Rebase s3-tests

.github/workflows/ci-main.yml

@@ -59,7 +59,7 @@ jobs:
           cache: "maven"
       - uses: actions/setup-python@v4
         with:
-          python-version: "3.8"
+          python-version: "3.11"
           cache: "pip"
 
       #Run tests
@@ -72,7 +72,11 @@ jobs:
       - name: Maven Test
         run: |
           mvn test
-      - name: Other Test
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install tox tox-gh-actions
+      - name: Run s3-tests
         run: |
           ./src/test/resources/run-s3-tests.sh
 

s3-tests

@@ -1 +1 @@
-Subproject commit 6fbd14ba38acfd41dabe3ccec63d0df77b527764
+Subproject commit 644bef0e93250c13e4d36276af93645fe3d48d71

src/test/resources/run-s3-tests.sh

@@ -7,11 +7,6 @@ S3PROXY_BIN="${PWD}/target/s3proxy"
 S3PROXY_PORT="${S3PROXY_PORT:-8081}"
 export S3TEST_CONF="${PWD}/src/test/resources/s3-tests.conf"
 
-# configure s3-tests
-pushd s3-tests
-./bootstrap
-popd
-
 # launch S3Proxy using HTTP and a fixed port
 sed "s,^\(s3proxy.endpoint\)=.*,\1=http://127.0.0.1:${S3PROXY_PORT}," \
         < src/test/resources/s3proxy.conf | grep -v secure-endpoint > target/s3proxy.conf
@@ -37,4 +32,4 @@ done
 
 # execute s3-tests
 pushd s3-tests
-./virtualenv/bin/nosetests -a '!fails_on_s3proxy,!appendobject,!bucket-policy,!cors,!encryption,!fails_strict_rfc2616,!lifecycle,!object-lock,!policy,!policy_status,!s3select,!s3website,!tagging,!user-policy,!versioning'
+tox -- -m 'not fails_on_s3proxy and not appendobject and not bucket_policy and not checksum and not cors and not encryption and not fails_strict_rfc2616 and not iam_tenant and not lifecycle and not object_lock and not policy and not policy_status and not s3select and not s3website and not sse_s3 and not tagging and not test_of_sts and not user_policy and not versioning and not webidentity_test'

src/test/resources/s3-tests.conf

@@ -47,3 +47,53 @@ display_name = testx$tenanteduser
 email = tenanteduser@example.com
 access_key = local-identity
 secret_key = local-credential
+tenant = testx
+
+[iam]
+#used for iam operations in sts-tests
+#email from vstart.sh
+email = s3@example.com
+
+#user_id from vstart.sh
+user_id = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
+
+#access_key from vstart.sh
+access_key = ABCDEFGHIJKLMNOPQRST
+
+#secret_key vstart.sh
+secret_key = abcdefghijklmnopqrstuvwxyzabcdefghijklmn
+
+#display_name from vstart.sh
+display_name = youruseridhere
+
+# iam account root user for iam_account tests
+[iam root]
+access_key = AAAAAAAAAAAAAAAAAAaa
+secret_key = aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+user_id = RGW11111111111111111
+email = account1@ceph.com
+
+# iam account root user in a different account than [iam root]
+[iam alt root]
+access_key = BBBBBBBBBBBBBBBBBBbb
+secret_key = bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb
+user_id = RGW22222222222222222
+email = account2@ceph.com
+
+[webidentity]
+# TODO: obvious garbage
+#used for assume role with web identity test in sts-tests
+#all parameters will be obtained from ceph/qa/tasks/keycloak.py
+token=<access_token>
+
+aud=<obtained after introspecting token>
+
+sub=<obtained after introspecting token>
+
+azp=<obtained after introspecting token>
+
+user_token=<access token for a user, with attribute Department=[Engineering, Marketing>]
+
+thumbprint=<obtained from x509 certificate>
+
+KC_REALM=<name of the realm>