deps: Migrate from github.com/kubernetes-sigs/aws-iam-authenticator/pkg/token to internal implementation #11822
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…kg/token to internal implementation Reference: #11697 Reference: #8453 Reference: #7438 Reference: #4904 Including the Kubernetes ecosystem dependency rather than hard copying the implementation was originally for a few concerns as noted in #4904 (comment). Since its introduction, the upstream implementation has remained stable with respects to the GetWithSTS token generator implementation we use. However, changes to the surrounding upstream package code and its broad transitive dependencies have prevented a clear upgrade path since github.com/kubernetes-sigs/aws-iam-authenticator@v0.4.0 (now re-verified with v0.5.0), where Terraform AWS Provider builds cannot succeed on solaris/amd64: ```console $ gox -os='linux darwin windows freebsd openbsd solaris' -arch='386 amd64 arm' -osarch='!darwin/arm !darwin/386' -ldflags '-s -w -X aws/version.ProviderVersion=99.99.99 -X aws/version.ProtocolVersion=4' -output 'results/{{.OS}}_{{.Arch}}/terraform-provider-aws_v99.99.99_x4' . ... 1 errors occurred: --> solaris/amd64 error: exit status 2 Stderr: # github.com/gofrs/flock ../../../../go/pkg/mod/github.com/gofrs/flock@v0.7.0/flock_unix.go:28:22: undefined: syscall.LOCK_EX ../../../../go/pkg/mod/github.com/gofrs/flock@v0.7.0/flock_unix.go:39:22: undefined: syscall.LOCK_SH ../../../../go/pkg/mod/github.com/gofrs/flock@v0.7.0/flock_unix.go:56:12: undefined: syscall.Flock ../../../../go/pkg/mod/github.com/gofrs/flock@v0.7.0/flock_unix.go:66:12: undefined: syscall.Flock ../../../../go/pkg/mod/github.com/gofrs/flock@v0.7.0/flock_unix.go:96:12: undefined: syscall.Flock ../../../../go/pkg/mod/github.com/gofrs/flock@v0.7.0/flock_unix.go:96:42: undefined: syscall.LOCK_UN ../../../../go/pkg/mod/github.com/gofrs/flock@v0.7.0/flock_unix.go:118:21: undefined: syscall.LOCK_EX ../../../../go/pkg/mod/github.com/gofrs/flock@v0.7.0/flock_unix.go:130:21: undefined: syscall.LOCK_SH ../../../../go/pkg/mod/github.com/gofrs/flock@v0.7.0/flock_unix.go:149:9: undefined: syscall.Flock ../../../../go/pkg/mod/github.com/gofrs/flock@v0.7.0/flock_unix.go:149:44: undefined: syscall.LOCK_NB ../../../../go/pkg/mod/github.com/gofrs/flock@v0.7.0/flock_unix.go:149:44: too many errors ``` This issue is non-obvious to contributors and maintainers as we do not perform cross-compilation build testing in CI during pull requests since it is very time prohibitive. Rather than leave this single data source's dependency in an unstable state, instead we opt to hard copy the relevant upstream Go package and prune that package to only the code we use, removing many unnecessary dependencies. Updated via: ```console $ go mod tidy $ go mod vendor ``` Output from acceptance testing: ``` --- PASS: TestAccAWSEksClusterAuthDataSource_basic (15.00s) ```
ghost
added
size/XXL
bflad
removed
the
needs-triage
1 task
Previously: ``` aws/internal/service/eks/token/token.go:74:8: `conjuction` is a misspelling of `conjunction` (misspell) // in conjuction with CloudTrail to determine the identity of the individual ^ aws/internal/service/eks/token/token_test.go:144:20: S1019: should use make([]byte, maxTokenLenBytes + 1) instead (gosimple) b := make([]byte, maxTokenLenBytes+1, maxTokenLenBytes+1) ^ ```
|
This has been released in version 2.48.0 of the Terraform AWS provider. Please see the Terraform documentation on provider versioning or reach out if you need any assistance upgrading. For further feature requests or bug reports with this functionality, please create a new GitHub issue following the template for triage. Thanks! |
abhinavdahiya
added a commit
to abhinavdahiya/installer
that referenced
this pull request
Feb 19, 2020
brings in fix for aws_record timeout [1] and other fixes mentioned in CHANGELOG [2] updated using ``` go get github.com/terraform-providers/terraform-provider-aws@f0f304894df67616dfbd675bc9687a7db266ad41 ``` Using the tag failed with error ``` go get github.com/terraform-providers/terraform-provider-aws@v2.49.0 go: finding github.com/terraform-providers/terraform-provider-aws v2.49.0 go: finding github.com/terraform-providers/terraform-provider-aws v2.49.0 go get github.com/terraform-providers/terraform-provider-aws@v2.49.0: github.com/terraform-providers/terraform-provider-aws@v2.49.0: invalid version: module contains a go.mod file, so major version must be compatible: should be v0 or v1, not v2 ``` Also removes the indirect dependecy on `aws-iam-authenticator` because of [3] [1]: hashicorp/terraform-provider-aws#11895 [2]: https://github.com/terraform-providers/terraform-provider-aws/blob/v2.49.0/CHANGELOG.md#2490-february-14-2020 [3]: hashicorp/terraform-provider-aws#11822
|
I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you feel this issue should be reopened, we encourage creating a new issue linking back to this one for added context. Thanks! |
ghost
locked and limited conversation to collaborators
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Community Note
Reference: #11697
Reference: #8453
Reference: #7438
Reference: #4904
Release note for CHANGELOG:
Including the Kubernetes ecosystem dependency rather than hard copying the implementation was originally for a few concerns as noted in #4904 (comment). Since its introduction, the upstream implementation has remained stable with respects to the GetWithSTS token generator implementation we use.
However, changes to the surrounding upstream package code and its broad transitive dependencies have prevented a clear upgrade path since github.com/kubernetes-sigs/aws-iam-authenticator@v0.4.0 (now re-verified with v0.5.0), where Terraform AWS Provider builds cannot succeed on solaris/amd64:
This issue is non-obvious to contributors and maintainers as we do not perform cross-compilation build testing in CI during pull requests since it is very time prohibitive.
Rather than leave this single data source's dependency in an unstable state, instead we opt to hard copy the relevant upstream Go package and prune that package to only the code we use, removing many unnecessary dependencies.
Updated via:
Output from acceptance testing: