func TestEC2RoleProviderExpiryWindowIsExpired(t *testing.T) { server := initTestServer("2014-12-16T01:51:37Z", false) defer server.Close() p := &ec2rolecreds.EC2RoleProvider{ Client: ec2metadata.New(session.New(), &aws.Config{Endpoint: aws.String(server.URL + "/latest")}), ExpiryWindow: time.Hour * 1, } p.CurrentTime = func() time.Time { return time.Date(2014, 12, 15, 0, 51, 37, 0, time.UTC) } assert.True(t, p.IsExpired(), "Expect creds to be expired before retrieve.") _, err := p.Retrieve() assert.Nil(t, err, "Expect no error, %v", err) assert.False(t, p.IsExpired(), "Expect creds to not be expired after retrieve.") p.CurrentTime = func() time.Time { return time.Date(2014, 12, 16, 0, 55, 37, 0, time.UTC) } assert.True(t, p.IsExpired(), "Expect creds to be expired.") }
// NewCredentials returns a pointer to a new Credentials object wrapping // the EC2RoleProvider. Takes a ConfigProvider to create a EC2Metadata client. // The ConfigProvider is satisfied by the session.Session type. func NewCredentials(c client.ConfigProvider, options ...func(*EC2RoleProvider)) *credentials.Credentials { p := &EC2RoleProvider{ Client: ec2metadata.New(c), } for _, option := range options { option(p) } return credentials.NewCredentials(p) }
func TestMetadataAvailable(t *testing.T) { server := initTestServer( "/latest/meta-data/instance-id", "instance-id", ) defer server.Close() c := ec2metadata.New(session.New(), &aws.Config{Endpoint: aws.String(server.URL + "/latest")}) available := c.Available() assert.True(t, available) }
func TestEndpoint(t *testing.T) { c := ec2metadata.New(session.New()) op := &request.Operation{ Name: "GetMetadata", HTTPMethod: "GET", HTTPPath: path.Join("/", "meta-data", "testpath"), } req := c.NewRequest(op, nil, nil) assert.Equal(t, "http://169.254.169.254/latest", req.ClientInfo.Endpoint) assert.Equal(t, "http://169.254.169.254/latest/meta-data/testpath", req.HTTPRequest.URL.String()) }
func runEC2MetadataClients(t *testing.T, cfg *aws.Config, atOnce int) { var wg sync.WaitGroup wg.Add(atOnce) for i := 0; i < atOnce; i++ { go func() { svc := ec2metadata.New(session.New(), cfg) _, err := svc.Region() assert.NoError(t, err) wg.Done() }() } wg.Wait() }
func TestGetRegion(t *testing.T) { server := initTestServer( "/latest/meta-data/placement/availability-zone", "us-west-2a", // real response includes suffix ) defer server.Close() c := ec2metadata.New(session.New(), &aws.Config{Endpoint: aws.String(server.URL + "/latest")}) region, err := c.Region() assert.NoError(t, err) assert.Equal(t, "us-west-2", region) }
func TestGetMetadata(t *testing.T) { server := initTestServer( "/latest/meta-data/some/path", "success", // real response includes suffix ) defer server.Close() c := ec2metadata.New(session.New(), &aws.Config{Endpoint: aws.String(server.URL + "/latest")}) resp, err := c.GetMetadata("some/path") assert.NoError(t, err) assert.Equal(t, "success", resp) }
func TestEC2RoleProvider(t *testing.T) { server := initTestServer("2014-12-16T01:51:37Z", false) defer server.Close() p := &ec2rolecreds.EC2RoleProvider{ Client: ec2metadata.New(session.New(), &aws.Config{Endpoint: aws.String(server.URL + "/latest")}), } creds, err := p.Retrieve() assert.Nil(t, err, "Expect no error, %v", err) assert.Equal(t, "accessKey", creds.AccessKeyID, "Expect access key ID to match") assert.Equal(t, "secret", creds.SecretAccessKey, "Expect secret access key to match") assert.Equal(t, "token", creds.SessionToken, "Expect session token to match") }
func TestClientNotOverrideDefaultHTTPClientTimeout(t *testing.T) { origClient := *http.DefaultClient http.DefaultClient.Transport = &http.Transport{} defer func() { http.DefaultClient = &origClient }() svc := ec2metadata.New(session.New()) assert.Equal(t, http.DefaultClient, svc.Config.HTTPClient) tr, ok := svc.Config.HTTPClient.Transport.(*http.Transport) assert.True(t, ok) assert.NotNil(t, tr) assert.Nil(t, tr.Dial) }
func TestMetadataNotAvailable(t *testing.T) { c := ec2metadata.New(session.New()) c.Handlers.Send.Clear() c.Handlers.Send.PushBack(func(r *request.Request) { r.HTTPResponse = &http.Response{ StatusCode: int(0), Status: http.StatusText(int(0)), Body: ioutil.NopCloser(bytes.NewReader([]byte{})), } r.Error = awserr.New("RequestError", "send request failed", nil) r.Retryable = aws.Bool(true) // network errors are retryable }) available := c.Available() assert.False(t, available) }
func BenchmarkEC3RoleProvider(b *testing.B) { server := initTestServer("2014-12-16T01:51:37Z", false) defer server.Close() p := &ec2rolecreds.EC2RoleProvider{ Client: ec2metadata.New(session.New(), &aws.Config{Endpoint: aws.String(server.URL + "/latest")}), } _, err := p.Retrieve() if err != nil { b.Fatal(err) } b.ResetTimer() for i := 0; i < b.N; i++ { if _, err := p.Retrieve(); err != nil { b.Fatal(err) } } }
func TestEC2RoleProviderFailAssume(t *testing.T) { server := initTestServer("2014-12-16T01:51:37Z", true) defer server.Close() p := &ec2rolecreds.EC2RoleProvider{ Client: ec2metadata.New(session.New(), &aws.Config{Endpoint: aws.String(server.URL + "/latest")}), } creds, err := p.Retrieve() assert.Error(t, err, "Expect error") e := err.(awserr.Error) assert.Equal(t, "ErrorCode", e.Code()) assert.Equal(t, "ErrorMsg", e.Message()) assert.Nil(t, e.OrigErr()) assert.Equal(t, "", creds.AccessKeyID, "Expect access key ID to match") assert.Equal(t, "", creds.SecretAccessKey, "Expect secret access key to match") assert.Equal(t, "", creds.SessionToken, "Expect session token to match") }
func TestClientDisableOverrideDefaultHTTPClientTimeout(t *testing.T) { svc := ec2metadata.New(session.New(aws.NewConfig().WithEC2MetadataDisableTimeoutOverride(true))) assert.Equal(t, http.DefaultClient, svc.Config.HTTPClient) }
func TestClientOverrideDefaultHTTPClientTimeout(t *testing.T) { svc := ec2metadata.New(session.New()) assert.NotEqual(t, http.DefaultClient, svc.Config.HTTPClient) assert.Equal(t, 5*time.Second, svc.Config.HTTPClient.Timeout) }