com>
Co-authored-by: David Yaffe <dayaffe@amazon.com>
Co-authored-by: Sichan Yoo <chanyoo@amazon.com>
Co-authored-by: AWS SDK Swift Automation <github-aws-sdk-swift-automation@amazon.com>
Co-authored-by: Sven A. Schmidt <sas@finestructure.co>

AWSSDKSwiftCLI/Sources/AWSSDKSwiftCLI/Resources/Package.Base.swift

@@ -135,7 +135,11 @@ func addIntegrationTestTarget(_ name: String) {
             "Resources/ECSIntegTestApp/"
         ]
     case "AWSS3":
-        additionalDependencies = ["AWSSSOAdmin"]
+        additionalDependencies = ["AWSSSOAdmin", "AWSS3Control", "AWSSTS"]
+    case "AWSEventBridge":
+        additionalDependencies = ["AWSRoute53"]
+    case "AWSCloudFrontKeyValueStore":
+        additionalDependencies = ["AWSCloudFront"]
     default:
         break
     }

IntegrationTests/Services/AWSCloudFrontKeyValueStoreIntegrationTests/CloudFrontKeyValueStoreSigV4ATests.swift

@@ -0,0 +1,89 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+import XCTest
+import ClientRuntime
+import AWSClientRuntime
+import AWSCloudFront
+import AWSCloudFrontKeyValueStore
+
+/// Tests SigV4a signing flow using CloudFrontKeyValueStore.
+class CloudFrontKeyValueStoreSigV4ATests: XCTestCase {
+    // The CloudFront client to create / delete key value store (KVS)
+    private var client: CloudFrontClient!
+    // The sig4a-only KVS client to call CloudFrontKeyValueStore::listKeys
+    private var kvsClient: CloudFrontKeyValueStoreClient!
+    private var kvsConfig: CloudFrontKeyValueStoreClient.CloudFrontKeyValueStoreClientConfiguration!
+    // Region to use for clients
+    private let region = "us-east-1"
+
+    // Temporary name of the KVS to use for the test
+    private let kvsName = "sigv4a-test-kvs-" + UUID().uuidString.split(separator: "-").first!.lowercased()
+
+    // The Etag to use to call CloudFront::deletKeyValueStore
+    private var cfEtag: String!
+    // The Etag to use to call CloudFrontKeyValueStore::putKey
+    private var cfKvsEtag: String!
+
+    // The ARN of the KVS
+    private var kvsArn: String!
+    // String status of the KVS while it's being created
+    private let wipStatus = "PROVISIONING"
+
+    // Key-value pair to pass into CloudFrontKeyValueStore::putKey
+    private let key = "kvs-sigv4a-integration-test"
+    private let value = "{}"
+
+    private let NSEC_PER_SEC = 1_000_000_000
+
+    override func setUp() async throws {
+        // Initialize CloudFront client
+        client = try CloudFrontClient(region: region)
+        // Initiailize KVS client with only SigV4A enabled
+        kvsConfig = try await CloudFrontKeyValueStoreClient.CloudFrontKeyValueStoreClientConfiguration(region: region)
+        kvsConfig.authSchemes = [SigV4AAuthScheme()]
+        kvsClient = CloudFrontKeyValueStoreClient(config: kvsConfig)
+
+        // Create a key value store (KVS) and save its ARN
+        kvsArn = try await client.createKeyValueStore(input: CreateKeyValueStoreInput(name: kvsName)).keyValueStore?.arn
+
+        // Wait until KVS is provisioned & ready
+        var status: String? = wipStatus
+        repeat {
+            status = try await client.describeKeyValueStore(input: DescribeKeyValueStoreInput(name: kvsName)).keyValueStore?.status
+            let seconds = 20.0
+            try await Task.sleep(nanoseconds: UInt64(seconds * Double(NSEC_PER_SEC)))
+        } while status == wipStatus
+
+        // Fetch Etag of the KVS that was just created for both CF and CFKVS clients
+        cfEtag = try await client.describeKeyValueStore(input: DescribeKeyValueStoreInput(name: kvsName)).eTag
+        cfKvsEtag = try await kvsClient.describeKeyValueStore(input: DescribeKeyValueStoreInput(kvsARN: kvsArn)).eTag
+    }
+
+    override func tearDown() async throws {
+        // Delete the key value store
+        _ = try await client.deleteKeyValueStore(input: DeleteKeyValueStoreInput(
+            ifMatch: cfEtag,
+            name: kvsName
+        ))
+    }
+
+    func testKeyValueStoreSigV4A() async throws {
+        // Put a dummy key onto KVS
+        _ = try await kvsClient.putKey(input: PutKeyInput(
+            ifMatch: cfKvsEtag,
+            key: key,
+            kvsARN: kvsArn,
+            value: value
+        ))
+        // Confirm that the key was uploaded successfully using SigV4A signing flow
+        let keys = try await kvsClient.listKeys(input: ListKeysInput(kvsARN: kvsArn))
+        let items = try XCTUnwrap(keys.items)
+        XCTAssertEqual(items[0].key, key)
+        XCTAssertEqual(items[0].value, value)
+    }
+}

IntegrationTests/Services/AWSEventBridgeIntegrationTests/EventBridgeSigV4ATests.swift

@@ -0,0 +1,121 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+import XCTest
+import AWSEventBridge
+import ClientRuntime
+import AWSClientRuntime
+import AWSRoute53
+
+/// Tests SigV4a signing flow using EventBridge's global endpoint.
+class EventBridgeSigV4ATests: XCTestCase {
+    // The custom event bridge client with only sigv4a auth scheme configured (w/o SigV4)
+    private var sigv4aEventBridgeClient: EventBridgeClient!
+    // The primary event bridge client used to create an event bus in primary region
+    private var primaryRegionEventBridgeClient: EventBridgeClient!
+    // The secondary event bridge client used to create an event bus in secondary region
+    private var secondaryRegionEventBridgeClient: EventBridgeClient!
+    // The Route 53 client used to create a healthcheck, a parameter to EventBridge::createEndpoint
+    private var route53Client: Route53Client!
+
+    private var eventBridgeConfig: EventBridgeClient.EventBridgeClientConfiguration!
+    private let primaryRegion = "us-west-2"
+    private let secondaryRegion = "us-east-1"
+
+    // Name for the EventBridge global endpoint
+    private let endpointName = "sigv4a-test-global-endpoint"
+    private let eventBusName = "sigv4a-integ-test-eventbus"
+    private var endpointId: String!
+
+    private var healthCheckId: String!
+    private let route53HealthCheckArnPrefix = "arn:aws:route53:::healthcheck/"
+
+    private let NSEC_PER_SEC = 1_000_000_000
+
+    override func setUp() async throws {
+        // Create the clients
+        primaryRegionEventBridgeClient = try EventBridgeClient(region: primaryRegion)
+        secondaryRegionEventBridgeClient = try EventBridgeClient(region: secondaryRegion)
+
+        eventBridgeConfig = try await EventBridgeClient.EventBridgeClientConfiguration(region: primaryRegion)
+        eventBridgeConfig.authSchemes = [SigV4AAuthScheme()]
+        sigv4aEventBridgeClient = EventBridgeClient(config: eventBridgeConfig)
+
+        route53Client = try Route53Client(region: secondaryRegion)
+
+        // Create two event buses with identical names but in two different regions for the global endpoint
+        let eventBusArn1 = try await primaryRegionEventBridgeClient.createEventBus(input: CreateEventBusInput(name: eventBusName)).eventBusArn
+        let eventBusArn2 = try await secondaryRegionEventBridgeClient.createEventBus(input: CreateEventBusInput(name: eventBusName)).eventBusArn
+
+        // Create Route 53 Healthcheck
+        let healthCheckConfig = Route53ClientTypes.HealthCheckConfig(
+            fullyQualifiedDomainName: "www.amazon.com",
+            type: .https
+        )
+        let createHealthCheckInput = CreateHealthCheckInput(
+            callerReference: UUID().uuidString.split(separator: "-").first!.lowercased(),
+            healthCheckConfig: healthCheckConfig
+        )
+        let healthCheck = try await route53Client.createHealthCheck(input: createHealthCheckInput)
+        healthCheckId = (healthCheck.healthCheck?.id)!
+        let healthCheckArn = route53HealthCheckArnPrefix + healthCheckId
+
+        // Construct routingConfig object to use for global endpoint creation
+        let primary = EventBridgeClientTypes.Primary(healthCheck: healthCheckArn)
+        let secondary = EventBridgeClientTypes.Secondary(route: secondaryRegion)
+        let failoverConfig = EventBridgeClientTypes.FailoverConfig(primary: primary, secondary: secondary)
+        let routingConfig = EventBridgeClientTypes.RoutingConfig(failoverConfig: failoverConfig)
+
+        // Construct replicationConfig object to use for global endpoint creation
+        let replicationState = EventBridgeClientTypes.ReplicationState.disabled
+        let replicationConfig = EventBridgeClientTypes.ReplicationConfig(state: replicationState)
+
+        // Create the global endpoint with the two endpoint event buses and the routing config (healthcheck).
+        let endpointEventBus1 = EventBridgeClientTypes.EndpointEventBus(eventBusArn: eventBusArn1)
+        let endpointEventBus2 = EventBridgeClientTypes.EndpointEventBus(eventBusArn: eventBusArn2)
+        _ = try await primaryRegionEventBridgeClient.createEndpoint(input: CreateEndpointInput(
+            eventBuses: [endpointEventBus1, endpointEventBus2],
+            name: endpointName,
+            replicationConfig: replicationConfig,
+            routingConfig: routingConfig
+        ))
+
+        // Pause program execution briefly.
+        // This is needed bc it takes some time for newly created global endpoint to configure itself
+        let seconds = 20.0
+        try await Task.sleep(nanoseconds: UInt64(seconds * Double(NSEC_PER_SEC)))
+
+        endpointId = try await primaryRegionEventBridgeClient.describeEndpoint(input: DescribeEndpointInput(name: endpointName)).endpointId
+    }
+
+    override func tearDown() async throws {
+        // Delete the endpoint
+        _ = try await primaryRegionEventBridgeClient.deleteEndpoint(input: DeleteEndpointInput(name: endpointName))
+        // Delete the event buses
+        _ = try await primaryRegionEventBridgeClient.deleteEventBus(input: DeleteEventBusInput(name: eventBusName))
+        _ = try await secondaryRegionEventBridgeClient.deleteEventBus(input: DeleteEventBusInput(name: eventBusName))
+        // Delete the Route 53 Healthcheck
+        _ = try await route53Client.deleteHealthCheck(input: DeleteHealthCheckInput(healthCheckId: healthCheckId))
+    }
+
+    func testEventBridgeSigV4A() async throws {
+        // Call putEvents with EventBridge client that only has SigV4a auth scheme configured
+        let event = EventBridgeClientTypes.PutEventsRequestEntry(
+            detail: "{}",
+            detailType: "test",
+            eventBusName: eventBusName,
+            source: "test"
+        )
+        let response = try await sigv4aEventBridgeClient.putEvents(input: PutEventsInput(
+            endpointId: endpointId,
+            entries: [event]
+        ))
+        // Confirm that returned response has 0 failed entries
+        let count = response.failedEntryCount
+        XCTAssertEqual(count, 0)
+    }
+}

