From c928c8dcb6d3f648b24a481af936c085b67ade66 Mon Sep 17 00:00:00 2001 From: Bohdan Kuzema Date: Fri, 20 Sep 2019 15:19:18 +0300 Subject: [PATCH 1/4] [issue-190] Creation of regional clients modifies default botocore session's region --- src/aws_encryption_sdk/key_providers/kms.py | 4 ++-- test/integration/integration_test_utils.py | 18 ++++++++++++++++++ .../test_i_aws_encrytion_sdk_client.py | 15 ++++++++++++++- 3 files changed, 34 insertions(+), 3 deletions(-) diff --git a/src/aws_encryption_sdk/key_providers/kms.py b/src/aws_encryption_sdk/key_providers/kms.py index df089e3b1..c0a2dc46e 100644 --- a/src/aws_encryption_sdk/key_providers/kms.py +++ b/src/aws_encryption_sdk/key_providers/kms.py @@ -161,8 +161,8 @@ def add_regional_client(self, region_name): :param str region_name: AWS Region ID (ex: us-east-1) """ if region_name not in self._regional_clients: - session = boto3.session.Session(region_name=region_name, botocore_session=self.config.botocore_session) - client = session.client("kms", config=self._user_agent_adding_config) + session = boto3.session.Session(botocore_session=self.config.botocore_session) + client = session.client("kms", region_name=region_name, config=self._user_agent_adding_config) self._register_client(client, region_name) self._regional_clients[region_name] = client diff --git a/test/integration/integration_test_utils.py b/test/integration/integration_test_utils.py index a5b4d6001..ec6bd8393 100644 --- a/test/integration/integration_test_utils.py +++ b/test/integration/integration_test_utils.py @@ -11,12 +11,14 @@ # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. """Utility functions to handle configuration and credentials setup for integration tests.""" +import botocore.session import os from aws_encryption_sdk.key_providers.kms import KMSMasterKeyProvider AWS_KMS_KEY_ID = "AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID" _KMS_MKP = None +_KMS_MKP_BOTO = None def get_cmk_arn(): @@ -47,3 +49,19 @@ def setup_kms_master_key_provider(cache=True): _KMS_MKP = kms_master_key_provider return kms_master_key_provider + + +def setup_kms_master_key_provider_with_botocore_session(cache=True): + """Reads the test_values config file and builds the requested KMS Master Key Provider with botocore_session.""" + global _KMS_MKP_BOTO # pylint: disable=global-statement + if cache and _KMS_MKP_BOTO is not None: + return _KMS_MKP_BOTO + + cmk_arn = get_cmk_arn() + kms_master_key_provider = KMSMasterKeyProvider(botocore_session=botocore.session.Session()) + kms_master_key_provider.add_master_key(cmk_arn) + + if cache: + _KMS_MKP_BOTO = kms_master_key_provider + + return kms_master_key_provider diff --git a/test/integration/test_i_aws_encrytion_sdk_client.py b/test/integration/test_i_aws_encrytion_sdk_client.py index 56b0536fd..26df431dc 100644 --- a/test/integration/test_i_aws_encrytion_sdk_client.py +++ b/test/integration/test_i_aws_encrytion_sdk_client.py @@ -21,7 +21,11 @@ from aws_encryption_sdk.identifiers import USER_AGENT_SUFFIX, Algorithm from aws_encryption_sdk.key_providers.kms import KMSMasterKey, KMSMasterKeyProvider -from .integration_test_utils import get_cmk_arn, setup_kms_master_key_provider +from .integration_test_utils import ( + get_cmk_arn, + setup_kms_master_key_provider, + setup_kms_master_key_provider_with_botocore_session, +) pytestmark = [pytest.mark.integ] @@ -68,6 +72,15 @@ def test_remove_bad_client(): assert not test._regional_clients +def test_regional_client_does_not_modify_botocore_session(caplog): + mkp = setup_kms_master_key_provider_with_botocore_session() + fake_region = "us-fakey-12" + + assert mkp.config.botocore_session.get_config_variable("region") != fake_region + mkp.add_regional_client(fake_region) + assert mkp.config.botocore_session.get_config_variable("region") != fake_region + + class TestKMSThickClientIntegration(object): @pytest.fixture(autouse=True) def apply_fixtures(self): From 119b49d7bb8986c47ca570720914e15d7c073f9a Mon Sep 17 00:00:00 2001 From: Bohdan Kuzema Date: Fri, 20 Sep 2019 16:28:45 +0300 Subject: [PATCH 2/4] [issue-190] Creation of regional clients modifies default botocore session's region --- test/unit/test_providers_kms_master_key_provider.