Skip to content

Updated commit hash in ceph tests #9152

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
+233 −11
Open

Updated commit hash in ceph tests #9152

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 3 additions & 1 deletion docs/dev_guide/ceph_s3_tests/ceph_s3_tests_pending_list_status.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -51,4 +51,6 @@ Attached a table with tests that where investigated and their status (this table
| test_get_bucket_encryption_kms | Faulty Test | [613](https://github.com/ceph/s3-tests/issues/613) |
| test_delete_bucket_encryption_s3 | Faulty Test | [613](https://github.com/ceph/s3-tests/issues/613) |
| test_delete_bucket_encryption_kms | Faulty Test | [613](https://github.com/ceph/s3-tests/issues/613) |
| test_lifecycle_expiration_tags1 | Faulty Test | [638](https://github.com/ceph/s3-tests/issues/638) | There can be more such tests having the same issue (`Filter` is not aligned with aws structure in bucket lifecycle configuration) |
| test_lifecycle_expiration_tags1 | Faulty Test | [638](https://github.com/ceph/s3-tests/issues/638) | There can be more such tests having the same issue (`Filter` is not aligned with aws structure in bucket lifecycle configuration) |
| test_bucket_create_bad_ua_empty_aws2 | Internal Component | [58059](https://tracker.ceph.com/issues/58059) | It is a known issue in ceph tests after updating botocore version (>1.28.0) it brokes v2 signatures |
| test_bucket_create_bad_ua_none_aws2 | Internal Component | [58059](https://tracker.ceph.com/issues/58059) | It is a known issue in ceph tests after updating botocore version (>1.28.0) it brokes v2 signatures |
88 changes: 87 additions & 1 deletion src/test/external_tests/ceph_s3_tests/s3-tests-lists/nsfs_s3_tests_pending_list.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -154,4 +154,90 @@ s3tests_boto3/functional/test_s3.py::test_versioned_concurrent_object_create_and
s3tests_boto3/functional/test_s3.py::test_object_presigned_put_object_with_acl_tenant
s3tests_boto3/functional/test_s3.py::test_get_undefined_public_block
s3tests_boto3/functional/test_s3.py::test_get_public_block_deny_bucket_policy
s3tests_boto3/functional/test_s3.py::test_lifecycle_expiration_tags1
s3tests_boto3/functional/test_s3.py::test_lifecycle_expiration_tags1
s3tests_boto3/functional/test_headers.py::test_bucket_create_bad_ua_empty_aws2
s3tests_boto3/functional/test_headers.py::test_bucket_create_bad_ua_none_aws2
s3tests_boto3/functional/test_s3.py::test_put_bucket_acl_grant_group_read
s3tests_boto3/functional/test_s3.py::test_multipart_sse_c_get_part
s3tests_boto3/functional/test_s3.py::test_multipart_single_get_part
s3tests_boto3/functional/test_s3.py::test_non_multipart_sse_c_get_part
s3tests_boto3/functional/test_s3.py::test_cors_presigned_get_object_v2
s3tests_boto3/functional/test_s3.py::test_cors_presigned_get_object_tenant_v2
s3tests_boto3/functional/test_s3.py::test_cors_presigned_put_object_v2
s3tests_boto3/functional/test_s3.py::test_cors_presigned_put_object_tenant_v2
s3tests_boto3/functional/test_s3.py::test_lifecycle_delete
s3tests_boto3/functional/test_s3.py::test_lifecycle_deletemarker_expiration_with_days_tag
s3tests_boto3/functional/test_s3.py::test_encryption_sse_c_enforced_with_bucket_policy
s3tests_boto3/functional/test_s3.py::test_encryption_sse_c_deny_algo_with_bucket_policy
s3tests_boto3/functional/test_s3.py::test_bucket_policy_multipart
s3tests_boto3/functional/test_s3.py::test_bucket_policy_tenanted_bucket
s3tests_boto3/functional/test_s3.py::test_set_get_del_bucket_policy
s3tests_boto3/functional/test_s3.py::test_set_multipart_tagging
s3tests_boto3/functional/test_s3.py::test_bucket_policy_upload_part_copy
s3tests_boto3/functional/test_s3.py::test_bucket_policy_put_obj_s3_incorrect_algo_sse_s3
s3tests_boto3/functional/test_s3.py::test_object_lock_put_obj_lock_enable_after_create
s3tests_boto3/functional/test_s3.py::test_get_nonpublicpolicy_principal_bucket_policy_status
s3tests_boto3/functional/test_s3.py::test_block_public_policy_with_principal
s3tests_boto3/functional/test_s3.py::test_block_public_restrict_public_buckets
s3tests_boto3/functional/test_s3.py::test_put_get_delete_public_block
s3tests_boto3/functional/test_s3.py::test_object_checksum_sha256
s3tests_boto3/functional/test_s3.py::test_object_checksum_crc64nvme
s3tests_boto3/functional/test_s3.py::test_multipart_checksum_sha256
s3tests_boto3/functional/test_s3.py::test_multipart_use_cksum_helper_sha256
s3tests_boto3/functional/test_s3.py::test_multipart_use_cksum_helper_crc64nvme
s3tests_boto3/functional/test_s3.py::test_multipart_use_cksum_helper_crc32
s3tests_boto3/functional/test_s3.py::test_multipart_use_cksum_helper_crc32c
s3tests_boto3/functional/test_s3.py::test_multipart_use_cksum_helper_sha1
s3tests_boto3/functional/test_s3.py::test_post_object_upload_checksum
s3tests_boto3/functional/test_s3.py::test_put_bucket_logging
s3tests_boto3/functional/test_s3.py::test_bucket_logging_mtime
s3tests_boto3/functional/test_s3.py::test_bucket_logging_simple_key
s3tests_boto3/functional/test_s3.py::test_bucket_logging_partitioned_key
s3tests_boto3/functional/test_s3.py::test_bucket_logging_bucket_auth_type
s3tests_boto3/functional/test_s3.py::test_bucket_logging_bucket_acl_required
s3tests_boto3/functional/test_s3.py::test_bucket_logging_object_acl_required
s3tests_boto3/functional/test_s3.py::test_put_bucket_logging_errors
s3tests_boto3/functional/test_s3.py::test_bucket_logging_owner
s3tests_boto3/functional/test_s3.py::test_put_bucket_logging_permissions
s3tests_boto3/functional/test_s3.py::test_put_bucket_logging_policy_wildcard
s3tests_boto3/functional/test_s3.py::test_put_bucket_logging_policy_wildcard_objects
s3tests_boto3/functional/test_s3.py::test_bucket_logging_permission_change_s
s3tests_boto3/functional/test_s3.py::test_put_bucket_logging_tenant_s
s3tests_boto3/functional/test_s3.py::test_put_bucket_logging_account_s
s3tests_boto3/functional/test_s3.py::test_rm_bucket_logging
s3tests_boto3/functional/test_s3.py::test_bucket_logging_put_objects
s3tests_boto3/functional/test_s3.py::test_bucket_logging_put_objects_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_put_concurrency
s3tests_boto3/functional/test_s3.py::test_bucket_logging_delete_objects
s3tests_boto3/functional/test_s3.py::test_bucket_logging_delete_objects_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_get_objects
s3tests_boto3/functional/test_s3.py::test_bucket_logging_get_objects_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_copy_objects
s3tests_boto3/functional/test_s3.py::test_bucket_logging_copy_objects_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_copy_objects_bucket
s3tests_boto3/functional/test_s3.py::test_bucket_logging_copy_objects_bucket_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_head_objects
s3tests_boto3/functional/test_s3.py::test_bucket_logging_head_objects_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_mpu_s
s3tests_boto3/functional/test_s3.py::test_bucket_logging_mpu_versioned_s
s3tests_boto3/functional/test_s3.py::test_bucket_logging_mpu_copy
s3tests_boto3/functional/test_s3.py::test_bucket_logging_mpu_copy_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_multi_delete
s3tests_boto3/functional/test_s3.py::test_bucket_logging_multi_delete_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_multiple_prefixes
s3tests_boto3/functional/test_s3.py::test_bucket_logging_single_prefix
s3tests_boto3/functional/test_s3.py::test_get_multipart_checksum_object_attributes
s3tests_boto3/functional/test_s3.py::test_get_multipart_object_attributes
s3tests_boto3/functional/test_s3.py::test_get_paginated_multipart_object_attributes
s3tests_boto3/functional/test_s3.py::test_get_single_multipart_object_attributes
s3tests_boto3/functional/test_s3.py::test_get_checksum_object_attributes
s3tests_boto3/functional/test_s3.py::test_get_versioned_object_attributes
s3tests_boto3/functional/test_s3.py::test_get_sse_c_encrypted_object_attributes
s3tests_boto3/functional/test_s3.py::test_get_object_attributes
s3tests_boto3/functional/test_s3.py::test_delete_marker_nonversioned
s3tests_boto3/functional/test_s3.py::test_delete_marker_versioned
s3tests_boto3/functional/test_s3.py::test_delete_marker_suspended
s3tests_boto3/functional/test_s3.py::test_delete_marker_expiration
s3tests_boto3/functional/test_sts.py::test_get_caller_identity_root
s3tests_boto3/functional/test_sts.py::test_get_caller_identity_non_root_user
s3tests_boto3/functional/test_sts.py::test_get_caller_identity_after_assume_role
88 changes: 87 additions & 1 deletion src/test/external_tests/ceph_s3_tests/s3-tests-lists/s3_tests_pending_list.txt
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -143,4 +143,90 @@ s3tests_boto3/functional/test_s3.py::test_get_bucket_encryption_s3
s3tests_boto3/functional/test_s3.py::test_get_bucket_encryption_kms
s3tests_boto3/functional/test_s3.py::test_delete_bucket_encryption_s3
s3tests_boto3/functional/test_s3.py::test_delete_bucket_encryption_kms
s3tests_boto3/functional/test_s3.py::test_lifecycle_expiration_tags1
s3tests_boto3/functional/test_s3.py::test_lifecycle_expiration_tags1
s3tests_boto3/functional/test_headers.py::test_bucket_create_bad_ua_empty_aws2
s3tests_boto3/functional/test_headers.py::test_bucket_create_bad_ua_none_aws2
s3tests_boto3/functional/test_s3.py::test_put_bucket_acl_grant_group_read
s3tests_boto3/functional/test_s3.py::test_multipart_sse_c_get_part
s3tests_boto3/functional/test_s3.py::test_multipart_single_get_part
s3tests_boto3/functional/test_s3.py::test_non_multipart_sse_c_get_part
s3tests_boto3/functional/test_s3.py::test_cors_presigned_get_object_v2
s3tests_boto3/functional/test_s3.py::test_cors_presigned_get_object_tenant_v2
s3tests_boto3/functional/test_s3.py::test_cors_presigned_put_object_v2
s3tests_boto3/functional/test_s3.py::test_cors_presigned_put_object_tenant_v2
s3tests_boto3/functional/test_s3.py::test_lifecycle_delete
s3tests_boto3/functional/test_s3.py::test_lifecycle_deletemarker_expiration_with_days_tag
s3tests_boto3/functional/test_s3.py::test_encryption_sse_c_enforced_with_bucket_policy
s3tests_boto3/functional/test_s3.py::test_encryption_sse_c_deny_algo_with_bucket_policy
s3tests_boto3/functional/test_s3.py::test_bucket_policy_multipart
s3tests_boto3/functional/test_s3.py::test_bucket_policy_tenanted_bucket
s3tests_boto3/functional/test_s3.py::test_set_get_del_bucket_policy
s3tests_boto3/functional/test_s3.py::test_bucket_policy_upload_part_copy
s3tests_boto3/functional/test_s3.py::test_bucket_policy_put_obj_s3_incorrect_algo_sse_s3
s3tests_boto3/functional/test_s3.py::test_object_lock_put_obj_lock_enable_after_create
s3tests_boto3/functional/test_s3.py::test_get_nonpublicpolicy_principal_bucket_policy_status
s3tests_boto3/functional/test_s3.py::test_block_public_policy_with_principal
s3tests_boto3/functional/test_s3.py::test_block_public_restrict_public_buckets
s3tests_boto3/functional/test_s3.py::test_put_get_delete_public_block
s3tests_boto3/functional/test_s3.py::test_object_checksum_sha256
s3tests_boto3/functional/test_s3.py::test_object_checksum_crc64nvme
s3tests_boto3/functional/test_s3.py::test_multipart_checksum_sha256
s3tests_boto3/functional/test_s3.py::test_multipart_use_cksum_helper_sha256
s3tests_boto3/functional/test_s3.py::test_multipart_use_cksum_helper_crc64nvme
s3tests_boto3/functional/test_s3.py::test_multipart_use_cksum_helper_crc32
s3tests_boto3/functional/test_s3.py::test_multipart_use_cksum_helper_crc32c
s3tests_boto3/functional/test_s3.py::test_multipart_use_cksum_helper_sha1
s3tests_boto3/functional/test_s3.py::test_post_object_upload_checksum
s3tests_boto3/functional/test_s3.py::test_put_bucket_logging
s3tests_boto3/functional/test_s3.py::test_bucket_logging_mtime
s3tests_boto3/functional/test_s3.py::test_bucket_logging_simple_key
