History

Chris Lu 33b9017b48 fix listing objects (#7008 ) * fix listing objects * add more list testing * address comments * fix next marker * fix isTruncated in listing * fix tests * address tests * Update s3api_object_handlers_multipart.go * fixes * store json into bucket content, for tagging and cors * switch bucket metadata from json to proto * fix * Update s3api_bucket_config.go * fix test issue * fix test_bucket_listv2_delimiter_prefix * Update cors.go * skip special characters * passing listing * fix test_bucket_list_delimiter_prefix * ok. fix the xsd generated go code now * fix cors tests * fix test * fix test_bucket_list_unordered and test_bucket_listv2_unordered do not accept the allow-unordered and delimiter parameter combination * fix test_bucket_list_objects_anonymous and test_bucket_listv2_objects_anonymous The tests test_bucket_list_objects_anonymous and test_bucket_listv2_objects_anonymous were failing because they try to set bucket ACL to public-read, but SeaweedFS only supported private ACL. Updated PutBucketAclHandler to use the existing ExtractAcl function which already supports all standard S3 canned ACLs Replaced the hardcoded check for only private ACL with proper ACL parsing that handles public-read, public-read-write, authenticated-read, bucket-owner-read, bucket-owner-full-control, etc. Added unit tests to verify all standard canned ACLs are accepted * fix list unordered The test is expecting the error code to be InvalidArgument instead of InvalidRequest * allow anonymous listing( and head, get) * fix test_bucket_list_maxkeys_invalid Invalid values: max-keys=blah → Returns ErrInvalidMaxKeys (HTTP 400) * updating IsPublicRead when parsing acl * more logs * CORS Test Fix * fix test_bucket_list_return_data * default to private * fix test_bucket_list_delimiter_not_skip_special * default no acl * add debug logging * more logs * use basic http client remove logs also * fixes * debug * Update stats.go * debugging * fix anonymous test expectation anonymous user can read, as configured in s3 json.		4 months ago
..
Makefile	adding cors support (#6987)	4 months ago
README.md	adding cors support (#6987)	4 months ago
s3_cors_http_test.go	fix listing objects (#7008)	4 months ago
s3_cors_test.go	fix listing objects (#7008)	4 months ago

README.md

CORS Integration Tests for SeaweedFS S3 API

This directory contains comprehensive integration tests for the CORS (Cross-Origin Resource Sharing) functionality in SeaweedFS S3 API.

Overview

The CORS integration tests validate the complete CORS implementation including:

CORS configuration management (PUT/GET/DELETE)
CORS rule validation
CORS middleware behavior
Caching functionality
Error handling
Real-world CORS scenarios

Prerequisites

Go 1.19+: For building SeaweedFS and running tests
Network Access: Tests use localhost:8333 by default
System Dependencies: curl and netstat for health checks

Quick Start

The tests now automatically start their own SeaweedFS server, so you don't need to manually start one.

1. Run All Tests with Managed Server

# Run all tests with automatic server management
make test-with-server

# Run core CORS tests only
make test-cors-quick

# Run comprehensive CORS tests
make test-cors-comprehensive

2. Manual Server Management

If you prefer to manage the server manually:

# Start server
make start-server

# Run tests (assuming server is running)
make test-cors-simple

# Stop server
make stop-server

3. Individual Test Categories

# Run specific test types
make test-basic-cors           # Basic CORS configuration
make test-preflight-cors       # Preflight OPTIONS requests
make test-actual-cors          # Actual CORS request handling
make test-origin-matching      # Origin matching logic
make test-header-matching      # Header matching logic
make test-method-matching      # Method matching logic
make test-multiple-rules       # Multiple CORS rules
make test-validation           # CORS validation
make test-caching              # CORS caching behavior
make test-error-handling       # Error handling

Test Server Management

The tests use a comprehensive server management system similar to other SeaweedFS integration tests:

Server Configuration

S3 Port: 8333 (configurable via S3_PORT)
Master Port: 9333
Volume Port: 8080
Filer Port: 8888
Metrics Port: 9324
Data Directory: ./test-volume-data (auto-created)
Log File: weed-test.log

Server Lifecycle

Build: Automatically builds ../../../weed/weed_binary
Start: Launches SeaweedFS with S3 API enabled
Health Check: Waits up to 90 seconds for server to be ready
Test: Runs the requested tests
Stop: Gracefully shuts down the server
Cleanup: Removes temporary files and data

Available Commands

# Server management
make start-server              # Start SeaweedFS server
make stop-server               # Stop SeaweedFS server
make health-check              # Check server health
make logs                      # View server logs

# Test execution
make test-with-server          # Full test cycle with server management
make test-cors-simple          # Run tests without server management
make test-cors-quick           # Run core tests only
make test-cors-comprehensive   # Run all tests

# Development
make dev-start                 # Start server for development
make dev-test                  # Run development tests
make build-weed                # Build SeaweedFS binary
make check-deps                # Check dependencies

# Maintenance
make clean                     # Clean up all artifacts
make coverage                  # Generate coverage report
make fmt                       # Format code
make lint                      # Run linter

Test Configuration

Default Configuration

The tests use these default settings (configurable via environment variables):

WEED_BINARY=../../../weed/weed_binary
S3_PORT=8333
TEST_TIMEOUT=10m
TEST_PATTERN=TestCORS

Configuration File

The test_config.json file contains S3 client configuration:

{
  "endpoint": "http://localhost:8333",
  "access_key": "some_access_key1",
  "secret_key": "some_secret_key1",
  "region": "us-east-1",
  "bucket_prefix": "test-cors-",
  "use_ssl": false,
  "skip_verify_ssl": true
}

Troubleshooting

Compilation Issues

If you encounter compilation errors, the most common issues are:

AWS SDK v2 Type Mismatches: The MaxAgeSeconds field in types.CORSRule expects int32, not *int32. Use direct values like 3600 instead of aws.Int32(3600).
Field Name Issues: The GetBucketCorsOutput type has a CORSRules field directly, not a CORSConfiguration field.