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/test/unit/test_providers_kms_master_key_provider.py b/test/unit/test_providers_kms_master_key_provider.py index 9a122e622..1b0b29696 100644 --- a/test/unit/test_providers_kms_master_key_provider.py +++ b/test/unit/test_providers_kms_master_key_provider.py @@ -108,8 +108,8 @@ def test_add_regional_client_new(self): test = KMSMasterKeyProvider() test._regional_clients = {} test.add_regional_client("ex_region_name") - self.mock_boto3_session.assert_called_with(region_name="ex_region_name", botocore_session=ANY) - self.mock_boto3_session_instance.client.assert_called_with("kms", config=test._user_agent_adding_config) + self.mock_boto3_session.assert_called_with(botocore_session=ANY) + self.mock_boto3_session_instance.client.assert_called_with("kms", region_name="ex_region_name", config=test._user_agent_adding_config) assert test._regional_clients["ex_region_name"] is self.mock_boto3_client_instance def test_add_regional_client_exists(self): From 8c19af349b374da3d1ec4f08e7c282e92b046ab9 Mon Sep 17 00:00:00 2001 From: Bohdan Kuzema Date: Fri, 20 Sep 2019 16:36:55 +0300 Subject: [PATCH 3/4] [issue-190] Creation of regional clients modifies default botocore session's region, formatting --- test/unit/test_providers_kms_master_key_provider.py | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/test/unit/test_providers_kms_master_key_provider.py b/test/unit/test_providers_kms_master_key_provider.py index 1b0b29696..b99a8bb94 100644 --- a/test/unit/test_providers_kms_master_key_provider.py +++ b/test/unit/test_providers_kms_master_key_provider.py @@ -109,7 +109,11 @@ def test_add_regional_client_new(self): test._regional_clients = {} test.add_regional_client("ex_region_name") self.mock_boto3_session.assert_called_with(botocore_session=ANY) - self.mock_boto3_session_instance.client.assert_called_with("kms", region_name="ex_region_name", config=test._user_agent_adding_config) + self.mock_boto3_session_instance.client.assert_called_with( + "kms", + region_name="ex_region_name", + config=test._user_agent_adding_config, + ) assert test._regional_clients["ex_region_name"] is self.mock_boto3_client_instance def test_add_regional_client_exists(self): From fca1e5688b0716ec2397266971df9fc8c26b6bf1 Mon Sep 17 00:00:00 2001 From: polamayster Date: Fri, 20 Sep 2019 18:49:24 +0300 Subject: [PATCH 4/4] [issue-190] Creation of regional clients modifies default botocore session's region, formatting --- test/integration/integration_test_utils.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/test/integration/integration_test_utils.py b/test/integration/integration_test_utils.py index ec6bd8393..b65d93570 100644 --- a/test/integration/integration_test_utils.py +++ b/test/integration/integration_test_utils.py @@ -11,9 +11,10 @@ # ANY KIND, either express or implied. See the License for the specific # language governing permissions and limitations under the License. """Utility functions to handle configuration and credentials setup for integration tests.""" -import botocore.session import os +import botocore.session + from aws_encryption_sdk.key_providers.kms import KMSMasterKeyProvider AWS_KMS_KEY_ID = "AWS_ENCRYPTION_SDK_PYTHON_INTEGRATION_TEST_AWS_KMS_KEY_ID"