test: attributes, object locking, legal hold, retention

2026-04-16 02:46:59 +00:00 · 2024-05-17 15:20:16 -03:00
parent 99a84abdba
commit ea7d020ec8
19 changed files with 467 additions and 67 deletions
--- a/tests/commands/copy_object.sh
+++ b/tests/commands/copy_object.sh
@@ -25,4 +25,17 @@ copy_object() {
    return 1
  fi
  return 0
-}
+}
+
+copy_object_empty() {
+  error=$(aws --no-verify-ssl s3api copy-object 2>&1) || local result=$?
+  if [[ $result -eq 0 ]]; then
+    log 2 "copy object with empty parameters returned no error"
+    return 1
+  fi
+  if [[ $error != *"the following arguments are required: --bucket, --copy-source, --key" ]]; then
+    log 2 "copy object with no params returned mismatching error: $error"
+    return 1
+  fi
+  return 0
+}
--- a/tests/commands/create_bucket.sh
+++ b/tests/commands/create_bucket.sh
@@ -29,3 +29,18 @@ create_bucket() {
  fi
  return 0
 }
+
+create_bucket_object_lock_enabled() {
+  if [ $# -ne 1 ]; then
+    log 2 "create bucket missing bucket name"
+    return 1
+  fi
+
+  local exit_code=0
+  error=$(aws --no-verify-ssl s3api create-bucket --bucket "$1" 2>&1 --object-lock-enabled-for-bucket) || local exit_code=$?
+  if [ $exit_code -ne 0 ]; then
+    log 2 "error creating bucket: $error"
+    return 1
+  fi
+  return 0
+}
--- a/tests/commands/delete_object.sh
+++ b/tests/commands/delete_object.sh
@@ -2,7 +2,7 @@

