Tag testcases failing on dbstore with 'fails_on_dbstore' attr

To be able to successfully run s3tests on dbstore backend in teuthology,
mark all the s3-tests currently failing on it with 'fails_on_dbstore' attr

Signed-off-by: Soumya Koduri <skoduri@redhat.com>
This commit is contained in:
Soumya Koduri 2022-04-13 15:28:00 +05:30
parent b1cfda067e
commit cfabb8ede7
6 changed files with 349 additions and 0 deletions

View file

@ -182,6 +182,7 @@ def tag(*tags):
@attr(method='put') @attr(method='put')
@attr(operation='create w/no content length') @attr(operation='create w/no content length')
@attr(assertion='fails 411') @attr(assertion='fails 411')
@attr('fails_on_dbstore')
@nose.with_setup(teardown=_clear_custom_headers) @nose.with_setup(teardown=_clear_custom_headers)
def test_object_create_bad_contentlength_none(): def test_object_create_bad_contentlength_none():
key = _setup_bad_object(remove=('Content-Length',)) key = _setup_bad_object(remove=('Content-Length',))
@ -221,6 +222,7 @@ def test_object_create_bad_contentlength_mismatch_above():
@attr(method='put') @attr(method='put')
@attr(operation='create w/empty authorization') @attr(operation='create w/empty authorization')
@attr(assertion='fails 403') @attr(assertion='fails 403')
@attr('fails_on_dbstore')
@nose.with_setup(teardown=_clear_custom_headers) @nose.with_setup(teardown=_clear_custom_headers)
def test_object_create_bad_authorization_empty(): def test_object_create_bad_authorization_empty():
key = _setup_bad_object({'Authorization': ''}) key = _setup_bad_object({'Authorization': ''})
@ -235,6 +237,7 @@ def test_object_create_bad_authorization_empty():
@attr(method='put') @attr(method='put')
@attr(operation='create w/date and x-amz-date') @attr(operation='create w/date and x-amz-date')
@attr(assertion='succeeds') @attr(assertion='succeeds')
@attr('fails_on_dbstore')
@nose.with_setup(teardown=_clear_custom_headers) @nose.with_setup(teardown=_clear_custom_headers)
def test_object_create_date_and_amz_date(): def test_object_create_date_and_amz_date():
date = formatdate(usegmt=True) date = formatdate(usegmt=True)
@ -246,6 +249,7 @@ def test_object_create_date_and_amz_date():
@attr(method='put') @attr(method='put')
@attr(operation='create w/x-amz-date and no date') @attr(operation='create w/x-amz-date and no date')
@attr(assertion='succeeds') @attr(assertion='succeeds')
@attr('fails_on_dbstore')
@nose.with_setup(teardown=_clear_custom_headers) @nose.with_setup(teardown=_clear_custom_headers)
def test_object_create_amz_date_and_no_date(): def test_object_create_amz_date_and_no_date():
date = formatdate(usegmt=True) date = formatdate(usegmt=True)
@ -259,6 +263,7 @@ def test_object_create_amz_date_and_no_date():
@attr(method='put') @attr(method='put')
@attr(operation='create w/no authorization') @attr(operation='create w/no authorization')
@attr(assertion='fails 403') @attr(assertion='fails 403')
@attr('fails_on_dbstore')
@nose.with_setup(teardown=_clear_custom_headers) @nose.with_setup(teardown=_clear_custom_headers)
def test_object_create_bad_authorization_none(): def test_object_create_bad_authorization_none():
key = _setup_bad_object(remove=('Authorization',)) key = _setup_bad_object(remove=('Authorization',))
@ -274,6 +279,7 @@ def test_object_create_bad_authorization_none():
@attr(method='put') @attr(method='put')
@attr(operation='create w/no content length') @attr(operation='create w/no content length')
@attr(assertion='succeeds') @attr(assertion='succeeds')
@attr('fails_on_dbstore')
@nose.with_setup(teardown=_clear_custom_headers) @nose.with_setup(teardown=_clear_custom_headers)
def test_bucket_create_contentlength_none(): def test_bucket_create_contentlength_none():
_add_custom_headers(remove=('Content-Length',)) _add_custom_headers(remove=('Content-Length',))
@ -285,6 +291,7 @@ def test_bucket_create_contentlength_none():
@attr(method='acls') @attr(method='acls')
@attr(operation='set w/no content length') @attr(operation='set w/no content length')
@attr(assertion='succeeds') @attr(assertion='succeeds')
@attr('fails_on_dbstore')
@nose.with_setup(teardown=_clear_custom_headers) @nose.with_setup(teardown=_clear_custom_headers)
def test_object_acl_create_contentlength_none(): def test_object_acl_create_contentlength_none():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -328,6 +335,7 @@ def test_bucket_create_bad_contentlength_empty():
@attr(method='put') @attr(method='put')
@attr(operation='create w/no content length') @attr(operation='create w/no content length')
@attr(assertion='succeeds') @attr(assertion='succeeds')
@attr('fails_on_dbstore')
@nose.with_setup(teardown=_clear_custom_headers) @nose.with_setup(teardown=_clear_custom_headers)
def test_bucket_create_bad_contentlength_none(): def test_bucket_create_bad_contentlength_none():
_add_custom_headers(remove=('Content-Length',)) _add_custom_headers(remove=('Content-Length',))
@ -339,6 +347,7 @@ def test_bucket_create_bad_contentlength_none():
@attr(method='put') @attr(method='put')
@attr(operation='create w/empty authorization') @attr(operation='create w/empty authorization')
@attr(assertion='fails 403') @attr(assertion='fails 403')
@attr('fails_on_dbstore')
@nose.with_setup(teardown=_clear_custom_headers) @nose.with_setup(teardown=_clear_custom_headers)
def test_bucket_create_bad_authorization_empty(): def test_bucket_create_bad_authorization_empty():
_add_custom_headers({'Authorization': ''}) _add_custom_headers({'Authorization': ''})
@ -354,6 +363,7 @@ def test_bucket_create_bad_authorization_empty():
@attr(method='put') @attr(method='put')
@attr(operation='create w/no authorization') @attr(operation='create w/no authorization')
@attr(assertion='fails 403') @attr(assertion='fails 403')
@attr('fails_on_dbstore')
@nose.with_setup(teardown=_clear_custom_headers) @nose.with_setup(teardown=_clear_custom_headers)
def test_bucket_create_bad_authorization_none(): def test_bucket_create_bad_authorization_none():
_add_custom_headers(remove=('Authorization',)) _add_custom_headers(remove=('Authorization',))
@ -371,6 +381,7 @@ def test_bucket_create_bad_authorization_none():
@attr(method='put') @attr(method='put')
@attr(operation='create w/content length too short') @attr(operation='create w/content length too short')
@attr(assertion='fails 400') @attr(assertion='fails 400')
@attr('fails_on_dbstore')
@nose.with_setup(teardown=_clear_custom_headers) @nose.with_setup(teardown=_clear_custom_headers)
def test_object_create_bad_contentlength_mismatch_below_aws2(): def test_object_create_bad_contentlength_mismatch_below_aws2():
check_aws2_support() check_aws2_support()
@ -388,6 +399,7 @@ def test_object_create_bad_contentlength_mismatch_below_aws2():
