11#! /usr/bin/env bats
22
3- load ' /usr/local/lib/bats/ load.bash'
3+ load " ${BATS_PLUGIN_PATH} / load.bash"
44
55# Uncomment to enable stub debug output:
66# export DOCKER_STUB_DEBUG=/dev/tty
@@ -871,10 +871,36 @@ EOF
871871 export AWS_CONTAINER_CREDENTIALS_RELATIVE_URI=" /get-credentials?a=1"
872872 export AWS_CONTAINER_AUTHORIZATION_TOKEN=" Basic abcd"
873873 export AWS_STS_REGIONAL_ENDPOINTS=" true"
874- export AWS_WEB_IDENITY_TOKEN_FILE=" /tmp/fake-token"
875874
876875 stub docker \
877- " run -t -i --rm --init --volume $PWD :/workdir --workdir /workdir --env AWS_ACCESS_KEY_ID --env AWS_SECRET_ACCESS_KEY --env AWS_SESSION_TOKEN --env AWS_REGION --env AWS_DEFAULT_REGION --env AWS_CONTAINER_CREDENTIALS_FULL_URI --env AWS_CONTAINER_CREDENTIALS_RELATIVE_URI --env AWS_CONTAINER_AUTHORIZATION_TOKEN --env AWS_STS_REGIONAL_ENDPOINTS --env AWS_WEB_IDENITY_TOKEN_FILE --env AWS_ROLE_ARN --volume " " --label com.buildkite.job-id=1-2-3-4 image:tag /bin/sh -e -c 'echo hello world' : echo ran command in docker"
876+ " run -t -i --rm --init --volume $PWD :/workdir --workdir /workdir --env AWS_ACCESS_KEY_ID --env AWS_SECRET_ACCESS_KEY --env AWS_SESSION_TOKEN --env AWS_REGION --env AWS_DEFAULT_REGION --env AWS_ROLE_ARN --env AWS_STS_REGIONAL_ENDPOINTS --env AWS_CONTAINER_CREDENTIALS_FULL_URI --env AWS_CONTAINER_CREDENTIALS_RELATIVE_URI --env AWS_CONTAINER_AUTHORIZATION_TOKEN --label com.buildkite.job-id=1-2-3-4 image:tag /bin/sh -e -c 'echo hello world' : echo ran command in docker"
877+
878+ run " $PWD "
879+
880+ assert_success
881+ assert_output --partial " ran command in docker"
882+
883+ unstub docker
884+ }
885+
886+ @test " Runs BUILDKITE_COMMAND with propagate aws auth tokens and token file"
887+ export BUILDKITE_COMMAND=" echo hello world"
888+ export BUILDKITE_PLUGIN_DOCKER_PROPAGATE_AWS_AUTH_TOKENS=true
889+
890+ export AWS_ACCESS_KEY_ID=" AKIAIOSFODNN7EXAMPLE"
891+ export AWS_SECRET_ACCESS_KEY=" wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
892+ export AWS_SESSION_TOKEN=" AQoEXAMPLEH4aoAH0gNCAPy...truncated...zrkuWJOgQs8IZZaIv2BXIa2R4Olgk"
893+ export AWS_REGION=" ap-southeast-2"
894+ export AWS_DEFAULT_REGION=" ap-southeast-2"
895+ export AWS_ROLE_ARN=" arn:aws:iam::0000000000:role/example-role"
896+ export AWS_CONTAINER_CREDENTIALS_FULL_URI=" http://localhost:8080/get-credentials"
897+ export AWS_CONTAINER_CREDENTIALS_RELATIVE_URI=" /get-credentials?a=1"
898+ export AWS_CONTAINER_AUTHORIZATION_TOKEN=" Basic abcd"
899+ export AWS_STS_REGIONAL_ENDPOINTS=" true"
900+ export AWS_WEB_IDENTITY_TOKEN_FILE=" /tmp/fake-token"
901+
902+ stub docker \
903+ " run -t -i --rm --init --volume $PWD :/workdir --workdir /workdir --env AWS_ACCESS_KEY_ID --env AWS_SECRET_ACCESS_KEY --env AWS_SESSION_TOKEN --env AWS_REGION --env AWS_DEFAULT_REGION --env AWS_ROLE_ARN --env AWS_STS_REGIONAL_ENDPOINTS --env AWS_CONTAINER_CREDENTIALS_FULL_URI --env AWS_CONTAINER_CREDENTIALS_RELATIVE_URI --env AWS_CONTAINER_AUTHORIZATION_TOKEN --env AWS_WEB_IDENTITY_TOKEN_FILE --volume \" /tmp/fake-token:/tmp/fake-token\" --label com.buildkite.job-id=1-2-3-4 image:tag /bin/sh -e -c 'echo hello world' : echo ran command in docker"
878904
879905 run " $PWD "
880906
@@ -1247,6 +1273,7 @@ EOF
12471273}
12481274
12491275@test " Do not expand image vars by default"
1276+ # shellcheck disable=2016 # this is what we are actually testing
12501277 export BUILDKITE_PLUGIN_DOCKER_IMAGE=' 123456789012.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/image:tag'
12511278 export AWS_DEFAULT_REGION=" us-east-1"
12521279 export BUILDKITE_COMMAND=" pwd"
@@ -1264,6 +1291,7 @@ EOF
12641291
12651292@test " Expand image vars"
12661293 export BUILDKITE_PLUGIN_DOCKER_EXPAND_IMAGE_VARS=true
1294+ # shellcheck disable=2016 # this is what we are actually testing
12671295 export BUILDKITE_PLUGIN_DOCKER_IMAGE=' 123456789012.dkr.ecr.${AWS_DEFAULT_REGION}.amazonaws.com/image:tag'
12681296 export AWS_DEFAULT_REGION=" us-east-1"
12691297 export BUILDKITE_COMMAND=" pwd"
0 commit comments