Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(NODE-6069): OIDC k8s machine workflow #4270

Merged
merged 12 commits into from
Nov 7, 2024
Merged

feat(NODE-6069): OIDC k8s machine workflow #4270

merged 12 commits into from
Nov 7, 2024

Conversation

durran
Copy link
Member

@durran durran commented Oct 8, 2024
edited
Loading

Description

Implements Kubernetes support for MONGODB-OIDC

What is changing?

  • Adds support for AKS, EKS, GKE
  • Adds evergreen task groups for both environments to run prose tests.
  • Creates the new K8s machine workflow.
Is there new documentation needed for these changes?

Yes in the manual.

What is the motivation for this change?

DRIVERS-2882

mongodb/specifications#1622

Release Highlight

MONGODB-OIDC Authentication now supports Kubernetes Environments.

For k8s environments running in Amazon's EKS (Elastic Kubernetes Service), Google's GKE (Google Kubernetes Engine), or Azure's AKS (Azure Kubernetes Service) simply provide an ENVIRONMENT auth mechanism property in the URI or MongoClient options of "k8s".

Example:

const client = new MongoClient('mongodb://host:port/?authMechanism=MONGODB-OIDC&authMechanismProperties=ENVIRONMENT:k8s');

Double check the following

  • Ran npm run check:lint script
  • Self-review completed using the steps outlined here
  • PR title follows the correct format: type(NODE-xxxx)[!]: description
    • Example: feat(NODE-1234)!: rewriting everything in coffeescript
  • Changes are covered by tests
  • New TODOs have a related JIRA ticket

@durran durran mentioned this pull request Oct 8, 2024
Merged
4 tasks
@durran durran marked this pull request as ready for review October 9, 2024 01:38
@aditi-khare-mongoDB aditi-khare-mongoDB self-assigned this Oct 25, 2024
@aditi-khare-mongoDB aditi-khare-mongoDB added the Primary Review In Review with primary reviewer, not yet ready for team's eyes label Oct 25, 2024
@aditi-khare-mongoDB aditi-khare-mongoDB removed their assignment Oct 28, 2024
@aditi-khare-mongoDB aditi-khare-mongoDB removed their request for review October 28, 2024 14:14
@aditi-khare-mongoDB aditi-khare-mongoDB removed the Primary Review In Review with primary reviewer, not yet ready for team's eyes label Oct 28, 2024
baileympearson
baileympearson requested changes Oct 30, 2024
View reviewed changes
Copy link
Contributor

@baileympearson baileympearson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nothing major, looks good!

Nice to see how easy it was to integrate a new workflow into your existing OIDC design 🙂

src/cmap/auth/mongo_credentials.ts Show resolved Hide resolved
src/cmap/auth/mongodb_oidc.ts Show resolved Hide resolved
test/integration/auth/mongodb_oidc_k8s.prose.07.test.ts Outdated Show resolved Hide resolved
.evergreen/run-oidc-prose-tests.sh Show resolved Hide resolved
@baileympearson baileympearson self-assigned this Oct 30, 2024
@baileympearson baileympearson added the Primary Review In Review with primary reviewer, not yet ready for team's eyes label Oct 30, 2024
@durran durran requested a review from baileympearson November 5, 2024 13:44
baileympearson
baileympearson requested changes Nov 5, 2024
View reviewed changes
Copy link
Contributor

@baileympearson baileympearson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One small suggestion, one question. Otherwise LGTM

test/integration/auth/mongodb_oidc_k8s.prose.07.test.ts Outdated Show resolved Hide resolved
.evergreen/run-oidc-tests-k8s.sh Show resolved Hide resolved
@durran durran requested a review from baileympearson November 6, 2024 13:12
@baileympearson baileympearson merged commit 82c931c into main Nov 7, 2024
26 of 29 checks passed
@baileympearson baileympearson deleted the NODE-6069 branch November 7, 2024 14:55
@github-actions github-actions bot mentioned this pull request Nov 7, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@baileympearson baileympearson baileympearson approved these changes

Assignees

@baileympearson baileympearson

Labels
Primary Review In Review with primary reviewer, not yet ready for team's eyes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@durran @baileympearson @aditi-khare-mongoDB