From 7ebfbccfd7e3931c8a4a286e64b98c7894f278ea Mon Sep 17 00:00:00 2001
From: ysaito1001 <gperson22@gmail.com>
Date: Thu, 2 Mar 2023 11:25:34 -0600
Subject: [PATCH] Move using-native-tls-instead-of-rustls to smithy-rs (#2423)

* Move using-native-tls-instead-of-rustls to smithy-rs

This commit adds the test `using-native-tls-instead-of-rustls` to
`smithy-rs` that was originally in the `aws-doc-sdk-examples`.
The test is more useful to be in `smithy-rs` because it can catch
a test failure early prior to cutting a release.

* Fix Copyright header

* Update aws/sdk/integration-tests/using-native-tls-instead-of-rustls/tests/no-rustls-in-dependency.rs

Co-authored-by: Zelda Hessler <zhessler@amazon.com>

* Update aws/sdk/integration-tests/using-native-tls-instead-of-rustls/tests/no-rustls-in-dependency.rs

Co-authored-by: Zelda Hessler <zhessler@amazon.com>

* Update Cargo.toml

This commit addresses
https://github.com/awslabs/smithy-rs/pull/2423#discussion_r1123289399
https://github.com/awslabs/smithy-rs/pull/2423#discussion_r1123291290

---------

Co-authored-by: Yuki Saito <awsaito@amazon.com>
Co-authored-by: Zelda Hessler <zhessler@amazon.com>
---
 aws/sdk/integration-tests/Cargo.toml          |  1 +
 .../Cargo.toml                                | 20 +++++++
 .../tests/no-rustls-in-dependency.rs          | 52 +++++++++++++++++++
 3 files changed, 73 insertions(+)
 create mode 100644 aws/sdk/integration-tests/using-native-tls-instead-of-rustls/Cargo.toml
 create mode 100644 aws/sdk/integration-tests/using-native-tls-instead-of-rustls/tests/no-rustls-in-dependency.rs

diff --git a/aws/sdk/integration-tests/Cargo.toml b/aws/sdk/integration-tests/Cargo.toml
index 406b718a9..a36345cda 100644
--- a/aws/sdk/integration-tests/Cargo.toml
+++ b/aws/sdk/integration-tests/Cargo.toml
@@ -15,4 +15,5 @@ members = [
     "s3control",
     "sts",
     "transcribestreaming",
+    "using-native-tls-instead-of-rustls",
 ]
diff --git a/aws/sdk/integration-tests/using-native-tls-instead-of-rustls/Cargo.toml b/aws/sdk/integration-tests/using-native-tls-instead-of-rustls/Cargo.toml
new file mode 100644
index 000000000..3642d7ba2
--- /dev/null
+++ b/aws/sdk/integration-tests/using-native-tls-instead-of-rustls/Cargo.toml
@@ -0,0 +1,20 @@
+[package]
+name = "using-native-tls-instead-of-rustls"
+version = "0.1.0"
+authors = ["AWS Rust SDK Team <aws-sdk-rust@amazon.com>"]
+edition = "2021"
+
+# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
+
+[dev-dependencies]
+# aws-config pulls in rustls and several other things by default. We have to disable defaults in order to use native-tls
+# and then manually bring the other defaults back
+aws-config = { path = "../../build/aws-sdk/sdk/aws-config", default-features = false, features = [
+  "native-tls",
+  "rt-tokio",
+] }
+# aws-sdk-s3 brings in rustls by default so we disable that in order to use native-tls only
+aws-sdk-s3 = { path = "../../build/aws-sdk/sdk/s3", default-features = false, features = [
+  "native-tls",
+] }
+tokio = { version = "1.20.1", features = ["rt", "macros"] }
diff --git a/aws/sdk/integration-tests/using-native-tls-instead-of-rustls/tests/no-rustls-in-dependency.rs b/aws/sdk/integration-tests/using-native-tls-instead-of-rustls/tests/no-rustls-in-dependency.rs
new file mode 100644
index 000000000..dddeebc47
--- /dev/null
+++ b/aws/sdk/integration-tests/using-native-tls-instead-of-rustls/tests/no-rustls-in-dependency.rs
@@ -0,0 +1,52 @@
+/*
+ * Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
+ * SPDX-License-Identifier: Apache-2.0
+ */
+
+/// The SDK defaults to using RusTLS by default but you can also use [`native_tls`](https://github.com/sfackler/rust-native-tls)
+/// which will choose a TLS implementation appropriate for your platform. This test looks much like
+/// any other. Activating and deactivating `features` in your app's `Cargo.toml` is all that's needed.
+
+async fn list_buckets() -> Result<(), aws_sdk_s3::Error> {
+    let sdk_config = aws_config::load_from_env().await;
+    let client = aws_sdk_s3::Client::new(&sdk_config);
+
+    let _resp = client.list_buckets().send().await?;
+
+    Ok(())
+}
+
+/// You can run this test to ensure that it is only using `native-tls` and
+/// that nothing is pulling in `rustls` as a dependency
+#[test]
+#[should_panic = "error: package ID specification `rustls` did not match any packages"]
+fn test_rustls_is_not_in_dependency_tree() {
+    let cargo_location = std::env::var("CARGO").unwrap();
+    let cargo_command = std::process::Command::new(&cargo_location)
+        .arg("tree")
+        .arg("--invert")
+        .arg("rustls")
+        .output()
+        .expect("failed to run 'cargo tree'");
+
+    let stderr = String::from_utf8_lossy(&cargo_command.stderr);
+
+    // We expect the call to `cargo tree` to error out. If it did, we panic with the resulting
+    // message here. In the case that no error message is set, that's bad.
+    if !stderr.is_empty() {
+        panic!("{}", stderr);
+    }
+
+    // Uh oh. We expected an error message but got none, likely because `cargo tree` found
+    // `rustls` in our dependencies. We'll print out the message we got to see what went wrong.
+    let stdout = String::from_utf8_lossy(&cargo_command.stdout);
+
+    println!("{}", stdout)
+}
+
+// NOTE: not currently run in CI, separate PR will set up a with-creds CI runner
+#[tokio::test]
+#[ignore]
+async fn needs_creds_native_tls_works() {
+    list_buckets().await.expect("should succeed")
+}
-- 
GitLab