Updates integ tests to use environment varible for auth and resources

sbiscigl · sbiscigl · commit f1311ec31a2f · 2022-03-24T12:49:39.000-04:00
diff --git a/aws-cpp-sdk-lambda-integration-tests/FunctionTest.cpp b/aws-cpp-sdk-lambda-integration-tests/FunctionTest.cpp
@@ -44,6 +44,7 @@
 #include <aws/cognito-identity/CognitoIdentityClient.h>
 #include <aws/testing/TestingEnvironment.h>
 #include <aws/core/utils/UUID.h>
+#include <aws/core/platform/Environment.h>
 
 using namespace Aws::Auth;
 using namespace Aws::Http;
@@ -63,6 +64,7 @@ static const char BASE_SIMPLE_FUNCTION[] = "TestSimple";
 static const char BASE_UNHANDLED_ERROR_FUNCTION[] = "TestUnhandledError";
 static const char SIMPLE_FUNCTION_CODE[] = RESOURCES_DIR "/succeed.zip";
 static const char UNHANDLED_ERROR_FUNCTION_CODE[] = RESOURCES_DIR "/unhandled.zip";
+static const char TEST_LAMBDA_CODE_PATH[] = "TEST_LAMBDA_CODE_PATH";
 static const char ALLOCATION_TAG[] = "FunctionTest";
 static const char BASE_IAM_ROLE_NAME[] = "AWSNativeSDKLambdaIntegrationTestRole";
 
@@ -96,7 +98,8 @@ class FunctionTest : public ::testing::Test {
     void SetUp()
     {
         m_UUID = Aws::Utils::UUID::RandomUUID();
-        CreateFunction(BuildResourceName(BASE_SIMPLE_FUNCTION), SIMPLE_FUNCTION_CODE);
+        CreateFunction(BuildResourceName(BASE_SIMPLE_FUNCTION),
+                       getLambdaCodePathFromEnvIfExists(SIMPLE_FUNCTION_CODE, "/succeed.zip"));
     }
 
     void TearDown()
@@ -255,6 +258,16 @@ class FunctionTest : public ::testing::Test {
 
         WaitForFunctionStatus(functionName, Aws::Lambda::Model::State::Active);
     }
+
+    static Aws::String getLambdaCodePathFromEnvIfExists(const Aws::String& cmakePath, const Aws::String& filePath) {
+        Aws::String functionCodePath(Aws::Environment::GetEnv(TEST_LAMBDA_CODE_PATH));
+        if(functionCodePath.empty()) {
+            functionCodePath = cmakePath;
+        } else {
+            functionCodePath.append(filePath);
+        }
+        return functionCodePath;
+    }
 };
 
 std::shared_ptr<LambdaClient> FunctionTest::m_client(nullptr);
@@ -406,7 +419,8 @@ TEST_F(FunctionTest, TestInvokeSync)
 
 TEST_F(FunctionTest, TestInvokeSyncUnhandledFunctionError)
 {
-    CreateFunction(BuildResourceName(BASE_UNHANDLED_ERROR_FUNCTION), UNHANDLED_ERROR_FUNCTION_CODE);
+    CreateFunction(BuildResourceName(BASE_UNHANDLED_ERROR_FUNCTION),
+                   getLambdaCodePathFromEnvIfExists(UNHANDLED_ERROR_FUNCTION_CODE, "/unhandled.zip"));
 
     InvokeRequest invokeRequest;
     invokeRequest.SetFunctionName(BuildResourceName(BASE_UNHANDLED_ERROR_FUNCTION));
diff --git a/aws-cpp-sdk-s3control-integration-tests/CMakeLists.txt b/aws-cpp-sdk-s3control-integration-tests/CMakeLists.txt
@@ -5,6 +5,7 @@ add_project(aws-cpp-sdk-s3control-integration-tests
     aws-cpp-sdk-access-management
     aws-cpp-sdk-iam
     aws-cpp-sdk-cognito-identity
+    aws-cpp-sdk-sts
     testing-resources
     aws-cpp-sdk-core)
 
diff --git a/aws-cpp-sdk-s3control-integration-tests/S3ControlTest.cpp b/aws-cpp-sdk-s3control-integration-tests/S3ControlTest.cpp
@@ -40,6 +40,8 @@
 #include <aws/access-management/AccessManagementClient.h>
 #include <aws/iam/IAMClient.h>
 #include <aws/cognito-identity/CognitoIdentityClient.h>
+#include <aws/sts/STSClient.h>
+#include <aws/sts/model/AssumeRoleRequest.h>
 
 using namespace Aws;
 using namespace Aws::Http;
@@ -80,7 +82,7 @@ namespace
             config.connectTimeoutMs = 30000;
             config.requestTimeoutMs = 30000;
             m_client = S3ControlClient(config);
-            m_s3Client = S3::S3Client(config);
+            m_s3Client = createS3Client(config);
             m_httpClient = Aws::Http::CreateHttpClient(config);
 
             // IAM client has to use us-east-1 in its signer.
@@ -119,6 +121,24 @@ namespace
             return resourceUUID;
         }
 
+        static S3::S3Client createS3Client(const ClientConfiguration &configuration) {
+            Aws::String testRoleArn(Aws::Environment::GetEnv("TEST_ASSUME_ROLE_ARN"));
+            if (!testRoleArn.empty()) {
+                STS::STSClient stsClient(configuration);
+                STS::Model::AssumeRoleRequest assumeRoleRequest;
+                assumeRoleRequest.SetRoleArn(testRoleArn);
+                assumeRoleRequest.SetRoleSessionName("s3-control-cpp-integ-test");
+                STS::Model::AssumeRoleOutcome outcome = stsClient.AssumeRole(assumeRoleRequest);
+                STS::Model::Credentials creds = outcome.GetResult().GetCredentials();
+                Auth::AWSCredentials awsCredentials(creds.GetAccessKeyId(),
+                                                    creds.GetSecretAccessKey(),
+                                                    creds.GetSessionToken(),
+                                                    creds.GetExpiration());
+                return {awsCredentials, configuration};
+            }
+            return {configuration};
+        }
+
         static bool WaitForBucketToPropagate(const Aws::String& bucketName, const S3::S3Client& client)
         {
             unsigned timeoutCount = 0;
@@ -217,7 +237,7 @@ namespace
 
                 Aws::Client::ClientConfiguration config;
                 config.region = region;
-                Aws::S3::S3Client s3Client(config);
+                Aws::S3::S3Client s3Client = createS3Client(config);
 
                 S3::Model::CreateBucketRequest createBucketRequest;
                 S3::Model::CreateBucketConfiguration bucketConfiguration;
@@ -288,7 +308,7 @@ namespace
             {
                 Aws::Client::ClientConfiguration config;
                 config.region = region;
-                Aws::S3::S3Client s3Client(config);
+                Aws::S3::S3Client s3Client = createS3Client(config);
 
                 Aws::String regionalBucket = bucketName + "-" + region;
                 S3::Model::DeleteBucketRequest deleteBucketRequest;
@@ -691,7 +711,7 @@ namespace
 
         Aws::Client::ClientConfiguration config;
         config.region = Aws::Region::US_WEST_2;
-        Aws::S3::S3Client s3Client(config);
+        Aws::S3::S3Client s3Client = createS3Client(config);
 
         Aws::Vector<Aws::String> objectKeys;
         objectKeys.push_back(TEST_OBJECT_KEY);
