aws · ningziwen · Sep 21, 2023 · Sep 21, 2023
@@ -62,11 +62,17 @@ jobs:
         with:
           go-version: ${{ matrix.go }}
           cache: false
-      - name: Configure AWS Credentials
-        uses: aws-actions/configure-aws-credentials@v4
-        with:
-          role-to-assume: ${{ secrets.ROLE }}
-          aws-region: ${{ secrets.REGION }}
+      - name: Start LocalStack # Copy from https://docs.localstack.cloud/user-guide/ci/github-actions/
+        run: |
+          pip install localstack awscli-local[ver1] # install LocalStack cli and awslocal
+          docker pull localstack/localstack         # Make sure to pull the latest version of the image
+          localstack start -d                       # Start LocalStack in the background
+
+          echo "Waiting for LocalStack startup..."  # Wait 30 seconds for the LocalStack container
+          localstack wait -t 30                     # to become ready before timing out 
+          echo "Startup complete"
+
+          awslocal logs create-log-group --log-group-name test-shim-logger
       - name: install and start containerd
         shell: bash
         run: sudo scripts/install-containerd

@@ -19,25 +19,35 @@ const (
 	awslogsRegionKey              = "--awslogs-region"
 	awslogsStreamKey              = "--awslogs-stream"
 	awslogsGroupKey               = "--awslogs-group"
+	awslogEndpointKey             = "--awslogs-endpoint"
 	testEcsLocalEndpointPort      = "51679"
 	testAwslogsCredentialEndpoint = ":" + testEcsLocalEndpointPort + "/creds"
-	testAwslogsRegion             = "us-west-2"
-	testAwsLogsStream             = "test-stream"
-	testAwsLogsGroup              = "test-shim-logger"
+	testAwslogsRegion             = "us-east-1"
+	testAwslogsStream             = "test-stream"
+	testAwslogsGroup              = "test-shim-logger"
+	testAwslogsEndpoint           = "localhost.localstack.cloud" // Recommended endpoint: https://docs.localstack.cloud/getting-started/faq/#is-using-localhostlocalstackcloud4566-to-set-as-the-endpoint-for-aws-services-recommended
 )
 
 var testAwslogs = func() {
 	// These tests are run in serial because we only define one log driver instance.
 	ginkgo.Describe("awslogs shim logger", ginkgo.Serial, func() {
 		var cwClient *cloudwatchlogs.Client
 		ginkgo.BeforeEach(func() {
-			cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithRegion(testAwslogsRegion))
+			// Reference to set up Go client for aws local stack: https://docs.localstack.cloud/user-guide/integrations/sdks/go/.
+			customResolver := aws.EndpointResolverWithOptionsFunc(func(service, region string, options ...interface{}) (aws.Endpoint, error) {
+				return aws.Endpoint{
+					PartitionID:   "aws",
+					URL:           testAwslogsEndpoint,
+					SigningRegion: testAwslogsRegion,
+				}, nil
+			})
+			cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithRegion(testAwslogsRegion), config.WithEndpointResolverWithOptions(customResolver))
 			gomega.Expect(err).ShouldNot(gomega.HaveOccurred())
 			cwClient = cloudwatchlogs.NewFromConfig(cfg)
-			cleanupAwslogs(cwClient, testAwsLogsGroup, testAwsLogsStream)
+			cleanupAwslogs(cwClient, testAwslogsGroup, testAwslogsStream)
 		})
 		ginkgo.AfterEach(func() {
-			cleanupAwslogs(cwClient, testAwsLogsGroup, testAwsLogsStream)
+			cleanupAwslogs(cwClient, testAwslogsGroup, testAwslogsStream)
 		})
 		ginkgo.It("should send logs to awslogs log driver", func() {
 			args := map[string]string{
@@ -46,12 +56,13 @@ var testAwslogs = func() {
 				containerNameKey:              testContainerName,
 				awslogsCredentialsEndpointKey: testAwslogsCredentialEndpoint,
 				awslogsRegionKey:              testAwslogsRegion,
-				awslogsGroupKey:               testAwsLogsGroup,
-				awslogsStreamKey:              testAwsLogsStream,
+				awslogsGroupKey:               testAwslogsGroup,
+				awslogsStreamKey:              testAwslogsStream,
+				awslogEndpointKey:             testAwslogsEndpoint,
 			}
 			creator := cio.BinaryIO(*Binary, args)
 			sendTestLogByContainerd(creator, testLog)
-			validateTestLogsInAwslogs(cwClient, testAwsLogsGroup, testAwsLogsStream, testLog)
+			validateTestLogsInAwslogs(cwClient, testAwslogsGroup, testAwslogsStream, testLog)
 		})
 	})
 }

@@ -1,10 +1,9 @@
 #!/bin/bash
 # ecs local endpoint can only use credentials in aws credential file instead of env vars
 
-aws configure set aws_access_key_id $AWS_ACCESS_KEY_ID --profile default
-aws configure set aws_secret_access_key $AWS_SECRET_ACCESS_KEY --profile default
-aws configure set aws_session_token $AWS_SESSION_TOKEN --profile default
+aws configure set aws_access_key_id dummy-aws-access-key-id --profile default
+aws configure set aws_secret_access_key dummy-aws-secret-access-key --profile default
 docker run -d --name ecs-local-endpoint -p 51679:51679 \
--v $HOME/.aws/:/home/.aws/ -e AWS_REGION=us-west-2 \
+-v $HOME/.aws/:/home/.aws/ -e AWS_REGION=us-east-1 \
 -e HOME="/home" -e AWS_PROFILE=default -e ECS_LOCAL_METADATA_PORT=51679 \
 amazon/amazon-ecs-local-container-endpoints