-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix AWS session token support #5155
Conversation
Thank you for your contribution! 🙏 We will review your PR as soon as possible. While you are waiting, make sure to:
Learn more about: |
I intend to add tests later this week, which should prevent a similar regression from recurring. |
AWS session token authentication was inadvertently broken in a refactor of AWS auth handling. Signed-off-by: Jacob Henner <code@ventricle.us>
b1749a0
to
4577dd5
Compare
I had considered adding tests along the lines of: package scalers
import (
"context"
"testing"
"github.com/stretchr/testify/assert"
)
const (
testAWSCommonRoleArn = "none"
testAWSCommonAccessKeyID = "none"
testAWSCommonSecretAccessKey = "none"
testAWSCommonSessionToken = "none"
)
func TestCredentialPropagation(t *testing.T) {
ctx := context.Background()
awsRegion := "eu-west-1"
awsAuthorization := awsAuthorizationMetadata{
awsAccessKeyID: testAWSCommonAccessKeyID,
awsSecretAccessKey: testAWSCommonSecretAccessKey,
awsSessionToken: testAWSCommonSessionToken,
}
awsConfig, err := getAwsConfig(ctx, awsRegion, awsAuthorization)
if err != nil {
t.Errorf("unexpected error in getAwsConfig: %v", err)
}
creds, err := awsConfig.Credentials.Retrieve(ctx)
if err != nil {
t.Errorf("unexpected error while retrieving credentials: %v", err)
}
assert.Equal(t, testAWSCommonAccessKeyID, creds.AccessKeyID)
assert.Equal(t, testAWSCommonSecretAccessKey, creds.SecretAccessKey)
assert.Equal(t, testAWSCommonSessionToken, creds.SessionToken)
} But |
/run-e2e aws |
Thanks for the fix @JacobHenner |
Signed-off-by: anton.lysina <alysina@gmail.com>
AWS session token authentication was inadvertently broken in a refactor of AWS auth handling. Restoring support for session tokens. This fixes a regression that broke the feature introduced in #2573.
Checklist
Fixes #5156