chore: clean up authorization/environment logic

[nickdnk]

Reason for This PR

As discussed on Discord, the current implementation of the authorization and configuration parameters is kind of inconsistent and relies on manual detection of EC2 environments. This leads to weird combinations of viable configuration parameters that behave differently depending on where the application runs.

Description of Changes

I've removed the detection of EC2 and made the checkEnv function behave the same whether or not it's running on AWS. It is the user's responsibility to provide valid configuration parameters.

It is now possible to provide access key and secret without a session token. Session tokens are temporary credentials that expire after at most 12 hours, so hardcoding them in a configuration file doesn't make any sense. We now only check for access key and secret and just override the session token if it's provided, and leave it blank if not.

This is a breaking change as the lack of the EC2 check means you have to provide the sqs root config, even if you're running on AWS. You can, however, still provide sqs with no keys. I'm sure there's a way around this by moving some code blocks around and checking for populated variables after having tried to load them from the AWS environment.

I never coded a day in my life in Go, so there might be some obvious mistakes here. I didn't test, compile or run this code at all, it's just a rough draft.

I don't know how to sign my commit. I see it listed as a requirement.

---

ref: roadrunner-server/docs#27

License Acceptance

By submitting this pull request, I confirm that my contribution is made under
the terms of the MIT license.

PR Checklist

[Author TODO: Meet these criteria.]
[Reviewer TODO: Verify that these criteria are met. Request changes if not]

• All commits in this PR are signed (git commit -s).
• The reason for this PR is clearly provided (issue no. or explanation).
• The description of changes is clear and encompassing.
• Any required documentation changes (code and docs) are included in this PR.
• Any user-facing changes are mentioned in CHANGELOG.md.
• All added/changed functionality is tested.

Summary by CodeRabbit

• New Features

  • Streamlined initialization logic for SQS configuration by removing default endpoint assignment.
  • Enhanced error handling and configuration setup for AWS SQS client.

• Bug Fixes

  • Fixed potential issues with environment detection by simplifying configuration handling.

• Tests

  • Removed unnecessary test case and refined configuration in existing tests to improve accuracy.

• Chores

  • Updated various dependency versions to ensure compatibility and security.

[codecov]

Welcome to Codecov 🎉

Once you merge this PR into your default branch, you're all set! Codecov will compare coverage reports and display results in all future pull requests.

Thanks for integrating Codecov - We've got you covered ☂️

[nickdnk]

Updated the default value of endpoint to be an empty string, as it would otherwise always override the base url, even inside AWS, since we no longer distinguish between environments.

[nickdnk]

@rustatian Can you try running the tests now? I set RR_SQS_TEST_ENDPOINT to an empty string in the github workflow. Just trying to figure out if that solves it.

[coderabbitai]

Walkthrough

The changes in this pull request involve updates to dependency versions in the go.mod files for both the main module and the tests module. The sqsjobs/config.go file has been modified to remove the default endpoint assignment in the InitDefault method, while sqsjobs/driver.go has undergone significant structural changes, including the removal of AWS environment checks and a simplification of configuration logic. Additionally, a test function was removed, and another was updated to reflect changes in configuration handling.

Changes

File	Change Summary
go.mod	Updated dependency version: github.com/aws/aws-sdk-go-v2/config v1.27.43 → v1.28.0.
sqsjobs/config.go	Removed default assignment for Endpoint in InitDefault method.
sqsjobs/driver.go	Removed http package and functions for AWS environment checks; updated checkEnv function signature and logic; modified createQueue to return existing queue URL directly.
tests/configs/.rr-no-global.yaml	Deleted file containing RPC server configuration settings.
tests/go.mod	Updated multiple dependency versions: github.com/Shopify/toxiproxy/v2 v2.10.0 → v2.11.0, github.com/aws/aws-sdk-go-v2/config v1.27.43 → v1.28.0, github.com/roadrunner-server/sqs/v5 v5.0.0 → v5.0.4, github.com/prometheus/client_golang v1.20.4 → v1.20.5, google.golang.org/genproto/googleapis/api and rpc updated to specific versions.
tests/jobs_sqs_test.go	Removed TestSQSNoGlobalSection function; updated TestSQSRawPayload to set BaseEndpoint directly in LoadDefaultConfig.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant SQSDriver
    participant AWSConfig

    User->>SQSDriver: Initialize SQS
    SQSDriver->>AWSConfig: Load AWS Configuration
    AWSConfig-->>SQSDriver: Return Configuration
    SQSDriver->>User: SQS Initialized

Loading

🐰 In the meadow, changes bloom,
A hop, a skip, dispelling gloom.
Dependencies dance, versions rise,
Configs refined, a sweet surprise.
With tests that gleam, and logic clear,
We celebrate progress, bring on the cheer! 🌼

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 2

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between e32b815 and ba071d2.

