add notes about the auth mech properties

mongodb-labs · Nov 30, 2023 · 4f8c670 · 4f8c670
1 parent a6fc961
commit 4f8c670
Show file tree

Hide file tree

Showing 2 changed files with 19 additions and 2 deletions.
diff --git a/.evergreen/auth_oidc/azure/README.md b/.evergreen/auth_oidc/azure/README.md
@@ -42,6 +42,23 @@ export AZUREOIDC_TEST_CMD="source ./env.sh && OIDC_PROVIDER_NAME=azure ./.evergr
 bash $DRIVERS_TOOLS/.evergreen/auth_oidc/azure/run-driver-test.sh
 ```
 
+In your tests, you can use the environment variables in `env.sh` to define the `TOKEN_AUDIENCE` and `TOKEN_CLIENT_ID` 
+auth mechanism properties, e.g.
+
+```python
+TOKEN_AUDIENCE="api://" + os.environ["AZUREOIDC_CLIENTID"]
+TOKEN_CLIENT_ID=os.environ["AZUREOIDC_TOKENCLIENT"]  # For first user
+TOKEN_CLIENT_ID=os.environ["AZUREOIDC_TOKENCLIENT2"]  # For second user
+```
+
+Note: If you are creating a uri, you will have to escape `TOKEN_AUDIENCE` value, e.g.
+
+```bash
+MONGODB_URI="${MONGODB_URI}/?authMechanism=MONGODB-OIDC"
+MONGODB_URI="${MONGODB_URI}&authMechanismProperties=PROVIDER_NAME:azure"
+MONGODB_URI="${MONGODB_URI},TOKEN_AUDIENCE:api%3A%2F%2F${AZUREOIDC_CLIENTID}"
+```
+
 Finally, we tear down the vm:
 
 ```bash

diff --git a/.evergreen/config.yml b/.evergreen/config.yml
@@ -1017,14 +1017,14 @@ buildvariants:
     - ".releng" # Run all tasks with the "releng" tag
 
 # Tests relating to docker images
-- name: tests-docker-related
+- name: tests-docker
   display_name: Docker
   run_on:
     - ubuntu2004-large
   tasks:
     - ".docker"  # Run all tasks with the "docker" tag
 
-- name: testazureoidc-variant
+- name: tests-oidc
   display_name: OIDC
   run_on: ubuntu2004-small
   tasks: