Mirror
/
seaweedfs
mirror of https://github.com/seaweedfs/seaweedfs.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

fix: resolve S3 API test compilation errors and configuration issues 

Fixed all compilation errors in S3 API IAM tests by removing obsolete
filerAddress parameters and adding missing role store configurations.

### Compilation Fixes:
- Removed filerAddress parameter from all AssumeRoleWithWebIdentity calls
- Updated method signatures to match stateless STS service API
- Fixed calls in: s3_end_to_end_test.go, s3_jwt_auth_test.go,
  s3_multipart_iam_test.go, s3_presigned_url_iam_test.go

### Configuration Fixes:
- Added missing RoleStoreConfig with memory store type to all test setups
- Prevents 'filer address is required for FilerRoleStore' errors
- Updated test configurations in all S3 API test files

### Test Status:
-  Compilation: All S3 API tests now compile successfully
-  Simple tests: TestS3IAMMiddleware passes
- ⚠️  Complex tests: End-to-end tests need filer server setup
- 🔄 Integration: Core IAM functionality working, server setup needs refinement

The S3 API IAM integration compiles and basic functionality works.
Complex end-to-end tests require additional infrastructure setup.
pull/7160/head
chrislu 1 month ago
parent
686659531c
commit
f4c4e4c770
5 changed files with 23 additions and 8 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 9
      weed/s3api/s3_end_to_end_test.go
  2. 3
      weed/s3api/s3_iam_simple_test.go
  3. 7
      weed/s3api/s3_jwt_auth_test.go
  4. 5
      weed/s3api/s3_multipart_iam_test.go
  5. 7
      weed/s3api/s3_presigned_url_iam_test.go

9
weed/s3api/s3_end_to_end_test.go
View File

@ -84,7 +84,7 @@ func TestS3EndToEndWithJWT(t *testing.T) {
tt.setupRole(ctx, iamManager)
// Assume role to get JWT token
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, "localhost:8888", &sts.AssumeRoleWithWebIdentityRequest{
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, &sts.AssumeRoleWithWebIdentityRequest{
RoleArn: tt.roleArn,
WebIdentityToken: "valid-oidc-token",
RoleSessionName: tt.sessionName,
@ -120,7 +120,7 @@ func TestS3MultipartUploadWithJWT(t *testing.T) {
setupS3WriteRole(ctx, iamManager)
// Assume role
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, "localhost:8888", &sts.AssumeRoleWithWebIdentityRequest{
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, &sts.AssumeRoleWithWebIdentityRequest{
RoleArn: "arn:seaweed:iam::role/S3WriteRole",
WebIdentityToken: "valid-oidc-token",
RoleSessionName: "multipart-test-session",
@ -227,7 +227,7 @@ func TestS3PerformanceWithIAM(t *testing.T) {
setupS3ReadOnlyRole(ctx, iamManager)
// Assume role
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, "localhost:8888", &sts.AssumeRoleWithWebIdentityRequest{
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, &sts.AssumeRoleWithWebIdentityRequest{
RoleArn: "arn:seaweed:iam::role/S3ReadOnlyRole",
WebIdentityToken: "valid-oidc-token",
RoleSessionName: "performance-test-session",
@ -291,6 +291,9 @@ func setupCompleteS3IAMSystem(t *testing.T) (http.Handler, *integration.IAMManag
DefaultEffect: "Deny",
StoreType: "memory",
},
Roles: &integration.RoleStoreConfig{
StoreType: "memory",
},
}
err := iamManager.Initialize(config)

3
weed/s3api/s3_iam_simple_test.go
View File

@ -31,6 +31,9 @@ func TestS3IAMMiddleware(t *testing.T) {
DefaultEffect: "Deny",
StoreType: "memory",
},
Roles: &integration.RoleStoreConfig{
StoreType: "memory",
},
}
err := iamManager.Initialize(config)

7
weed/s3api/s3_jwt_auth_test.go
View File

@ -66,7 +66,7 @@ func TestJWTAuthenticationFlow(t *testing.T) {
tt.setupRole(ctx, iamManager)
// Assume role to get JWT
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, "localhost:8888", &sts.AssumeRoleWithWebIdentityRequest{
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, &sts.AssumeRoleWithWebIdentityRequest{
RoleArn: tt.roleArn,
WebIdentityToken: "valid-oidc-token",
RoleSessionName: "jwt-auth-test",
@ -196,7 +196,7 @@ func TestIPBasedPolicyEnforcement(t *testing.T) {
setupTestIPRestrictedRole(ctx, iamManager)
// Assume role
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, "localhost:8888", &sts.AssumeRoleWithWebIdentityRequest{
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, &sts.AssumeRoleWithWebIdentityRequest{
RoleArn: "arn:seaweed:iam::role/S3IPRestrictedRole",
WebIdentityToken: "valid-oidc-token",
RoleSessionName: "ip-test-session",
@ -277,6 +277,9 @@ func setupTestIAMManager(t *testing.T) *integration.IAMManager {
DefaultEffect: "Deny",
StoreType: "memory",
},
Roles: &integration.RoleStoreConfig{
StoreType: "memory",
},
}
err := manager.Initialize(config)

5
weed/s3api/s3_multipart_iam_test.go
View File

@ -36,7 +36,7 @@ func TestMultipartIAMValidation(t *testing.T) {
setupTestRolesForMultipart(ctx, iamManager)
// Get session token
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, "localhost:8888", &sts.AssumeRoleWithWebIdentityRequest{
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, &sts.AssumeRoleWithWebIdentityRequest{
RoleArn: "arn:seaweed:iam::role/S3WriteRole",
WebIdentityToken: "valid-oidc-token",
RoleSessionName: "multipart-test-session",
@ -468,6 +468,9 @@ func setupTestIAMManagerForMultipart(t *testing.T) *integration.IAMManager {
DefaultEffect: "Deny",
StoreType: "memory",
},
Roles: &integration.RoleStoreConfig{
StoreType: "memory",
},
}
err := manager.Initialize(config)

7
weed/s3api/s3_presigned_url_iam_test.go
View File

@ -35,7 +35,7 @@ func TestPresignedURLIAMValidation(t *testing.T) {
setupTestRolesForPresigned(ctx, iamManager)
// Get session token
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, "localhost:8888", &sts.AssumeRoleWithWebIdentityRequest{
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, &sts.AssumeRoleWithWebIdentityRequest{
RoleArn: "arn:seaweed:iam::role/S3ReadOnlyRole",
WebIdentityToken: "valid-oidc-token",
RoleSessionName: "presigned-test-session",
@ -111,7 +111,7 @@ func TestPresignedURLGeneration(t *testing.T) {
setupTestRolesForPresigned(ctx, iamManager)
// Get session token
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, "localhost:8888", &sts.AssumeRoleWithWebIdentityRequest{
response, err := iamManager.AssumeRoleWithWebIdentity(ctx, &sts.AssumeRoleWithWebIdentityRequest{
RoleArn: "arn:seaweed:iam::role/S3AdminRole",
WebIdentityToken: "valid-oidc-token",
RoleSessionName: "presigned-gen-test-session",
@ -429,6 +429,9 @@ func setupTestIAMManagerForPresigned(t *testing.T) *integration.IAMManager {
DefaultEffect: "Deny",
StoreType: "memory",
},
Roles: &integration.RoleStoreConfig{
StoreType: "memory",
},
}
err := manager.Initialize(config)

Write Preview
Loading…
Cancel
Save