migrate to aws-sdk-go-v2

final migrate to aws-sdk-go-v2 generated mocks with the right commands use LoadDefaultConfig for configs easycla commit
kubernetes-sigs · Oct 3, 2024 · 67d4421 · 67d4421
1 parent fe845cc
commit 67d4421
Show file tree

Hide file tree

Showing 1,070 changed files with 528,898 additions and 12,210 deletions.
diff --git a/go.mod b/go.mod
@@ -1,7 +1,12 @@
 module github.com/kubernetes-sigs/aws-efs-csi-driver
 
 require (
- github.com/aws/aws-sdk-go v1.50.3
+ github.com/aws/aws-sdk-go-v2 v1.31.0
+ github.com/aws/aws-sdk-go-v2/config v1.27.35
+ github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13
+ github.com/aws/aws-sdk-go-v2/service/ec2 v1.178.0
+ github.com/aws/aws-sdk-go-v2/service/efs v1.31.8
+ github.com/aws/smithy-go v1.21.0
  github.com/container-storage-interface/spec v1.7.0
  github.com/golang/mock v1.6.0
  github.com/google/uuid v1.3.1
@@ -21,6 +26,16 @@ require (
 )
 
 require (
+ github.com/aws/aws-sdk-go v1.50.3 // indirect
+ github.com/aws/aws-sdk-go-v2/credentials v1.17.33 // indirect
+ github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.18 // indirect
+ github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.18 // indirect
+ github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 // indirect
+ github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.5 // indirect
+ github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.20 // indirect
+ github.com/aws/aws-sdk-go-v2/service/sso v1.22.8 // indirect
+ github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.8 // indirect
+ github.com/aws/aws-sdk-go-v2/service/sts v1.30.8 // indirect
  github.com/beorn7/perks v1.0.1 // indirect
  github.com/blang/semver/v4 v4.0.0 // indirect
  github.com/cenkalti/backoff/v4 v4.2.1 // indirect

