From 37eb2bda30ed1f8c18748c1f4e7cc5988b9d2daf Mon Sep 17 00:00:00 2001 From: "patchback[bot]" <45432694+patchback[bot]@users.noreply.github.com> Date: Thu, 4 May 2023 21:39:41 +0200 Subject: [PATCH] Fix s3_sync and s3_logging integration tests (#1801) (#1802) Fix s3_sync and s3_logging integration tests SUMMARY See also: ansible-collections/amazon.aws#1511 At the end of April Amazon updated various S3 bucket defaults. Buckets now have public_access blocked by default, and object_owner set to "BucketOwnerEnforced". https://aws.amazon.com/blogs/aws/heads-up-amazon-s3-security-changes-are-coming-in-april-of-2023/ This change to the defaults resulted in some of our tests failing. ISSUE TYPE Bugfix Pull Request COMPONENT NAME s3_sync s3_logging ADDITIONAL INFORMATION Reviewed-by: Alina Buzachis (cherry picked from commit 4cad9ee5f676d0ab4d5499caf3fcf5977d96f603) Co-authored-by: Mark Chappell <mchappel@redhat.com> --- changelogs/fragments/1797-s3-acls.yml | 3 +++ tests/integration/targets/s3_logging/tasks/main.yml | 2 ++ tests/integration/targets/s3_sync/tasks/main.yml | 3 +++ 3 files changed, 8 insertions(+) create mode 100644 changelogs/fragments/1797-s3-acls.yml diff --git a/changelogs/fragments/1797-s3-acls.yml b/changelogs/fragments/1797-s3-acls.yml new file mode 100644 index 00000000000..15d0cd14ec0 --- /dev/null +++ b/changelogs/fragments/1797-s3-acls.yml @@ -0,0 +1,3 @@ +trivial: +- s3_sync - fix tests broken by AWS changing default permissions +- s3_logging - fix tests broken by AWS changing default permissions diff --git a/tests/integration/targets/s3_logging/tasks/main.yml b/tests/integration/targets/s3_logging/tasks/main.yml index 269923237c6..f6c9a1710f1 100644 --- a/tests/integration/targets/s3_logging/tasks/main.yml +++ b/tests/integration/targets/s3_logging/tasks/main.yml @@ -46,6 +46,7 @@ s3_bucket: state: present name: '{{ log_bucket_1 }}' + object_ownership: BucketOwnerPreferred register: output - assert: that: @@ -56,6 +57,7 @@ s3_bucket: state: present name: '{{ log_bucket_2 }}' + object_ownership: BucketOwnerPreferred register: output - assert: that: diff --git a/tests/integration/targets/s3_sync/tasks/main.yml b/tests/integration/targets/s3_sync/tasks/main.yml index 02411841805..08496cd74a6 100644 --- a/tests/integration/targets/s3_sync/tasks/main.yml +++ b/tests/integration/targets/s3_sync/tasks/main.yml @@ -15,6 +15,9 @@ s3_bucket: name: "{{ test_bucket }}" state: present + public_access: + block_public_acls: false + object_ownership: BucketOwnerPreferred register: output - assert: