From 0699a05c52f8ecb618a84a7b97e79263fe125276 Mon Sep 17 00:00:00 2001 From: calvix Date: Thu, 29 Feb 2024 10:41:57 +0100 Subject: [PATCH 1/3] create-aws-client-with-region --- pkg/cloud/identity/identity.go | 6 ++++-- pkg/cloud/scope/session.go | 4 ++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/pkg/cloud/identity/identity.go b/pkg/cloud/identity/identity.go index c14a667e24..223931fbf3 100644 --- a/pkg/cloud/identity/identity.go +++ b/pkg/cloud/identity/identity.go @@ -79,11 +79,12 @@ func GetAssumeRoleCredentials(roleIdentityProvider *AWSRolePrincipalTypeProvider } // NewAWSRolePrincipalTypeProvider will create a new AWSRolePrincipalTypeProvider from an AWSClusterRoleIdentity. -func NewAWSRolePrincipalTypeProvider(identity *infrav1.AWSClusterRoleIdentity, sourceProvider *AWSPrincipalTypeProvider, log logger.Wrapper) *AWSRolePrincipalTypeProvider { +func NewAWSRolePrincipalTypeProvider(identity *infrav1.AWSClusterRoleIdentity, sourceProvider *AWSPrincipalTypeProvider, region string, log logger.Wrapper) *AWSRolePrincipalTypeProvider { return &AWSRolePrincipalTypeProvider{ credentials: nil, stsClient: nil, Principal: identity, + region: region, sourceProvider: sourceProvider, log: log.WithName("AWSRolePrincipalTypeProvider"), } @@ -129,6 +130,7 @@ func (p *AWSStaticPrincipalTypeProvider) IsExpired() bool { type AWSRolePrincipalTypeProvider struct { Principal *infrav1.AWSClusterRoleIdentity credentials *credentials.Credentials + region string sourceProvider *AWSPrincipalTypeProvider log logger.Wrapper stsClient stsiface.STSAPI @@ -153,7 +155,7 @@ func (p *AWSRolePrincipalTypeProvider) Name() string { // Retrieve returns the credential values for the AWSRolePrincipalTypeProvider. func (p *AWSRolePrincipalTypeProvider) Retrieve() (credentials.Value, error) { if p.credentials == nil || p.IsExpired() { - awsConfig := aws.NewConfig() + awsConfig := aws.NewConfig().WithRegion(p.region) if p.sourceProvider != nil { sourceCreds, err := (*p.sourceProvider).Retrieve() if err != nil { diff --git a/pkg/cloud/scope/session.go b/pkg/cloud/scope/session.go index acf3fa3ab8..ecc492e7b7 100644 --- a/pkg/cloud/scope/session.go +++ b/pkg/cloud/scope/session.go @@ -314,9 +314,9 @@ func buildProvidersForRef( } if sourceProvider != nil { - provider = identity.NewAWSRolePrincipalTypeProvider(roleIdentity, &sourceProvider, log) + provider = identity.NewAWSRolePrincipalTypeProvider(roleIdentity, &sourceProvider, clusterScoper.Region(), log) } else { - provider = identity.NewAWSRolePrincipalTypeProvider(roleIdentity, nil, log) + provider = identity.NewAWSRolePrincipalTypeProvider(roleIdentity, nil, clusterScoper.Region(), log) } providers = append(providers, provider) default: From d09c76623513e069abc1d054b59f6c3f8fa122c0 Mon Sep 17 00:00:00 2001 From: calvix Date: Thu, 29 Feb 2024 11:32:16 +0100 Subject: [PATCH 2/3] tests --- hack/tools/go.sum | 1 + pkg/cloud/identity/identity_test.go | 2 ++ 2 files changed, 3 insertions(+) diff --git a/hack/tools/go.sum b/hack/tools/go.sum index f7ff076910..e781c66fdf 100644 --- a/hack/tools/go.sum +++ b/hack/tools/go.sum @@ -140,6 +140,7 @@ github.com/ahmetb/gen-crd-api-reference-docs v0.3.0/go.mod h1:TdjdkYhlOifCQWPs1U github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7 h1:uSoVVbwJiQipAclBbw+8quDsfcvFjOpI5iCf4p/cqCs= github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7/go.mod h1:6zEj6s6u/ghQa61ZWa/C2Aw3RkjiTBOix7dkqa1VLIs= github.com/alecthomas/assert/v2 v2.3.0 h1:mAsH2wmvjsuvyBvAmCtm7zFsBlb8mIHx5ySLVdDZXL0= +github.com/alecthomas/participle/v2 v2.1.0/go.mod h1:Y1+hAs8DHPmc3YUFzqllV+eSQ9ljPTk0ZkPMtEdAx2c= github.com/alecthomas/participle/v2 v2.1.1 h1:hrjKESvSqGHzRb4yW1ciisFJ4p3MGYih6icjJvbsmV8= github.com/alecthomas/participle/v2 v2.1.1/go.mod h1:Y1+hAs8DHPmc3YUFzqllV+eSQ9ljPTk0ZkPMtEdAx2c= github.com/alecthomas/repr v0.3.0 h1:NeYzUPfjjlqHY4KtzgKJiWd6sVq2eNUPTi34PiFGjY8= diff --git a/pkg/cloud/identity/identity_test.go b/pkg/cloud/identity/identity_test.go index 841f99ed7b..b809e3e7cf 100644 --- a/pkg/cloud/identity/identity_test.go +++ b/pkg/cloud/identity/identity_test.go @@ -61,6 +61,7 @@ func TestAWSStaticPrincipalTypeProvider(t *testing.T) { var roleProvider AWSPrincipalTypeProvider = &AWSRolePrincipalTypeProvider{ credentials: nil, Principal: roleIdentity, + region: "us-west-2", sourceProvider: &staticProvider, stsClient: stsMock, } @@ -78,6 +79,7 @@ func TestAWSStaticPrincipalTypeProvider(t *testing.T) { var roleProvider2 AWSPrincipalTypeProvider = &AWSRolePrincipalTypeProvider{ credentials: nil, Principal: roleIdentity2, + region: "us-west-2", sourceProvider: &roleProvider, stsClient: stsMock, } From c4cf7955b8b5f1056bd4548a90d6781cc019551a Mon Sep 17 00:00:00 2001 From: calvix Date: Thu, 7 Mar 2024 08:27:39 +0100 Subject: [PATCH 3/3] remove-go-sum-enntry --- hack/tools/go.sum | 1 - 1 file changed, 1 deletion(-) diff --git a/hack/tools/go.sum b/hack/tools/go.sum index e781c66fdf..2ef54d0ac1 100644 --- a/hack/tools/go.sum +++ b/hack/tools/go.sum @@ -142,7 +142,6 @@ github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7/go.mod h1:6zEj6s6u/g github.com/alecthomas/assert/v2 v2.3.0 h1:mAsH2wmvjsuvyBvAmCtm7zFsBlb8mIHx5ySLVdDZXL0= github.com/alecthomas/participle/v2 v2.1.0/go.mod h1:Y1+hAs8DHPmc3YUFzqllV+eSQ9ljPTk0ZkPMtEdAx2c= github.com/alecthomas/participle/v2 v2.1.1 h1:hrjKESvSqGHzRb4yW1ciisFJ4p3MGYih6icjJvbsmV8= -github.com/alecthomas/participle/v2 v2.1.1/go.mod h1:Y1+hAs8DHPmc3YUFzqllV+eSQ9ljPTk0ZkPMtEdAx2c= github.com/alecthomas/repr v0.3.0 h1:NeYzUPfjjlqHY4KtzgKJiWd6sVq2eNUPTi34PiFGjY8= github.com/alecthomas/repr v0.3.0/go.mod h1:Fr0507jx4eOXV7AlPV6AVZLYrLIuIeSOWtW57eE/O/4= github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=