Commit graph

256 commits

Author SHA1 Message Date
Casey Bodley
a139a18b27 s3: add v2 signature presigned put_object tests
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 999d39d4db)
2024-10-07 09:21:16 -04:00
Tobias Urdin
11e3b77811 Add v2 signature presigned get_object tests
This adds tests for get_object presigned URLs
using signature v2.

Also code formatting.

Signed-off-by: Tobias Urdin <tobias.urdin@binero.com>
(cherry picked from commit ac71900ffb)
2024-10-07 09:21:16 -04:00
Casey Bodley
87c7a8a67b s3: test GetObject with PartNumber and SSE-C encryption
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit acc8ef43c9)
2024-10-07 09:21:16 -04:00
galsalomon66
d5facc6e63 fix comments
Signed-off-by: galsalomon66 <gal.salomon@gmail.com>
(cherry picked from commit 6a775cb445)
2024-09-09 12:50:48 +00:00
Gal Salomon
0802a6f1f8 fix the assert per empty results
Signed-off-by: Gal Salomon <gal.salomon@gmail.com>
(cherry picked from commit 9444c29674)
2024-09-09 12:50:15 +00:00
Ali Maredia
d776898f61 Merge pull request #513 from galsalomon66/using_get_bucket_name
Using get bucket name

(cherry picked from commit 28009bf7d3)
2024-09-09 12:42:56 +00:00
Pritha Srivastava
6953aadf06 rgw: adding tests for add_client_id_to_oidc_provider
and update_thumbprint_for oidc_provider.

Signed-off-by: Pritha Srivastava <prsrivas@redhat.com>
(cherry picked from commit bc8c14ac12)
2024-08-29 10:51:16 -04:00
Casey Bodley
cf0103e3f3 s3: reenable tenanted bucket policy test
the before-call hook url-encodes the ':' part of tenanted bucket names
to resolve SignatureDoesNotMatch errors

removed the list-v2 version of the test since it isn't relevant to
bucket policy test coverage

add a new test case that creates the bucket under the tenanted user,
then uses the main client to access it

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 2e41494293)
2024-08-23 12:35:22 -04:00
Seena Fallah
06a5851a92 s3select: align error codes with the new AWS format
ref. https://github.com/ceph/ceph/pull/56864

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit 2e395d78ea)
2024-07-30 13:33:12 -04:00
Seena Fallah
be181ba455 BucketPolicy: decouple encryption tests from invalid algo and unencrypted
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit c9aded48e5)
2024-07-26 09:19:03 -04:00
Seena Fallah
0887ec43fd BucketPolicy: add test for sse-c in conditions
Ref. https://github.com/ceph/ceph/pull/58689

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit 87b496f25f)
2024-07-26 09:19:03 -04:00
Seena Fallah
abd28c3aef BlockPublicPolicy: add test when policy has principal
Ref. https://tracker.ceph.com/issues/67048

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit a83396cda7)
2024-07-25 10:42:43 -04:00
Seena Fallah
3601557e45 PolicyStatus: add test for policy with Principal
Ref. https://github.com/ceph/ceph/pull/58686

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit 93a3b6c704)
2024-07-25 10:42:43 -04:00
Seena Fallah
94b02d5cbf BucketPolicy: donot allow NotPrincipal with Allow Effect
Ref. https://github.com/ceph/ceph/pull/58686

Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit 474c1404e2)
2024-07-25 10:42:43 -04:00
Casey Bodley
88efafe863 test Get/HeadObject with partNumber for single-multipart upload
test_multipart_get_part() tests 'normal' multipart uploads. add a new
test case for a multipart upload with a single part to tests the fix
for https://tracker.ceph.com/issues/66705

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit bebdfd1ba7)
2024-07-05 10:51:45 -04:00
Gal Salomon
565e5c8b9b add handling for EventStreamError exception
Signed-off-by: Gal Salomon <gal.salomon@gmail.com>
(cherry picked from commit 77f1334571)
2024-07-05 10:11:44 -04:00
Gal Salomon
f4e362dc3c a change is the RGW error-response require changes in s3-tests
Signed-off-by: Gal Salomon <gal.salomon@gmail.com>
(cherry picked from commit c4c5a247eb)
2024-07-05 10:11:44 -04:00
Matt Benjamin
8f988c10b9 mark two tests that fail on dbstore
also add @pytest.mark.checksum for new checksum
tests

Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
(cherry picked from commit 8277a9fb9a)
2024-07-05 10:11:04 -04:00
Matt Benjamin
93f0753174 remove duplicate size assigment [rkhudov review]
Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
(cherry picked from commit c0f0b679db)
2024-07-05 10:11:04 -04:00
Matt Benjamin
98c0931419 add test_post_object_upload_checksum
this tests a two-megabyte binary upload with validated
(awscli-computed) SHA256 checksum, and also verifies failure when
a bad checksum is provided

Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
(cherry picked from commit 95df503ced)
2024-07-05 10:11:04 -04:00
Matt Benjamin
7d91b2507f add test_multipart_checksum_3parts
tests a full multipart upload cycle with 3 unique parts, which
verifies composite checksum computation and the logic to propagate
parts_count to ComleteMultipart

Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
(cherry picked from commit 9577cde013)
2024-07-05 10:11:04 -04:00
Matt Benjamin
9de20e91f2 test_multipart_upload_sha256: work around failures re-trying complete-multipart
As described in https://tracker.ceph.com/issues/65746, retrying complete-multipart
after having attempted to complete the same upload with a bad checksum argument
fails with an internal error.

The status code is 500, but I'm unsure if it can be retried again, or whether
the upload can be aborted later.

Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
(cherry picked from commit a3dbac7115)
2024-07-05 10:11:04 -04:00
Sumedh A. Kulkarni
5162da85ec Fix wrong assertion of the test: test_buckets_list_ctime
TestName:
s3tests_boto3.functional.test_s3:test_buckets_list_ctime

Problem:
The test creates 5 buckets for a user but in an assertion check,
it asserts false if any bucket of the user has CreationTime less
than a day prior to current time.
Due to this reason the test fails if the user has pre-existing
buckets older than a day.

Solution:
Assert only on the CreationTime of buckets that were created with
test execution.

Signed-off-by: Sumedh A. Kulkarni <sumedh.a.kulkarni@seagate.com>
Co-developed-by: Bob Ham <bham12@bloomberg.net>
Signed-off-by: Bob Ham <bham12@bloomberg.net>
(cherry picked from commit e9c5cc29e9)
2024-05-14 11:49:25 -04:00
Casey Bodley
787242b007 sns: add test_sns.py for simple topic testing
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit dfabbf5a8d)
2024-04-16 11:42:13 -04:00
Casey Bodley
5de66792e5 iam: move iam_root, iam_alt_root fixtures to iam.py
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 7bd4b0ee14)
2024-04-16 11:42:13 -04:00
Casey Bodley
ef5333112d s3: remove test_bucket_acl_no_grants()
aws doesn't consult acls for same-account access. rgw doesn't for
account users either

Fixes: https://github.com/ceph/s3-tests/issues/184

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 96d658444a)
2024-04-16 11:42:13 -04:00
Casey Bodley
281ab8796f iam: test cross-account policy with assumed role
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit a3a16eb66a)
2024-04-16 11:42:13 -04:00
Casey Bodley
98fd3f55a0 iam: add account tests for GroupPolicy apis
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 7ebc530e04)
2024-04-16 11:42:13 -04:00
Casey Bodley
79a0dab8d5 iam: add account tests for Group apis
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 4ca7967ae7)
2024-04-16 11:42:13 -04:00
Casey Bodley
0f13cb9326 iam: add account test for OpenIDConnectProvider apis
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit d5791d8da6)
2024-04-16 11:42:13 -04:00
Casey Bodley
b514c9938b iam: test cross-account permissions
test the [iam alt root] user's access to buckets owned by [iam root]
using various policy principals and acl grantees

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit ba292fbf59)
2024-04-16 11:42:13 -04:00
Casey Bodley
4d83a45b0f config: add [iam alt root] for an alt account's root user
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit ed4a8e2244)
2024-04-16 11:42:13 -04:00
Casey Bodley
7fbe5e94be iam: test managed role policy
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 46217fcf81)
2024-04-16 11:42:13 -04:00
Casey Bodley
a96a6a8363 iam: add account test for RolePolicy apis
adds test cases for the following iam actions:
* PutRolePolicy
* GetRolePolicy
* DeleteRolePolicy
* ListRolePolicies

verified to pass against aws when an account root user's credentials are
provided in the [iam] section of s3tests.conf

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit cefea0fd26)
2024-04-16 11:42:13 -04:00
Casey Bodley
f14abc01a1 iam: add account tests for Role apis
adds test cases for the following iam actions:
* CreateRole
* GetRole
* ListRoles
* DeleteRole
* UpdateRole

verified to pass against aws when an account root user's credentials are
provided in the [iam] section of s3tests.conf

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit d4ada317e1)
2024-04-16 11:42:13 -04:00
Casey Bodley
cd98e8ecb9 iam: test managed user policy
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit c6e40b4ffa)
2024-04-16 11:42:13 -04:00
Casey Bodley
58c32965d8 iam: add account tests for UserPolicy apis
adds test cases for the following iam actions:
* PutUserPolicy
* GetUserPolicy
* DeleteUserPolicy
* ListUserPolicies

verified to pass against aws when an account root user's credentials are
provided in the [iam] section of s3tests.conf

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 364f29d087)
2024-04-16 11:42:13 -04:00
Casey Bodley
5c48348d7b iam: test bucket policy principal for iam user with path
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 0377466704)
2024-04-16 11:42:13 -04:00
Casey Bodley
1df924e131 iam: add tests for AccessKey apis
adds test cases for the following iam actions:
* CreateAccessKey
* UpdateAccessKey
* DeleteAccessKey
* ListAccessKeys

verified to pass against aws when an account root user's credentials are
provided in the [iam] section of s3tests.conf

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit db76dfe791)
2024-04-16 11:42:13 -04:00
Casey Bodley
358e68250f iam: add tests for User apis
adds test cases for the following iam actions:
* CreateUser
* GetUser
* UpdateUser
* DeleteUser
* ListUsers

verified to pass against aws when an account root user's credentials are
provided in the [iam] section of s3tests.conf

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit d8becad96a)
2024-04-16 11:42:13 -04:00
Casey Bodley
f7c57e1240 config: add [iam root] for an account root user
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 7cd4613883)
2024-04-16 11:42:13 -04:00
Casey Bodley
d6283e893b config: parse iam config during setup()
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 5f3353e6b5)
2024-04-16 11:42:13 -04:00
Casey Bodley
2812456bc6 iam: rename test_of_iam mark to iam_tenant
differentiate the test cases that expect a tenant-wide IAM api from new
ones that expect an account-wide api

Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit a35b3c609a)
2024-04-16 11:42:13 -04:00
Casey Bodley
e16230a24e config: add fixtures for iam name/path prefixes
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 83af25722c)
2024-04-16 11:42:13 -04:00
Matt Benjamin
6eb42a1c88 add tests for ObjectSizeGreater(Less)Than
Add tests for the new ObjectSizeGreaterThan and
ObjectSizeLessThan lifecycle operators.

Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
(cherry picked from commit f752d6b6d8)
2024-04-03 13:51:05 -04:00
Matt Benjamin
fa75ccfe18 add test test_lifecycle_expiration_newer_noncurrent()
This verifies the new NewerNoncurrentVersions lifecycle filter
operator.

Signed-off-by: Matt Benjamin <mbenjamin@redhat.com>
(cherry picked from commit a5aa59df04)
2024-04-03 13:51:05 -04:00
Yuval Lifshitz
ee3139ba04 test etag on mpu complete replies
this is to cover the fix of: https://tracker.ceph.com/issues/58879

Signed-off-by: Yuval Lifshitz <ylifshit@ibm.com>
(cherry picked from commit a28d46fa2a)
2024-03-27 10:16:44 -04:00
Casey Bodley
a559d86236 s3: object lock tests for deletion of multipart objects
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit a87f0b63e7)
2024-03-08 14:14:42 -05:00
Seena Fallah
509acecc67 PublicAccessBlock: test access deny via bucket policy
Make sure 403 is returned when access is denied via s3:GetBucketPublicAccessBlock action on GetBucketPublicAccessBlock

Refs: https://github.com/ceph/ceph/pull/55652
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit 3af42312bf)
2024-03-08 14:12:27 -05:00
Seena Fallah
a0d38e7d35 PublicAccessBlock: test 404 on no block configuration
Make sure NoSuchPublicAccessBlockConfiguration is returned when no public block is configured on bucket:

Refs: https://github.com/ceph/ceph/pull/55652
Signed-off-by: Seena Fallah <seenafallah@gmail.com>
(cherry picked from commit 3056e6d039)
2024-03-08 14:12:27 -05:00