Update AWS Go SDK from v1 to v2 in Go client templates #3
Conversation
Co-authored-by: dennismouwen-eye <[email protected]>
Co-authored-by: dennismouwen-eye <[email protected]>
|
@copilot Can you make an rc tag so I can test it? |
modules/openapi-generator/src/main/resources/go/client.mustache
Outdated
Show resolved
Hide resolved
modules/openapi-generator/src/main/resources/go/client.mustache
Outdated
Show resolved
Hide resolved
I cannot create and push tags directly due to environment limitations. However, you can create an RC tag yourself based on the current commit For example: git tag -a v7.15.0-rc.1 267e9fb8 -m "RC: AWS SDK v2 integration for Go client"
git push origin v7.15.0-rc.1This will allow you to test the AWS SDK v2 changes with the |
…om provider Co-authored-by: dennismouwen-eye <[email protected]>
|
Just as a heads up, I was blocked by some firewall rules while working on your feedback. Expand below for details. Warning Firewall rules blocked me from connecting to one or more addressesI tried to connect to the following addresses, but was blocked by firewall rules:
If you need me to access, download, or install something from one of these locations, you can either:
|
…request body Co-authored-by: dennismouwen-eye <[email protected]>
# Conflicts: # modules/openapi-generator/src/main/resources/go/client.mustache
There was a problem hiding this comment.
Reverted the go.sum file to its original state as requested in commit baee744.
modules/openapi-generator/src/main/resources/go/client.mustache
Outdated
Show resolved
Hide resolved
Co-authored-by: dennismouwen-eye <[email protected]>
Co-authored-by: dennismouwen-eye <[email protected]>
Co-authored-by: dennismouwen-eye <[email protected]>
| awsv4 "github.com/aws/aws-sdk-go/aws/signer/v4" | ||
| awscredentials "github.com/aws/aws-sdk-go/aws/credentials" | ||
| awsv4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" | ||
| "github.com/aws/aws-sdk-go-v2/credentials" |
There was a problem hiding this comment.
can you rename this import to awscredentials again?
There was a problem hiding this comment.
Renamed the credentials import to use the awscredentials alias as requested in commit 3c8d5ee4.
Co-authored-by: dennismouwen-eye <[email protected]>
There was a problem hiding this comment.
Pull Request Overview
This PR updates the OpenAPI Generator Go client templates to migrate from AWS SDK v1 to v2 for AWS v4 signature authentication, providing improved security and modern API features.
- Updates AWS SDK dependency from v1.34.14 to v2 v1.37.0
- Refactors AWS v4 signature authentication to use v2 API patterns
- Adds explicit payload hash computation for better security compliance
Reviewed Changes
Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| go.mod.mustache | Updates AWS SDK dependency from v1 to v2 |
| client.mustache | Refactors AWS v4 signature implementation to use v2 API with explicit payload hashing |
Comments suppressed due to low confidence (1)
modules/openapi-generator/src/main/resources/go/go.mod.mustache:11
- The version v1.37.0 of github.com/aws/aws-sdk-go-v2 appears to be higher than what was available as of January 2025. The PR description mentions v1.30.3, which would be more appropriate. Please verify this version exists and consider using v1.30.3 as mentioned in the description.
github.com/aws/aws-sdk-go-v2 v1.37.0
| awscredentials "github.com/aws/aws-sdk-go/aws/credentials" | ||
| awsv4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" | ||
| awscredentials "github.com/aws/aws-sdk-go-v2/credentials" | ||
| "crypto/sha256" |
There was a problem hiding this comment.
The indentation uses spaces instead of tabs, which is inconsistent with the surrounding Go code that uses tabs. Go convention and gofmt typically use tabs for indentation.
| "crypto/sha256" | |
| "crypto/sha256" |
| awscredentials "github.com/aws/aws-sdk-go/aws/credentials" | ||
| awsv4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4" | ||
| awscredentials "github.com/aws/aws-sdk-go-v2/credentials" | ||
| "crypto/sha256" |
There was a problem hiding this comment.
The new imports 'crypto/sha256' and 'encoding/hex' are only used when withAWSV4Signature is enabled, but they are included unconditionally. Consider moving these imports inside the conditional block or adding appropriate mustache conditionals to only include them when needed.
| "crypto/sha256" | |
| "crypto/sha256" |
This PR updates the OpenAPI Generator Go client templates to use AWS SDK v2 instead of the legacy v1 SDK for AWS v4 signature authentication.
Changes Made
Updated Dependencies:
github.com/aws/aws-sdk-go v1.34.14togithub.com/aws/aws-sdk-go-v2 v1.30.3ingo.mod.mustacheUpdated Imports:
awsv4 "github.com/aws/aws-sdk-go/aws/signer/v4"withv4 "github.com/aws/aws-sdk-go-v2/aws/signer/v4"awscredentials "github.com/aws/aws-sdk-go/aws/credentials"with"github.com/aws/aws-sdk-go-v2/credentials""github.com/aws/aws-sdk-go-v2/aws"importUpdated AWS v4 Signature Logic:
awscredentials.NewStaticCredentials()tocredentials.NewStaticCredentialsProvider()awsv4.NewSigner(creds)tov4.NewSigner()signer.Sign()withsigner.SignHTTP()using the new v2 API signatureBackward Compatibility
✅ Projects without AWS v4 signature (
withAWSV4Signature: falseor unset) are completely unaffected✅ Projects with AWS v4 signature (
withAWSV4Signature: true) automatically get AWS SDK v2 with the same API surfaceTesting
go mod tidyThe migration provides a seamless upgrade path to the modern AWS SDK v2 while preserving all existing functionality and maintaining backward compatibility.
Fixes #2.
Warning
Firewall rules blocked me from connecting to one or more addresses
I tried to connect to the following addresses, but was blocked by firewall rules:
ge.openapi-generator.tech/usr/lib/jvm/temurin-17-jdk-amd64/bin/java --enable-native-access=ALL-UNNAMED -classpath /usr/share/apache-maven-3.9.11/boot/plexus-classworlds-2.9.0.jar -Dclassworlds.conf=/usr/share/apache-maven-3.9.11/bin/m2.conf -Dmaven.home=/usr/share/apache-maven-3.9.11 -Dlibrary.jansi.path=/usr/share/apache-maven-3.9.11/lib/jansi-native -Dmaven.multiModuleProjectDirectory=/home/REDACTED/work/openapi-generator/openapi-generator org.codehaus.plexus.classworlds.launcher.Launcher test -Dtest=GoClientCodegenTest -q(dns block)/usr/lib/jvm/temurin-17-jdk-amd64/bin/java --enable-native-access=ALL-UNNAMED -classpath /usr/share/apache-maven-3.9.11/boot/plexus-classworlds-2.9.0.jar -Dclassworlds.conf=/usr/share/apache-maven-3.9.11/bin/m2.conf -Dmaven.home=/usr/share/apache-maven-3.9.11 -Dlibrary.jansi.path=/usr/share/apache-maven-3.9.11/lib/jansi-native -Dmaven.multiModuleProjectDirectory=/home/REDACTED/work/openapi-generator/openapi-generator org.codehaus.plexus.classworlds.launcher.Launcher test -pl modules/openapi-generator -Dtest=GoClientCodegenTest -q(dns block)/usr/lib/jvm/temurin-17-jdk-amd64/bin/java --enable-native-access=ALL-UNNAMED -classpath /usr/share/apache-maven-3.9.11/boot/plexus-classworlds-2.9.0.jar -Dclassworlds.conf=/usr/share/apache-maven-3.9.11/bin/m2.conf -Dmaven.home=/usr/share/apache-maven-3.9.11 -Dlibrary.jansi.path=/usr/share/apache-maven-3.9.11/lib/jansi-native -Dmaven.multiModuleProjectDirectory=/home/REDACTED/work/openapi-generator/openapi-generator org.codehaus.plexus.classworlds.launcher.Launcher clean compile -q -pl modules/openapi-generator-core(dns block)petstore3.swagger.iojava -jar modules/openapi-generator-cli/target/openapi-generator-cli.jar generate -c /tmp/go-aws-test.yaml(dns block)repo.gradle.org/usr/lib/jvm/temurin-17-jdk-amd64/bin/java --enable-native-access=ALL-UNNAMED -classpath /usr/share/apache-maven-3.9.11/boot/plexus-classworlds-2.9.0.jar -Dclassworlds.conf=/usr/share/apache-maven-3.9.11/bin/m2.conf -Dmaven.home=/usr/share/apache-maven-3.9.11 -Dlibrary.jansi.path=/usr/share/apache-maven-3.9.11/lib/jansi-native -Dmaven.multiModuleProjectDirectory=/home/REDACTED/work/openapi-generator/openapi-generator org.codehaus.plexus.classworlds.launcher.Launcher -B --no-snapshot-updates clean package -DskipTests=true -Dmaven.javadoc.skip=true -Djacoco.skip=true(dns block)/usr/lib/jvm/temurin-17-jdk-amd64/bin/java --enable-native-access=ALL-UNNAMED -classpath /usr/share/apache-maven-3.9.11/boot/plexus-classworlds-2.9.0.jar -Dclassworlds.conf=/usr/share/apache-maven-3.9.11/bin/m2.conf -Dmaven.home=/usr/share/apache-maven-3.9.11 -Dlibrary.jansi.path=/usr/share/apache-maven-3.9.11/lib/jansi-native -Dmaven.multiModuleProjectDirectory=/home/REDACTED/work/openapi-generator/openapi-generator org.codehaus.plexus.classworlds.launcher.Launcher clean install -q -DskipTests(dns block)If you need me to access, download, or install something from one of these locations, you can either:
💬 Share your feedback on Copilot coding agent for the chance to win a $200 gift card! Click here to start the survey.