def delete_acme_token(self, token_path, options, **kwargs): current_app.logger.debug( "S3 destination plugin is started to delete HTTP-01 challenge") function = f"{__name__}.{sys._getframe().f_code.co_name}" account_number = self.get_option("accountNumber", options) bucket_name = self.get_option("bucket", options) prefix = self.get_option("prefix", options) filename = token_path.split("/")[-1] response = s3.delete(bucket_name=bucket_name, prefixed_object_name=prefix + filename, account_number=account_number) res = "Success" if response else "Failure" log_data = { "function": function, "message": "delete acme token challenge", "result": res, "bucket_name": bucket_name, "filename": filename } current_app.logger.info(log_data) metrics.send(f"{function}", "counter", 1, metric_tags={ "result": res, "bucket_name": bucket_name, "filename": filename }) return response
def test_put_delete_s3_object(app): from lemur.plugins.lemur_aws.s3 import put, delete, get bucket = "public-bucket" region = "us-east-1" account = "123456789012" path = "some-path/foo" data = "dummy data" s3_client = boto3.client('s3') s3_client.create_bucket(Bucket=bucket) put(bucket_name=bucket, region_name=region, prefix=path, data=data, encrypt=False, account_number=account, region=region) response = get(bucket_name=bucket, prefixed_object_name=path, account_number=account) # put data, and getting the same data assert (response == data) response = get(bucket_name="wrong-bucket", prefixed_object_name=path, account_number=account) # attempting to get thccle wrong data assert (response is None) delete(bucket_name=bucket, prefixed_object_name=path, account_number=account) response = get(bucket_name=bucket, prefixed_object_name=path, account_number=account) # delete data, and getting the same data assert (response is None)
def upload_acme_token_s3(token, token_name, prefix, account_number, bucket_name): """ This method serves for testing the upload_acme_token to S3, fetching the token to verify it, and then deleting it. It mainly serves for testing purposes. :param token: :param token_name: :param prefix: :param account_number: :param bucket_name: :return: """ additional_options = [ { "name": "bucket", "value": bucket_name, "type": "str", "required": True, "validation": r"[0-9a-z.-]{3,63}", "helpMessage": "Must be a valid S3 bucket name!", }, { "name": "accountNumber", "type": "str", "value": account_number, "required": True, "validation": r"[0-9]{12}", "helpMessage": "A valid AWS account number with permission to access S3", }, { "name": "region", "type": "str", "default": "us-east-1", "required": False, "helpMessage": "Region bucket exists", "available": ["us-east-1", "us-west-2", "eu-west-1"], }, { "name": "encrypt", "type": "bool", "value": False, "required": False, "helpMessage": "Enable server side encryption", "default": True, }, { "name": "prefix", "type": "str", "value": prefix, "required": False, "helpMessage": "Must be a valid S3 object prefix!", }, ] p = plugins.get("aws-s3") p.upload_acme_token(token_name, token, additional_options) if not prefix.endswith("/"): prefix + "/" token_res = s3.get(bucket_name, prefix + token_name, account_number=account_number) assert (token_res == token) s3.delete(bucket_name, prefix + token_name, account_number=account_number)