s3tests_boto3/functional/test_s3.py::test_bucket_logging_partitioned_key
s3tests_boto3/functional/test_s3.py::test_bucket_logging_bucket_auth_type
s3tests_boto3/functional/test_s3.py::test_bucket_logging_bucket_acl_required
s3tests_boto3/functional/test_s3.py::test_bucket_logging_object_acl_required
s3tests_boto3/functional/test_s3.py::test_put_bucket_logging_errors
s3tests_boto3/functional/test_s3.py::test_bucket_logging_owner
s3tests_boto3/functional/test_s3.py::test_put_bucket_logging_permissions
s3tests_boto3/functional/test_s3.py::test_put_bucket_logging_policy_wildcard
s3tests_boto3/functional/test_s3.py::test_put_bucket_logging_policy_wildcard_objects
s3tests_boto3/functional/test_s3.py::test_bucket_logging_permission_change_s
s3tests_boto3/functional/test_s3.py::test_put_bucket_logging_tenant_s
s3tests_boto3/functional/test_s3.py::test_put_bucket_logging_account_s
s3tests_boto3/functional/test_s3.py::test_rm_bucket_logging
s3tests_boto3/functional/test_s3.py::test_bucket_logging_put_objects
s3tests_boto3/functional/test_s3.py::test_bucket_logging_put_objects_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_put_concurrency
s3tests_boto3/functional/test_s3.py::test_bucket_logging_delete_objects
s3tests_boto3/functional/test_s3.py::test_bucket_logging_delete_objects_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_get_objects
s3tests_boto3/functional/test_s3.py::test_bucket_logging_get_objects_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_copy_objects
s3tests_boto3/functional/test_s3.py::test_bucket_logging_copy_objects_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_copy_objects_bucket
s3tests_boto3/functional/test_s3.py::test_bucket_logging_copy_objects_bucket_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_head_objects
s3tests_boto3/functional/test_s3.py::test_bucket_logging_head_objects_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_mpu_s
s3tests_boto3/functional/test_s3.py::test_bucket_logging_mpu_versioned_s
s3tests_boto3/functional/test_s3.py::test_bucket_logging_mpu_copy
s3tests_boto3/functional/test_s3.py::test_bucket_logging_mpu_copy_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_multi_delete
s3tests_boto3/functional/test_s3.py::test_bucket_logging_multi_delete_versioned
s3tests_boto3/functional/test_s3.py::test_bucket_logging_multiple_prefixes
s3tests_boto3/functional/test_s3.py::test_bucket_logging_single_prefix
s3tests_boto3/functional/test_s3.py::test_get_multipart_checksum_object_attributes
s3tests_boto3/functional/test_s3.py::test_get_multipart_object_attributes
s3tests_boto3/functional/test_s3.py::test_get_paginated_multipart_object_attributes
s3tests_boto3/functional/test_s3.py::test_get_single_multipart_object_attributes
s3tests_boto3/functional/test_s3.py::test_get_checksum_object_attributes
s3tests_boto3/functional/test_s3.py::test_get_versioned_object_attributes
s3tests_boto3/functional/test_s3.py::test_get_sse_c_encrypted_object_attributes
s3tests_boto3/functional/test_s3.py::test_get_object_attributes
s3tests_boto3/functional/test_s3.py::test_upload_part_copy_percent_encoded_key
s3tests_boto3/functional/test_s3.py::test_delete_marker_nonversioned
s3tests_boto3/functional/test_s3.py::test_delete_marker_versioned
s3tests_boto3/functional/test_s3.py::test_delete_marker_suspended
s3tests_boto3/functional/test_s3.py::test_delete_marker_expiration
s3tests_boto3/functional/test_sts.py::test_get_caller_identity_root
s3tests_boto3/functional/test_sts.py::test_get_caller_identity_non_root_user
s3tests_boto3/functional/test_sts.py::test_get_caller_identity_after_assume_role
5 changes: 2 additions & 3 deletions src/test/external_tests/ceph_s3_tests/test_ceph_nsfs_s3_config_setup.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -53,16 +53,15 @@ async function ceph_test_setup() {
const cephalt_access_key = cephalt_access_keys.access_key;
const cephalt_secret_key = cephalt_access_keys.secret_key;

await os_utils.exec(`echo access_key = ${cephalt_access_key} >> ${CEPH_TEST.test_dir}${CEPH_TEST.ceph_config}`);
await os_utils.exec(`echo secret_key = ${cephalt_secret_key} >> ${CEPH_TEST.test_dir}${CEPH_TEST.ceph_config}`);

const cephtenant_access_keys = await get_access_keys(CEPH_TEST.nc_cephtenant_account_params.name);
const cephtenant_access_key = cephtenant_access_keys.access_key;
const cephtenant_secret_key = cephtenant_access_keys.secret_key;

if (os_utils.IS_MAC) {
await os_utils.exec(`sed -i "" "s|tenant_access_key|"${cephtenant_access_key}"|g" ${CEPH_TEST.test_dir}${CEPH_TEST.ceph_config}`);
await os_utils.exec(`sed -i "" "s|tenant_secret_key|${cephtenant_secret_key}|g" ${CEPH_TEST.test_dir}${CEPH_TEST.ceph_config}`);
await os_utils.exec(`sed -i "" "s|s3_access_key|${cephalt_access_key}|g" ${CEPH_TEST.test_dir}${CEPH_TEST.ceph_config}`);
await os_utils.exec(`sed -i "" "s|s3_secret_key|${cephalt_secret_key}|g" ${CEPH_TEST.test_dir}${CEPH_TEST.ceph_config}`);
} else {
await os_utils.exec(`sed -i -e 's:tenant_access_key:${cephtenant_access_key}:g' ${CEPH_TEST.test_dir}${CEPH_TEST.ceph_config}`);
await os_utils.exec(`sed -i -e 's:tenant_secret_key:${cephtenant_secret_key}:g' ${CEPH_TEST.test_dir}${CEPH_TEST.ceph_config}`);
Expand Down
2 changes: 1 addition & 1 deletion src/test/external_tests/ceph_s3_tests/test_ceph_s3.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -76,7 +76,7 @@ async function run_s3_tests() {
async function run_all_tests() {
console.info('Running Ceph S3 Tests...');
const tests_list_command =
`S3TEST_CONF=${process.cwd()}/${CEPH_TEST.test_dir}${CEPH_TEST.ceph_config} tox ${TOX_ARGS} -- -q --collect-only --disable-pytest-warnings 2>&1 | awk '{print $1}' | grep test`;
`S3TEST_CONF=${process.cwd()}/${CEPH_TEST.test_dir}${CEPH_TEST.ceph_config} tox ${TOX_ARGS} -- -q --collect-only --disable-pytest-warnings 2>&1 | awk '{print $1}' | grep "::test"`;
try {
tests_list = await os_utils.exec(tests_list_command, { ignore_rc: false, return_stdout: true });
} catch (err) {
Expand Down
49 changes: 49 additions & 0 deletions src/test/external_tests/ceph_s3_tests/test_ceph_s3_config.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,14 @@ ssl_verify = False
## the prefix to 30 characters long, and avoid collisions
bucket prefix = ceph-{random}-

# all the iam account resources (users, roles, etc) created
# will start with this name prefix
iam name prefix = s3-tests-

# all the iam account resources (users, roles, etc) created
# will start with this path prefix
iam path prefix = /s3-tests/

[s3 main]
## the tests assume two accounts are defined, "main" and "alt".
email = main.alt@noobaa.com
Expand Down Expand Up @@ -51,9 +59,50 @@ secret_key = tenant_secret_key
# tenant email set in vstart.sh
email = ceph.tenant@noobaa.com

# tenant name
tenant = testx

[s3 alt]
## another user account, used for ACL-related tests
user_id = 56789abcdef0123456789abcdef0123456789abcdef0123456789abcdef01234
display_name = cephalt
## the "alt" user needs to have email set, too
email = ceph.alt@noobaa.com
## replace these with your access keys
access_key = s3_access_key
secret_key = s3_secret_key
Comment on lines +71 to +73
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Verify placeholder substitution doesn't conflict with main section.

The s3_access_key and s3_secret_key placeholders are also used in the [s3 main] section. Ensure the setup script correctly handles these duplicate placeholders and assigns appropriate values to each section.

🏁 Script executed:

#!/bin/bash
# Description: Check how s3_access_key and s3_secret_key placeholders are used across sections
# Expected: Should find usage in both [s3 main] and [s3 alt] sections

echo "Checking s3_access_key usage across config sections:"
rg -A 2 -B 2 "s3_access_key" src/test/external_tests/ceph_s3_tests/test_ceph_s3_config.conf

echo -e "\nChecking s3_secret_key usage across config sections:"
rg -A 2 -B 2 "s3_secret_key" src/test/external_tests/ceph_s3_tests/test_ceph_s3_config.conf

echo -e "\nChecking setup script for handling of these placeholders:"
rg -A 2 -B 2 "s3_access_key\|s3_secret_key" src/test/external_tests/ceph_s3_tests/test_ceph_s3_config_setup.js

Length of output: 1130

🏁 Script executed:

#!/bin/bash
# List any setup-related files in the ceph_s3_tests directory
echo "Setup files under src/test/external_tests/ceph_s3_tests/:"
fd setup src/test/external_tests/ceph_s3_tests/

# Display the beginning of the setup script to inspect placeholder handling
echo -e "\n--- test_ceph_s3_config_setup.js (first 200 lines) ---"
sed -n '1,200p' src/test/external_tests/ceph_s3_tests/test_ceph_s3_config_setup.js || echo "File not found or cannot be read"

Length of output: 5133

Ensure distinct placeholders for tenant credentials in the alt section

The setup script only replaces s3_access_key/s3_secret_key once, so both your main and alt sections end up using the same S3 account keys. To correctly assign tenant credentials, use separate placeholders in the [s3 alt] section or update the script:

• File: src/test/external_tests/ceph_s3_tests/test_ceph_s3_config.conf

  • Around lines 71–73 in the [s3 alt] section, change: 
    ## replace these with your access keys