@attr(method='put') @attr(method='put')
@attr(operation='create w/incorrect authorization') @attr(operation='create w/incorrect authorization')
@attr(assertion='fails 403') @attr(assertion='fails 403')
@attr('fails_on_dbstore')
@nose.with_setup(teardown=_clear_custom_headers) @nose.with_setup(teardown=_clear_custom_headers)
def test_object_create_bad_authorization_incorrect_aws2(): def test_object_create_bad_authorization_incorrect_aws2():
check_aws2_support() check_aws2_support()
@ -404,6 +416,7 @@ def test_object_create_bad_authorization_incorrect_aws2():
@attr(method='put') @attr(method='put')
@attr(operation='create w/invalid authorization') @attr(operation='create w/invalid authorization')
@attr(assertion='fails 400') @attr(assertion='fails 400')
@attr('fails_on_dbstore')
def test_object_create_bad_authorization_invalid_aws2(): def test_object_create_bad_authorization_invalid_aws2():
check_aws2_support() check_aws2_support()
key = _setup_bad_object({'Authorization': 'AWS HAHAHA'}) key = _setup_bad_object({'Authorization': 'AWS HAHAHA'})
@ -417,6 +430,7 @@ def test_object_create_bad_authorization_invalid_aws2():
@attr(method='put') @attr(method='put')
@attr(operation='create w/no date') @attr(operation='create w/no date')
@attr(assertion='fails 403') @attr(assertion='fails 403')
@attr('fails_on_dbstore')
@nose.with_setup(teardown=_clear_custom_headers) @nose.with_setup(teardown=_clear_custom_headers)
def test_object_create_bad_date_none_aws2(): def test_object_create_bad_date_none_aws2():
check_aws2_support() check_aws2_support()
@ -446,6 +460,7 @@ def test_bucket_create_bad_authorization_invalid_aws2():
@attr(method='put') @attr(method='put')
@attr(operation='create w/no date') @attr(operation='create w/no date')
@attr(assertion='fails 403') @attr(assertion='fails 403')
@attr('fails_on_dbstore')
@nose.with_setup(teardown=_clear_custom_headers) @nose.with_setup(teardown=_clear_custom_headers)
def test_bucket_create_bad_date_none_aws2(): def test_bucket_create_bad_date_none_aws2():
check_aws2_support() check_aws2_support()

View file

@ -133,6 +133,7 @@ def check_configure_versioning_retry(bucket, status, expected_string):
@attr(operation='create versioned object, read not exist null version') @attr(operation='create versioned object, read not exist null version')
@attr(assertion='read null version behaves correctly') @attr(assertion='read null version behaves correctly')
@attr('versioning') @attr('versioning')
@attr('fails_on_dbstore')
def test_versioning_obj_read_not_exist_null(): def test_versioning_obj_read_not_exist_null():
bucket = get_new_bucket() bucket = get_new_bucket()
check_versioning(bucket, None) check_versioning(bucket, None)
@ -155,6 +156,7 @@ def test_versioning_obj_read_not_exist_null():
@attr('fails_on_aws') @attr('fails_on_aws')
@attr('fails_with_subdomain') @attr('fails_with_subdomain')
@attr('appendobject') @attr('appendobject')
@attr('fails_on_dbstore')
def test_append_object(): def test_append_object():
bucket = get_new_bucket() bucket = get_new_bucket()
key = bucket.new_key('foo') key = bucket.new_key('foo')
@ -179,6 +181,7 @@ def test_append_object():
@attr('fails_on_aws') @attr('fails_on_aws')
@attr('fails_with_subdomain') @attr('fails_with_subdomain')
@attr('appendobject') @attr('appendobject')
@attr('fails_on_dbstore')
def test_append_normal_object(): def test_append_normal_object():
bucket = get_new_bucket() bucket = get_new_bucket()
key = bucket.new_key('foo') key = bucket.new_key('foo')
@ -199,6 +202,7 @@ def test_append_normal_object():
@attr('fails_on_aws') @attr('fails_on_aws')
@attr('fails_with_subdomain') @attr('fails_with_subdomain')
@attr('appendobject') @attr('appendobject')
@attr('fails_on_dbstore')
def test_append_object_position_wrong(): def test_append_object_position_wrong():
bucket = get_new_bucket() bucket = get_new_bucket()
key = bucket.new_key('foo') key = bucket.new_key('foo')
@ -402,6 +406,7 @@ def lc_transitions(transitions=None):
@attr(operation='test create object with storage class') @attr(operation='test create object with storage class')
@attr('storage_class') @attr('storage_class')
@attr('fails_on_aws') @attr('fails_on_aws')
@attr('fails_on_dbstore')
def test_object_storage_class(): def test_object_storage_class():
sc = configured_storage_classes() sc = configured_storage_classes()
if len(sc) < 2: if len(sc) < 2:
@ -420,6 +425,7 @@ def test_object_storage_class():
@attr(operation='test create multipart object with storage class') @attr(operation='test create multipart object with storage class')
@attr('storage_class') @attr('storage_class')
@attr('fails_on_aws') @attr('fails_on_aws')
@attr('fails_on_dbstore')
def test_object_storage_class_multipart(): def test_object_storage_class_multipart():
sc = configured_storage_classes() sc = configured_storage_classes()
if len(sc) < 2: if len(sc) < 2:
@ -461,6 +467,7 @@ def _do_test_object_modify_storage_class(obj_write_func, size):
@attr(operation='test changing objects storage class') @attr(operation='test changing objects storage class')
@attr('storage_class') @attr('storage_class')
@attr('fails_on_aws') @attr('fails_on_aws')
@attr('fails_on_dbstore')
def test_object_modify_storage_class(): def test_object_modify_storage_class():
_do_test_object_modify_storage_class(_populate_key, size=9*1024*1024) _do_test_object_modify_storage_class(_populate_key, size=9*1024*1024)
@ -470,6 +477,7 @@ def test_object_modify_storage_class():
@attr(operation='test changing objects storage class') @attr(operation='test changing objects storage class')
@attr('storage_class') @attr('storage_class')
@attr('fails_on_aws') @attr('fails_on_aws')
@attr('fails_on_dbstore')
def test_object_modify_storage_class_multipart(): def test_object_modify_storage_class_multipart():
_do_test_object_modify_storage_class(_populate_multipart_key, size=11*1024*1024) _do_test_object_modify_storage_class(_populate_multipart_key, size=11*1024*1024)
@ -499,6 +507,7 @@ def _do_test_object_storage_class_copy(obj_write_func, size):
@attr(operation='test copy object to object with different storage class') @attr(operation='test copy object to object with different storage class')
@attr('storage_class') @attr('storage_class')
@attr('fails_on_aws') @attr('fails_on_aws')
@attr('fails_on_dbstore')
def test_object_storage_class_copy(): def test_object_storage_class_copy():
_do_test_object_storage_class_copy(_populate_key, size=9*1024*1024) _do_test_object_storage_class_copy(_populate_key, size=9*1024*1024)
@ -507,6 +516,7 @@ def test_object_storage_class_copy():
@attr(operation='test changing objects storage class') @attr(operation='test changing objects storage class')
