Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use unique bucket names in scenarios where the name is not random #2177

Merged
merged 1 commit into from
Nov 28, 2024
Merged

Use unique bucket names in scenarios where the name is not random #2177

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
16 changes: 8 additions & 8 deletions tests/ctst/features/iam-policies/IAMUser.feature
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,8 +55,8 @@ Feature: IAM Policies for IAM Users
| GetObject | Allow | iu-go-bucket3-1/* | iu-go-bucket3 | exists | |
| GetObject | Allow | iu-go-bucket4/go-object1 | iu-go-bucket4 | exists | go-object |
| GetObject | Deny | * | iu-go-bucket5 | exists | |
| GetObject | Deny | iu-go-bucket5/* | iu-go-bucket5 | exists | |
| GetObject | Deny | iu-go-bucket6/go-object | iu-go-bucket6 | exists | go-object |
| GetObject | Deny | iu-go-bucket6/* | iu-go-bucket6 | exists | |
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should be great to be able to pass variables generated during the test in the examples, so that the given an existing bucket ... will create an bucket named randomly and in the examples we put something like {bucketName} and it takes the one generated in the beginning
Not sure if it is feasable tho..

Copy link
Contributor Author

@williamlardier williamlardier Nov 26, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We do that in most scenarios, but here we need to specify the resource name, and we actually want to have control over it because sometimes we alter it, so we want to keep it... Still possible to have it fully automatic but we still need to keep support for static bucket names. For example, the bucket used for website must be named "website".

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know we do that in most scenario, what I suggest here is to be able to use it in example, so here for example we could do ${bucketName}/* in the ressource name
But ofc we need to keep support for creating static bucket names

| GetObject | Deny | iu-go-bucket7/go-object | iu-go-bucket7 | exists | go-object |

@2.6.0
@PreMerge
Expand All @@ -70,9 +70,9 @@ Feature: IAM Policies for IAM Users
When the user tries to perform "<action>" on the bucket
Then the user should receive "AccessDenied" error
Examples:
| action | resource | bucketName | objectExists | objectName |
| MetadataSearch | * | iu-md-bucket5 | does not exist | |
| MetadataSearch | iu-md-bucket6 | iu-md-bucket6 | does not exist | |
| GetObject | * | iu-go-bucket7 | exists | |
| GetObject | iu-go-bucket8/* | iu-go-bucket8 | exists | |
| GetObject | iu-go-bucket9/go-object | iu-go-bucket9 | exists | go-object |
| action | resource | bucketName | objectExists | objectName |
| MetadataSearch | * | iu-md-bucket5 | does not exist | |
| MetadataSearch | iu-md-bucket6 | iu-md-bucket6 | does not exist | |
| GetObject | * | iu-go-bucket8 | exists | |
| GetObject | iu-go-bucket9/* | iu-go-bucket9 | exists | |
| GetObject | iu-go-bucket10/go-object | iu-go-bucket10 | exists | go-object |
Loading