IntegrationTests/Services/AWSS3IntegrationTests/S3PresignedRequestTests.swift

@@ -0,0 +1,51 @@
+//
+// Copyright Amazon.com Inc. or its affiliates.
+// All Rights Reserved.
+//
+// SPDX-License-Identifier: Apache-2.0
+//
+
+import XCTest
+import AWSS3
+import ClientRuntime
+import AWSClientRuntime
+
+/// Tests presigned request using S3.
+class S3PresignedRequestTests: S3XCTestCase {
+    private var s3Config: S3Client.S3ClientConfiguration!
+    private let key = "test.txt"
+
+    override func setUp() async throws {
+        try await super.setUp()
+        s3Config = try await S3Client.S3ClientConfiguration(region: region)
+        s3Config.authSchemes = [SigV4AuthScheme()]
+    }
+
+    func testS3PresignedRequest() async throws {
+        let putObjectInput = PutObjectInput(
+            body: .noStream,
+            bucket: bucketName,
+            key: key,
+            metadata: ["filename": key]
+        )
+
+        let presignedRequest = try await putObjectInput.presign(
+            config: s3Config,
+            expiration: 60
+        )
+        guard let presignedRequest else {
+            XCTFail("Presigning PutObjectInput failed.")
+            // return added for compiler to not complain.
+            return
+        }
+
+        _ = try await s3Config.httpClientEngine.send(request: presignedRequest)
+
+        let getObjectInput = GetObjectInput(bucket: bucketName, key: key)
+        let fetchedObject = try await client.getObject(input: getObjectInput)
+
+        XCTAssertNotNil(fetchedObject.metadata)
+        let metadata = try XCTUnwrap(fetchedObject.metadata)
+        XCTAssertEqual(metadata["filename"], key)
+    }
+}