 delete_object() {
  if [ $# -ne 3 ]; then
-    echo "delete object command requires command type, bucket, key"
+    log 2 "delete object command requires command type, bucket, key"
    return 1
  fi
  local exit_code=0
@@ -16,11 +16,36 @@ delete_object() {
  elif [[ $1 == 'mc' ]]; then
    error=$(mc --insecure rm "$MC_ALIAS/$2/$3" 2>&1) || exit_code=$?
  else
-    echo "invalid command type $1"
+    log 2 "invalid command type $1"
+    return 1
+  fi
+  log 5 "delete object exit code: $exit_code"
+  if [ $exit_code -ne 0 ]; then
+    log 2 "error deleting object: $error"
+    return 1
+  fi
+  return 0
+}
+
+delete_object_with_user() {
+  if [ $# -ne 5 ]; then
+    log 2 "delete object with user command requires command type, bucket, key, access ID, secret key"
+    return 1
+  fi
+  local exit_code=0
+  if [[ $1 == 's3' ]]; then
+    error=$(AWS_ACCESS_KEY_ID="$4" AWS_SECRET_ACCESS_KEY="$5" aws --no-verify-ssl s3 rm "s3://$2/$3" 2>&1) || exit_code=$?
+  elif [[ $1 == 's3api' ]] || [[ $1 == 'aws' ]]; then
+    error=$(AWS_ACCESS_KEY_ID="$4" AWS_SECRET_ACCESS_KEY="$5" aws --no-verify-ssl s3api delete-object --bucket "$2" --key "$3" 2>&1) || exit_code=$?
+  elif [[ $1 == 's3cmd' ]]; then
+    error=$(s3cmd "${S3CMD_OPTS[@]}" --no-check-certificate rm --access_key="$4" --secret_key="$5" "s3://$2/$3" 2>&1) || exit_code=$?
+  else
+    log 2 "command 'delete object with user' not implemented for '$1'"
    return 1
  fi
  if [ $exit_code -ne 0 ]; then
-    echo "error deleting object: $error"
+    log 2 "error deleting object: $error"
+    export error
    return 1
  fi
  return 0
--- a/tests/commands/get_object_attributes.sh
+++ b/tests/commands/get_object_attributes.sh
@@ -0,0 +1,17 @@
+#!/usr/bin/env bash
+
+get_object_attributes() {
+  if [[ $# -ne 2 ]]; then
+    log 2 "'get object attributes' command requires bucket, key"
+    return 1
+  fi
+  attributes=$(aws --no-verify-ssl s3api get-object-attributes --bucket "$1" --key "$2" --object-attributes "ObjectSize" 2>&1) || local get_result=$?
+  if [[ $get_result -ne 0 ]]; then
+    log 2 "error getting object attributes: $attributes"
+    return 1
+  fi
+  attributes=$(echo "$attributes" | grep -v "InsecureRequestWarning")
+  log 5 "$attributes"
+  export attributes
+  return 0
+}
--- a/tests/commands/get_object_legal_hold.sh
+++ b/tests/commands/get_object_legal_hold.sh
@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+get_object_legal_hold() {
+  if [[ $# -ne 2 ]]; then
+    log 2 "'get object legal hold' command requires bucket, key"
+    return 1
+  fi
+  legal_hold=$(aws --no-verify-ssl s3api get-object-legal-hold --bucket "$1" --key "$2" 2>&1) || local get_result=$?
+  if [[ $get_result -ne 0 ]]; then
+    log 2 "error getting object legal hold: $legal_hold"
+    return 1
+  fi
+  export legal_hold
+  return 0
+}
--- a/tests/commands/get_object_lock_configuration.sh
+++ b/tests/commands/get_object_lock_configuration.sh
@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+get_object_lock_configuration() {
+  if [[ $# -ne 1 ]]; then
+    log 2 "'get object lock configuration' command missing bucket name"
+    return 1
+  fi
+  lock_config=$(aws --no-verify-ssl s3api get-object-lock-configuration --bucket "$1") || local get_result=$?
+  if [[ $get_result -ne 0 ]]; then
+    log 2 "error obtaining lock config: $lock_config"
+    return 1
+  fi
+  export lock_config
+  return 0
+}
--- a/tests/commands/get_object_retention.sh
+++ b/tests/commands/get_object_retention.sh
@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+get_object_retention() {
+  if [[ $# -ne 2 ]]; then
+    log 2 "'get object retention' command requires bucket, key"
+    return 1
+  fi
+  retention=$(aws --no-verify-ssl s3api get-object-retention --bucket "$1" --key "$2" 2>&1) || local get_result=$?
+  if [[ $get_result -ne 0 ]]; then
+    log 2 "error getting object retention: $retention"
+    return 1
+  fi
+  export retention
+  return 0
+}
--- a/tests/commands/list_object_versions.sh
+++ b/tests/commands/list_object_versions.sh
@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+list_object_versions() {
+  if [[ $# -ne 1 ]]; then
+    log 2 "'list object versions' command requires bucket name"
+    return 1
+  fi
+  versions=$(aws --no-verify-ssl s3api list-object-versions --bucket "$1") || local list_result=$?
+  if [[ $list_result -ne 0 ]]; then
+    log 2 "error listing object versions: $versions"
+    return 1
+  fi
+  export versions
+  return 0
+}
--- a/tests/commands/put_object.sh
+++ b/tests/commands/put_object.sh
@@ -2,7 +2,7 @@

 put_object() {
  if [ $# -ne 4 ]; then
-    echo "put object command requires command type, source, destination bucket, destination key"
+    log 2 "put object command requires command type, source, destination bucket, destination key"
    return 1
  fi
  local exit_code=0
@@ -16,13 +16,34 @@ put_object() {
  elif [[ $1 == 'mc' ]]; then
    error=$(mc --insecure put "$2" "$MC_ALIAS/$3/$4" 2>&1) || exit_code=$?
  else
-    echo "'put object' command not implemented for '$1'"
+    log 2 "'put object' command not implemented for '$1'"
    return 1
  fi
  log 5 "put object exit code: $exit_code"
  if [ $exit_code -ne 0 ]; then
-    echo "error putting object into bucket: $error"
+    log 2 "error putting object into bucket: $error"
    return 1
  fi
  return 0
-}
+}
+
+put_object_with_user() {
+  if [ $# -ne 6 ]; then
+    log 2 "put object command requires command type, source, destination bucket, destination key, aws ID, aws secret key"
+    return 1
+  fi
+  local exit_code=0
+  if [[ $1 == 's3api' ]] || [[ $1 == 'aws' ]]; then
+    error=$(AWS_ACCESS_KEY_ID="$5" AWS_SECRET_ACCESS_KEY="$6" aws --no-verify-ssl s3api put-object --body "$2" --bucket "$3" --key "$4" 2>&1) || exit_code=$?
+  else
+    log 2 "'put object with user' command not implemented for '$1'"
+    return 1
+  fi
+  log 5 "put object exit code: $exit_code"
+  if [ $exit_code -ne 0 ]; then
+    log 2 "error putting object into bucket: $error"
+    export error
+    return 1
+  fi
+  return 0
+}
--- a/tests/commands/put_object_legal_hold.sh
+++ b/tests/commands/put_object_legal_hold.sh
@@ -0,0 +1,15 @@
+#!/usr/bin/env bash
+
+put_object_legal_hold() {
+  if [[ $# -ne 3 ]]; then
+    log 2 "'put object legal hold' command requires bucket, key, hold status ('ON' or 'OFF')"
+    return 1
+  fi
+  local error=""
+  error=$(aws --no-verify-ssl s3api put-object-legal-hold --bucket "$1" --key "$2" --legal-hold "{\"Status\": \"$3\"}" 2>&1) || local put_hold_result=$?
+  if [[ $put_hold_result -ne 0 ]]; then
+    log 2 "error putting object legal hold: $error"
+    return 1
+  fi
+  return 0
+}
--- a/tests/commands/put_object_retention.sh
+++ b/tests/commands/put_object_retention.sh
@@ -0,0 +1,14 @@
+#!/usr/bin/env bash
+
+put_object_retention() {
+  if [[ $# -ne 4 ]]; then
+    log 2 "'put object retention' command requires bucket, key, retention mode, retention date"
+    return 1
+  fi
+  error=$(aws --no-verify-ssl s3api put-object-retention --bucket "$1" --key "$2" --retention "{\"Mode\": \"$3\", \"RetainUntilDate\": \"$4\"}" 2>&1) || local put_result=$?
+  if [[ $put_result -ne 0 ]]; then
+    log 2 "error putting object retention:  $error"
+    return 1
+  fi
+  return 0
+}
--- a/tests/commands/select_object_content.sh
+++ b/tests/commands/select_object_content.sh
@@ -0,0 +1,20 @@
+#!/usr/bin/env bash
+
+select_object_content() {
+  if [[ $# -ne 7 ]]; then
+    log 2 "'select object content' command requires bucket, key, expression, expression type, input serialization, output serialization, outfile"
+    return 1
+  fi
+  error=$(aws --no-verify-ssl s3api select-object-content \
+    --bucket "$1" \
+    --key "$2" \
+    --expression "$3" \
+    --expression-type "$4" \
+    --input-serialization "$5" \
+    --output-serialization "$6" "$7" 2>&1) || local select_result=$?
+  if [[ $select_result -ne 0 ]]; then
+    log 2 "error selecting object content: $error"
+    return 1
+  fi
+  return 0
+}
--- a/tests/test_aws.sh
+++ b/tests/test_aws.sh
@@ -14,11 +14,20 @@ source ./tests/commands/get_bucket_acl.sh
 source ./tests/commands/get_bucket_policy.sh
 source ./tests/commands/get_bucket_versioning.sh
 source ./tests/commands/get_object.sh
+source ./tests/commands/get_object_attributes.sh
+source ./tests/commands/get_object_legal_hold.sh
+source ./tests/commands/get_object_lock_configuration.sh
+source ./tests/commands/get_object_retention.sh
+source ./tests/commands/list_object_versions.sh
 source ./tests/commands/put_bucket_acl.sh
 source ./tests/commands/put_bucket_policy.sh
 source ./tests/commands/put_bucket_versioning.sh
 source ./tests/commands/put_object.sh
+source ./tests/commands/put_object_legal_hold.sh
+source ./tests/commands/put_object_retention.sh
+source ./tests/commands/select_object_content.sh

+# abort-multipart-upload
@test "test_abort_multipart_upload" {
  local bucket_file="bucket-file"
  bucket_file_data="test file\n"
@@ -39,6 +48,7 @@ source ./tests/commands/put_object.sh
  delete_test_files $bucket_file
 }

+# complete-multipart-upload
@test "test_complete_multipart_upload" {
  local bucket_file="bucket-file"
  bucket_file_data="test file\n"
@@ -60,15 +70,35 @@ source ./tests/commands/put_object.sh
  delete_test_files $bucket_file
 }

