TLS 1.3 should be behind us now

This test triggers the scenario that a required response element exists, which
forces our check for "we do not expect data for this call" to be comptime.
It previously was accidentally runtime, which was solved by making
expected_body_field_len a comptime var.

build.zig

@@ -6,42 +6,18 @@ const models_subdir = "codegen/sdk-codegen/aws-models/"; // note will probably n
 
 const test_targets = [_]std.Target.Query{
     .{}, // native
-    .{
+    .{ .cpu_arch = .x86_64, .os_tag = .linux },
-        .cpu_arch = .x86_64,
+    .{ .cpu_arch = .aarch64, .os_tag = .linux },
-        .os_tag = .linux,
-    },
-    .{
-        .cpu_arch = .aarch64,
-        .os_tag = .linux,
-    },
     // The test executable linking process just spins forever in LLVM using nominated zig 0.13 May 2024
     // This is likely a LLVM problem unlikely to be fixed in zig 0.13
     // Potentially this issue: https://github.com/llvm/llvm-project/issues/81440
     // Zig tracker: https://github.com/ziglang/zig/issues/18872
-    // .{
+    // .{ .cpu_arch = .riscv64, .os_tag = .linux },
-    //     .cpu_arch = .riscv64,
+    .{ .cpu_arch = .arm, .os_tag = .linux },
-    //     .os_tag = .linux,
+    .{ .cpu_arch = .x86_64, .os_tag = .windows },
-    // },
+    .{ .cpu_arch = .aarch64, .os_tag = .macos },
-    .{
+    .{ .cpu_arch = .x86_64, .os_tag = .macos },
-        .cpu_arch = .arm,
+    .{ .cpu_arch = .wasm32, .os_tag = .wasi },
-        .os_tag = .linux,
-    },
-    .{
-        .cpu_arch = .x86_64,
-        .os_tag = .windows,
-    },
-    .{
-        .cpu_arch = .aarch64,
-        .os_tag = .macos,
-    },
-    .{
-        .cpu_arch = .x86_64,
-        .os_tag = .macos,
-    },
-    // .{
-    //     .cpu_arch = .wasm32,
-    //     .os_tag = .wasi,
-    // },
 };
 
 pub fn build(b: *Builder) !void {

example/src/main.zig

@@ -36,10 +36,8 @@ pub fn main() anyerror!void {
         .client = client,
     };
 
-    // As of 2023-08-28, only ECS from this list supports TLS v1.3
-    // AWS commitment is to enable all services by 2023-12-31
     const services = aws.Services(.{ .sts, .kms }){};
-    try stdout.print("Calling KMS ListKeys, a TLS 1.3 enabled service\n", .{});
+    try stdout.print("Calling KMS ListKeys\n", .{});
     try stdout.print("You likely have at least some AWS-generated keys in your account,\n", .{});
     try stdout.print("but if the account has not had many services used, this may return 0 keys\n\n", .{});
     const call_kms = try aws.Request(services.kms.list_keys).call(.{}, options);
@@ -51,8 +49,7 @@ pub fn main() anyerror!void {
     }
     defer call_kms.deinit();
 
-    try stdout.print("\n\n\nCalling STS GetCallerIdentity. This does not have TLS 1.3 in September 2023\n", .{});
+    try stdout.print("\n\n\nCalling STS GetCallerIdentity\n", .{});
-    try stdout.print("A failure may occur\n\n", .{});
     const call = try aws.Request(services.sts.get_caller_identity).call(.{}, options);
     defer call.deinit();
     try stdout.print("\tarn: {s}\n", .{call.response.arn.?});

src/aws.zig

@@ -353,7 +353,7 @@ pub fn Request(comptime request_action: anytype) type {
             // First, we need to determine if we care about a response at all
             // If the expected result has no fields, there's no sense in
             // doing any more work. Let's bail early
-            var expected_body_field_len = std.meta.fields(action.Response).len;
+            comptime var expected_body_field_len = std.meta.fields(action.Response).len;
             if (@hasDecl(action.Response, "http_header"))
                 expected_body_field_len -= std.meta.fields(@TypeOf(action.Response.http_header)).len;
             if (@hasDecl(action.Response, "http_payload")) {
@@ -379,8 +379,6 @@ pub fn Request(comptime request_action: anytype) type {
 
             // We don't care about the body if there are no fields we expect there...
             if (std.meta.fields(action.Response).len == 0 or expected_body_field_len == 0) {
-                // ^^ This should be redundant, but is necessary. I suspect it's a compiler quirk
-                //
                 // Do we care if an unexpected body comes in?
                 return FullResponseType{
                     .response = .{},
@@ -1636,6 +1634,58 @@ test "query_no_input: sts getCallerIdentity comptime" {
     try std.testing.expectEqualStrings("123456789012", call.response.account.?);
     try std.testing.expectEqualStrings("8f0d54da-1230-40f7-b4ac-95015c4b84cd", call.response_metadata.request_id);
 }
+test "query_with_input: iam getRole runtime" {
+    // sqs switched from query to json in aws sdk for go v2 commit f5a08768ef820ff5efd62a49ba50c61c9ca5dbcb
+    const allocator = std.testing.allocator;
+    var test_harness = TestSetup.init(.{
+        .allocator = allocator,
+        .server_response =
+        \\<GetRoleResponse xmlns="https://iam.amazonaws.com/doc/2010-05-08/">
+        \\<GetRoleResult>
+        \\  <Role>
+        \\    <Path>/application_abc/component_xyz/</Path>
+        \\    <Arn>arn:aws:iam::123456789012:role/application_abc/component_xyz/S3Access</Arn>
+        \\    <RoleName>S3Access</RoleName>
+        \\    <AssumeRolePolicyDocument>
+        \\      {"Version":"2012-10-17","Statement":[{"Effect":"Allow",
+        \\      "Principal":{"Service":["ec2.amazonaws.com"]},"Action":["sts:AssumeRole"]}]}
+        \\    </AssumeRolePolicyDocument>
+        \\    <CreateDate>2012-05-08T23:34:01Z</CreateDate>
+        \\    <RoleId>AROADBQP57FF2AEXAMPLE</RoleId>
+        \\    <RoleLastUsed>
+        \\      <LastUsedDate>2019-11-20T17:09:20Z</LastUsedDate>
+        \\      <Region>us-east-1</Region>
+        \\    </RoleLastUsed>
+        \\  </Role>
+        \\</GetRoleResult>
+        \\<ResponseMetadata>
+        \\  <RequestId>df37e965-9967-11e1-a4c3-270EXAMPLE04</RequestId>
+        \\</ResponseMetadata>
+        \\</GetRoleResponse>
+        ,
+        .server_response_headers = &.{
+            .{ .name = "Content-Type", .value = "text/xml" },
+            .{ .name = "x-amzn-RequestId", .value = "df37e965-9967-11e1-a4c3-270EXAMPLE04" },
+        },
+    });
+    defer test_harness.deinit();
+    const options = try test_harness.start();
+    const iam = (Services(.{.iam}){}).iam;
+    const call = try test_harness.client.call(iam.get_role.Request{
+        .role_name = "S3Access",
+    }, options);
+    defer call.deinit();
+    test_harness.stop();
+    // Request expectations
+    try std.testing.expectEqual(std.http.Method.POST, test_harness.request_options.request_method);
+    try std.testing.expectEqualStrings("/", test_harness.request_options.request_target);
+    try std.testing.expectEqualStrings(
+        \\Action=GetRole&Version=2010-05-08&RoleName=S3Access
+    , test_harness.request_options.request_body);
+    // Response expectations
+    try std.testing.expectEqualStrings("arn:aws:iam::123456789012:role/application_abc/component_xyz/S3Access", call.response.role.arn);
+    try std.testing.expectEqualStrings("df37e965-9967-11e1-a4c3-270EXAMPLE04", call.response_metadata.request_id);
+}
 test "query_with_input: sts getAccessKeyInfo runtime" {
     // sqs switched from query to json in aws sdk for go v2 commit f5a08768ef820ff5efd62a49ba50c61c9ca5dbcb
     const allocator = std.testing.allocator;