From e14be3202a7752d716460d2fa0fd841a4746c0a2 Mon Sep 17 00:00:00 2001
From: Aaron Turner <synfinatic@gmail.com>
Date: Sat, 6 Jul 2024 14:29:06 -0700
Subject: [PATCH] add test tool for ssl bug

---
 .gitignore               |  3 +++
 cmd/aws-ssl-test/main.go | 31 +++++++++++++++++++++++++++++++
 2 files changed, 34 insertions(+)
 create mode 100644 cmd/aws-ssl-test/main.go

diff --git a/.gitignore b/.gitignore
index 365a8fe6..f9ce5a3f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -3,3 +3,6 @@ config.yaml*
 store.json
 __debug_bin
 coverage.out
+aws-ssl-test
+*.crt
+*.key
diff --git a/cmd/aws-ssl-test/main.go b/cmd/aws-ssl-test/main.go
new file mode 100644
index 00000000..5c249af9
--- /dev/null
+++ b/cmd/aws-ssl-test/main.go
@@ -0,0 +1,31 @@
+package main
+
+// Test AWS SDK with custom CA bundle to see if it works with the
+// AWS_CONTAINER_CREDENTIALS_FULL_URI environment variable set.
+
+import (
+	"context"
+	"fmt"
+	"os"
+
+	"github.com/aws/aws-sdk-go-v2/config"
+	"github.com/aws/aws-sdk-go-v2/service/sts"
+)
+
+func main() {
+	ca, err := os.Open("./CA.crt")
+	if err != nil {
+		panic(fmt.Sprintf("Unable to open CA.crt: %v", err))
+	}
+	cfg, err := config.LoadDefaultConfig(context.TODO(), config.WithCustomCABundle(ca))
+	if err != nil {
+		panic(err)
+	}
+
+	client := sts.NewFromConfig(cfg)
+	output, err := client.GetCallerIdentity(context.TODO(), nil)
+	if err != nil {
+		panic(err)
+	}
+	fmt.Printf("identity: %v\n", output)
+}