⛔ Files ignored due to path filters (2)

• go.sum is excluded by !**/*.sum
• tests/go.sum is excluded by !**/*.sum

📒 Files selected for processing (6)

• go.mod (1 hunks)
• sqsjobs/config.go (0 hunks)
• sqsjobs/driver.go (7 hunks)
• tests/configs/.rr-no-global.yaml (0 hunks)
• tests/go.mod (4 hunks)
• tests/jobs_sqs_test.go (1 hunks)

💤 Files with no reviewable changes (2)

• sqsjobs/config.go
• tests/configs/.rr-no-global.yaml

🧰 Additional context used

🔇 Additional comments (14)

go.mod (1)

9-9: Approve the AWS SDK config package update.

The update of github.com/aws/aws-sdk-go-v2/config from v1.27.43 to v1.28.0 is appropriate and likely supports the changes in authorization and environment logic mentioned in the PR objectives.

To ensure compatibility, please verify that this version update supports the removal of EC2 detection and changes in configuration handling. Run the following script to check for any breaking changes or new features in the changelog:

tests/go.mod (7)

26-26: LGTM: RoadRunner SQS update looks good.

The update of github.com/roadrunner-server/sqs/v5 from v5.0.0 to v5.0.4 is a patch version update, which typically includes bug fixes and minor improvements. This update is likely beneficial for the project.

To understand the changes included in this update, please check the changelog:

#!/bin/bash
echo "Fetching RoadRunner SQS v5.0.4 changelog..."
curl -s https://api.github.com/repos/roadrunner-server/sqs/releases/tags/v5.0.4 | jq -r '.body'

---

119-119: Verify stability of genproto/googleapis/api update.

The update of google.golang.org/genproto/googleapis/api to v0.0.0-20241015192408-796eee8c2d53 points to a specific commit. While this update is likely necessary for compatibility with other Google APIs, it's important to ensure it's stable for your use case.

To check the changes introduced in this commit, run:

#!/bin/bash
echo "Fetching changes for genproto/googleapis/api commit 796eee8c2d53..."
git ls-remote https://github.com/googleapis/go-genproto.git | grep 796eee8c2d53

---

71-71: LGTM: Prometheus client update is appropriate.

The update of github.com/prometheus/client_golang from v1.20.4 to v1.20.5 is a patch version update, which typically includes bug fixes. This update is likely to improve the stability of the project.

To understand the specific changes in this update, please check the changelog:

#!/bin/bash
echo "Fetching Prometheus Client Golang v1.20.5 changelog..."
curl -s https://api.github.com/repos/prometheus/client_golang/releases/tags/v1.20.5 | jq -r '.body'

---

Line range hint 1-126: Overall, the dependency updates look good and should improve the project.

The changes in this go.mod file are focused on updating dependencies to newer versions. Here's a summary of the updates:

1. Minor version updates: Toxiproxy and AWS SDK config
2. Patch version updates: RoadRunner SQS and Prometheus client
3. Specific commit updates: Google genproto packages

These updates are likely to bring bug fixes, performance improvements, and new features. The consistency in updating related packages is good for maintaining compatibility.

However, it's important to:

1. Review the changelogs for each updated package to understand the specific changes.
2. Run the test suite to ensure these updates don't introduce any regressions.
3. Pay special attention to the genproto packages, as they're updated to a specific commit rather than a released version.

To ensure all dependencies are properly synchronized and there are no conflicts, run:

#!/bin/bash
echo "Verifying and tidying go.mod..."
go mod verify
go mod tidy

---

120-120: Verify stability of genproto/googleapis/rpc update.