@attr('storage_class') @attr('storage_class')
@attr('fails_on_aws') @attr('fails_on_aws')
@attr('fails_on_dbstore')
def test_object_storage_class_copy_multipart(): def test_object_storage_class_copy_multipart():
_do_test_object_storage_class_copy(_populate_multipart_key, size=9*1024*1024) _do_test_object_storage_class_copy(_populate_multipart_key, size=9*1024*1024)
@ -613,6 +623,7 @@ def _test_atomic_dual_conditional_write(file_size):
@attr(operation='write one or the other') @attr(operation='write one or the other')
@attr(assertion='1MB successful') @attr(assertion='1MB successful')
@attr('fails_on_aws') @attr('fails_on_aws')
@attr('fails_on_dbstore')
def test_atomic_dual_conditional_write_1mb(): def test_atomic_dual_conditional_write_1mb():
_test_atomic_dual_conditional_write(1024*1024) _test_atomic_dual_conditional_write(1024*1024)
@ -621,6 +632,7 @@ def test_atomic_dual_conditional_write_1mb():
@attr(operation='write file in deleted bucket') @attr(operation='write file in deleted bucket')
@attr(assertion='fail 404') @attr(assertion='fail 404')
@attr('fails_on_aws') @attr('fails_on_aws')
@attr('fails_on_dbstore')
def test_atomic_write_bucket_gone(): def test_atomic_write_bucket_gone():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -665,6 +677,7 @@ def _multipart_upload_enc(bucket, s3_key_name, size, part_size=5*1024*1024,
@attr(operation='multipart upload with bad key for uploading chunks') @attr(operation='multipart upload with bad key for uploading chunks')
@attr(assertion='successful') @attr(assertion='successful')
@attr('encryption') @attr('encryption')
@attr('fails_on_dbstore')
def test_encryption_sse_c_multipart_invalid_chunks_1(): def test_encryption_sse_c_multipart_invalid_chunks_1():
bucket = get_new_bucket() bucket = get_new_bucket()
key = "multipart_enc" key = "multipart_enc"
@ -692,6 +705,7 @@ def test_encryption_sse_c_multipart_invalid_chunks_1():
@attr(operation='multipart upload with bad md5 for chunks') @attr(operation='multipart upload with bad md5 for chunks')
@attr(assertion='successful') @attr(assertion='successful')
@attr('encryption') @attr('encryption')
@attr('fails_on_dbstore')
def test_encryption_sse_c_multipart_invalid_chunks_2(): def test_encryption_sse_c_multipart_invalid_chunks_2():
bucket = get_new_bucket() bucket = get_new_bucket()
key = "multipart_enc" key = "multipart_enc"
@ -720,6 +734,7 @@ def test_encryption_sse_c_multipart_invalid_chunks_2():
@attr(assertion='succeeds') @attr(assertion='succeeds')
@attr('fails_with_subdomain') @attr('fails_with_subdomain')
@attr('bucket-policy') @attr('bucket-policy')
@attr('fails_on_dbstore')
def test_bucket_policy_different_tenant(): def test_bucket_policy_different_tenant():
bucket = get_new_bucket() bucket = get_new_bucket()
key = bucket.new_key('asdf') key = bucket.new_key('asdf')
@ -758,6 +773,7 @@ def test_bucket_policy_different_tenant():
@attr(method='put') @attr(method='put')
@attr(operation='Test put condition operator end with ifExists') @attr(operation='Test put condition operator end with ifExists')
@attr('bucket-policy') @attr('bucket-policy')
@attr('fails_on_dbstore')
def test_bucket_policy_set_condition_operator_end_with_IfExists(): def test_bucket_policy_set_condition_operator_end_with_IfExists():
bucket = _create_keys(keys=['foo']) bucket = _create_keys(keys=['foo'])
policy = '''{ policy = '''{
@ -798,6 +814,7 @@ def _make_arn_resource(path="*"):
@attr(assertion='success') @attr(assertion='success')
@attr('encryption') @attr('encryption')
@attr('bucket-policy') @attr('bucket-policy')
@attr('fails_on_dbstore')
def test_bucket_policy_put_obj_enc(): def test_bucket_policy_put_obj_enc():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -843,6 +860,7 @@ def test_bucket_policy_put_obj_enc():
@attr(assertion='success') @attr(assertion='success')
@attr('tagging') @attr('tagging')
@attr('bucket-policy') @attr('bucket-policy')
@attr('fails_on_dbstore')
def test_bucket_policy_put_obj_request_obj_tag(): def test_bucket_policy_put_obj_request_obj_tag():
bucket = get_new_bucket() bucket = get_new_bucket()

View file

@ -43,6 +43,7 @@ ERRORDOC_TEMPLATE = '<html><h1>ErrorDoc</h1><body>{random}</body></html>'
CAN_WEBSITE = None CAN_WEBSITE = None
@attr('fails_on_dbstore')
def check_can_test_website(): def check_can_test_website():
global CAN_WEBSITE global CAN_WEBSITE
# This is a bit expensive, so we cache this # This is a bit expensive, so we cache this
@ -265,6 +266,7 @@ def test_website_nonexistant_bucket_s3():
@attr(assertion='non-existant bucket via website endpoint should give NoSuchBucket') @attr(assertion='non-existant bucket via website endpoint should give NoSuchBucket')
@attr('s3website') @attr('s3website')
@attr('fails_on_s3') @attr('fails_on_s3')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_nonexistant_bucket_rgw(): def test_website_nonexistant_bucket_rgw():
bucket_name = get_new_bucket_name() bucket_name = get_new_bucket_name()
@ -278,6 +280,7 @@ def test_website_nonexistant_bucket_rgw():
@attr(operation='list') @attr(operation='list')
@attr(assertion='non-empty public buckets via s3website return page for /, where page is public') @attr(assertion='non-empty public buckets via s3website return page for /, where page is public')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
@timed(10) @timed(10)
def test_website_public_bucket_list_public_index(): def test_website_public_bucket_list_public_index():
@ -306,6 +309,7 @@ def test_website_public_bucket_list_public_index():
@attr(operation='list') @attr(operation='list')
@attr(assertion='non-empty private buckets via s3website return page for /, where page is private') @attr(assertion='non-empty private buckets via s3website return page for /, where page is private')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_private_bucket_list_public_index(): def test_website_private_bucket_list_public_index():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -336,6 +340,7 @@ def test_website_private_bucket_list_public_index():
@attr(operation='list') @attr(operation='list')
@attr(assertion='empty private buckets via s3website return a 403 for /') @attr(assertion='empty private buckets via s3website return a 403 for /')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_private_bucket_list_empty(): def test_website_private_bucket_list_empty():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -352,6 +357,7 @@ def test_website_private_bucket_list_empty():
@attr(operation='list') @attr(operation='list')
@attr(assertion='empty public buckets via s3website return a 404 for /') @attr(assertion='empty public buckets via s3website return a 404 for /')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_public_bucket_list_empty(): def test_website_public_bucket_list_empty():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -367,6 +373,7 @@ def test_website_public_bucket_list_empty():
@attr(operation='list') @attr(operation='list')
@attr(assertion='non-empty public buckets via s3website return page for /, where page is private') @attr(assertion='non-empty public buckets via s3website return page for /, where page is private')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_public_bucket_list_private_index(): def test_website_public_bucket_list_private_index():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -392,6 +399,7 @@ def test_website_public_bucket_list_private_index():
@attr(operation='list') @attr(operation='list')
@attr(assertion='non-empty private buckets via s3website return page for /, where page is private') @attr(assertion='non-empty private buckets via s3website return page for /, where page is private')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_private_bucket_list_private_index(): def test_website_private_bucket_list_private_index():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -418,6 +426,7 @@ def test_website_private_bucket_list_private_index():
@attr(operation='list') @attr(operation='list')
@attr(assertion='empty private buckets via s3website return a 403 for /, missing errordoc') @attr(assertion='empty private buckets via s3website return a 403 for /, missing errordoc')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_private_bucket_list_empty_missingerrordoc(): def test_website_private_bucket_list_empty_missingerrordoc():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -434,6 +443,7 @@ def test_website_private_bucket_list_empty_missingerrordoc():
@attr(operation='list') @attr(operation='list')
@attr(assertion='empty public buckets via s3website return a 404 for /, missing errordoc') @attr(assertion='empty public buckets via s3website return a 404 for /, missing errordoc')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_public_bucket_list_empty_missingerrordoc(): def test_website_public_bucket_list_empty_missingerrordoc():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -449,6 +459,7 @@ def test_website_public_bucket_list_empty_missingerrordoc():
@attr(operation='list') @attr(operation='list')
@attr(assertion='non-empty public buckets via s3website return page for /, where page is private, missing errordoc') @attr(assertion='non-empty public buckets via s3website return page for /, where page is private, missing errordoc')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_public_bucket_list_private_index_missingerrordoc(): def test_website_public_bucket_list_private_index_missingerrordoc():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -473,6 +484,7 @@ def test_website_public_bucket_list_private_index_missingerrordoc():
@attr(operation='list') @attr(operation='list')
@attr(assertion='non-empty private buckets via s3website return page for /, where page is private, missing errordoc') @attr(assertion='non-empty private buckets via s3website return page for /, where page is private, missing errordoc')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_private_bucket_list_private_index_missingerrordoc(): def test_website_private_bucket_list_private_index_missingerrordoc():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -498,6 +510,7 @@ def test_website_private_bucket_list_private_index_missingerrordoc():
@attr(operation='list') @attr(operation='list')
@attr(assertion='empty private buckets via s3website return a 403 for /, blocked errordoc') @attr(assertion='empty private buckets via s3website return a 403 for /, blocked errordoc')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_private_bucket_list_empty_blockederrordoc(): def test_website_private_bucket_list_empty_blockederrordoc():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -526,6 +539,7 @@ def test_website_private_bucket_list_empty_blockederrordoc():
@attr(operation='list') @attr(operation='list')
@attr(assertion='check if there is an invalid payload after serving error doc') @attr(assertion='check if there is an invalid payload after serving error doc')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_public_bucket_list_pubilc_errordoc(): def test_website_public_bucket_list_pubilc_errordoc():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -577,6 +591,7 @@ def test_website_public_bucket_list_pubilc_errordoc():
@attr(operation='list') @attr(operation='list')
@attr(assertion='empty public buckets via s3website return a 404 for /, blocked errordoc') @attr(assertion='empty public buckets via s3website return a 404 for /, blocked errordoc')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_public_bucket_list_empty_blockederrordoc(): def test_website_public_bucket_list_empty_blockederrordoc():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -604,6 +619,7 @@ def test_website_public_bucket_list_empty_blockederrordoc():
@attr(operation='list') @attr(operation='list')
@attr(assertion='non-empty public buckets via s3website return page for /, where page is private, blocked errordoc') @attr(assertion='non-empty public buckets via s3website return page for /, where page is private, blocked errordoc')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_public_bucket_list_private_index_blockederrordoc(): def test_website_public_bucket_list_private_index_blockederrordoc():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -637,6 +653,7 @@ def test_website_public_bucket_list_private_index_blockederrordoc():
@attr(operation='list') @attr(operation='list')
@attr(assertion='non-empty private buckets via s3website return page for /, where page is private, blocked errordoc') @attr(assertion='non-empty private buckets via s3website return page for /, where page is private, blocked errordoc')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_private_bucket_list_private_index_blockederrordoc(): def test_website_private_bucket_list_private_index_blockederrordoc():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -672,6 +689,7 @@ def test_website_private_bucket_list_private_index_blockederrordoc():
@attr(assertion='empty private buckets via s3website return a 403 for /, good errordoc') @attr(assertion='empty private buckets via s3website return a 403 for /, good errordoc')
@attr('s3website') @attr('s3website')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
@attr('fails_on_dbstore')
def test_website_private_bucket_list_empty_gooderrordoc(): def test_website_private_bucket_list_empty_gooderrordoc():
bucket = get_new_bucket() bucket = get_new_bucket()
f = _test_website_prep(bucket, WEBSITE_CONFIGS_XMLFRAG['IndexDocErrorDoc']) f = _test_website_prep(bucket, WEBSITE_CONFIGS_XMLFRAG['IndexDocErrorDoc'])
@ -694,6 +712,7 @@ def test_website_private_bucket_list_empty_gooderrordoc():
@attr(operation='list') @attr(operation='list')
@attr(assertion='empty public buckets via s3website return a 404 for /, good errordoc') @attr(assertion='empty public buckets via s3website return a 404 for /, good errordoc')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_public_bucket_list_empty_gooderrordoc(): def test_website_public_bucket_list_empty_gooderrordoc():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -718,6 +737,7 @@ def test_website_public_bucket_list_empty_gooderrordoc():
@attr(operation='list') @attr(operation='list')
@attr(assertion='non-empty public buckets via s3website return page for /, where page is private') @attr(assertion='non-empty public buckets via s3website return page for /, where page is private')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_public_bucket_list_private_index_gooderrordoc(): def test_website_public_bucket_list_private_index_gooderrordoc():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -747,6 +767,7 @@ def test_website_public_bucket_list_private_index_gooderrordoc():
@attr(operation='list') @attr(operation='list')
@attr(assertion='non-empty private buckets via s3website return page for /, where page is private') @attr(assertion='non-empty private buckets via s3website return page for /, where page is private')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_private_bucket_list_private_index_gooderrordoc(): def test_website_private_bucket_list_private_index_gooderrordoc():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -777,6 +798,7 @@ def test_website_private_bucket_list_private_index_gooderrordoc():
@attr(operation='list') @attr(operation='list')
@attr(assertion='RedirectAllRequestsTo without protocol should TODO') @attr(assertion='RedirectAllRequestsTo without protocol should TODO')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_bucket_private_redirectall_base(): def test_website_bucket_private_redirectall_base():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -794,6 +816,7 @@ def test_website_bucket_private_redirectall_base():
@attr(operation='list') @attr(operation='list')
@attr(assertion='RedirectAllRequestsTo without protocol should TODO') @attr(assertion='RedirectAllRequestsTo without protocol should TODO')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_bucket_private_redirectall_path(): def test_website_bucket_private_redirectall_path():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -813,6 +836,7 @@ def test_website_bucket_private_redirectall_path():
@attr(operation='list') @attr(operation='list')
@attr(assertion='RedirectAllRequestsTo without protocol should TODO') @attr(assertion='RedirectAllRequestsTo without protocol should TODO')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_bucket_private_redirectall_path_upgrade(): def test_website_bucket_private_redirectall_path_upgrade():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -835,6 +859,7 @@ def test_website_bucket_private_redirectall_path_upgrade():
@attr(assertion='x-amz-website-redirect-location should not fire without websiteconf') @attr(assertion='x-amz-website-redirect-location should not fire without websiteconf')
@attr('s3website') @attr('s3website')
@attr('x-amz-website-redirect-location') @attr('x-amz-website-redirect-location')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_xredirect_nonwebsite(): def test_website_xredirect_nonwebsite():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -867,6 +892,7 @@ def test_website_xredirect_nonwebsite():
@attr(assertion='x-amz-website-redirect-location should fire websiteconf, relative path, public key') @attr(assertion='x-amz-website-redirect-location should fire websiteconf, relative path, public key')
@attr('s3website') @attr('s3website')
@attr('x-amz-website-redirect-location') @attr('x-amz-website-redirect-location')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_xredirect_public_relative(): def test_website_xredirect_public_relative():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -894,6 +920,7 @@ def test_website_xredirect_public_relative():
@attr(assertion='x-amz-website-redirect-location should fire websiteconf, absolute, public key') @attr(assertion='x-amz-website-redirect-location should fire websiteconf, absolute, public key')
@attr('s3website') @attr('s3website')
@attr('x-amz-website-redirect-location') @attr('x-amz-website-redirect-location')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_xredirect_public_abs(): def test_website_xredirect_public_abs():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -921,6 +948,7 @@ def test_website_xredirect_public_abs():
@attr(assertion='x-amz-website-redirect-location should fire websiteconf, relative path, private key') @attr(assertion='x-amz-website-redirect-location should fire websiteconf, relative path, private key')
@attr('s3website') @attr('s3website')
@attr('x-amz-website-redirect-location') @attr('x-amz-website-redirect-location')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_xredirect_private_relative(): def test_website_xredirect_private_relative():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -948,6 +976,7 @@ def test_website_xredirect_private_relative():
@attr(assertion='x-amz-website-redirect-location should fire websiteconf, absolute, private key') @attr(assertion='x-amz-website-redirect-location should fire websiteconf, absolute, private key')
@attr('s3website') @attr('s3website')
@attr('x-amz-website-redirect-location') @attr('x-amz-website-redirect-location')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_website_xredirect_private_abs(): def test_website_xredirect_private_abs():
bucket = get_new_bucket() bucket = get_new_bucket()
@ -1211,6 +1240,7 @@ def routing_check(*args, **kwargs):
@attr('s3website_RoutingRules') @attr('s3website_RoutingRules')
@attr('s3website') @attr('s3website')
@attr('fails_on_dbstore')
@nose.with_setup(setup=check_can_test_website, teardown=common.teardown) @nose.with_setup(setup=check_can_test_website, teardown=common.teardown)
def test_routing_generator(): def test_routing_generator():
for t in ROUTING_RULES_TESTS: for t in ROUTING_RULES_TESTS:

View file

@ -520,6 +520,7 @@ def test_bucket_create_bad_authorization_none():
@attr(method='put') @attr(method='put')
@attr(operation='create w/invalid MD5') @attr(operation='create w/invalid MD5')
@attr(assertion='fails 400') @attr(assertion='fails 400')
@attr('fails_on_dbstore')
def test_object_create_bad_md5_invalid_garbage_aws2(): def test_object_create_bad_md5_invalid_garbage_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'Content-MD5': 'AWS HAHAHA'} headers = {'Content-MD5': 'AWS HAHAHA'}
@ -580,6 +581,7 @@ def test_object_create_bad_authorization_invalid_aws2():
@attr(method='put') @attr(method='put')
@attr(operation='create w/empty user agent') @attr(operation='create w/empty user agent')
@attr(assertion='succeeds') @attr(assertion='succeeds')
@attr('fails_on_dbstore')
def test_object_create_bad_ua_empty_aws2(): def test_object_create_bad_ua_empty_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'User-Agent': ''} headers = {'User-Agent': ''}
@ -591,6 +593,7 @@ def test_object_create_bad_ua_empty_aws2():
@attr(method='put') @attr(method='put')
@attr(operation='create w/no user agent') @attr(operation='create w/no user agent')
@attr(assertion='succeeds') @attr(assertion='succeeds')
@attr('fails_on_dbstore')
def test_object_create_bad_ua_none_aws2(): def test_object_create_bad_ua_none_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
remove = 'User-Agent' remove = 'User-Agent'
@ -602,6 +605,7 @@ def test_object_create_bad_ua_none_aws2():
@attr(method='put') @attr(method='put')
@attr(operation='create w/invalid date') @attr(operation='create w/invalid date')
@attr(assertion='fails 403') @attr(assertion='fails 403')
@attr('fails_on_dbstore')
def test_object_create_bad_date_invalid_aws2(): def test_object_create_bad_date_invalid_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'x-amz-date': 'Bad Date'} headers = {'x-amz-date': 'Bad Date'}
@ -615,6 +619,7 @@ def test_object_create_bad_date_invalid_aws2():
@attr(method='put') @attr(method='put')
@attr(operation='create w/empty date') @attr(operation='create w/empty date')
@attr(assertion='fails 403') @attr(assertion='fails 403')
@attr('fails_on_dbstore')
def test_object_create_bad_date_empty_aws2(): def test_object_create_bad_date_empty_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'x-amz-date': ''} headers = {'x-amz-date': ''}
@ -643,6 +648,7 @@ def test_object_create_bad_date_none_aws2():
@attr(method='put') @attr(method='put')
@attr(operation='create w/date in past') @attr(operation='create w/date in past')
@attr(assertion='fails 403') @attr(assertion='fails 403')
@attr('fails_on_dbstore')
def test_object_create_bad_date_before_today_aws2(): def test_object_create_bad_date_before_today_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'x-amz-date': 'Tue, 07 Jul 2010 21:53:04 GMT'} headers = {'x-amz-date': 'Tue, 07 Jul 2010 21:53:04 GMT'}
@ -656,6 +662,7 @@ def test_object_create_bad_date_before_today_aws2():
@attr(method='put') @attr(method='put')
@attr(operation='create w/date before epoch') @attr(operation='create w/date before epoch')
@attr(assertion='fails 403') @attr(assertion='fails 403')
@attr('fails_on_dbstore')
def test_object_create_bad_date_before_epoch_aws2(): def test_object_create_bad_date_before_epoch_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'x-amz-date': 'Tue, 07 Jul 1950 21:53:04 GMT'} headers = {'x-amz-date': 'Tue, 07 Jul 1950 21:53:04 GMT'}
@ -669,6 +676,7 @@ def test_object_create_bad_date_before_epoch_aws2():
@attr(method='put') @attr(method='put')
@attr(operation='create w/date after 9999') @attr(operation='create w/date after 9999')
@attr(assertion='fails 403') @attr(assertion='fails 403')
@attr('fails_on_dbstore')
def test_object_create_bad_date_after_end_aws2(): def test_object_create_bad_date_after_end_aws2():
v2_client = get_v2_client() v2_client = get_v2_client()
headers = {'x-amz-date': 'Tue, 07 Jul 9999 21:53:04 GMT'} headers = {'x-amz-date': 'Tue, 07 Jul 9999 21:53:04 GMT'}

File diff suppressed because it is too large Load diff

View file

@ -154,6 +154,7 @@ def get_s3_resource_using_iam_creds():
@attr(operation='check') @attr(operation='check')
@attr(assertion='s3 ops only accessible by temporary credentials') @attr(assertion='s3 ops only accessible by temporary credentials')
@attr('test_of_sts') @attr('test_of_sts')
@attr('fails_on_dbstore')
def test_get_session_token(): def test_get_session_token():
iam_client=get_iam_client() iam_client=get_iam_client()
sts_client=get_sts_client() sts_client=get_sts_client()
@ -187,6 +188,7 @@ def test_get_session_token():
@attr(operation='check') @attr(operation='check')
@attr(assertion='s3 ops denied by permanent credentials') @attr(assertion='s3 ops denied by permanent credentials')
@attr('test_of_sts') @attr('test_of_sts')
@attr('fails_on_dbstore')
def test_get_session_token_permanent_creds_denied(): def test_get_session_token_permanent_creds_denied():
s3bucket_error=None s3bucket_error=None
iam_client=get_iam_client() iam_client=get_iam_client()
@ -223,6 +225,7 @@ def test_get_session_token_permanent_creds_denied():
@attr(operation='check') @attr(operation='check')
@attr(assertion='role policy allows all s3 ops') @attr(assertion='role policy allows all s3 ops')
@attr('test_of_sts') @attr('test_of_sts')
@attr('fails_on_dbstore')
def test_assume_role_allow(): def test_assume_role_allow():
iam_client=get_iam_client() iam_client=get_iam_client()
sts_client=get_sts_client() sts_client=get_sts_client()
@ -259,6 +262,7 @@ def test_assume_role_allow():
@attr(operation='check') @attr(operation='check')
@attr(assertion='role policy denies all s3 ops') @attr(assertion='role policy denies all s3 ops')
@attr('test_of_sts') @attr('test_of_sts')
@attr('fails_on_dbstore')
def test_assume_role_deny(): def test_assume_role_deny():
s3bucket_error=None s3bucket_error=None
iam_client=get_iam_client() iam_client=get_iam_client()
@ -297,6 +301,7 @@ def test_assume_role_deny():
@attr(operation='check') @attr(operation='check')
@attr(assertion='creds expire so all s3 ops fails') @attr(assertion='creds expire so all s3 ops fails')
@attr('test_of_sts') @attr('test_of_sts')
@attr('fails_on_dbstore')
def test_assume_role_creds_expiry(): def test_assume_role_creds_expiry():
iam_client=get_iam_client() iam_client=get_iam_client()
sts_client=get_sts_client() sts_client=get_sts_client()
@ -335,6 +340,7 @@ def test_assume_role_creds_expiry():
@attr(operation='check') @attr(operation='check')
@attr(assertion='HEAD fails with 403 when role policy denies s3:ListBucket') @attr(assertion='HEAD fails with 403 when role policy denies s3:ListBucket')
@attr('test_of_sts') @attr('test_of_sts')
@attr('fails_on_dbstore')
def test_assume_role_deny_head_nonexistent(): def test_assume_role_deny_head_nonexistent():
# create a bucket with the normal s3 client # create a bucket with the normal s3 client
bucket_name = get_new_bucket_name() bucket_name = get_new_bucket_name()
