Merge "s3api tests: allow AWS credential file loading"

This commit is contained in:
Zuul 2022-06-02 07:53:05 +00:00 committed by Gerrit Code Review
commit 2ed6e08f98
2 changed files with 47 additions and 1 deletions

View File

@ -184,6 +184,26 @@ using config files found in ``$HOME/my_tests`` and policy 'silver'::
SWIFT_TEST_POLICY=silver tox -e func
S3 API cross-compatibility tests
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The cross-compatibility tests in directory `test/s3api` are intended to verify
that the Swift S3 API behaves in the same way as the AWS S3 API. They should
pass when run against either a Swift endpoint (with S3 API enabled) or an AWS
S3 endpoint.
To run against an AWS S3 endpoint, the `/etc/swift/test.conf` file must be
edited to provide AWS key IDs and secrets. Alternatively, an AWS CLI style
credentials file can be loaded by setting the ``SWIFT_TEST_AWS_CONFIG_FILE``
environment variable, e.g.::
SWIFT_TEST_AWS_CONFIG_FILE=~/.aws/credentials nosetests ./test/s3api
.. note::
When using ``SWIFT_TEST_AWS_CONFIG_FILE``, the region defaults to
``us-east-1`` and only the default credentials are loaded.
------------
Coding Style
------------

View File

@ -23,7 +23,7 @@ import boto3
from botocore.exceptions import ClientError
from six.moves import urllib
from swift.common.utils import config_true_value
from swift.common.utils import config_true_value, readconf
from test import get_config
@ -40,6 +40,30 @@ class ConfigError(Exception):
'''Error test conf misconfigurations'''
def load_aws_config(conf_file):
"""
Read user credentials from an AWS CLI style credentials file and translate
to a swift test config. Currently only supports a single user.
:param conf_file: path to AWS credentials file
"""
conf = readconf(conf_file, 'default')
global _CONFIG
_CONFIG = {
'endpoint': 'https://s3.amazonaws.com',
'region': 'us-east-1',
'access_key1': conf.get('aws_access_key_id'),
'secret_key1': conf.get('aws_secret_access_key'),
'session_token1': conf.get('aws_session_token')
}
aws_config_file = os.environ.get('SWIFT_TEST_AWS_CONFIG_FILE')
if aws_config_file:
load_aws_config(aws_config_file)
print('Loaded test config from %s' % aws_config_file)
def get_opt_or_error(option):
global _CONFIG
if _CONFIG is None:
@ -94,6 +118,7 @@ def get_s3_client(user=1, signature_version='s3v4', addressing_style='path'):
region = get_opt('region', 'us-east-1')
access_key = get_opt_or_error('access_key%d' % user)
secret_key = get_opt_or_error('secret_key%d' % user)
session_token = get_opt('session_token%d' % user)
ca_cert = get_opt('ca_cert')
if ca_cert is not None:
@ -115,6 +140,7 @@ def get_s3_client(user=1, signature_version='s3v4', addressing_style='path'):
}),
aws_access_key_id=access_key,
aws_secret_access_key=secret_key,
aws_session_token=session_token
)