+# copy-object
@test "test_copy_object" {
  test_common_copy_object "s3api"
 }

-# test creation and deletion of bucket on versitygw
+@test "test_copy_object_empty" {
+  copy_object_empty || local result=$?
+  [[ result -eq 0 ]] || fail "copy objects with no parameters test failure"
+}
+
+# create-bucket
@test "test_create_delete_bucket_aws" {
  test_common_create_delete_bucket "aws"
 }

+# create-multipart-upload - test_complete_multipart_upload
+
+# delete-bucket - test_create_delete_bucket_aws
+
+# delete-bucket-policy
+@test "test_get_put_delete_bucket_policy" {
+  test_common_get_put_delete_bucket_policy "aws"
+}
+
+# delete-bucket-tagging
+@test "test-set-get-delete-bucket-tags" {
+  test_common_set_get_delete_bucket_tags "aws"
+}
+
@test "test_put_object" {
  bucket_file="bucket_file"

@@ -124,7 +154,6 @@ source ./tests/commands/put_object.sh

 # test ability to retrieve bucket ACLs
@test "test_get_bucket_acl" {
-
  setup_bucket "aws" "$BUCKET_ONE_NAME" || local created=$?
  [[ $created -eq 0 ]] || fail "Error creating bucket"

@@ -137,6 +166,125 @@ source ./tests/commands/put_object.sh
  delete_bucket_or_contents "aws" "$BUCKET_ONE_NAME"
 }

