From 93d914379154ae97e20acfb7f2c54fd7274f7e61 Mon Sep 17 00:00:00 2001
From: Casey Bodley <cbodley@redhat.com>
Date: Tue, 30 Jan 2024 18:16:40 -0500
Subject: [PATCH] config: add [iam alt root] for an alt account's root user

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit ed4a8e2244372d583f204ab60e339c730d61ace3)
---
 s3tests.conf.SAMPLE                  |  7 +++++++
 s3tests_boto3/functional/__init__.py | 26 ++++++++++++++++++++++++++
 2 files changed, 33 insertions(+)

diff --git a/s3tests.conf.SAMPLE b/s3tests.conf.SAMPLE
index 550e806..c0dc89a 100644
--- a/s3tests.conf.SAMPLE
+++ b/s3tests.conf.SAMPLE
@@ -142,6 +142,13 @@ secret_key = aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
 user_id = RGW11111111111111111
 email = account1@ceph.com
 
+# iam account root user in a different account than [iam root]
+[iam alt root]
+access_key = BBBBBBBBBBBBBBBBBBbb
+secret_key = bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
+user_id = RGW22222222222222222
+email = account2@ceph.com
+
 #following section needs to be added when you want to run Assume Role With Webidentity test
 [webidentity]
 #used for assume role with web identity test in sts-tests
diff --git a/s3tests_boto3/functional/__init__.py b/s3tests_boto3/functional/__init__.py
index edf062c..555cafc 100644
--- a/s3tests_boto3/functional/__init__.py
+++ b/s3tests_boto3/functional/__init__.py
@@ -268,8 +268,14 @@ def setup():
 
     config.iam_root_access_key = cfg.get('iam root',"access_key")
     config.iam_root_secret_key = cfg.get('iam root',"secret_key")
+    config.iam_root_user_id = cfg.get('iam root',"user_id")
     config.iam_root_email = cfg.get('iam root',"email")
 
+    config.iam_alt_root_access_key = cfg.get('iam alt root',"access_key")
+    config.iam_alt_root_secret_key = cfg.get('iam alt root',"secret_key")
+    config.iam_alt_root_user_id = cfg.get('iam alt root',"user_id")
+    config.iam_alt_root_email = cfg.get('iam alt root',"email")
+
     # vars from the fixtures section
     template = cfg.get('fixtures', "bucket prefix", fallback='test-{random}-')
     prefix = choose_bucket_prefix(template=template)
@@ -454,6 +460,17 @@ def get_iam_root_client(**kwargs):
                         verify=config.default_ssl_verify,
                         **kwargs)
 
+def get_iam_alt_root_client(**kwargs):
+    kwargs.setdefault('service_name', 'iam')
+    kwargs.setdefault('aws_access_key_id', config.iam_alt_root_access_key)
+    kwargs.setdefault('aws_secret_access_key', config.iam_alt_root_secret_key)
+
+    return boto3.client(endpoint_url=config.default_endpoint,
+                        region_name='',
+                        use_ssl=config.default_is_secure,
+                        verify=config.default_ssl_verify,
+                        **kwargs)
+
 def get_alt_client(client_config=None):
     if client_config == None:
         client_config = Config(signature_version='s3v4')
@@ -715,9 +732,18 @@ def get_iam_access_key():
 def get_iam_secret_key():
     return config.iam_secret_key
 
+def get_iam_root_user_id():
+    return config.iam_root_user_id
+
 def get_iam_root_email():
     return config.iam_root_email
 
+def get_iam_alt_root_user_id():
+    return config.iam_alt_root_user_id
+
+def get_iam_alt_root_email():
+    return config.iam_alt_root_email
+
 def get_user_token():
     return config.webidentity_user_token