@ -376,6 +382,7 @@ def test_assume_role_deny_head_nonexistent():
@attr(operation='check') @attr(operation='check')
@attr(assertion='HEAD fails with 404 when role policy allows s3:ListBucket') @attr(assertion='HEAD fails with 404 when role policy allows s3:ListBucket')
@attr('test_of_sts') @attr('test_of_sts')
@attr('fails_on_dbstore')
def test_assume_role_allow_head_nonexistent(): def test_assume_role_allow_head_nonexistent():
# create a bucket with the normal s3 client # create a bucket with the normal s3 client
bucket_name = get_new_bucket_name() bucket_name = get_new_bucket_name()
@ -419,6 +426,7 @@ def test_assume_role_allow_head_nonexistent():
@attr(assertion='assuming role through web token') @attr(assertion='assuming role through web token')
@attr('webidentity_test') @attr('webidentity_test')
@attr('token_claims_trust_policy_test') @attr('token_claims_trust_policy_test')
@attr('fails_on_dbstore')
def test_assume_role_with_web_identity(): def test_assume_role_with_web_identity():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -522,6 +530,7 @@ def test_assume_role_with_web_identity_invalid_webtoken():
@attr(assertion='checking session policy working for two different buckets') @attr(assertion='checking session policy working for two different buckets')
@attr('webidentity_test') @attr('webidentity_test')
@attr('session_policy') @attr('session_policy')
@attr('fails_on_dbstore')
def test_session_policy_check_on_different_buckets(): def test_session_policy_check_on_different_buckets():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -594,6 +603,7 @@ def test_session_policy_check_on_different_buckets():
@attr(assertion='checking session policy working for same bucket') @attr(assertion='checking session policy working for same bucket')
@attr('webidentity_test') @attr('webidentity_test')
@attr('session_policy') @attr('session_policy')
@attr('fails_on_dbstore')
def test_session_policy_check_on_same_bucket(): def test_session_policy_check_on_same_bucket():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -654,6 +664,7 @@ def test_session_policy_check_on_same_bucket():
@attr(assertion='checking put_obj op denial') @attr(assertion='checking put_obj op denial')
@attr('webidentity_test') @attr('webidentity_test')
@attr('session_policy') @attr('session_policy')
@attr('fails_on_dbstore')
def test_session_policy_check_put_obj_denial(): def test_session_policy_check_put_obj_denial():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -719,6 +730,7 @@ def test_session_policy_check_put_obj_denial():
@attr(assertion='checking put_obj working by swapping policies') @attr(assertion='checking put_obj working by swapping policies')
@attr('webidentity_test') @attr('webidentity_test')
@attr('session_policy') @attr('session_policy')
@attr('fails_on_dbstore')
def test_swapping_role_policy_and_session_policy(): def test_swapping_role_policy_and_session_policy():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -779,6 +791,7 @@ def test_swapping_role_policy_and_session_policy():
@attr(assertion='checking put_obj working by setting different permissions to role and session policy') @attr(assertion='checking put_obj working by setting different permissions to role and session policy')
@attr('webidentity_test') @attr('webidentity_test')
@attr('session_policy') @attr('session_policy')
@attr('fails_on_dbstore')
def test_session_policy_check_different_op_permissions(): def test_session_policy_check_different_op_permissions():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -844,6 +857,7 @@ def test_session_policy_check_different_op_permissions():
@attr(assertion='checking op behaviour with deny effect') @attr(assertion='checking op behaviour with deny effect')
@attr('webidentity_test') @attr('webidentity_test')
@attr('session_policy') @attr('session_policy')
@attr('fails_on_dbstore')
def test_session_policy_check_with_deny_effect(): def test_session_policy_check_with_deny_effect():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -908,6 +922,7 @@ def test_session_policy_check_with_deny_effect():
@attr(assertion='checking put_obj working with deny and allow on same op') @attr(assertion='checking put_obj working with deny and allow on same op')
@attr('webidentity_test') @attr('webidentity_test')
@attr('session_policy') @attr('session_policy')
@attr('fails_on_dbstore')
def test_session_policy_check_with_deny_on_same_op(): def test_session_policy_check_with_deny_on_same_op():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -972,6 +987,7 @@ def test_session_policy_check_with_deny_on_same_op():
@attr(assertion='checking op when bucket policy has role arn') @attr(assertion='checking op when bucket policy has role arn')
@attr('webidentity_test') @attr('webidentity_test')
@attr('session_policy') @attr('session_policy')
@attr('fails_on_dbstore')
def test_session_policy_bucket_policy_role_arn(): def test_session_policy_bucket_policy_role_arn():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1051,6 +1067,7 @@ def test_session_policy_bucket_policy_role_arn():
@attr(assertion='checking op when bucket policy has session arn') @attr(assertion='checking op when bucket policy has session arn')
@attr('webidentity_test') @attr('webidentity_test')
@attr('session_policy') @attr('session_policy')
@attr('fails_on_dbstore')
def test_session_policy_bucket_policy_session_arn(): def test_session_policy_bucket_policy_session_arn():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1128,6 +1145,7 @@ def test_session_policy_bucket_policy_session_arn():
@attr(assertion='checking copy object op with role, session and bucket policy') @attr(assertion='checking copy object op with role, session and bucket policy')
@attr('webidentity_test') @attr('webidentity_test')
@attr('session_policy') @attr('session_policy')
@attr('fails_on_dbstore')
def test_session_policy_copy_object(): def test_session_policy_copy_object():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1212,6 +1230,7 @@ def test_session_policy_copy_object():
@attr(assertion='checking op is denied when no role policy') @attr(assertion='checking op is denied when no role policy')
@attr('webidentity_test') @attr('webidentity_test')
@attr('session_policy') @attr('session_policy')
@attr('fails_on_dbstore')
def test_session_policy_no_bucket_role_policy(): def test_session_policy_no_bucket_role_policy():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1267,6 +1286,7 @@ def test_session_policy_no_bucket_role_policy():
@attr(assertion='checking op is denied when resource policy denies') @attr(assertion='checking op is denied when resource policy denies')
@attr('webidentity_test') @attr('webidentity_test')
