mirror of
https://github.com/ceph/s3-tests.git
synced 2024-12-17 19:47:22 +00:00
cf0103e3f3
the before-call hook url-encodes the ':' part of tenanted bucket names
to resolve SignatureDoesNotMatch errors
removed the list-v2 version of the test since it isn't relevant to
bucket policy test coverage
add a new test case that creates the bucket under the tenanted user,
then uses the main client to access it
Signed-off-by: Casey Bodley <cbodley@redhat.com>
(cherry picked from commit 2e41494293
)
171 lines
4.4 KiB
Text
171 lines
4.4 KiB
Text
[DEFAULT]
|
|
## this section is just used for host, port and bucket_prefix
|
|
|
|
# host set for rgw in vstart.sh
|
|
host = localhost
|
|
|
|
# port set for rgw in vstart.sh
|
|
port = 8000
|
|
|
|
## say "False" to disable TLS
|
|
is_secure = False
|
|
|
|
## say "False" to disable SSL Verify
|
|
ssl_verify = False
|
|
|
|
[fixtures]
|
|
## all the buckets created will start with this prefix;
|
|
## {random} will be filled with random characters to pad
|
|
## the prefix to 30 characters long, and avoid collisions
|
|
bucket prefix = yournamehere-{random}-
|
|
|
|
# all the iam account resources (users, roles, etc) created
|
|
# will start with this name prefix
|
|
iam name prefix = s3-tests-
|
|
|
|
# all the iam account resources (users, roles, etc) created
|
|
# will start with this path prefix
|
|
iam path prefix = /s3-tests/
|
|
|
|
[s3 main]
|
|
# main display_name set in vstart.sh
|
|
display_name = M. Tester
|
|
|
|
# main user_idname set in vstart.sh
|
|
user_id = testid
|
|
|
|
# main email set in vstart.sh
|
|
email = tester@ceph.com
|
|
|
|
# zonegroup api_name for bucket location
|
|
api_name = default
|
|
|
|
## main AWS access key
|
|
access_key = 0555b35654ad1656d804
|
|
|
|
## main AWS secret key
|
|
secret_key = h7GhxuBLTrlhVUyxSPUKUV8r/2EI4ngqJxD7iBdBYLhwluN30JaT3Q==
|
|
|
|
## replace with key id obtained when secret is created, or delete if KMS not tested
|
|
#kms_keyid = 01234567-89ab-cdef-0123-456789abcdef
|
|
|
|
## Storage classes
|
|
#storage_classes = "LUKEWARM, FROZEN"
|
|
|
|
## Lifecycle debug interval (default: 10)
|
|
#lc_debug_interval = 20
|
|
|
|
[s3 alt]
|
|
# alt display_name set in vstart.sh
|
|
display_name = john.doe
|
|
## alt email set in vstart.sh
|
|
email = john.doe@example.com
|
|
|
|
# alt user_id set in vstart.sh
|
|
user_id = 56789abcdef0123456789abcdef0123456789abcdef0123456789abcdef01234
|
|
|
|
# alt AWS access key set in vstart.sh
|
|
access_key = NOPQRSTUVWXYZABCDEFG
|
|
|
|
# alt AWS secret key set in vstart.sh
|
|
secret_key = nopqrstuvwxyzabcdefghijklmnabcdefghijklm
|
|
|
|
#[s3 cloud]
|
|
## to run the testcases with "cloud_transition" attribute.
|
|
## Note: the waiting time may have to tweaked depending on
|
|
## the I/O latency to the cloud endpoint.
|
|
|
|
## host set for cloud endpoint
|
|
# host = localhost
|
|
|
|
## port set for cloud endpoint
|
|
# port = 8001
|
|
|
|
## say "False" to disable TLS
|
|
# is_secure = False
|
|
|
|
## cloud endpoint credentials
|
|
# access_key = 0555b35654ad1656d804
|
|
# secret_key = h7GhxuBLTrlhVUyxSPUKUV8r/2EI4ngqJxD7iBdBYLhwluN30JaT3Q==
|
|
|
|
## storage class configured as cloud tier on local rgw server
|
|
# cloud_storage_class = CLOUDTIER
|
|
|
|
## Below are optional -
|
|
|
|
## Above configured cloud storage class config options
|
|
# retain_head_object = false
|
|
# target_storage_class = Target_SC
|
|
# target_path = cloud-bucket
|
|
|
|
## another regular storage class to test multiple transition rules,
|
|
# storage_class = S1
|
|
|
|
[s3 tenant]
|
|
# tenant display_name set in vstart.sh
|
|
display_name = testx$tenanteduser
|
|
|
|
# tenant user_id set in vstart.sh
|
|
user_id = 9876543210abcdef0123456789abcdef0123456789abcdef0123456789abcdef
|
|
|
|
# tenant AWS secret key set in vstart.sh
|
|
access_key = HIJKLMNOPQRSTUVWXYZA
|
|
|
|
# tenant AWS secret key set in vstart.sh
|
|
secret_key = opqrstuvwxyzabcdefghijklmnopqrstuvwxyzab
|
|
|
|
# tenant email set in vstart.sh
|
|
email = tenanteduser@example.com
|
|
|
|
# tenant name
|
|
tenant = testx
|
|
|
|
#following section needs to be added for all sts-tests
|
|
[iam]
|
|
#used for iam operations in sts-tests
|
|
#email from vstart.sh
|
|
email = s3@example.com
|
|
|
|
#user_id from vstart.sh
|
|
user_id = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
|
|
|
|
#access_key from vstart.sh
|
|
access_key = ABCDEFGHIJKLMNOPQRST
|
|
|
|
#secret_key vstart.sh
|
|
secret_key = abcdefghijklmnopqrstuvwxyzabcdefghijklmn
|
|
|
|
#display_name from vstart.sh
|
|
display_name = youruseridhere
|
|
|
|
# iam account root user for iam_account tests
|
|
[iam root]
|
|
access_key = AAAAAAAAAAAAAAAAAAaa
|
|
secret_key = aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
|
|
user_id = RGW11111111111111111
|
|
email = account1@ceph.com
|
|
|
|
# iam account root user in a different account than [iam root]
|
|
[iam alt root]
|
|
access_key = BBBBBBBBBBBBBBBBBBbb
|
|
secret_key = bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
|
|
user_id = RGW22222222222222222
|
|
email = account2@ceph.com
|
|
|
|
#following section needs to be added when you want to run Assume Role With Webidentity test
|
|
[webidentity]
|
|
#used for assume role with web identity test in sts-tests
|
|
#all parameters will be obtained from ceph/qa/tasks/keycloak.py
|
|
token=<access_token>
|
|
|
|
aud=<obtained after introspecting token>
|
|
|
|
sub=<obtained after introspecting token>
|
|
|
|
azp=<obtained after introspecting token>
|
|
|
|
user_token=<access token for a user, with attribute Department=[Engineering, Marketing>]
|
|
|
|
thumbprint=<obtained from x509 certificate>
|
|
|
|
KC_REALM=<name of the realm>
|