Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-77908

Implement Tests for OIDC Machine Flows in Google Cloud

    • Type: Icon: Task Task
    • Resolution: Fixed
    • Priority: Icon: Major - P3 Major - P3
    • 8.0.0-rc0
    • Affects Version/s: None
    • Component/s: None
    • None
    • Server Security
    • Fully Compatible
    • v7.0
    • Security 2023-12-11, Security 2023-12-25, Security 2024-01-08, Security 2024-01-22, Security 2024-02-05, Security 2024-02-19

      This ticket will create simple integration test for an GCP machine flow, where the OIDC access and refresh token are obtained via some kind of local machine metadata URI

      To achieve this, we will need to do some orchestration of GCP VMs from our evergreen instances running in AWS. A starting point for what this kind of thing looks like is the AWS IAM external auth jstests (https://github.com/10gen/mongo-enterprise-modules/tree/master/jstests/external_auth_aws): these use the AWS python API to construct a temporary container instance in AWS Fargate, deploy test code to this, run the tests on the remote container instance while getting access to a local machine-specific token, and then clean up this newly-created infrastructure.

      We will want to essentially port this approach to GCP.

            Assignee:
            varun.ravichandran@mongodb.com Varun Ravichandran
            Reporter:
            adam.rayner@mongodb.com Adam Rayner
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

              Created:
              Updated:
              Resolved: