diff --git a/changelogs/unreleased/9554-testsabirweb b/changelogs/unreleased/9554-testsabirweb new file mode 100644 index 000000000..18b925797 --- /dev/null +++ b/changelogs/unreleased/9554-testsabirweb @@ -0,0 +1 @@ +Issue #9544: Add test coverage for S3 bucket name in MRAP ARN notation and fix bucket validation to accept ARN format \ No newline at end of file diff --git a/pkg/persistence/object_store.go b/pkg/persistence/object_store.go index eaf983819..fd441e943 100644 --- a/pkg/persistence/object_store.go +++ b/pkg/persistence/object_store.go @@ -149,7 +149,8 @@ func (b *objectBackupStoreGetter) Get(location *velerov1api.BackupStorageLocatio // if there are any slashes in the middle of 'bucket', the user // probably put / in the bucket field, which we // don't support. - if strings.Contains(bucket, "/") { + // Exception: MRAP ARNs (arn:aws:s3::...) legitimately contain slashes. + if strings.Contains(bucket, "/") && !strings.HasPrefix(bucket, "arn:aws:s3:") { return nil, errors.Errorf("backup storage location's bucket name %q must not contain a '/' (if using a prefix, put it in the 'Prefix' field instead)", location.Spec.ObjectStorage.Bucket) } diff --git a/pkg/persistence/object_store_test.go b/pkg/persistence/object_store_test.go index fac2f8d97..e9a3bde36 100644 --- a/pkg/persistence/object_store_test.go +++ b/pkg/persistence/object_store_test.go @@ -943,6 +943,24 @@ func TestNewObjectBackupStoreGetter(t *testing.T) { wantBucket: "bucket", wantPrefix: "prefix/", }, + { + name: "when the Bucket field is an MRAP ARN, it should be valid", + location: builder.ForBackupStorageLocation("", "").Provider("provider-1").Bucket("arn:aws:s3::123456789012:accesspoint/abcdef0123456.mrap").Result(), + objectStoreGetter: objectStoreGetter{ + "provider-1": newInMemoryObjectStore("arn:aws:s3::123456789012:accesspoint/abcdef0123456.mrap"), + }, + credFileStore: velerotest.NewFakeCredentialsFileStore("", nil), + wantBucket: "arn:aws:s3::123456789012:accesspoint/abcdef0123456.mrap", + }, + { + name: "when the Bucket field is an MRAP ARN with trailing slash, it should be valid and trimmed", + location: builder.ForBackupStorageLocation("", "").Provider("provider-1").Bucket("arn:aws:s3::123456789012:accesspoint/abcdef0123456.mrap/").Result(), + objectStoreGetter: objectStoreGetter{ + "provider-1": newInMemoryObjectStore("arn:aws:s3::123456789012:accesspoint/abcdef0123456.mrap"), + }, + credFileStore: velerotest.NewFakeCredentialsFileStore("", nil), + wantBucket: "arn:aws:s3::123456789012:accesspoint/abcdef0123456.mrap", + }, } for _, tc := range tests {