pkg icon indicating copy to clipboard operation
pkg copied to clipboard

Published 20 hours ago verified publisher icon argoproj

feat: Add support for session tokens to S3 client

Open hittingray opened this issue 1 year ago • 4 comments

This PR adds support for the S3 client to use ephemeral IAM credentials (e.g. an access/secret key pair + session token obtain through an assume role operation) or to use the new S3 access grants feature.

This is a pre-requisite to https://github.com/argoproj/argo-workflows/issues/5446

The relevant PR in Argo Workflows is here: https://github.com/argoproj/argo-workflows/pull/12467

I found the contributing guidelines for Argo Workflows, but couldn't find anything for this specific repo, so please let me know if anything is missing. Thank you!

hittingray avatar Jan 04 '24 00:01 hittingray

I pretty much duplicated a test for the new ephemeral credentials which looks like it's failing the duplicated code quality gate. I've just pushed up a new commit which minimises the number of options checked in the test.

hittingray avatar Jan 04 '24 00:01 hittingray

Quality Gate Passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

sonarqubecloud[bot] avatar Jan 04 '24 00:01 sonarqubecloud[bot]

@alexmt @crenshaw-dev @sarabala1979 could one of you also please help review and merge this?

isubasinghe avatar Feb 11 '24 05:02 isubasinghe

code seems sensible, have you tested this end to end though ?

@isubasinghe Yep, it's been tested e2e. We are currently running the fork of Argo Workflows I have in https://github.com/argoproj/argo-workflows/pull/12467 and it works correctly.

hittingray avatar Feb 21 '24 04:02 hittingray

Any update on this? @isubasinghe 🙏

keymon avatar Jun 20 '24 21:06 keymon

This is blocked on the two CI checks which don't seem to have run. They don't seem to run for other changes too.

Joibel avatar Jun 21 '24 07:06 Joibel

Is there a maintainer who would be able to kick off the builds? I don't believe I have permission to

hittingray avatar Jun 25 '24 05:06 hittingray

Try rebase and push again, that sounds trigger it

On Tue, 25 Jun 2024, 06:46 Raymond, @.***> wrote:

Is there a maintainer who would be able to kick off the builds? I don't believe I have permission to

— Reply to this email directly, view it on GitHub https://github.com/argoproj/pkg/pull/596#issuecomment-2188027862, or unsubscribe https://github.com/notifications/unsubscribe-auth/AACELYCBKOGFJM474GK45YDZJD725AVCNFSM6AAAAABBMFWBGSVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDCOBYGAZDOOBWGI . You are receiving this because you commented.Message ID: @.***>

keymon avatar Jun 25 '24 06:06 keymon

Still the same. I had tried this before and it still requires workflow approval from a maintainer.

hittingray avatar Jun 25 '24 06:06 hittingray

The rules in this repo are not the same as in the main repositories, I've set it running for you

Joibel avatar Jun 25 '24 08:06 Joibel

Awesome, thanks @Joibel!

@keymon I'll get to the Workflows PR some time in the next couple days

hittingray avatar Jun 25 '24 09:06 hittingray