+@test "test_get_object_attributes" {
+  bucket_file="bucket_file"
+
+  create_test_files "$bucket_file" || local created=$?
+  [[ $created -eq 0 ]] || fail "Error creating test files"
+  setup_bucket "s3api" "$BUCKET_ONE_NAME" || local created=$?
+  [[ $created -eq 0 ]] || fail "Error creating bucket"
+  put_object "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || local copy_result=$?
+  [[ $copy_result -eq 0 ]] || fail "Failed to add object to bucket"
+  get_object_attributes "$BUCKET_ONE_NAME" "$bucket_file" || local get_result=$?
+  [[ $get_result -eq 0 ]] || fail "failed to get object attributes"
+  # shellcheck disable=SC2154
+  if echo "$attributes" | jq -e 'has("ObjectSize")'; then
+    object_size=$(echo "$attributes" | jq ".ObjectSize")
+    [[ $object_size == 0 ]] || fail "Incorrect object size: $object_size"
+  else
+    fail "ObjectSize parameter missing: $attributes"
+  fi
+  delete_bucket_or_contents "s3api" "$BUCKET_ONE_NAME"
+}
+
+@test "test_get_put_object_legal_hold" {
+  # bucket must be created with lock for legal hold
+  if [[ $RECREATE_BUCKETS == false ]]; then
+    return
+  fi
+
+  bucket_file="bucket_file"
+  username="ABCDEFG"
+  secret_key="HIJKLMN"
+
+  legal_hold_retention_setup "$username" "$secret_key" "$bucket_file"
+
+  get_object_lock_configuration "$BUCKET_ONE_NAME" || fail "error getting lock configuration"
+  # shellcheck disable=SC2154
+  log 5 "$lock_config"
+  enabled=$(echo "$lock_config" | jq -r ".ObjectLockConfiguration.ObjectLockEnabled")
+  [[ $enabled == "Enabled" ]] || fail "ObjectLockEnabled should be 'Enabled', is '$enabled'"
+
+  put_object_legal_hold "$BUCKET_ONE_NAME" "$bucket_file" "ON" || fail "error putting legal hold on object"
+  get_object_legal_hold "$BUCKET_ONE_NAME" "$bucket_file" || fail "error getting object legal hold status"
+  # shellcheck disable=SC2154
+  log 5 "$legal_hold"
+  hold_status=$(echo "$legal_hold" | grep -v "InsecureRequestWarning" | jq -r ".LegalHold.Status")
+  [[ $hold_status == "ON" ]] || fail "Status should be 'ON', is '$hold_status'"
+
+  echo "fdkljafajkfs" > "$test_file_folder/$bucket_file"
+  put_object_with_user "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$username" "$secret_key" || local put_result=$?
+  [[ $put_result -ne 0 ]] || fail "able to overwrite object with hold"
+  [[ $error == *"Object is WORM protected and cannot be overwritten"* ]] || fail "unexpected error message: $error"
+
+  delete_object_with_user "s3api" "$BUCKET_ONE_NAME" "$bucket_file" "$username" "$secret_key" || local delete_result=$?
+  [[ $delete_result -ne 0 ]] || fail "able to delete object with hold"
+  [[ $error == *"Object is WORM protected and cannot be overwritten"* ]] || fail "unexpected error message: $error"
+  put_object_legal_hold "$BUCKET_ONE_NAME" "$bucket_file" "OFF" || fail "error removing legal hold on object"
+  delete_object_with_user "s3api" "$BUCKET_ONE_NAME" "$bucket_file" "$username" "$secret_key" || fail "error deleting object after removing legal hold"
+
+  delete_bucket_recursive "s3api" "$BUCKET_ONE_NAME"
+}
+
+@test "test_get_put_object_retention" {
+  # bucket must be created with lock for legal hold
+  if [[ $RECREATE_BUCKETS == false ]]; then
+    return
+  fi
+
+  bucket_file="bucket_file"
+  username="ABCDEFG"
+  secret_key="HIJKLMN"
+
+  legal_hold_retention_setup "$username" "$secret_key" "$bucket_file"
+
+  get_object_lock_configuration "$BUCKET_ONE_NAME" || fail "error getting lock configuration"
+  log 5 "$lock_config"
+  enabled=$(echo "$lock_config" | jq -r ".ObjectLockConfiguration.ObjectLockEnabled")
+  [[ $enabled == "Enabled" ]] || fail "ObjectLockEnabled should be 'Enabled', is '$enabled'"
+
+  if [[ "$OSTYPE" == "darwin"* ]]; then
+    retention_date=$(date -v+2d +"%Y-%m-%dT%H:%M:%S")
+  else
+    retention_date=$(date -d "+2 days" +"%Y-%m-%dT%H:%M:%S")
+  fi
+  put_object_retention "$BUCKET_ONE_NAME" "$bucket_file" "GOVERNANCE" "$retention_date" || fail "failed to add object retention"
+  get_object_retention "$BUCKET_ONE_NAME" "$bucket_file" || fail "failed to get object retention"
+  log 5 "$retention"
+  retention=$(echo "$retention" | grep -v "InsecureRequestWarning")
+  mode=$(echo "$retention" | jq -r ".Retention.Mode")
+  retain_until_date=$(echo "$retention" | jq -r ".Retention.RetainUntilDate")
+  [[ $mode == "GOVERNANCE" ]] || fail "retention mode should be governance, is $mode"
+  [[ $retain_until_date == "$retention_date"* ]] || fail "retain until date should be $retention_date, is $retain_until_date"
+
+  echo "fdkljafajkfs" > "$test_file_folder/$bucket_file"
+  put_object_with_user "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" "$username" "$secret_key" || local put_result=$?
+  [[ $put_result -ne 0 ]] || fail "able to overwrite object with hold"
+  [[ $error == *"Object is WORM protected and cannot be overwritten"* ]] || fail "unexpected error message: $error"
+
+  delete_object_with_user "s3api" "$BUCKET_ONE_NAME" "$bucket_file" "$username" "$secret_key" || local delete_result=$?
+  [[ $delete_result -ne 0 ]] || fail "able to delete object with hold"
+  [[ $error == *"Object is WORM protected and cannot be overwritten"* ]] || fail "unexpected error message: $error"
+
+  delete_object "s3api" "$BUCKET_ONE_NAME" "$bucket_file" || fail "error deleting object"
+  delete_bucket_recursive "s3api" "$BUCKET_ONE_NAME"
+}
+
+legal_hold_retention_setup() {
+  if [[ $# -ne 3 ]]; then
+    log 2 "legal hold or retention setup requires username, secret key, bucket file"
+    return 1
+  fi
+
+  delete_bucket_if_exists "s3api" "$BUCKET_ONE_NAME" || fail "error deleting bucket, or checking for existence"
+  create_user_if_nonexistent "$1" "$2" "user" || fail "error creating user if nonexistent"
+  create_test_files "$3" || fail "error creating test files"
+
+  create_bucket_object_lock_enabled "$BUCKET_ONE_NAME" || fail "error creating bucket"
+  change_bucket_owner "$AWS_ACCESS_KEY_ID" "$AWS_SECRET_ACCESS_KEY" "$BUCKET_ONE_NAME" "$1" || fail "error changing bucket ownership"
+  put_object_with_user "s3api" "$test_file_folder/$3" "$BUCKET_ONE_NAME" "$3" "$AWS_ACCESS_KEY_ID" "$AWS_SECRET_ACCESS_KEY" || fail "failed to add object to bucket"
+}
+
@test "test_put_bucket_acl" {
  test_common_put_bucket_acl "s3api"
 }
@@ -194,10 +342,21 @@ source ./tests/commands/put_object.sh
  delete_test_files "$object_one" "$object_two"
 }

-# test abilty to set and retrieve bucket tags
-@test "test-set-get-delete-bucket-tags" {
-  test_common_set_get_delete_bucket_tags "aws"
-}
+#@test "test_select_object_content" {
+#  bucket_file="bucket_file"
+#
+#  create_test_files "$bucket_file" || local created=$?
+#  [[ $created -eq 0 ]] || fail "Error creating test files"
+#
+#  printf "Field,Value\nSomething,Also Something" > "$test_file_folder/$bucket_file"
+#  cat "$test_file_folder/$bucket_file"
+#
+#  setup_bucket "s3api" "$BUCKET_ONE_NAME" || local created=$?
+#  [[ $created -eq 0 ]] || fail "Error creating bucket"
+#  put_object "s3api" "$test_file_folder/$bucket_file" "$BUCKET_ONE_NAME" "$bucket_file" || local copy_result=$?
+#  [[ $copy_result -eq 0 ]] || fail "Failed to add object to bucket"
+#  select_object_content "$BUCKET_ONE_NAME" "$bucket_file" "select * from s3object limit 1" "SQL" "{\"CSV\": {}}" "{\"CSV\": {}}" "output.csv"
+#}

 #@test "test_get_set_versioning" {
 #  test_common_get_set_versioning "s3api"
@@ -473,7 +632,3 @@ source ./tests/commands/put_object.sh
@test "test_get_bucket_location" {
  test_common_get_bucket_location "aws"
 }
-
-@test "test_get_put_delete_bucket_policy" {
-  test_common_get_put_delete_bucket_policy "aws"
-}
--- a/tests/test_mc.sh
+++ b/tests/test_mc.sh
@@ -9,19 +9,33 @@ source ./tests/commands/put_bucket_policy.sh

 export RUN_MC=true

+# complete-multipart-upload
@test "test_multipart_upload_mc" {
  test_common_multipart_upload "mc"
 }

+# copy-object
@test "test_copy_object" {
  test_common_copy_object "mc"
 }

-# test mc bucket creation/deletion
+# create-bucket
@test "test_create_delete_bucket" {
  test_common_create_delete_bucket "mc"
 }

+# delete-bucket - test_create_delete_bucket
+
+# delete-bucket-policy
+@test "test_get_put_delete_bucket_policy" {
+  test_common_get_put_delete_bucket_policy "mc"
+}
+
+# delete-bucket-tagging
+@test "test_set_get_delete_bucket_tags" {
+  test_common_set_get_delete_bucket_tags "mc"
+}
+
@test "test_put_object-with-data-mc" {
  test_common_put_object_with_data "mc"
 }
@@ -38,10 +52,6 @@ export RUN_MC=true
  test_common_list_objects "mc"
 }

-@test "test_set_get_bucket_tags_mc" {
-  test_common_set_get_delete_bucket_tags "mc"
-}
-
@test "test_set_get_object_tags_mc" {
  test_common_set_get_object_tags "mc"
 }
@@ -91,7 +101,3 @@ export RUN_MC=true
@test "test_get_bucket_location" {
  test_common_get_bucket_location "mc"
 }
-
-@test "test_get_put_delete_bucket_policy" {
-  test_common_get_put_delete_bucket_policy "mc"
-}
--- a/tests/test_s3.sh
+++ b/tests/test_s3.sh
@@ -2,18 +2,23 @@

 source ./tests/test_common.sh

+# complete-multipart-upload
@test "test_complete_multipart_upload" {
  test_common_multipart_upload "s3"
 }

+# copy-object
@test "test_copy_object" {
  test_common_copy_object "s3"
 }

+# create-bucket
@test "test_create_delete_bucket" {
  test_common_create_delete_bucket "s3"
 }

