afan
/
gitea
Прати 1
Волим 0
Креирај огранак 0
Код Дискусије 0 Захтеви за спајање 0 Издања 0 Вики Activity
gitea源码
2 Комити
2 Гране
Дрво: f5d5e77162
Гране Ознаке
${ item.name }
Create branch ${ searchTerm }
from 'f5d5e77162'
${ noResults }
gitea/modules/storage/minio_test.go

minio_test.go 6.4KB
Историја Датотека

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204 
  1. // Copyright 2023 The Gitea Authors. All rights reserved.

  2. // SPDX-License-Identifier: MIT

  3. 

  4. package storage

  5. 

  6. import (

  7. 	"context"

  8. 	"net/http"

  9. 	"net/http/httptest"

  10. 	"os"

  11. 	"testing"

  12. 

  13. 	"code.gitea.io/gitea/modules/setting"

  14. 

  15. 	"github.com/minio/minio-go/v7"

  16. 	"github.com/stretchr/testify/assert"

  17. )

  18. 

  19. func TestMinioStorageIterator(t *testing.T) {

  20. 	if os.Getenv("CI") == "" {

  21. 		t.Skip("minioStorage not present outside of CI")

  22. 		return

  23. 	}

  24. 	testStorageIterator(t, setting.MinioStorageType, &setting.Storage{

  25. 		MinioConfig: setting.MinioStorageConfig{

  26. 			Endpoint:        "minio:9000",

  27. 			AccessKeyID:     "123456",

  28. 			SecretAccessKey: "12345678",

  29. 			Bucket:          "gitea",

  30. 			Location:        "us-east-1",

  31. 		},

  32. 	})

  33. }

  34. 

  35. func TestMinioStoragePath(t *testing.T) {

  36. 	m := &MinioStorage{basePath: ""}

  37. 	assert.Empty(t, m.buildMinioPath("/"))

  38. 	assert.Empty(t, m.buildMinioPath("."))

  39. 	assert.Equal(t, "a", m.buildMinioPath("/a"))

  40. 	assert.Equal(t, "a/b", m.buildMinioPath("/a/b/"))

  41. 	assert.Empty(t, m.buildMinioDirPrefix(""))

  42. 	assert.Equal(t, "a/", m.buildMinioDirPrefix("/a/"))

  43. 

  44. 	m = &MinioStorage{basePath: "/"}

  45. 	assert.Empty(t, m.buildMinioPath("/"))

  46. 	assert.Empty(t, m.buildMinioPath("."))

  47. 	assert.Equal(t, "a", m.buildMinioPath("/a"))

  48. 	assert.Equal(t, "a/b", m.buildMinioPath("/a/b/"))

  49. 	assert.Empty(t, m.buildMinioDirPrefix(""))

  50. 	assert.Equal(t, "a/", m.buildMinioDirPrefix("/a/"))

  51. 

  52. 	m = &MinioStorage{basePath: "/base"}

  53. 	assert.Equal(t, "base", m.buildMinioPath("/"))

  54. 	assert.Equal(t, "base", m.buildMinioPath("."))

  55. 	assert.Equal(t, "base/a", m.buildMinioPath("/a"))

  56. 	assert.Equal(t, "base/a/b", m.buildMinioPath("/a/b/"))

  57. 	assert.Equal(t, "base/", m.buildMinioDirPrefix(""))

  58. 	assert.Equal(t, "base/a/", m.buildMinioDirPrefix("/a/"))

  59. 

  60. 	m = &MinioStorage{basePath: "/base/"}

  61. 	assert.Equal(t, "base", m.buildMinioPath("/"))

  62. 	assert.Equal(t, "base", m.buildMinioPath("."))

  63. 	assert.Equal(t, "base/a", m.buildMinioPath("/a"))

  64. 	assert.Equal(t, "base/a/b", m.buildMinioPath("/a/b/"))

  65. 	assert.Equal(t, "base/", m.buildMinioDirPrefix(""))

  66. 	assert.Equal(t, "base/a/", m.buildMinioDirPrefix("/a/"))

  67. }

  68. 

  69. func TestS3StorageBadRequest(t *testing.T) {

  70. 	if os.Getenv("CI") == "" {

  71. 		t.Skip("S3Storage not present outside of CI")

  72. 		return

  73. 	}

  74. 	cfg := &setting.Storage{

  75. 		MinioConfig: setting.MinioStorageConfig{

  76. 			Endpoint:        "minio:9000",

  77. 			AccessKeyID:     "123456",

  78. 			SecretAccessKey: "12345678",

  79. 			Bucket:          "bucket",

  80. 			Location:        "us-east-1",

  81. 		},

  82. 	}

  83. 	message := "ERROR"

  84. 	old := getBucketVersioning

  85. 	defer func() { getBucketVersioning = old }()

  86. 	getBucketVersioning = func(ctx context.Context, minioClient *minio.Client, bucket string) error {

  87. 		return minio.ErrorResponse{

  88. 			StatusCode: http.StatusBadRequest,

  89. 			Code:       "FixtureError",

  90. 			Message:    message,

  91. 		}

  92. 	}

  93. 	_, err := NewStorage(setting.MinioStorageType, cfg)

  94. 	assert.ErrorContains(t, err, message)

  95. }

  96. 

  97. func TestMinioCredentials(t *testing.T) {

  98. 	const (

  99. 		ExpectedAccessKey       = "ExampleAccessKeyID"

  100. 		ExpectedSecretAccessKey = "ExampleSecretAccessKeyID"

  101. 		// Use a FakeEndpoint for IAM credentials to avoid logging any

  102. 		// potential real IAM credentials when running in EC2.

  103. 		FakeEndpoint = "http://localhost"

  104. 	)

  105. 

  106. 	t.Run("Static Credentials", func(t *testing.T) {

  107. 		cfg := setting.MinioStorageConfig{

  108. 			AccessKeyID:     ExpectedAccessKey,

  109. 			SecretAccessKey: ExpectedSecretAccessKey,

  110. 			IamEndpoint:     FakeEndpoint,

  111. 		}

  112. 		creds := buildMinioCredentials(cfg)

  113. 		v, err := creds.Get()

  114. 

  115. 		assert.NoError(t, err)

  116. 		assert.Equal(t, ExpectedAccessKey, v.AccessKeyID)

  117. 		assert.Equal(t, ExpectedSecretAccessKey, v.SecretAccessKey)

  118. 	})

  119. 

  120. 	t.Run("Chain", func(t *testing.T) {

  121. 		cfg := setting.MinioStorageConfig{

  122. 			IamEndpoint: FakeEndpoint,

  123. 		}

  124. 

  125. 		t.Run("EnvMinio", func(t *testing.T) {

  126. 			t.Setenv("MINIO_ACCESS_KEY", ExpectedAccessKey+"Minio")

  127. 			t.Setenv("MINIO_SECRET_KEY", ExpectedSecretAccessKey+"Minio")

  128. 

  129. 			creds := buildMinioCredentials(cfg)

  130. 			v, err := creds.Get()

  131. 

  132. 			assert.NoError(t, err)

  133. 			assert.Equal(t, ExpectedAccessKey+"Minio", v.AccessKeyID)

  134. 			assert.Equal(t, ExpectedSecretAccessKey+"Minio", v.SecretAccessKey)

  135. 		})

  136. 

  137. 		t.Run("EnvAWS", func(t *testing.T) {

  138. 			t.Setenv("AWS_ACCESS_KEY", ExpectedAccessKey+"AWS")

  139. 			t.Setenv("AWS_SECRET_KEY", ExpectedSecretAccessKey+"AWS")

  140. 

  141. 			creds := buildMinioCredentials(cfg)

  142. 			v, err := creds.Get()

  143. 

  144. 			assert.NoError(t, err)

  145. 			assert.Equal(t, ExpectedAccessKey+"AWS", v.AccessKeyID)

  146. 			assert.Equal(t, ExpectedSecretAccessKey+"AWS", v.SecretAccessKey)

  147. 		})

  148. 

  149. 		t.Run("FileMinio", func(t *testing.T) {

  150. 			// prevent loading any actual credentials files from the user

  151. 			t.Setenv("MINIO_SHARED_CREDENTIALS_FILE", "testdata/minio.json")

  152. 			t.Setenv("AWS_SHARED_CREDENTIALS_FILE", "testdata/fake")

  153. 

  154. 			creds := buildMinioCredentials(cfg)

  155. 			v, err := creds.Get()

  156. 

  157. 			assert.NoError(t, err)

  158. 			assert.Equal(t, ExpectedAccessKey+"MinioFile", v.AccessKeyID)

  159. 			assert.Equal(t, ExpectedSecretAccessKey+"MinioFile", v.SecretAccessKey)

  160. 		})

  161. 

  162. 		t.Run("FileAWS", func(t *testing.T) {

  163. 			// prevent loading any actual credentials files from the user

  164. 			t.Setenv("MINIO_SHARED_CREDENTIALS_FILE", "testdata/fake.json")

  165. 			t.Setenv("AWS_SHARED_CREDENTIALS_FILE", "testdata/aws_credentials")

  166. 

  167. 			creds := buildMinioCredentials(cfg)

  168. 			v, err := creds.Get()

  169. 

  170. 			assert.NoError(t, err)

  171. 			assert.Equal(t, ExpectedAccessKey+"AWSFile", v.AccessKeyID)

  172. 			assert.Equal(t, ExpectedSecretAccessKey+"AWSFile", v.SecretAccessKey)

  173. 		})

  174. 

  175. 		t.Run("IAM", func(t *testing.T) {

  176. 			// prevent loading any actual credentials files from the user

  177. 			t.Setenv("MINIO_SHARED_CREDENTIALS_FILE", "testdata/fake.json")

  178. 			t.Setenv("AWS_SHARED_CREDENTIALS_FILE", "testdata/fake")

  179. 

  180. 			// Spawn a server to emulate the EC2 Instance Metadata

  181. 			server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {

  182. 				// The client will actually make 3 requests here,

  183. 				// first will be to get the IMDSv2 token, second to

  184. 				// get the role, and third for the actual

  185. 				// credentials. However, we can return credentials

  186. 				// every request since we're not emulating a full

  187. 				// IMDSv2 flow.

  188. 				w.Write([]byte(`{"Code":"Success","AccessKeyId":"ExampleAccessKeyIDIAM","SecretAccessKey":"ExampleSecretAccessKeyIDIAM"}`))

  189. 			}))

  190. 			defer server.Close()

  191. 

  192. 			// Use the provided EC2 Instance Metadata server

  193. 			creds := buildMinioCredentials(setting.MinioStorageConfig{

  194. 				IamEndpoint: server.URL,

  195. 			})

  196. 			v, err := creds.Get()

  197. 

  198. 			assert.NoError(t, err)

  199. 			assert.Equal(t, ExpectedAccessKey+"IAM", v.AccessKeyID)

  200. 			assert.Equal(t, ExpectedSecretAccessKey+"IAM", v.SecretAccessKey)

  201. 		})

  202. 	})

  203. }