Add Hetzner Object Storage bucket-cataloger module (#1876)#3073
Open
ChrisJr404 wants to merge 1 commit intoblacklanternsecurity:devfrom
Open
Add Hetzner Object Storage bucket-cataloger module (#1876)#3073ChrisJr404 wants to merge 1 commit intoblacklanternsecurity:devfrom
ChrisJr404 wants to merge 1 commit intoblacklanternsecurity:devfrom
Conversation
…ity#1876) Closes blacklanternsecurity#1876. Hetzner offers S3-compatible Object Storage at three locations (Falkenstein fsn1, Nuremberg nbg1, Helsinki hel1), addressed at https://<bucket>.<location>.your-objectstorage.com/. cloudcheck already ships a Hetzner provider, so this just plugs a new bucket_hetzner module into the existing bucket_template: - regions = ['fsn1', 'nbg1', 'hel1'] - all three Object Storage locations documented at https://docs.hetzner.com/storage/object-storage/overview/ - base_domains = ['your-objectstorage.com'] - supports_open_check = True (S3 list-bucket protocol) Adds a focused smoke test verifying the module wires up to the cloudcheck Hetzner provider and emits the documented URL shape. The shared Bucket_Amazon_Base inherited test pattern depends on the cloudcheck regex capturing bucket + host as separate groups, but Hetzner's current cloudcheck regex matches <bucket>.your-objectstorage.com without a region segment - so the smoke-test layout is used here until the cloudcheck regex is region-aware.
Collaborator
|
@ChrisJr404 Thanks for doing this!! I'll see about updating the regexes on the cloudcheck side, then circle back around. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Closes #1876 ("Module TODO: Hetzner Buckets", filed by @TheTechromancer).
Hetzner offers S3-compatible Object Storage at three locations (Falkenstein fsn1, Nuremberg nbg1, Helsinki hel1), addressed at
https://<bucket>.<location>.your-objectstorage.com/. cloudcheck already ships aHetznerprovider, so this PR just plugs a newbucket_hetznermodule into the existingbucket_template.Module
bbot/modules/bucket_hetzner.py— same shape asbucket_digitalocean.py:regions = ['fsn1', 'nbg1', 'hel1']— all three Hetzner Object Storage locations documented here.base_domains = ['your-objectstorage.com']supports_open_check = True(S3-styleListBucketResultprotocol).delimiters = ('', '-')— Hetzner bucket names allow dot/hyphen/underscore ([a-z0-9][a-z0-9-_\\.]{1,61}[a-z0-9]per cloudcheck regex), but only the no-delimiter and single-hyphen forms are useful for permutation enum.Tests
test_module_bucket_hetzner.pyis a focused smoke test:cloudcheck_provider_name == 'Hetzner',base_domains,regionsmatch expectationsbuild_url('examplebucket', 'your-objectstorage.com', 'fsn1')returns'https://examplebucket.fsn1.your-objectstorage.com/'Note for the maintainer
I started by extending `Bucket_Amazon_Base` like the other bucket tests, but the shared base depends on the cloudcheck provider regex separating bucket name and host into two groups. The current cloudcheck Hetzner regex matches `.your-objectstorage.com` without a region segment, so a fixture URL of `.fsn1.your-objectstorage.com` (which is what real Hetzner buckets look like) gets parsed with bucket-name = `.fsn1`, and the bucket-template's brute force then explodes the storage-bucket count past the asserts in the shared base test. Two ways to handle that down the road:
Happy to do (1) as a follow-up MR against
blacklanternsecurity/cloudcheckif you'd prefer that path before this lands.