mirror of
https://github.com/s3fs-fuse/s3fs-fuse.git
synced 2024-11-18 02:05:13 +00:00
Generate S3Proxy SSL certificate during tests (#1845)
Also provide CA bundle to AWS CLI to work around CI failures instead of ignoring errors. Fixes #1812.
This commit is contained in:
parent
adb58af17b
commit
577e2bc987
19
.github/workflows/ci.yml
vendored
19
.github/workflows/ci.yml
vendored
@ -32,12 +32,6 @@ on:
|
||||
#
|
||||
# Jobs
|
||||
#
|
||||
# [NOTE]
|
||||
# Some tests using awscli may output a python warning.
|
||||
# The warning is about HTTPS connections using self-signed certificates.
|
||||
# That's why the PYTHONWARNINGS environment variable disables the
|
||||
# "Unverified HTTPS request" warning.
|
||||
#
|
||||
jobs:
|
||||
Linux:
|
||||
runs-on: ubuntu-latest
|
||||
@ -78,12 +72,6 @@ jobs:
|
||||
#
|
||||
DEBIAN_FRONTEND: noninteractive
|
||||
|
||||
# [NOTE]
|
||||
# Since using a self-signed certificate and have not registered a certificate authority,
|
||||
# we get a warning in python, so we suppress it(by PYTHONWARNINGS).
|
||||
#
|
||||
PYTHONWARNINGS: "ignore:Unverified HTTPS request"
|
||||
|
||||
steps:
|
||||
# [NOTE]
|
||||
# On openSUSE, tar and gzip must be installed before action/checkout.
|
||||
@ -127,13 +115,6 @@ jobs:
|
||||
macos10:
|
||||
runs-on: macos-10.15
|
||||
|
||||
env:
|
||||
# [NOTE]
|
||||
# Since using a self-signed certificate and have not registered a certificate authority,
|
||||
# we get a warning in python, so we suppress it(by PYTHONWARNINGS).
|
||||
#
|
||||
PYTHONWARNINGS: "ignore:Unverified HTTPS request"
|
||||
|
||||
steps:
|
||||
- name: Checkout source code
|
||||
uses: actions/checkout@v2
|
||||
|
@ -140,6 +140,11 @@ function start_s3proxy {
|
||||
chmod +x "${S3PROXY_BINARY}"
|
||||
fi
|
||||
|
||||
# generate self-signed SSL certificate
|
||||
rm -f /tmp/keystore.jks /tmp/keystore.pem
|
||||
echo -e 'password\npassword\n\n\n\n\n\n\nyes' | keytool -genkey -keystore /tmp/keystore.jks -keyalg RSA -keysize 2048 -validity 365 -ext SAN=IP:127.0.0.1
|
||||
echo password | keytool -exportcert -keystore /tmp/keystore.jks -rfc -file /tmp/keystore.pem
|
||||
|
||||
${STDBUF_BIN} -oL -eL java -jar "$S3PROXY_BINARY" --properties $S3PROXY_CONFIG &
|
||||
S3PROXY_PID=$!
|
||||
|
||||
|
Binary file not shown.
@ -2,7 +2,7 @@ s3proxy.secure-endpoint=https://127.0.0.1:8080
|
||||
s3proxy.authorization=aws-v2-or-v4
|
||||
s3proxy.identity=local-identity
|
||||
s3proxy.credential=local-credential
|
||||
s3proxy.keystore-path=keystore.jks
|
||||
s3proxy.keystore-path=/tmp/keystore.jks
|
||||
s3proxy.keystore-password=password
|
||||
|
||||
jclouds.provider=transient
|
||||
|
@ -319,7 +319,7 @@ function aws_cli() {
|
||||
if [ -n "${S3FS_PROFILE}" ]; then
|
||||
FLAGS="--profile ${S3FS_PROFILE}"
|
||||
fi
|
||||
aws $* --endpoint-url "${S3_URL}" --no-verify-ssl $FLAGS
|
||||
aws $* --endpoint-url "${S3_URL}" --ca-bundle /tmp/keystore.pem $FLAGS
|
||||
}
|
||||
|
||||
function wait_for_port() {
|
||||
|
Loading…
Reference in New Issue
Block a user