Update vendored deps, including AWS SDK, openpgp, ftp, ...

2026-05-30 04:20:53 +00:00 · 2018-04-05 17:46:45 +03:00
parent cef4fefc40
commit 0e6ee35942
1497 changed files with 450721 additions and 68034 deletions
@@ -11,8 +11,6 @@ import (
 	"strings"
 	"testing"

-	"github.com/stretchr/testify/assert"
-
 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/aws/aws-sdk-go/aws/ec2metadata"
@@ -71,8 +69,12 @@ func TestEndpoint(t *testing.T) {
 	}

 	req := c.NewRequest(op, nil, nil)
-	assert.Equal(t, "http://169.254.169.254/latest", req.ClientInfo.Endpoint)
-	assert.Equal(t, "http://169.254.169.254/latest/meta-data/testpath", req.HTTPRequest.URL.String())
+	if e, a := "http://169.254.169.254/latest", req.ClientInfo.Endpoint; e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
+	if e, a := "http://169.254.169.254/latest/meta-data/testpath", req.HTTPRequest.URL.String(); e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
 }

 func TestGetMetadata(t *testing.T) {
@@ -85,8 +87,12 @@ func TestGetMetadata(t *testing.T) {

 	resp, err := c.GetMetadata("some/path")

-	assert.NoError(t, err)
-	assert.Equal(t, "success", resp)
+	if err != nil {
+		t.Errorf("expect no error, got %v", err)
+	}
+	if e, a := "success", resp; e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
 }

 func TestGetUserData(t *testing.T) {
@@ -99,8 +105,12 @@ func TestGetUserData(t *testing.T) {

 	resp, err := c.GetUserData()

-	assert.NoError(t, err)
-	assert.Equal(t, "success", resp)
+	if err != nil {
+		t.Errorf("expect no error, got %v", err)
+	}
+	if e, a := "success", resp; e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
 }

 func TestGetUserData_Error(t *testing.T) {
@@ -126,12 +136,17 @@ func TestGetUserData_Error(t *testing.T) {
 	c := ec2metadata.New(unit.Session, &aws.Config{Endpoint: aws.String(server.URL + "/latest")})

 	resp, err := c.GetUserData()
-	assert.Error(t, err)
-	assert.Empty(t, resp)
+	if err == nil {
+		t.Errorf("expect error")
+	}
+	if len(resp) != 0 {
+		t.Errorf("expect empty, got %v", resp)
+	}

-	aerr, ok := err.(awserr.Error)
-	assert.True(t, ok)
-	assert.Equal(t, "NotFoundError", aerr.Code())
+	aerr := err.(awserr.Error)
+	if e, a := "NotFoundError", aerr.Code(); e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
 }

 func TestGetRegion(t *testing.T) {
@@ -144,8 +159,12 @@ func TestGetRegion(t *testing.T) {

 	region, err := c.Region()

-	assert.NoError(t, err)
-	assert.Equal(t, "us-west-2", region)
+	if err != nil {
+		t.Errorf("expect no error, got %v", err)
+	}
+	if e, a := "us-west-2", region; e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
 }

 func TestMetadataAvailable(t *testing.T) {
@@ -156,9 +175,9 @@ func TestMetadataAvailable(t *testing.T) {
 	defer server.Close()
 	c := ec2metadata.New(unit.Session, &aws.Config{Endpoint: aws.String(server.URL + "/latest")})

-	available := c.Available()
-
-	assert.True(t, available)
+	if !c.Available() {
+		t.Errorf("expect available")
+	}
 }

 func TestMetadataIAMInfo_success(t *testing.T) {
@@ -170,10 +189,18 @@ func TestMetadataIAMInfo_success(t *testing.T) {
 	c := ec2metadata.New(unit.Session, &aws.Config{Endpoint: aws.String(server.URL + "/latest")})

 	iamInfo, err := c.IAMInfo()
-	assert.NoError(t, err)
-	assert.Equal(t, "Success", iamInfo.Code)
-	assert.Equal(t, "arn:aws:iam::123456789012:instance-profile/my-instance-profile", iamInfo.InstanceProfileArn)
-	assert.Equal(t, "AIPAABCDEFGHIJKLMN123", iamInfo.InstanceProfileID)
+	if err != nil {
+		t.Errorf("expect no error, got %v", err)
+	}
+	if e, a := "Success", iamInfo.Code; e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
+	if e, a := "arn:aws:iam::123456789012:instance-profile/my-instance-profile", iamInfo.InstanceProfileArn; e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
+	if e, a := "AIPAABCDEFGHIJKLMN123", iamInfo.InstanceProfileID; e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
 }

 func TestMetadataIAMInfo_failure(t *testing.T) {
@@ -185,10 +212,18 @@ func TestMetadataIAMInfo_failure(t *testing.T) {
 	c := ec2metadata.New(unit.Session, &aws.Config{Endpoint: aws.String(server.URL + "/latest")})

 	iamInfo, err := c.IAMInfo()
-	assert.NotNil(t, err)
-	assert.Equal(t, "", iamInfo.Code)
-	assert.Equal(t, "", iamInfo.InstanceProfileArn)
-	assert.Equal(t, "", iamInfo.InstanceProfileID)
+	if err == nil {
+		t.Errorf("expect error")
+	}
+	if e, a := "", iamInfo.Code; e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
+	if e, a := "", iamInfo.InstanceProfileArn; e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
+	if e, a := "", iamInfo.InstanceProfileID; e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
 }

 func TestMetadataNotAvailable(t *testing.T) {
@@ -204,9 +239,9 @@ func TestMetadataNotAvailable(t *testing.T) {
 		r.Retryable = aws.Bool(true) // network errors are retryable
 	})

-	available := c.Available()
-
-	assert.False(t, available)
+	if c.Available() {
+		t.Errorf("expect not available")
+	}
 }

 func TestMetadataErrorResponse(t *testing.T) {
@@ -222,8 +257,12 @@ func TestMetadataErrorResponse(t *testing.T) {
 	})

 	data, err := c.GetMetadata("uri/path")
-	assert.Empty(t, data)
-	assert.Contains(t, err.Error(), "error message text")
+	if len(data) != 0 {
+		t.Errorf("expect empty, got %v", data)
+	}
+	if e, a := "error message text", err.Error(); !strings.Contains(a, e) {
+		t.Errorf("expect %v to be in %v", e, a)
+	}
 }

 func TestEC2RoleProviderInstanceIdentity(t *testing.T) {
@@ -235,8 +274,16 @@ func TestEC2RoleProviderInstanceIdentity(t *testing.T) {
 	c := ec2metadata.New(unit.Session, &aws.Config{Endpoint: aws.String(server.URL + "/latest")})

 	doc, err := c.GetInstanceIdentityDocument()
-	assert.Nil(t, err, "Expect no error, %v", err)
-	assert.Equal(t, doc.AccountID, "123456789012")
-	assert.Equal(t, doc.AvailabilityZone, "us-east-1d")
-	assert.Equal(t, doc.Region, "us-east-1")
+	if err != nil {
+		t.Errorf("expect no error, got %v", err)
+	}
+	if e, a := doc.AccountID, "123456789012"; e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
+	if e, a := doc.AvailabilityZone, "us-east-1d"; e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
+	if e, a := doc.Region, "us-east-1"; e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
 }
@@ -1,5 +1,10 @@
 // Package ec2metadata provides the client for making API calls to the
 // EC2 Metadata service.
+//
+// This package's client can be disabled completely by setting the environment
+// variable "AWS_EC2_METADATA_DISABLED=true". This environment variable set to
+// true instructs the SDK to disable the EC2 Metadata client. The client cannot
+// be used while the environemnt variable is set to true, (case insensitive).
 package ec2metadata

 import (
@@ -7,17 +12,21 @@ import (
 	"errors"
 	"io"
 	"net/http"
+	"os"
+	"strings"
 	"time"

 	"github.com/aws/aws-sdk-go/aws"
 	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/aws/aws-sdk-go/aws/client"
 	"github.com/aws/aws-sdk-go/aws/client/metadata"
+	"github.com/aws/aws-sdk-go/aws/corehandlers"
 	"github.com/aws/aws-sdk-go/aws/request"
 )

 // ServiceName is the name of the service.
 const ServiceName = "ec2metadata"
+const disableServiceEnvVar = "AWS_EC2_METADATA_DISABLED"

 // A EC2Metadata is an EC2 Metadata service Client.
 type EC2Metadata struct {
@@ -75,6 +84,21 @@ func NewClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegio
 	svc.Handlers.Validate.Clear()
 	svc.Handlers.Validate.PushBack(validateEndpointHandler)

+	// Disable the EC2 Metadata service if the environment variable is set.
+	// This shortcirctes the service's functionality to always fail to send
+	// requests.
+	if strings.ToLower(os.Getenv(disableServiceEnvVar)) == "true" {
+		svc.Handlers.Send.SwapNamed(request.NamedHandler{
+			Name: corehandlers.SendHandler.Name,
+			Fn: func(r *request.Request) {
+				r.Error = awserr.New(
+					request.CanceledErrorCode,
+					"EC2 IMDS access disabled via "+disableServiceEnvVar+" env var",
+					nil)
+			},
+		})
+	}
+
 	// Add additional options to the service config
 	for _, option := range opts {
 		option(svc.Client)
@@ -3,21 +3,30 @@ package ec2metadata_test
 import (
 	"net/http"
 	"net/http/httptest"
+	"os"
+	"strings"
 	"sync"
 	"testing"
 	"time"

 	"github.com/aws/aws-sdk-go/aws"
+	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/aws/aws-sdk-go/aws/ec2metadata"
+	"github.com/aws/aws-sdk-go/aws/request"
+	"github.com/aws/aws-sdk-go/awstesting"
 	"github.com/aws/aws-sdk-go/awstesting/unit"
-	"github.com/stretchr/testify/assert"
 )

 func TestClientOverrideDefaultHTTPClientTimeout(t *testing.T) {
 	svc := ec2metadata.New(unit.Session)

-	assert.NotEqual(t, http.DefaultClient, svc.Config.HTTPClient)
-	assert.Equal(t, 5*time.Second, svc.Config.HTTPClient.Timeout)
+	if e, a := http.DefaultClient, svc.Config.HTTPClient; e == a {
+		t.Errorf("expect %v, not to equal %v", e, a)
+	}
+
+	if e, a := 5*time.Second, svc.Config.HTTPClient.Timeout; e != a {
+		t.Errorf("expect %v to be %v", e, a)
+	}
 }

 func TestClientNotOverrideDefaultHTTPClientTimeout(t *testing.T) {
@@ -28,18 +37,25 @@ func TestClientNotOverrideDefaultHTTPClientTimeout(t *testing.T) {

 	svc := ec2metadata.New(unit.Session)

-	assert.Equal(t, http.DefaultClient, svc.Config.HTTPClient)
+	if e, a := http.DefaultClient, svc.Config.HTTPClient; e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}

-	tr, ok := svc.Config.HTTPClient.Transport.(*http.Transport)
-	assert.True(t, ok)
-	assert.NotNil(t, tr)
-	assert.Nil(t, tr.Dial)
+	tr := svc.Config.HTTPClient.Transport.(*http.Transport)
+	if tr == nil {
+		t.Fatalf("expect transport not to be nil")
+	}
+	if tr.Dial != nil {
+		t.Errorf("expect dial to be nil, was not")
+	}
 }

 func TestClientDisableOverrideDefaultHTTPClientTimeout(t *testing.T) {
 	svc := ec2metadata.New(unit.Session, aws.NewConfig().WithEC2MetadataDisableTimeoutOverride(true))

-	assert.Equal(t, http.DefaultClient, svc.Config.HTTPClient)
+	if e, a := http.DefaultClient, svc.Config.HTTPClient; e != a {
+		t.Errorf("expect %v, got %v", e, a)
+	}
 }

 func TestClientOverrideDefaultHTTPClientTimeoutRace(t *testing.T) {
@@ -63,6 +79,30 @@ func TestClientOverrideDefaultHTTPClientTimeoutRaceWithTransport(t *testing.T) {
 	runEC2MetadataClients(t, cfg, 100)
 }

+func TestClientDisableIMDS(t *testing.T) {
+	env := awstesting.StashEnv()
+	defer awstesting.PopEnv(env)
+
+	os.Setenv("AWS_EC2_METADATA_DISABLED", "true")
+
+	svc := ec2metadata.New(unit.Session)
+	resp, err := svc.Region()
+	if err == nil {
+		t.Fatalf("expect error, got none")
+	}
+	if len(resp) != 0 {
+		t.Errorf("expect no response, got %v", resp)
+	}
+
+	aerr := err.(awserr.Error)
+	if e, a := request.CanceledErrorCode, aerr.Code(); e != a {
+		t.Errorf("expect %v error code, got %v", e, a)
+	}
+	if e, a := "AWS_EC2_METADATA_DISABLED", aerr.Message(); !strings.Contains(a, e) {
+		t.Errorf("expect %v in error message, got %v", e, a)
+	}
+}
+
 func runEC2MetadataClients(t *testing.T, cfg *aws.Config, atOnce int) {
 	var wg sync.WaitGroup
 	wg.Add(atOnce)
@@ -70,7 +110,9 @@ func runEC2MetadataClients(t *testing.T, cfg *aws.Config, atOnce int) {
 		go func() {
 			svc := ec2metadata.New(unit.Session, cfg)
 			_, err := svc.Region()
-			assert.NoError(t, err)
+			if err != nil {
+				t.Fatalf("expect no error, got %v", err)
+			}
 			wg.Done()
 		}()
 	}