mbiryukova/certificates
1
0
Fork 0
forked from TrueCloudLab/certificates
Code Pull requests Activity

Merge pull request #683 from smallstep/imds-versions

Browse source 
Initialize required IMDSVersions for GetIdentityToken
This commit is contained in:
Mariano Cano 2021-08-26 18:10:41 -07:00 committed by GitHub
commit af41ef1ab8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 12 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
authority/provisioner/aws.go
View file

@ -515,6 +515,11 @@ func (p *AWS) readURL(url string) ([]byte, error) {
var resp *http.Response
var err error
// Initialize IMDS versions when this is called from the cli.
if len(p.IMDSVersions) == 0 {
p.IMDSVersions = []string{"v2", "v1"}
}
for _, v := range p.IMDSVersions {
switch v {
case "v1":

7
authority/provisioner/aws_test.go
View file

@ -141,6 +141,12 @@ func TestAWS_GetIdentityToken(t *testing.T) {
p7.config.signatureURL = p1.config.signatureURL
p7.config.tokenURL = p1.config.tokenURL
p8, err := generateAWS()
assert.FatalError(t, err)
p8.IMDSVersions = nil
p8.Accounts = p1.Accounts
p8.config = p1.config
caURL := "https://ca.smallstep.com"
u, err := url.Parse(caURL)
assert.FatalError(t, err)
@ -156,6 +162,7 @@ func TestAWS_GetIdentityToken(t *testing.T) {
wantErr bool
}{
{"ok", p1, args{"foo.local", caURL}, false},
{"ok no imds", p8, args{"foo.local", caURL}, false},
{"fail ca url", p1, args{"foo.local", "://ca.smallstep.com"}, true},
{"fail identityURL", p2, args{"foo.local", caURL}, true},
{"fail signatureURL", p3, args{"foo.local", caURL}, true},