diff --git a/aws/sdk/integration-tests/Cargo.toml b/aws/sdk/integration-tests/Cargo.toml index 406b718a94be3f7d35f6d7f2e4549a58f71a1934..a36345cda0f55b46b842fb5a98f3a3172732012d 100644 --- a/aws/sdk/integration-tests/Cargo.toml +++ b/aws/sdk/integration-tests/Cargo.toml @@ -15,4 +15,5 @@ members = [ "s3control", "sts", "transcribestreaming", + "using-native-tls-instead-of-rustls", ] diff --git a/aws/sdk/integration-tests/using-native-tls-instead-of-rustls/Cargo.toml b/aws/sdk/integration-tests/using-native-tls-instead-of-rustls/Cargo.toml new file mode 100644 index 0000000000000000000000000000000000000000..3642d7ba24898559b06ae3052af489682a53c536 --- /dev/null +++ b/aws/sdk/integration-tests/using-native-tls-instead-of-rustls/Cargo.toml @@ -0,0 +1,20 @@ +[package] +name = "using-native-tls-instead-of-rustls" +version = "0.1.0" +authors = ["AWS Rust SDK Team "] +edition = "2021" + +# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html + +[dev-dependencies] +# aws-config pulls in rustls and several other things by default. We have to disable defaults in order to use native-tls +# and then manually bring the other defaults back +aws-config = { path = "../../build/aws-sdk/sdk/aws-config", default-features = false, features = [ + "native-tls", + "rt-tokio", +] } +# aws-sdk-s3 brings in rustls by default so we disable that in order to use native-tls only +aws-sdk-s3 = { path = "../../build/aws-sdk/sdk/s3", default-features = false, features = [ + "native-tls", +] } +tokio = { version = "1.20.1", features = ["rt", "macros"] } diff --git a/aws/sdk/integration-tests/using-native-tls-instead-of-rustls/tests/no-rustls-in-dependency.rs b/aws/sdk/integration-tests/using-native-tls-instead-of-rustls/tests/no-rustls-in-dependency.rs new file mode 100644 index 0000000000000000000000000000000000000000..dddeebc47956d85a30b265cf2a31724cfcc255f5 --- /dev/null +++ b/aws/sdk/integration-tests/using-native-tls-instead-of-rustls/tests/no-rustls-in-dependency.rs @@ -0,0 +1,52 @@ +/* + * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved. + * SPDX-License-Identifier: Apache-2.0 + */ + +/// The SDK defaults to using RusTLS by default but you can also use [`native_tls`](https://github.com/sfackler/rust-native-tls) +/// which will choose a TLS implementation appropriate for your platform. This test looks much like +/// any other. Activating and deactivating `features` in your app's `Cargo.toml` is all that's needed. + +async fn list_buckets() -> Result<(), aws_sdk_s3::Error> { + let sdk_config = aws_config::load_from_env().await; + let client = aws_sdk_s3::Client::new(&sdk_config); + + let _resp = client.list_buckets().send().await?; + + Ok(()) +} + +/// You can run this test to ensure that it is only using `native-tls` and +/// that nothing is pulling in `rustls` as a dependency +#[test] +#[should_panic = "error: package ID specification `rustls` did not match any packages"] +fn test_rustls_is_not_in_dependency_tree() { + let cargo_location = std::env::var("CARGO").unwrap(); + let cargo_command = std::process::Command::new(&cargo_location) + .arg("tree") + .arg("--invert") + .arg("rustls") + .output() + .expect("failed to run 'cargo tree'"); + + let stderr = String::from_utf8_lossy(&cargo_command.stderr); + + // We expect the call to `cargo tree` to error out. If it did, we panic with the resulting + // message here. In the case that no error message is set, that's bad. + if !stderr.is_empty() { + panic!("{}", stderr); + } + + // Uh oh. We expected an error message but got none, likely because `cargo tree` found + // `rustls` in our dependencies. We'll print out the message we got to see what went wrong. + let stdout = String::from_utf8_lossy(&cargo_command.stdout); + + println!("{}", stdout) +} + +// NOTE: not currently run in CI, separate PR will set up a with-creds CI runner +#[tokio::test] +#[ignore] +async fn needs_creds_native_tls_works() { + list_buckets().await.expect("should succeed") +}