+# delete-bucket - test_create_delete_bucket
+
@test "test_put_object" {
  test_common_put_object_no_data "s3"
 }
--- a/tests/test_s3cmd.sh
+++ b/tests/test_s3cmd.sh
@@ -11,24 +11,33 @@ source ./tests/commands/put_bucket_policy.sh

 export RUN_S3CMD=true

+# complete-multipart-upload
@test "test_complete_multipart_upload" {
  test_common_multipart_upload "s3cmd"
 }

-# test s3cmd put object
+# copy-object
@test "test_copy_object_with_data" {
  test_common_put_object_with_data "s3cmd"
 }

+# copy-object
@test "test_copy_object_no_data" {
  test_common_put_object_no_data "s3cmd"
 }

-# test s3cmd bucket creation/deletion
+# create-bucket
@test "test_create_delete_bucket" {
  test_common_create_delete_bucket "s3cmd"
 }

+# delete-bucket - test_create_delete_bucket
+
+# delete-bucket-policy
+@test "test_get_put_delete_bucket_policy" {
+  test_common_get_put_delete_bucket_policy "s3cmd"
+}
+
 #@test "test_put_bucket_acl" {
 #  test_common_put_bucket_acl "s3cmd"
 #}
@@ -83,7 +92,3 @@ export RUN_S3CMD=true
@test "test_get_bucket_location" {
  test_common_get_bucket_location "s3cmd"
 }
-
-@test "test_get_put_delete_bucket_policy" {
-  test_common_get_put_delete_bucket_policy "s3cmd"
-}
--- a/tests/util.sh
+++ b/tests/util.sh
@@ -49,26 +49,26 @@ delete_bucket_recursive() {

 delete_bucket_recursive_s3api() {
  if [[ $# -ne 1 ]]; then
-    echo "delete bucket recursive command for s3api requires bucket name"
+    log 2 "delete bucket recursive command for s3api requires bucket name"
    return 1
  fi
-  list_objects 's3api' "$1" || list_result=$?
+  list_objects 's3api' "$1" || local list_result=$?
  if [[ $list_result -ne 0 ]]; then
-    echo "error listing objects"
+    log 2 "error listing objects"
    return 1
  fi
  # shellcheck disable=SC2154
  for object in "${object_array[@]}"; do
-    delete_object 's3api' "$1" "$object" || delete_result=$?
-    if [[ $delete_result -ne 0 ]]; then
-      echo "error deleting object $object"
+    delete_object 's3api' "$1" "$object" || local delete_object_result=$?
+    if [[ $delete_object_result -ne 0 ]]; then
+      log 2 "error deleting object $object"
      return 1
    fi
  done

-  delete_bucket 's3api' "$1" || delete_result=$?
-  if [[ $delete_result -ne 0 ]]; then
-    echo "error deleting bucket"
+  delete_bucket 's3api' "$1" || local delete_bucket_result=$?
+  if [[ $delete_bucket_result -ne 0 ]]; then
+    log 2 "error deleting bucket"
    return 1
  fi
  return 0
@@ -107,17 +107,20 @@ delete_bucket_contents() {
 # return 0 for true, 1 for false, 2 for error
 bucket_exists() {
  if [ $# -ne 2 ]; then
-    echo "bucket exists check missing command type, bucket name"
+    log 2 "bucket exists check missing command type, bucket name"
    return 2
  fi

  head_bucket "$1" "$2" || local check_result=$?
  if [[ $check_result -ne 0 ]]; then
    # shellcheck disable=SC2154
+    bucket_info=$(echo "$bucket_info" | grep -v "InsecureRequestWarning")
+    log 5 "$bucket_info"
    if [[ "$bucket_info" == *"404"* ]] || [[ "$bucket_info" == *"does not exist"* ]]; then
+      log 5 "bucket not found"
      return 1
    fi
-    echo "error checking if bucket exists"
+    log 2 "error checking if bucket exists"
    return 2
  fi
  return 0
@@ -147,43 +150,56 @@ delete_bucket_or_contents() {
  return 0
 }