Example fix:

// ❌ Incorrect
MaxAgeSeconds: aws.Int32(3600),
assert.Len(t, getResp.CORSConfiguration.CORSRules, 1)

// ✅ Correct
MaxAgeSeconds: 3600,
assert.Len(t, getResp.CORSRules, 1)

Server Issues

Server Won't Start

# Check for port conflicts
netstat -tlnp | grep 8333
   
# View server logs
make logs
   
# Force cleanup
make clean

Test Failures

# Run with server management
make test-with-server
   
# Run specific test
make test-basic-cors
   
# Check server health
make health-check

Connection Issues

# Verify server is running
curl -s http://localhost:8333
   
# Check server logs
tail -f weed-test.log

Performance Issues

If tests are slow or timing out:

# Increase timeout
export TEST_TIMEOUT=30m
make test-with-server

# Run quick tests only
make test-cors-quick

# Check server resources
make debug-status

Test Coverage

Core Functionality Tests

1. CORS Configuration Management (`TestCORSConfigurationManagement`)

PUT CORS configuration
GET CORS configuration
DELETE CORS configuration
Configuration updates
Error handling for non-existent configurations

2. Multiple CORS Rules (`TestCORSMultipleRules`)

Multiple rules in single configuration
Rule precedence and ordering
Complex rule combinations

3. CORS Validation (`TestCORSValidation`)

Invalid HTTP methods
Empty origins validation
Negative MaxAge validation
Rule limit validation

4. Wildcard Support (`TestCORSWithWildcards`)

Wildcard origins (*, https://*.example.com)
Wildcard headers (*)
Wildcard expose headers

5. Rule Limits (`TestCORSRuleLimit`)

Maximum 100 rules per configuration
Rule limit enforcement
Large configuration handling

6. Error Handling (`TestCORSErrorHandling`)

Non-existent bucket operations
Invalid configurations
Malformed requests

HTTP-Level Tests

1. Preflight Requests (`TestCORSPreflightRequest`)

OPTIONS request handling
CORS headers in preflight responses
Access-Control-Request-Method validation
Access-Control-Request-Headers validation

2. Actual Requests (`TestCORSActualRequest`)

CORS headers in actual responses
Origin validation for real requests
Proper expose headers handling

3. Origin Matching (`TestCORSOriginMatching`)

Exact origin matching
Wildcard origin matching (*)
Subdomain wildcard matching (https://*.example.com)
Non-matching origins (should be rejected)

4. Header Matching (`TestCORSHeaderMatching`)

Wildcard header matching (*)
Specific header matching
Case-insensitive matching
Disallowed headers

5. Method Matching (`TestCORSMethodMatching`)

Allowed methods verification
Disallowed methods rejection
Method-specific CORS behavior

6. Multiple Rules (`TestCORSMultipleRulesMatching`)

Rule precedence and selection
Multiple rules with different configurations
Complex rule interactions

Integration Tests

1. Caching (`TestCORSCaching`)

CORS configuration caching
Cache invalidation
Cache performance

2. Object Operations (`TestCORSObjectOperations`)

CORS with actual S3 operations
PUT/GET/DELETE objects with CORS
CORS headers in object responses

3. Without Configuration (`TestCORSWithoutConfiguration`)

Behavior when no CORS configuration exists
Default CORS behavior
Graceful degradation

Development

Running Tests During Development

# Start server for development
make dev-start

# Run quick test
make dev-test

# View logs in real-time
make logs

Adding New Tests

Follow the existing naming convention (TestCORSXxxYyy)
Use the helper functions (getS3Client, createTestBucket, etc.)
Add cleanup with defer cleanupTestBucket(t, client, bucketName)
Include proper error checking with require.NoError(t, err)
Use assertions with assert.Equal(t, expected, actual)
Add the test to the appropriate Makefile target

Code Quality

# Format code
make fmt

# Run linter
make lint

# Generate coverage report
make coverage

Performance Notes

Tests create and destroy buckets for each test case
Large configuration tests may take several minutes
Server startup typically takes 15-30 seconds
Tests run in parallel where possible for efficiency

Integration with SeaweedFS

These tests validate the CORS implementation in:

weed/s3api/cors/ - Core CORS package
weed/s3api/s3api_bucket_cors_handlers.go - HTTP handlers
weed/s3api/s3api_server.go - Router integration
weed/s3api/s3api_bucket_config.go - Configuration management

The tests ensure AWS S3 API compatibility and proper CORS behavior across all supported scenarios.