From 791501c316c21e8cbb4ac2dfd9bb052e7645034e Mon Sep 17 00:00:00 2001 From: Jonathan Brill Date: Tue, 28 May 2024 10:52:51 -0400 Subject: [PATCH] Revert "DEVPROD-6951 add static auth (#7864)" (#7925) --- config.go | 5 +---- environment.go | 16 ++-------------- globals.go | 4 ---- operations/service.go | 8 -------- 4 files changed, 3 insertions(+), 30 deletions(-) diff --git a/config.go b/config.go index 3c929bdf1fa..8e47f006fda 100644 --- a/config.go +++ b/config.go @@ -34,7 +34,7 @@ var ( // ClientVersion is the commandline version string used to control updating // the CLI. The format is the calendar date (YYYY-MM-DD). - ClientVersion = "2024-05-23" + ClientVersion = "2024-05-24" // Agent version to control agent rollover. The format is the calendar date // (YYYY-MM-DD). @@ -696,9 +696,6 @@ type DBSettings struct { WriteConcernSettings WriteConcern `yaml:"write_concern"` ReadConcernSettings ReadConcern `yaml:"read_concern"` AWSAuthEnabled bool `yaml:"aws_auth_enabled"` - // TODO (DEVPROD-6951): remove static auth once IRSA auth is reliable again. - Username string `yaml:"username"` - Password string `yaml:"password"` } // supported banner themes in Evergreen diff --git a/environment.go b/environment.go index dbb3ceb4373..005960ddf9b 100644 --- a/environment.go +++ b/environment.go @@ -373,13 +373,7 @@ func (e *envState) initDB(ctx context.Context, settings DBSettings, tracer trace SetConnectTimeout(5 * time.Second). SetMonitor(apm.NewMonitor(apm.WithCommandAttributeDisabled(false), apm.WithCommandAttributeTransformer(redactSensitiveCollections))) - // TODO (DEVPROD-6951): remove static auth once IRSA auth is reliable again. - if settings.Username != "" && settings.Password != "" { - opts.SetAuth(options.Credential{ - Username: settings.Username, - Password: settings.Password, - }) - } else if settings.AWSAuthEnabled { + if settings.AWSAuthEnabled { opts.SetAuth(options.Credential{ AuthMechanism: awsAuthMechanism, AuthSource: mongoExternalAuthSource, @@ -413,13 +407,7 @@ func (e *envState) createRemoteQueues(ctx context.Context, tracer trace.Tracer) SetWriteConcern(e.settings.Database.WriteConcernSettings.Resolve()). SetMonitor(apm.NewMonitor(apm.WithCommandAttributeDisabled(false))) - // TODO (DEVPROD-6951): remove static auth once IRSA auth is reliable again. - if e.settings.Database.Username != "" && e.settings.Database.Password != "" { - opts.SetAuth(options.Credential{ - Username: e.settings.Database.Username, - Password: e.settings.Database.Password, - }) - } else if e.settings.Database.AWSAuthEnabled { + if e.settings.Database.AWSAuthEnabled { opts.SetAuth(options.Credential{ AuthMechanism: awsAuthMechanism, AuthSource: mongoExternalAuthSource, diff --git a/globals.go b/globals.go index 755a957e4a0..5a39af043cb 100644 --- a/globals.go +++ b/globals.go @@ -212,10 +212,6 @@ const ( EvergreenVersionID = "EVG_VERSION_ID" TraceEndpoint = "TRACE_ENDPOINT" - // TODO (DEVPROD-6951): remove static auth once IRSA auth is reliable again. - MongoUsername = "MONGO_USERNAME" - MongoPassword = "MONGO_PASSWORD" - // localLoggingOverride is a special log path indicating that the app server // should attempt to log to systemd if available, and otherwise fall back to // logging to stdout. diff --git a/operations/service.go b/operations/service.go index e0fb542e78e..531bfc709ff 100644 --- a/operations/service.go +++ b/operations/service.go @@ -44,16 +44,10 @@ func parseDB(c *cli.Context) *evergreen.DBSettings { } url := c.String(dbUrlFlagName) awsAuthEnabled := c.Bool(dbAWSAuthFlagName) - - // TODO (DEVPROD-6951): remove static auth once IRSA auth is reliable again. - username := os.Getenv(evergreen.MongoUsername) - password := os.Getenv(evergreen.MongoPassword) - envUrl := os.Getenv(evergreen.MongodbUrl) if url == evergreen.DefaultDatabaseURL && envUrl != "" { url = envUrl } - return &evergreen.DBSettings{ Url: url, DB: c.String(dbNameFlagName), @@ -65,8 +59,6 @@ func parseDB(c *cli.Context) *evergreen.DBSettings { Level: c.String(dbRmodeFlagName), }, AWSAuthEnabled: awsAuthEnabled, - Username: username, - Password: password, } }