@attr('session_policy') @attr('session_policy')
@attr('fails_on_dbstore')
def test_session_policy_bucket_policy_deny(): def test_session_policy_bucket_policy_deny():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1344,6 +1364,7 @@ def test_session_policy_bucket_policy_deny():
@attr(assertion='assuming role using web token using sub in trust policy') @attr(assertion='assuming role using web token using sub in trust policy')
@attr('webidentity_test') @attr('webidentity_test')
@attr('token_claims_trust_policy_test') @attr('token_claims_trust_policy_test')
@attr('fails_on_dbstore')
def test_assume_role_with_web_identity_with_sub(): def test_assume_role_with_web_identity_with_sub():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1396,6 +1417,7 @@ def test_assume_role_with_web_identity_with_sub():
@attr(assertion='assuming role using web token using azp in trust policy') @attr(assertion='assuming role using web token using azp in trust policy')
@attr('webidentity_test') @attr('webidentity_test')
@attr('token_claims_trust_policy_test') @attr('token_claims_trust_policy_test')
@attr('fails_on_dbstore')
def test_assume_role_with_web_identity_with_azp(): def test_assume_role_with_web_identity_with_azp():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1449,6 +1471,7 @@ def test_assume_role_with_web_identity_with_azp():
@attr('webidentity_test') @attr('webidentity_test')
@attr('abac_test') @attr('abac_test')
@attr('token_request_tag_trust_policy_test') @attr('token_request_tag_trust_policy_test')
@attr('fails_on_dbstore')
def test_assume_role_with_web_identity_with_request_tag(): def test_assume_role_with_web_identity_with_request_tag():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1501,6 +1524,7 @@ def test_assume_role_with_web_identity_with_request_tag():
@attr('webidentity_test') @attr('webidentity_test')
@attr('abac_test') @attr('abac_test')
@attr('token_principal_tag_role_policy_test') @attr('token_principal_tag_role_policy_test')
@attr('fails_on_dbstore')
def test_assume_role_with_web_identity_with_principal_tag(): def test_assume_role_with_web_identity_with_principal_tag():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1553,6 +1577,7 @@ def test_assume_role_with_web_identity_with_principal_tag():
@attr('webidentity_test') @attr('webidentity_test')
@attr('abac_test') @attr('abac_test')
@attr('token_principal_tag_role_policy_test') @attr('token_principal_tag_role_policy_test')
@attr('fails_on_dbstore')
def test_assume_role_with_web_identity_for_all_values(): def test_assume_role_with_web_identity_for_all_values():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1605,6 +1630,7 @@ def test_assume_role_with_web_identity_for_all_values():
@attr('webidentity_test') @attr('webidentity_test')
@attr('abac_test') @attr('abac_test')
@attr('token_principal_tag_role_policy_test') @attr('token_principal_tag_role_policy_test')
@attr('fails_on_dbstore')
def test_assume_role_with_web_identity_for_all_values_deny(): def test_assume_role_with_web_identity_for_all_values_deny():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1659,6 +1685,7 @@ def test_assume_role_with_web_identity_for_all_values_deny():
@attr('webidentity_test') @attr('webidentity_test')
@attr('abac_test') @attr('abac_test')
@attr('token_tag_keys_test') @attr('token_tag_keys_test')
@attr('fails_on_dbstore')
def test_assume_role_with_web_identity_tag_keys_trust_policy(): def test_assume_role_with_web_identity_tag_keys_trust_policy():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1711,6 +1738,7 @@ def test_assume_role_with_web_identity_tag_keys_trust_policy():
@attr('webidentity_test') @attr('webidentity_test')
@attr('abac_test') @attr('abac_test')
@attr('token_tag_keys_test') @attr('token_tag_keys_test')
@attr('fails_on_dbstore')
def test_assume_role_with_web_identity_tag_keys_role_policy(): def test_assume_role_with_web_identity_tag_keys_role_policy():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1763,6 +1791,7 @@ def test_assume_role_with_web_identity_tag_keys_role_policy():
@attr('webidentity_test') @attr('webidentity_test')
@attr('abac_test') @attr('abac_test')
@attr('token_resource_tags_test') @attr('token_resource_tags_test')
@attr('fails_on_dbstore')
def test_assume_role_with_web_identity_resource_tag(): def test_assume_role_with_web_identity_resource_tag():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1825,6 +1854,7 @@ def test_assume_role_with_web_identity_resource_tag():
@attr('webidentity_test') @attr('webidentity_test')
@attr('abac_test') @attr('abac_test')
@attr('token_resource_tags_test') @attr('token_resource_tags_test')
@attr('fails_on_dbstore')
def test_assume_role_with_web_identity_resource_tag_deny(): def test_assume_role_with_web_identity_resource_tag_deny():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1887,6 +1917,7 @@ def test_assume_role_with_web_identity_resource_tag_deny():
@attr('webidentity_test') @attr('webidentity_test')
@attr('abac_test') @attr('abac_test')
@attr('token_resource_tags_test') @attr('token_resource_tags_test')
@attr('fails_on_dbstore')
def test_assume_role_with_web_identity_wrong_resource_tag_deny(): def test_assume_role_with_web_identity_wrong_resource_tag_deny():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -1952,6 +1983,7 @@ def test_assume_role_with_web_identity_wrong_resource_tag_deny():
@attr('webidentity_test') @attr('webidentity_test')
@attr('abac_test') @attr('abac_test')
@attr('token_resource_tags_test') @attr('token_resource_tags_test')
@attr('fails_on_dbstore')
def test_assume_role_with_web_identity_resource_tag_princ_tag(): def test_assume_role_with_web_identity_resource_tag_princ_tag():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -2019,6 +2051,7 @@ def test_assume_role_with_web_identity_resource_tag_princ_tag():
@attr('webidentity_test') @attr('webidentity_test')
@attr('abac_test') @attr('abac_test')
@attr('token_resource_tags_test') @attr('token_resource_tags_test')
@attr('fails_on_dbstore')
def test_assume_role_with_web_identity_resource_tag_copy_obj(): def test_assume_role_with_web_identity_resource_tag_copy_obj():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()
@ -2113,6 +2146,7 @@ def test_assume_role_with_web_identity_resource_tag_copy_obj():
@attr('webidentity_test') @attr('webidentity_test')
@attr('abac_test') @attr('abac_test')
@attr('token_role_tags_test') @attr('token_role_tags_test')
@attr('fails_on_dbstore')
def test_assume_role_with_web_identity_role_resource_tag(): def test_assume_role_with_web_identity_role_resource_tag():
check_webidentity() check_webidentity()
iam_client=get_iam_client() iam_client=get_iam_client()