diff --git a/.evergreen/generated_configs/legacy-config.yml b/.evergreen/generated_configs/legacy-config.yml index 5c57a844e9..c1de0ebc9d 100644 --- a/.evergreen/generated_configs/legacy-config.yml +++ b/.evergreen/generated_configs/legacy-config.yml @@ -212,9 +212,16 @@ functions: set -o errexit COVERAGE=ON .evergreen/scripts/compile.sh build mongohouse: + - command: ec2.assume_role + params: + role_arn: ${aws_test_secrets_role} - command: shell.exec type: test params: + include_expansions_in_env: + - AWS_ACCESS_KEY_ID + - AWS_SECRET_ACCESS_KEY + - AWS_SESSION_TOKEN shell: bash script: |- set -o errexit diff --git a/.evergreen/legacy_config_generator/evergreen_config_lib/functions.py b/.evergreen/legacy_config_generator/evergreen_config_lib/functions.py index 93aa2ee653..2131e616f4 100644 --- a/.evergreen/legacy_config_generator/evergreen_config_lib/functions.py +++ b/.evergreen/legacy_config_generator/evergreen_config_lib/functions.py @@ -156,11 +156,19 @@ ''', add_expansions_to_env=True), )), ('build mongohouse', Function( + # Assume role to get AWS secrets. + { + "command": "ec2.assume_role", + "params": { + "role_arn": "${aws_test_secrets_role}" + } + }, + shell_exec(r''' cd drivers-evergreen-tools export DRIVERS_TOOLS=$(pwd) .evergreen/atlas_data_lake/pull-mongohouse-image.sh - '''), + ''', include_expansions_in_env=[ "AWS_ACCESS_KEY_ID", "AWS_SECRET_ACCESS_KEY", "AWS_SESSION_TOKEN" ]), )), ('run mongohouse', Function( shell_exec(r'''