diff --git a/go.sum b/go.sum
@@ -43,6 +43,36 @@ github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPd
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5/go.mod h1:wHh0iHkYZB8zMSxRWpUBQtwG5a7fFgvEO+odwuTv2gs=
 github.com/aws/aws-sdk-go v1.50.3 h1:NnXC/ukOakZbBwQcwAzkAXYEB4SbWboP9TFx9vvhIrE=
 github.com/aws/aws-sdk-go v1.50.3/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk=
+github.com/aws/aws-sdk-go-v2 v1.31.0 h1:3V05LbxTSItI5kUqNwhJrrrY1BAXxXt0sN0l72QmG5U=
+github.com/aws/aws-sdk-go-v2 v1.31.0/go.mod h1:ztolYtaEUtdpf9Wftr31CJfLVjOnD/CVRkKOOYgF8hA=
+github.com/aws/aws-sdk-go-v2/config v1.27.35 h1:jeFgiWYNV0vrgdZqB4kZBjYNdy0IKkwrAjr2fwpHIig=
+github.com/aws/aws-sdk-go-v2/config v1.27.35/go.mod h1:qnpEvTq8ZfjrCqmJGRfWZuF+lGZ/vG8LK2K0L/TY1gQ=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.33 h1:lBHAQQznENv0gLHAZ73ONiTSkCtr8q3pSqWrpbBBZz0=
+github.com/aws/aws-sdk-go-v2/credentials v1.17.33/go.mod h1:MBuqCUOT3ChfLuxNDGyra67eskx7ge9e3YKYBce7wpI=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13 h1:pfQ2sqNpMVK6xz2RbqLEL0GH87JOwSxPV2rzm8Zsb74=
+github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.13/go.mod h1:NG7RXPUlqfsCLLFfi0+IpKN4sCB9D9fw/qTaSB+xRoU=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.18 h1:kYQ3H1u0ANr9KEKlGs/jTLrBFPo8P8NaH/w7A01NeeM=
+github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.18/go.mod h1:r506HmK5JDUh9+Mw4CfGJGSSoqIiLCndAuqXuhbv67Y=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.18 h1:Z7IdFUONvTcvS7YuhtVxN99v2cCoHRXOS4mTr0B/pUc=
+github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.18/go.mod h1:DkKMmksZVVyat+Y+r1dEOgJEfUeA7UngIHWeKsi0yNc=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1 h1:VaRN3TlFdd6KxX1x3ILT5ynH6HvKgqdiXoTxAF4HQcQ=
+github.com/aws/aws-sdk-go-v2/internal/ini v1.8.1/go.mod h1:FbtygfRFze9usAadmnGJNc8KsP346kEe+y2/oyhGAGc=
+github.com/aws/aws-sdk-go-v2/service/ec2 v1.178.0 h1:yCVmlqH1bWVmdS/oFyyM+hbe2c+tKGPo6r0BHhTpn1U=
+github.com/aws/aws-sdk-go-v2/service/ec2 v1.178.0/go.mod h1:W6sNzs5T4VpZn1Vy+FMKw8s24vt5k6zPJXcNOK0asBo=
+github.com/aws/aws-sdk-go-v2/service/efs v1.31.8 h1:jAfe2YLd59Sr1QdHF42xHdEwaCWTrOe6EU4+BzA8xdo=
+github.com/aws/aws-sdk-go-v2/service/efs v1.31.8/go.mod h1:XGcTOlJ2nuj3KemxjGAGc/fpl2Cb8Z0DE+cTnKHmBGU=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.5 h1:QFASJGfT8wMXtuP3D5CRmMjARHv9ZmzFUMJznHDOY3w=
+github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.11.5/go.mod h1:QdZ3OmoIjSX+8D1OPAzPxDfjXASbBMDsz9qvtyIhtik=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.20 h1:Xbwbmk44URTiHNx6PNo0ujDE6ERlsCKJD3u1zfnzAPg=
+github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.11.20/go.mod h1:oAfOFzUB14ltPZj1rWwRc3d/6OgD76R8KlvU3EqM9Fg=
+github.com/aws/aws-sdk-go-v2/service/sso v1.22.8 h1:JRwuL+S1Qe1owZQoxblV7ORgRf2o0SrtzDVIbaVCdQ0=
+github.com/aws/aws-sdk-go-v2/service/sso v1.22.8/go.mod h1:eEygMHnTKH/3kNp9Jr1n3PdejuSNcgwLe1dWgQtO0VQ=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.8 h1:+HpGETD9463PFSj7lX5+eq7aLDs85QUIA+NBkeAsscA=
+github.com/aws/aws-sdk-go-v2/service/ssooidc v1.26.8/go.mod h1:bCbAxKDqNvkHxRaIMnyVPXPo+OaPRwvmgzMxbz1VKSA=
+github.com/aws/aws-sdk-go-v2/service/sts v1.30.8 h1:bAi+4p5EKnni+jrfcAhb7iHFQ24bthOAV9t0taf3DCE=
+github.com/aws/aws-sdk-go-v2/service/sts v1.30.8/go.mod h1:NXi1dIAGteSaRLqYgarlhP/Ij0cFT+qmCwiJqWh/U5o=
+github.com/aws/smithy-go v1.21.0 h1:H7L8dtDRk0P1Qm6y0ji7MCYMQObJ5R9CRpyPhRUkLYA=
+github.com/aws/smithy-go v1.21.0/go.mod h1:irrKGvNn1InZwb2d7fkIRNucdfwR8R+Ts3wxYa/cJHg=
 github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
 github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=

diff --git a/pkg/cloud/cloud.go b/pkg/cloud/cloud.go
@@ -20,17 +20,20 @@ import (
  "context"
  "errors"
  "fmt"
+
+ "github.com/aws/smithy-go"
  "math/rand"
  "os"
  "time"
 
- "github.com/aws/aws-sdk-go/aws"
- "github.com/aws/aws-sdk-go/aws/awserr"
- "github.com/aws/aws-sdk-go/aws/credentials/stscreds"
- "github.com/aws/aws-sdk-go/aws/ec2metadata"
- "github.com/aws/aws-sdk-go/aws/request"
- "github.com/aws/aws-sdk-go/aws/session"
- "github.com/aws/aws-sdk-go/service/efs"
+ "github.com/aws/aws-sdk-go-v2/aws"
+ "github.com/aws/aws-sdk-go-v2/config"
+ "github.com/aws/aws-sdk-go-v2/credentials/stscreds"
+ "github.com/aws/aws-sdk-go-v2/feature/ec2/imds"
+ "github.com/aws/aws-sdk-go-v2/service/efs"
+ "github.com/aws/aws-sdk-go-v2/service/efs/types"
+ "github.com/aws/aws-sdk-go-v2/service/sts"
+
  "k8s.io/klog/v2"
 )
 
@@ -88,11 +91,11 @@ type MountTarget struct {
 
 // Efs abstracts efs client(https://docs.aws.amazon.com/sdk-for-go/api/service/efs/)
 type Efs interface {
- CreateAccessPointWithContext(aws.Context, *efs.CreateAccessPointInput, ...request.Option) (*efs.CreateAccessPointOutput, error)
- DeleteAccessPointWithContext(aws.Context, *efs.DeleteAccessPointInput, ...request.Option) (*efs.DeleteAccessPointOutput, error)
- DescribeAccessPointsWithContext(aws.Context, *efs.DescribeAccessPointsInput, ...request.Option) (*efs.DescribeAccessPointsOutput, error)
- DescribeFileSystemsWithContext(aws.Context, *efs.DescribeFileSystemsInput, ...request.Option) (*efs.DescribeFileSystemsOutput, error)
- DescribeMountTargetsWithContext(aws.Context, *efs.DescribeMountTargetsInput, ...request.Option) (*efs.DescribeMountTargetsOutput, error)
+ CreateAccessPoint(context.Context, *efs.CreateAccessPointInput, ...func(*efs.Options)) (*efs.CreateAccessPointOutput, error)
+ DeleteAccessPoint(context.Context, *efs.DeleteAccessPointInput, ...func(*efs.Options)) (*efs.DeleteAccessPointOutput, error)
+ DescribeAccessPoints(context.Context, *efs.DescribeAccessPointsInput, ...func(*efs.Options)) (*efs.DescribeAccessPointsOutput, error)
+ DescribeFileSystems(context.Context, *efs.DescribeFileSystemsInput, ...func(*efs.Options)) (*efs.DescribeFileSystemsOutput, error)
+ DescribeMountTargets(context.Context, *efs.DescribeMountTargetsInput, ...func(*efs.Options)) (*efs.DescribeMountTargetsOutput, error)
 }
 
 type Cloud interface {
@@ -124,16 +127,18 @@ func NewCloudWithRole(awsRoleArn string) (Cloud, error) {
 }
 
 func createCloud(awsRoleArn string) (Cloud, error) {
- sess := session.Must(session.NewSession(&aws.Config{}))
- svc := ec2metadata.New(sess)
+ cfg, err := config.LoadDefaultConfig(context.TODO())
+ if err != nil {
+ klog.Warningf("Could not load config: %v", err)
+ }
+
+ svc := imds.NewFromConfig(cfg)
  api, err := DefaultKubernetesAPIClient()
 
  if err != nil && !isDriverBootedInECS() {
  klog.Warningf("Could not create Kubernetes Client: %v", err)
  }
-
  metadataProvider, err := GetNewMetadataProvider(svc, api)
-
  if err != nil {
  return nil, fmt.Errorf("error creating MetadataProvider: %v", err)
  }
@@ -144,21 +149,23 @@ func createCloud(awsRoleArn string) (Cloud, error) {
  return nil, fmt.Errorf("could not get metadata: %v", err)
  }
 
- efs_client := createEfsClient(awsRoleArn, metadata, sess)
- klog.V(5).Infof("EFS Client created using the following endpoint: %+v", efs_client.(*efs.EFS).Client.ClientInfo.Endpoint)
+ efs_client := createEfsClient(awsRoleArn, metadata)
+ klog.V(5).Infof("EFS Client created using the following endpoint: %+v", cfg.BaseEndpoint)
 
  return &cloud{
  metadata: metadata,
  efs: efs_client,
  }, nil
 }
 
-func createEfsClient(awsRoleArn string, metadata MetadataService, sess *session.Session) Efs {
- config := aws.NewConfig().WithRegion(metadata.GetRegion())
+func createEfsClient(awsRoleArn string, metadata MetadataService) Efs {
+ cfg, _ := config.LoadDefaultConfig(context.TODO(), config.WithRegion(metadata.GetRegion()))
  if awsRoleArn != "" {
- config = config.WithCredentials(stscreds.NewCredentials(sess, awsRoleArn))
+ stsClient := sts.NewFromConfig(cfg)
+ roleProvider := stscreds.NewAssumeRoleProvider(stsClient, awsRoleArn)
+ cfg.Credentials = aws.NewCredentialsCache(roleProvider)
  }
- return efs.New(session.Must(session.NewSession(config)))
+ return efs.NewFromConfig(cfg)
 }
 
 func (c *cloud) GetMetadata() MetadataService {
@@ -170,12 +177,12 @@ func (c *cloud) CreateAccessPoint(ctx context.Context, clientToken string, acces
  createAPInput := &efs.CreateAccessPointInput{
  ClientToken: &clientToken,
  FileSystemId: &accessPointOpts.FileSystemId,
- PosixUser: &efs.PosixUser{
+ PosixUser: &types.PosixUser{
  Gid: &accessPointOpts.Gid,
  Uid: &accessPointOpts.Uid,
  },
- RootDirectory: &efs.RootDirectory{
- CreationInfo: &efs.CreationInfo{
+ RootDirectory: &types.RootDirectory{
+ CreationInfo: &types.CreationInfo{
  OwnerGid: &accessPointOpts.Gid,
  OwnerUid: &accessPointOpts.Uid,
  Permissions: &accessPointOpts.DirectoryPerms,
@@ -186,7 +193,7 @@ func (c *cloud) CreateAccessPoint(ctx context.Context, clientToken string, acces
  }
 
  klog.V(5).Infof("Calling Create AP with input: %+v", *createAPInput)
- res, err := c.efs.CreateAccessPointWithContext(ctx, createAPInput)
+ res, err := c.efs.CreateAccessPoint(ctx, createAPInput)
  if err != nil {
  if isAccessDenied(err) {
  return nil, ErrAccessDenied
@@ -204,7 +211,7 @@ func (c *cloud) CreateAccessPoint(ctx context.Context, clientToken string, acces
 
 func (c *cloud) DeleteAccessPoint(ctx context.Context, accessPointId string) (err error) {
  deleteAccessPointInput := &efs.DeleteAccessPointInput{AccessPointId: &accessPointId}
- _, err = c.efs.DeleteAccessPointWithContext(ctx, deleteAccessPointInput)
+ _, err = c.efs.DeleteAccessPoint(ctx, deleteAccessPointInput)
  if err != nil {
  if isAccessDenied(err) {
  return ErrAccessDenied
@@ -222,7 +229,7 @@ func (c *cloud) DescribeAccessPoint(ctx context.Context, accessPointId string) (
  describeAPInput := &efs.DescribeAccessPointsInput{
  AccessPointId: &accessPointId,
  }
- res, err := c.efs.DescribeAccessPointsWithContext(ctx, describeAPInput)
+ res, err := c.efs.DescribeAccessPoints(ctx, describeAPInput)
  if err != nil {
  if isAccessDenied(err) {
  return nil, ErrAccessDenied
@@ -250,9 +257,9 @@ func (c *cloud) FindAccessPointByClientToken(ctx context.Context, clientToken, f
  klog.V(2).Infof("ClientToken to find AP : %s", clientToken)
  describeAPInput := &efs.DescribeAccessPointsInput{
  FileSystemId: &fileSystemId,
- MaxResults: aws.Int64(AccessPointPerFsLimit),
+ MaxResults: aws.Int32(AccessPointPerFsLimit),
  }
- res, err := c.efs.DescribeAccessPointsWithContext(ctx, describeAPInput)
+ res, err := c.efs.DescribeAccessPoints(ctx, describeAPInput)
  if err != nil {
  if isAccessDenied(err) {
  return nil, ErrAccessDenied
@@ -265,7 +272,7 @@ func (c *cloud) FindAccessPointByClientToken(ctx context.Context, clientToken, f
  }
  for _, ap := range res.AccessPoints {
  // check if AP exists with same client token
- if aws.StringValue(ap.ClientToken) == clientToken {
+ if *ap.ClientToken == clientToken {
  return &AccessPoint{
  AccessPointId: *ap.AccessPointId,
  FileSystemId: *ap.FileSystemId,
@@ -280,9 +287,9 @@ func (c *cloud) FindAccessPointByClientToken(ctx context.Context, clientToken, f
 func (c *cloud) ListAccessPoints(ctx context.Context, fileSystemId string) (accessPoints []*AccessPoint, err error) {
  describeAPInput := &efs.DescribeAccessPointsInput{
  FileSystemId: &fileSystemId,
- MaxResults: aws.Int64(AccessPointPerFsLimit),
+ MaxResults: aws.Int32(AccessPointPerFsLimit),
  }
- res, err := c.efs.DescribeAccessPointsWithContext(ctx, describeAPInput)
+ res, err := c.efs.DescribeAccessPoints(ctx, describeAPInput)
  if err != nil {
  if isAccessDenied(err) {
  return nil, ErrAccessDenied
@@ -318,7 +325,7 @@ func (c *cloud) ListAccessPoints(ctx context.Context, fileSystemId string) (acce
 func (c *cloud) DescribeFileSystem(ctx context.Context, fileSystemId string) (fs *FileSystem, err error) {
  describeFsInput := &efs.DescribeFileSystemsInput{FileSystemId: &fileSystemId}
  klog.V(5).Infof("Calling DescribeFileSystems with input: %+v", *describeFsInput)
- res, err := c.efs.DescribeFileSystemsWithContext(ctx, describeFsInput)
+ res, err := c.efs.DescribeFileSystems(ctx, describeFsInput)
  if err != nil {
  if isAccessDenied(err) {
  return nil, ErrAccessDenied
@@ -341,7 +348,7 @@ func (c *cloud) DescribeFileSystem(ctx context.Context, fileSystemId string) (fs
 func (c *cloud) DescribeMountTargets(ctx context.Context, fileSystemId, azName string) (fs *MountTarget, err error) {
  describeMtInput := &efs.DescribeMountTargetsInput{FileSystemId: &fileSystemId}
  klog.V(5).Infof("Calling DescribeMountTargets with input: %+v", *describeMtInput)
- res, err := c.efs.DescribeMountTargetsWithContext(ctx, describeMtInput)
+ res, err := c.efs.DescribeMountTargets(ctx, describeMtInput)
  if err != nil {
  if isAccessDenied(err) {
  return nil, ErrAccessDenied
@@ -363,7 +370,7 @@ func (c *cloud) DescribeMountTargets(ctx context.Context, fileSystemId, azName s
  return nil, fmt.Errorf("No mount target for file system %v is in available state. Please retry in 5 minutes.", fileSystemId)
  }
 
- var mountTarget *efs.MountTargetDescription
+ var mountTarget *types.MountTargetDescription
  if azName != "" {
  mountTarget = getMountTargetForAz(availableMountTargets, azName)
  }
@@ -373,7 +380,7 @@ func (c *cloud) DescribeMountTargets(ctx context.Context, fileSystemId, azName s
  if mountTarget == nil {
  klog.Infof("Picking a random mount target from available mount target")
  rand.Seed(time.Now().Unix())
- mountTarget = availableMountTargets[rand.Intn(len(availableMountTargets))]
+ mountTarget = &availableMountTargets[rand.Intn(len(availableMountTargets))]
  }
 
  return &MountTarget{
@@ -385,26 +392,25 @@ func (c *cloud) DescribeMountTargets(ctx context.Context, fileSystemId, azName s
 }
 
 func isFileSystemNotFound(err error) bool {
- if awsErr, ok := err.(awserr.Error); ok {
- if awsErr.Code() == efs.ErrCodeFileSystemNotFound {
- return true
- }
+ var FileSystemNotFoundErr *types.FileSystemNotFound
+ if errors.As(err, &FileSystemNotFoundErr) {
+ return true
  }
  return false
 }
 
 func isAccessPointNotFound(err error) bool {
- if awsErr, ok := err.(awserr.Error); ok {
- if awsErr.Code() == efs.ErrCodeAccessPointNotFound {
- return true
- }
+ var AccessPointNotFoundErr *types.AccessPointNotFound
+ if errors.As(err, &AccessPointNotFoundErr) {
+ return true
  }
  return false
 }
 
 func isAccessDenied(err error) bool {
- if awsErr, ok := err.(awserr.Error); ok {
- if awsErr.Code() == AccessDeniedException {
+ var apiErr smithy.APIError
+ if errors.As(err, &apiErr) {
+ if apiErr.ErrorCode() == AccessDeniedException {
  return true
  }
  }
@@ -416,34 +422,34 @@ func isDriverBootedInECS() bool {
  return ecsContainerMetadataUri != ""
 }
 
-func parseEfsTags(tagMap map[string]string) []*efs.Tag {
- efsTags := []*efs.Tag{}
+func parseEfsTags(tagMap map[string]string) []types.Tag {
+ efsTags := []types.Tag{}
  for k, v := range tagMap {
  key := k
  value := v
- efsTags = append(efsTags, &efs.Tag{
+ efsTags = append(efsTags, types.Tag{
  Key: &key,
  Value: &value,
  })
  }
  return efsTags
 }
 
-func getAvailableMountTargets(mountTargets []*efs.MountTargetDescription) []*efs.MountTargetDescription {
- availableMountTargets := []*efs.MountTargetDescription{}
+func getAvailableMountTargets(mountTargets []types.MountTargetDescription) []types.MountTargetDescription {
+ availableMountTargets := []types.MountTargetDescription{}
  for _, mt := range mountTargets {
- if *mt.LifeCycleState == "available" {
+ if mt.LifeCycleState == "available" {
  availableMountTargets = append(availableMountTargets, mt)
  }
  }
 
  return availableMountTargets
 }
 
-func getMountTargetForAz(mountTargets []*efs.MountTargetDescription, azName string) *efs.MountTargetDescription {
+func getMountTargetForAz(mountTargets []types.MountTargetDescription, azName string) *types.MountTargetDescription {
  for _, mt := range mountTargets {
  if *mt.AvailabilityZoneName == azName {
- return mt
+ return &mt
  }
  }
  klog.Infof("There is no mount target match %v", azName)