From 5d9f1f009c96e3049941d804b848f3166caac747 Mon Sep 17 00:00:00 2001 From: Alistair Coles Date: Tue, 19 Apr 2022 14:03:39 +0100 Subject: [PATCH] s3api tests: allow AWS credential file loading When switching the s3api cross-compatibility tests' target between a Swift endpoint and an S3 endpoint, allow specifying an AWS CLI style credentials file as an alternative to editing the swift 'test.conf' file. Change-Id: I5bebca91821552d7df1bc7fa479b6593ff433925 --- doc/source/development_guidelines.rst | 20 +++++++++++++++++++ test/s3api/__init__.py | 28 ++++++++++++++++++++++++++- 2 files changed, 47 insertions(+), 1 deletion(-) diff --git a/doc/source/development_guidelines.rst b/doc/source/development_guidelines.rst index d6cc90b558..979a728e02 100644 --- a/doc/source/development_guidelines.rst +++ b/doc/source/development_guidelines.rst @@ -184,6 +184,26 @@ using config files found in ``$HOME/my_tests`` and policy 'silver':: SWIFT_TEST_POLICY=silver tox -e func +S3 API cross-compatibility tests +~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + +The cross-compatibility tests in directory `test/s3api` are intended to verify +that the Swift S3 API behaves in the same way as the AWS S3 API. They should +pass when run against either a Swift endpoint (with S3 API enabled) or an AWS +S3 endpoint. + +To run against an AWS S3 endpoint, the `/etc/swift/test.conf` file must be +edited to provide AWS key IDs and secrets. Alternatively, an AWS CLI style +credentials file can be loaded by setting the ``SWIFT_TEST_AWS_CONFIG_FILE`` +environment variable, e.g.:: + + SWIFT_TEST_AWS_CONFIG_FILE=~/.aws/credentials nosetests ./test/s3api + +.. note:: + When using ``SWIFT_TEST_AWS_CONFIG_FILE``, the region defaults to + ``us-east-1`` and only the default credentials are loaded. + + ------------ Coding Style ------------ diff --git a/test/s3api/__init__.py b/test/s3api/__init__.py index 9c722721b4..ebfc0fe646 100644 --- a/test/s3api/__init__.py +++ b/test/s3api/__init__.py @@ -23,7 +23,7 @@ import boto3 from botocore.exceptions import ClientError from six.moves import urllib -from swift.common.utils import config_true_value +from swift.common.utils import config_true_value, readconf from test import get_config @@ -40,6 +40,30 @@ class ConfigError(Exception): '''Error test conf misconfigurations''' +def load_aws_config(conf_file): + """ + Read user credentials from an AWS CLI style credentials file and translate + to a swift test config. Currently only supports a single user. + + :param conf_file: path to AWS credentials file + """ + conf = readconf(conf_file, 'default') + global _CONFIG + _CONFIG = { + 'endpoint': 'https://s3.amazonaws.com', + 'region': 'us-east-1', + 'access_key1': conf.get('aws_access_key_id'), + 'secret_key1': conf.get('aws_secret_access_key'), + 'session_token1': conf.get('aws_session_token') + } + + +aws_config_file = os.environ.get('SWIFT_TEST_AWS_CONFIG_FILE') +if aws_config_file: + load_aws_config(aws_config_file) + print('Loaded test config from %s' % aws_config_file) + + def get_opt_or_error(option): global _CONFIG if _CONFIG is None: @@ -94,6 +118,7 @@ def get_s3_client(user=1, signature_version='s3v4', addressing_style='path'): region = get_opt('region', 'us-east-1') access_key = get_opt_or_error('access_key%d' % user) secret_key = get_opt_or_error('secret_key%d' % user) + session_token = get_opt('session_token%d' % user) ca_cert = get_opt('ca_cert') if ca_cert is not None: @@ -115,6 +140,7 @@ def get_s3_client(user=1, signature_version='s3v4', addressing_style='path'): }), aws_access_key_id=access_key, aws_secret_access_key=secret_key, + aws_session_token=session_token )