The update of google.golang.org/genproto/googleapis/rpc to v0.0.0-20241015192408-796eee8c2d53 points to the same commit as the previous genproto package. This consistency is good, but it's important to ensure it's stable for your use case.

To check the changes introduced in this commit, run:

#!/bin/bash
echo "Fetching changes for genproto/googleapis/rpc commit 796eee8c2d53..."
git ls-remote https://github.com/googleapis/go-genproto.git | grep 796eee8c2d53

---

10-10: LGTM: AWS SDK config update is consistent.

The update of github.com/aws/aws-sdk-go-v2/config from v1.27.43 to v1.28.0 aligns with the update made in the main module's go.mod file. This consistency is good for maintaining compatibility between the main code and tests.

To ensure there are no breaking changes, please check the changelog for this version:

#!/bin/bash
echo "Fetching AWS SDK Go v2 Config v1.28.0 changelog..."
curl -s https://api.github.com/repos/aws/aws-sdk-go-v2/releases/tags/config/v1.28.0 | jq -r '.body'

---

8-8: LGTM: Toxiproxy update looks good.

The update of github.com/Shopify/toxiproxy/v2 from v2.10.0 to v2.11.0 is a minor version bump, which typically includes new features and bug fixes. This update is likely beneficial for the project.

To ensure there are no breaking changes, please check the changelog for this version:

✅ Verification successful

LGTM: Toxiproxy update verified.

The update of github.com/Shopify/toxiproxy/v2 from v2.10.0 to v2.11.0 involves unpinning the minimum patch version. As per PR #595, this change was made because the library is only used for testing, and unpinning allows the Go toolchain to select the appropriate version, requiring at least version 1.22. This change should not adversely affect the project.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
echo "Fetching Toxiproxy v2.11.0 changelog..."
curl -s https://api.github.com/repos/Shopify/toxiproxy/releases/tags/v2.11.0 | jq -r '.body'

Length of output: 423

---

Script:

#!/bin/bash
# Fetching Toxiproxy v2.11.0 changelog
curl -s https://api.github.com/repos/Shopify/toxiproxy/releases/tags/v2.11.0 | jq -r '.body'

Length of output: 157

---

Script:

#!/bin/bash
# Fetching details of PR #595 from Toxiproxy repository
curl -s https://api.github.com/repos/Shopify/toxiproxy/pulls/595 | jq '.title, .body'

Length of output: 630

tests/jobs_sqs_test.go (1)

780-780: LGTM! This change improves configuration flexibility.

The modification to use sqsConf.WithBaseEndpoint for setting the SQS endpoint is a good improvement. It aligns with the PR objectives by making the configuration more explicit and flexible. This approach allows for easier testing and configuration management, especially when working with different environments or custom SQS endpoints.

sqsjobs/driver.go (5)

29-31: Verify the Export Status of Constants

The constants pluginName, tracerName, and assumeAWSEnv are declared in lowercase, making them unexported. If these constants are intended for use outside this package, consider capitalizing their names to export them.

---

135-135: Function Call Updated Appropriately

The call to checkEnv has been updated to match the new function signature without the insideAWS parameter. This change aligns with the updated function definition.

---

178-179: Clarify Log Message Regarding AWS Environment Assumption

This is a duplicate of a previous comment.

---

218-218: Function Call Updated Appropriately

The checkEnv function is called with the updated signature, which no longer includes the insideAWS parameter. The modification is correct.

---

448-486: ⚠️ Potential issue

Ensure Consistency with Configuration Requirements in checkEnv Function

The checkEnv function defaults to using AWS IAM roles when no credentials are provided:

if secret != "" && key != "" {
    opts = append(opts, config.WithCredentialsProvider(credentials.NewStaticCredentialsProvider(key, secret, sessionToken)))
}

According to the PR objectives, users are required to provide valid configuration parameters explicitly, even when operating on AWS. This default behavior may conflict with the intended changes.

Please verify if defaulting to AWS IAM roles is acceptable within the new configuration requirements. If explicit credentials are mandatory, consider adding validation to enforce this:

if secret == "" || key == "" {
    return nil, errors.E(op, errors.New("AWS access key and secret are required"))
}

[rustatian]

Thank you, @nickdnk 👍