boto3: use https:// for secure endpoints

Signed-off-by: Casey Bodley <cbodley@redhat.com>
This commit is contained in:
Casey Bodley 2019-02-26 15:57:19 -05:00
parent 774d40d114
commit ac18365f75

View file

@ -157,6 +157,9 @@ def setup():
config.default_port = int(defaults.get("port")) config.default_port = int(defaults.get("port"))
config.default_is_secure = cfg.getboolean('DEFAULT', "is_secure") config.default_is_secure = cfg.getboolean('DEFAULT', "is_secure")
proto = 'https' if config.default_is_secure else 'http'
config.default_endpoint = "%s://%s:%d" % (proto, config.default_host, config.default_port)
# vars from the main section # vars from the main section
config.main_access_key = cfg.get('s3 main',"access_key") config.main_access_key = cfg.get('s3 main',"access_key")
config.main_secret_key = cfg.get('s3 main',"secret_key") config.main_secret_key = cfg.get('s3 main',"secret_key")
@ -211,25 +214,20 @@ def get_client(client_config=None):
if client_config == None: if client_config == None:
client_config = Config(signature_version='s3v4') client_config = Config(signature_version='s3v4')
endpoint_url = "http://%s:%d" % (config.default_host, config.default_port)
client = boto3.client(service_name='s3', client = boto3.client(service_name='s3',
aws_access_key_id=config.main_access_key, aws_access_key_id=config.main_access_key,
aws_secret_access_key=config.main_secret_key, aws_secret_access_key=config.main_secret_key,
endpoint_url=endpoint_url, endpoint_url=config.default_endpoint,
use_ssl=config.default_is_secure, use_ssl=config.default_is_secure,
verify=False, verify=False,
config=client_config) config=client_config)
return client return client
def get_v2_client(): def get_v2_client():
endpoint_url = "http://%s:%d" % (config.default_host, config.default_port)
client = boto3.client(service_name='s3', client = boto3.client(service_name='s3',
aws_access_key_id=config.main_access_key, aws_access_key_id=config.main_access_key,
aws_secret_access_key=config.main_secret_key, aws_secret_access_key=config.main_secret_key,
endpoint_url=endpoint_url, endpoint_url=config.default_endpoint,
use_ssl=config.default_is_secure, use_ssl=config.default_is_secure,
verify=False, verify=False,
config=Config(signature_version='s3')) config=Config(signature_version='s3'))
@ -239,12 +237,10 @@ def get_alt_client(client_config=None):
if client_config == None: if client_config == None:
client_config = Config(signature_version='s3v4') client_config = Config(signature_version='s3v4')
endpoint_url = "http://%s:%d" % (config.default_host, config.default_port)
client = boto3.client(service_name='s3', client = boto3.client(service_name='s3',
aws_access_key_id=config.alt_access_key, aws_access_key_id=config.alt_access_key,
aws_secret_access_key=config.alt_secret_key, aws_secret_access_key=config.alt_secret_key,
endpoint_url=endpoint_url, endpoint_url=config.default_endpoint,
use_ssl=config.default_is_secure, use_ssl=config.default_is_secure,
verify=False, verify=False,
config=client_config) config=client_config)
@ -254,38 +250,30 @@ def get_tenant_client(client_config=None):
if client_config == None: if client_config == None:
client_config = Config(signature_version='s3v4') client_config = Config(signature_version='s3v4')
endpoint_url = "http://%s:%d" % (config.default_host, config.default_port)
client = boto3.client(service_name='s3', client = boto3.client(service_name='s3',
aws_access_key_id=config.tenant_access_key, aws_access_key_id=config.tenant_access_key,
aws_secret_access_key=config.tenant_secret_key, aws_secret_access_key=config.tenant_secret_key,
endpoint_url=endpoint_url, endpoint_url=config.default_endpoint,
use_ssl=config.default_is_secure, use_ssl=config.default_is_secure,
verify=False, verify=False,
config=client_config) config=client_config)
return client return client
def get_unauthenticated_client(): def get_unauthenticated_client():
endpoint_url = "http://%s:%d" % (config.default_host, config.default_port)
client = boto3.client(service_name='s3', client = boto3.client(service_name='s3',
aws_access_key_id='', aws_access_key_id='',
aws_secret_access_key='', aws_secret_access_key='',
endpoint_url=endpoint_url, endpoint_url=config.default_endpoint,
use_ssl=config.default_is_secure, use_ssl=config.default_is_secure,
verify=False, verify=False,
config=Config(signature_version=UNSIGNED)) config=Config(signature_version=UNSIGNED))
return client return client
def get_bad_auth_client(aws_access_key_id='badauth'): def get_bad_auth_client(aws_access_key_id='badauth'):
endpoint_url = "http://%s:%d" % (config.default_host, config.default_port)
client = boto3.client(service_name='s3', client = boto3.client(service_name='s3',
aws_access_key_id=aws_access_key_id, aws_access_key_id=aws_access_key_id,
aws_secret_access_key='roflmao', aws_secret_access_key='roflmao',
endpoint_url=endpoint_url, endpoint_url=config.default_endpoint,
use_ssl=config.default_is_secure, use_ssl=config.default_is_secure,
verify=False, verify=False,
config=Config(signature_version='s3v4')) config=Config(signature_version='s3v4'))
@ -314,12 +302,10 @@ def get_new_bucket_resource(name=None):
Always recreates a bucket from scratch. This is useful to also Always recreates a bucket from scratch. This is useful to also
reset ACLs and such. reset ACLs and such.
""" """
endpoint_url = "http://%s:%d" % (config.default_host, config.default_port)
s3 = boto3.resource('s3', s3 = boto3.resource('s3',
use_ssl=False, use_ssl=False,
verify=False, verify=False,
endpoint_url=endpoint_url, endpoint_url=config.default_endpoint,
aws_access_key_id=config.main_access_key, aws_access_key_id=config.main_access_key,
aws_secret_access_key=config.main_secret_key) aws_secret_access_key=config.main_secret_key)
if name is None: if name is None: