Skip to content

Commit

Permalink
fix: aws cli SSE-C test to work properly with custom certs
Browse files Browse the repository at this point in the history
  • Loading branch information
@harshavardhana
harshavardhana committed May 24, 2024
1 parent 80294d3 commit 8e31707
Show file tree
Hide file tree
Showing 3 changed files with 6 additions and 11 deletions.
6 changes: 2 additions & 4 deletions mint.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -109,16 +109,14 @@ function trust_s3_endpoint_tls_cert() {
openssl s_client -showcerts -verify 5 -connect "$SERVER_ENDPOINT" </dev/null |
awk '/BEGIN CERTIFICATE/,/END CERTIFICATE/{ if(/BEGIN CERTIFICATE/){a++}; out="cert"a".pem"; print >out}'
for cert in *.pem; do
mv -vf "${cert}" /usr/local/share/ca-certificates/
cat "${cert}" >>/etc/ssl/certs/ca-certificates.crt
done

# Load the certificate in the system
update-ca-certificates --fresh >/dev/null

# Ask different SDKs/tools to load system certificates
export REQUESTS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
export NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-certificates.crt
export SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt
export AWS_CA_BUNDLE=/etc/ssl/certs/ca-certificates.crt
}

function main() {
Expand Down
3 changes: 0 additions & 3 deletions postinstall.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,8 +21,5 @@ export APT="apt --quiet --yes"
xargs --arg-file="${MINT_ROOT_DIR}/remove-packages.list" apt --quiet --yes purge
${APT} autoremove

# remove unwanted files
rm -fr "$GOROOT" "$GOPATH/src" /var/lib/apt/lists/*

# flush to disk
sync
8 changes: 4 additions & 4 deletions run/core/awscli/test.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1445,13 +1445,13 @@ function test_serverside_encryption_multipart_copy() {
# copy object server side
if [ $rv -eq 0 ]; then
function="${AWS} s3api copy-object --bucket ${bucket_name} --key ${object_name}-copy --copy-source ${bucket_name}/${object_name} --copy-source-sse-customer-algorithm AES256 --copy-source-sse-customer-key MzJieXRlc2xvbmdzZWNyZXRrZXltdXN0cHJvdmlkZWQ= --copy-source-sse-customer-key-md5 7PpPLAK26ONlVUGOWlusfg== --sse-customer-algorithm AES256 --sse-customer-key MzJieXRlc2xvbmdzZWNyZXRrZXltdXN0cHJvdmlkZWQ= --sse-customer-key-md5 7PpPLAK26ONlVUGOWlusfg=="
test_function=${function}
out=$($function)
rv=$?
if [ $rv -ne 255 ]; then
echo $rv
copyETag=$(echo "$out" | jq -r .CopyObjectResult.ETag | sed -e 's/^"//' -e 's/"$//')
if [ "${copyETag}" == "" ]; then
rv=1
else
rv=0
out="copy-object with SSE-C failed"
fi
fi

Expand Down

0 comments on commit 8e31707

Please # to comment.