argo-cd
argo-cd copied to clipboard
argoproj
chore: Upgrade aws-sdk-go from 1.44.317 to 1.49.4.
This update the aws-sdk-go so it will support dynamic auth token (EKS Pod Identities).
Checklist:
- [X] Either (a) I've created an enhancement proposal and discussed it with the community, (b) this is a bug fix, or (c) this does not need to be in the release notes.
- [X] The title of the PR states what changed and the related issues number (used for the release note).
- [X] The title of the PR conforms to the Toolchain Guide
- [x] I've included "Closes [ISSUE #]" or "Fixes [ISSUE #]" in the description to automatically close the associated issue.
- [x] I've updated both the CLI and UI to expose my feature, or I plan to submit a second PR with them.
- [x] Does this PR require documentation updates?
- [x] I've updated documentation as required by this PR.
- [X] I have signed off all my commits as required by DCO
- [x] I have written unit and/or e2e tests for my change. PRs without these are unlikely to be merged.
- [x] My build is green (troubleshooting builds).
- [x] My new feature complies with the feature status guidelines.
- [X] I have added a brief description of why this PR is necessary and/or what this PR solves.
- [ ] Optional. My organization is added to USERS.md.
- [ ] Optional. For bug fixes, I've indicated what older releases this fix should be cherry-picked into (this may or may not happen depending on risk/complexity).
Codecov Report
Attention: 104 lines in your changes are missing coverage. Please review.
Comparison is base (
23e0d52) 49.51% compared to head (28b55d0) 49.51%. Report is 61 commits behind head on master.
:exclamation: Current head 28b55d0 differs from pull request most recent head 5657887. Consider uploading reports for the commit 5657887 to get more accurate results
Additional details and impacted files
@@ Coverage Diff @@
## master #16641 +/- ##
==========================================
- Coverage 49.51% 49.51% -0.01%
==========================================
Files 270 271 +1
Lines 47505 47664 +159
==========================================
+ Hits 23524 23602 +78
- Misses 21669 21731 +62
- Partials 2312 2331 +19
:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.
![codecov[bot] avatar](https://avatars.githubusercontent.com/in/254?v=4 "Published by a pub.dev verified publisher"){kind=small}
Thank you for creating this! I wonder if any of the aws-sdk-go-v2 deps here also need to be updated to fully support EKS Pod Identities? Referencing https://docs.aws.amazon.com/eks/latest/userguide/pod-id-minimum-sdk.html and its link to https://github.com/aws/aws-sdk-go-v2/releases/tag/release-2023-11-14
Thank you for creating this! I wonder if any of the
aws-sdk-go-v2deps here also need to be updated to fully support EKS Pod Identities? Referencing https://docs.aws.amazon.com/eks/latest/userguide/pod-id-minimum-sdk.html and its link to https://github.com/aws/aws-sdk-go-v2/releases/tag/release-2023-11-14
You may be right, not that familiar with // indirect, I'm taking a look
I'm collaborating with @ROunofF and we made progress, I was able to authenticate to a remote EKS cluster using the new Pod Identity feature released Nov 2023 instead of using IRSA. There is no code changes required just bumping the version of the aws sdk.
EKS Pod Identity Affects 3 capabilities in ArgoCD:
- Hub&Spoke model awsAuthConfig (to remote clusters)
- https://argo-cd.readthedocs.io/en/stable/operator-manual/declarative-setup/#eks
- https://github.com/aws-ia/terraform-aws-eks-blueprints/tree/main/patterns/gitops/multi-cluster-hub-spoke-argocd
- Notification via SQS
- https://argo-cd.readthedocs.io/en/stable/user-guide/subscriptions/
- https://argocd-notifications.readthedocs.io/en/stable/subscriptions/
- https://github.com/argoproj/notifications-engine/blob/master/docs/services/awssqs.md
- SCM Provider Generator for codeCommit AWS (Application Set Controller)
- https://argo-cd.readthedocs.io/en/stable/operator-manual/applicationset/Generators-SCM-Provider/#aws-iam-permission-considerations
Thank you for creating this! I wonder if any of the
aws-sdk-go-v2deps here also need to be updated to fully support EKS Pod Identities? Referencing https://docs.aws.amazon.com/eks/latest/userguide/pod-id-minimum-sdk.html and its link to https://github.com/aws/aws-sdk-go-v2/releases/tag/release-2023-11-14
The aws-sdk-go-v2 are coming from the notifications-engine. I opened a PR for this : https://github.com/argoproj/notifications-engine/pull/259 (Draft while testing this)
Let us know if this is the right approach to have notifications-engine updated.
There is a new PR that supersedes this one https://github.com/argoproj/argo-cd/pull/17063