-access_key = s3_access_key
-secret_key = s3_secret_key
+access_key = tenant_access_key
+secret_key = tenant_secret_key
```
• File: src/test/external_tests/ceph_s3_tests/test_ceph_s3_config_setup.js

  • Verify it already replaces tenant_access_key/tenant_secret_key with the tenant’s keys (as it does) and that it still replaces s3_access_key/s3_secret_key for the primary account.

This change will ensure the alt tests receive the tenant’s credentials rather than the main S3 account’s.

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
## replace these with your access keys
access_key = s3_access_key
secret_key = s3_secret_key
## replace these with your access keys
access_key = tenant_access_key
secret_key = tenant_secret_key
🤖 Prompt for AI Agents 
In src/test/external_tests/ceph_s3_tests/test_ceph_s3_config.conf around lines
71 to 73 in the [s3 alt] section, replace the placeholders s3_access_key and
s3_secret_key with distinct placeholders like tenant_access_key and
tenant_secret_key. This ensures the alt section uses separate tenant
credentials. Also, verify in
src/test/external_tests/ceph_s3_tests/test_ceph_s3_config_setup.js that
tenant_access_key and tenant_secret_key are replaced with tenant keys while
s3_access_key and s3_secret_key remain for the primary account.


### Currently we are not supporting iam account tests, so we are adding the dummy values below as it is required by the test framework
### This is a temporary fix and will be removed once we support iam account tests

#following section needs to be added for all sts-tests
[iam]
#used for iam operations in sts-tests
#email from vstart.sh
email = ceph.alt@noobaa.com

#user_id from vstart.sh
user_id = 56789abcdef0123456789abcdef0123456789abcdef0123456789abcdef01234

#access_key from vstart.sh
access_key = tenant_access_key

#secret_key vstart.sh
secret_key = tenant_secret_key

#display_name from vstart.sh
display_name = cephalt

Comment on lines +78 to +95
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Verification agent

🧩 Analysis chain

Verify IAM section credentials don't conflict with other sections.

The [iam] section uses tenant_access_key and tenant_secret_key placeholders, which are also used in other sections. Additionally, the email ceph.alt@noobaa.com and user_id are shared with the [s3 alt] section, which might cause conflicts.

🏁 Script executed:

#!/bin/bash
# Description: Analyze credential and identifier reuse across config sections
# Expected: Should identify potential conflicts in email, user_id, and key placeholders

echo "Checking tenant_access_key usage across sections:"
rg -A 1 -B 1 "tenant_access_key" src/test/external_tests/ceph_s3_tests/test_ceph_s3_config.conf

echo -e "\nChecking email address reuse:"
rg -A 1 -B 1 "ceph\.alt@noobaa\.com" src/test/external_tests/ceph_s3_tests/test_ceph_s3_config.conf

echo -e "\nChecking user_id reuse:"
rg -A 1 -B 1 "56789abcdef0123456789abcdef0123456789abcdef0123456789abcdef01234" src/test/external_tests/ceph_s3_tests/test_ceph_s3_config.conf

Length of output: 1542

Avoid Shared Credentials Across Sections

Multiple sections in src/test/external_tests/ceph_s3_tests/test_ceph_s3_config.conf are reusing the same placeholders and identifiers, which will cause your IAM- and S3-related tests to run under the same identity:

• Access keys:
tenant_access_key appears in [default], [iam], [iam root], [iam alt root]
tenant_secret_key likewise
• Email:
ceph.alt@noobaa.com used in both the [s3 alt] and [iam] sections
• User ID:
56789abcdef0123456789abcdef0123456789abcdef0123456789abcdef01234 repeated across multiple sections

Please assign unique placeholder values (or parameterize these via your test harness) so that each test section operates with its own credentials and avoids collisions.

🤖 Prompt for AI Agents 
In src/test/external_tests/ceph_s3_tests/test_ceph_s3_config.conf between lines
75 and 92, the configuration reuses the same placeholder credentials like
access_key, secret_key, email, and user_id across multiple sections, causing
identity collisions in tests. To fix this, assign unique placeholder values for
each section's access_key, secret_key, email, and user_id, or parameterize these
values through the test harness to ensure each test section uses distinct
credentials and avoids conflicts.

# iam account root user for iam_account tests
[iam root]
access_key = tenant_access_key
secret_key = tenant_secret_key
user_id = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
email = main.alt@noobaa.com

# iam account root user in a different account than [iam root]
[iam alt root]
access_key = tenant_access_key
secret_key = tenant_secret_key
user_id = 56789abcdef0123456789abcdef0123456789abcdef0123456789abcdef01234
email = ceph.alt@noobaa.com
Comment on lines +96 to +108
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🛠️ Refactor suggestion

Review root IAM account configuration for consistency.

Both [iam root] and [iam alt root] sections use tenant_access_key and tenant_secret_key placeholders. This means they will receive the same credentials from the setup script, which may not be the intended behavior for testing different root accounts.

Consider using distinct placeholder names for different root accounts to ensure they receive different credentials:

# iam account root user for iam_account tests
[iam root]
-access_key = tenant_access_key
-secret_key = tenant_secret_key
+access_key = iam_root_access_key
+secret_key = iam_root_secret_key
user_id = 0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef
email = main.alt@noobaa.com

# iam account root user in a different account than [iam root]
[iam alt root]
-access_key = tenant_access_key
-secret_key = tenant_secret_key
+access_key = iam_alt_root_access_key
+secret_key = iam_alt_root_secret_key
user_id = 56789abcdef0123456789abcdef0123456789abcdef0123456789abcdef01234
email = ceph.alt@noobaa.com

This would require updating the setup script to handle these new placeholders appropriately.

Committable suggestion skipped: line range outside the PR's diff.

🤖 Prompt for AI Agents 
In src/test/external_tests/ceph_s3_tests/test_ceph_s3_config.conf around lines
93 to 105, the [iam root] and [iam alt root] sections both use the same
placeholders tenant_access_key and tenant_secret_key, causing them to share
identical credentials. To fix this, rename the placeholders in the [iam alt
root] section to distinct names like alt_tenant_access_key and
alt_tenant_secret_key, and update the setup script accordingly to provide
different credentials for these placeholders, ensuring the two root accounts
have separate access keys and secret keys for proper testing.

Loading
Loading