+delete_bucket_if_exists() {
+  if [ $# -ne 2 ]; then
+    log 2 "bucket creation function requires command type, bucket name"
+    return 1
+  fi
+  local bucket_exists_result
+  bucket_exists "$1" "$2" || local bucket_exists_result=$?
+  if [[ $bucket_exists_result -eq 2 ]]; then
+    log 2 "Bucket existence check error"
+    return 1
+  fi
+  if [[ $bucket_exists_result -eq 0 ]]; then
+    delete_bucket_or_contents "$1" "$2" || local delete_result=$?
+    if [[ delete_result -ne 0 ]]; then
+      log 2 "error deleting bucket or contents"
+      return 1
+    fi
+    #if [[ $RECREATE_BUCKETS == "false" ]]; then
+    log 5 "bucket and/or bucket data deletion success"
+    return 0
+    #fi
+  fi
+  if [[ $RECREATE_BUCKETS == "false" ]]; then
+    log 2 "When RECREATE_BUCKETS isn't set to \"true\", buckets should be pre-created by user"
+    return 1
+  fi
+  return 0
+}
+
 # if RECREATE_BUCKETS is set to true create bucket, deleting it if it exists to clear state.  If not,
 # check to see if it exists and return an error if it does not.
 # param:  bucket name
 # return 0 for success, 1 for failure
 setup_bucket() {
  if [ $# -ne 2 ]; then
-    echo "bucket creation function requires command type, bucket name"
+    log 2 "bucket creation function requires command type, bucket name"
    return 1
  fi
-  local exists_result
-  bucket_exists "$1" "$2" || exists_result=$?
-  if [[ $exists_result -eq 2 ]]; then
-    echo "Bucket existence check error"
-    return 1
-  fi
-  if [[ $exists_result -eq 0 ]]; then
-    delete_bucket_or_contents "$1" "$2" || delete_result=$?
-    if [[ delete_result -ne 0 ]]; then
-      echo "error deleting bucket or contents"
-      return 1
-    fi
-    if [[ $RECREATE_BUCKETS == "false" ]]; then
-      echo "bucket data deletion success"
-      return 0
-    fi
-  fi
-  if [[ $exists_result -eq 1 ]] && [[ $RECREATE_BUCKETS == "false" ]]; then
-    echo "When RECREATE_BUCKETS isn't set to \"true\", buckets should be pre-created by user"
+  delete_bucket_if_exists "$1" "$2" || local delete_bucket_result=$?
+  if [[ $delete_bucket_result -ne 0 ]]; then
+    log 2 "error deleting bucket, or checking for bucket existence"
    return 1
  fi
  local create_result
  create_bucket "$1" "$2" || create_result=$?
  if [[ $create_result -ne 0 ]]; then
-    echo "Error creating bucket"
+    log 2 "Error creating bucket"
    return 1
  fi
-  echo "Bucket creation success"
+  log 5 "Bucket creation success"
  return 0
 }

--- a/tests/util_bucket_create.sh
+++ b/tests/util_bucket_create.sh
@@ -12,7 +12,7 @@ create_bucket_with_user() {
  if [[ $1 == "aws" ]]; then
    error=$(AWS_ACCESS_KEY_ID="$3" AWS_SECRET_ACCESS_KEY="$4" aws --no-verify-ssl s3 mb s3://"$2" 2>&1) || exit_code=$?
  elif [[ $1 == "s3cmd" ]]; then
-    error=$(s3cmd "${S3CMD_OPTS[@]}" --no-check-certificate mb s3://"$2" 2>&1) || exit_code=$?
+    error=$(s3cmd "${S3CMD_OPTS[@]}" --no-check-certificate mb --access_key="$3" --secret_key="$4" s3://"$2" 2>&1) || exit_code=$?
  elif [[ $1 == "mc" ]]; then
    error=$(mc --insecure mb "$MC_ALIAS"/"$2" 2>&1) || exit_code=$?
  else
--- a/tests/util_users.sh
+++ b/tests/util_users.sh
@@ -13,6 +13,19 @@ create_user() {
  return 0
 }

+create_user_if_nonexistent() {
+  if [[ $# -ne 3 ]]; then
+    echo "create user command requires user ID, key, and role"
+    return 1
+  fi
+  if user_exists "$1"; then
+    log 5 "user $1 already exists"
+    return 0
+  fi
+  create_user "$1" "$2" "$3"
+  return $?
+}
+
 create_user_with_user() {
  if [[ $# -ne 5 ]]; then
    echo "create user with user command requires creator ID, key, and new user ID, key, and role"