micro-osd.sh: Clarify the suspicion around S3 credentials

It's unusual to put any kind of credentials out in open. The set
of credentials defined with `S3_ACCESS_KEY` and `S3_SECRET_KEY`
variables in the script are questionable in its nature. But these
are not real/valid credential values in any form for AWS rather
used for testing the S3 compatible API from Ceph RGW. Therefore
clarify the intention and replace with sample values from official
AWS documentation.

Signed-off-by: Anoop C S <anoopcs@cryptolab.net>
This commit is contained in:
Anoop C S 2023-12-08 11:30:26 +05:30 committed by mergify[bot]
parent 7a733111f2
commit 09d81f5bb3
4 changed files with 14 additions and 9 deletions

View File

@ -39,10 +39,15 @@ MON_NAME="a"
MGR_NAME="x" MGR_NAME="x"
MIRROR_ID="m" MIRROR_ID="m"
RGW_ID="r" RGW_ID="r"
S3_ACCESS_KEY=2262XNX11FZRR44XWIRD
S3_SECRET_KEY=rmtuS1Uj1bIC08QFYGW18GfSHAbkPqdsuYynNudw
HOST_IP=$(getent ahostsv4 "${HOSTNAME}" | grep STREAM | head -n 1 | awk '{print $1}')
# Following are examples for S3 credentials taken from official AWS docs:
# https://docs.aws.amazon.com/IAM/latest/UserGuide/security-creds.html#access-keys-and-secret-access-keys
# These does not represent real/valid credentials for AWS in any form.
# They are exclusively used for testing S3 compatible API from Ceph RGW.
S3_ACCESS_KEY=AKIAIOSFODNN7EXAMPLE
S3_SECRET_KEY=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
HOST_IP=$(getent ahostsv4 "${HOSTNAME}" | grep STREAM | head -n 1 | awk '{print $1}')
FSID="$(uuidgen)" FSID="$(uuidgen)"
export CEPH_CONF=${DIR}/ceph.conf export CEPH_CONF=${DIR}/ceph.conf

View File

@ -3,7 +3,7 @@
You must create an admin user like so: You must create an admin user like so:
``` ```
radosgw-admin user create --uid admin --display-name "Admin User" --caps "buckets=*;users=*;usage=read;metadata=read;zone=read --access-key=2262XNX11FZRR44XWIRD --secret-key=rmtuS1Uj1bIC08QFYGW18GfSHAbkPqdsuYynNudw radosgw-admin user create --uid admin --display-name "Admin User" --caps "buckets=*;users=*;usage=read;metadata=read;zone=read --access-key=AKIAIOSFODNN7EXAMPLE --secret-key=wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY
``` ```
Then use the `access_key` and `secret_key` for authentication. Then use the `access_key` and `secret_key` for authentication.
@ -19,7 +19,7 @@ import (
func main() { func main() {
// Generate a connection object // Generate a connection object
co, err := admin.New("http://192.168.1.1", "2262XNX11FZRR44XWIRD", "rmtuS1Uj1bIC08QFYGW18GfSHAbkPqdsuYynNudw", nil) co, err := admin.New("http://192.168.1.1", "AKIAIOSFODNN7EXAMPLE", "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY", nil)
if err != nil { if err != nil {
panic(err) panic(err)
} }

View File

@ -114,8 +114,8 @@ func (s *S3Agent) createBucket(name string) error {
} }
func (suite *RadosGWTestSuite) SetupConnection() { func (suite *RadosGWTestSuite) SetupConnection() {
suite.accessKey = "2262XNX11FZRR44XWIRD" suite.accessKey = "AKIAIOSFODNN7EXAMPLE"
suite.secretKey = "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" suite.secretKey = "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
hostname := os.Getenv("HOSTNAME") hostname := os.Getenv("HOSTNAME")
endpoint := hostname endpoint := hostname
if hostname != "test_ceph_aio" { if hostname != "test_ceph_aio" {

View File

@ -45,8 +45,8 @@ var (
"keys": [ "keys": [
{ {
"user": "dashboard-admin", "user": "dashboard-admin",
"access_key": "4WD1FGM5PXKLC97YC0SZ", "access_key": "AKIAIOSFODNN7EXAMPLE",
"secret_key": "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" "secret_key": "wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY"
} }
], ],
"swift_keys": [ "swift_keys": [