botocore.exceptions.ClientError when trying to run integration tests

[Zvirovyi]

Steps to reproduce

1. Clone the project
2. Run the backups integration test: tox -e integration -- tests/integration/test_backups.py::test_backup_aws --keep-models
3. Encounter botocore.exceptions.ClientError error

Expected behavior

Test to successfully complete.

Actual behavior

Test fails with ERROR tests/integration/test_backups.py::test_backup_aws - botocore.exceptions.ClientError: An error occurred (SignatureDoesNotMatch) when calling the ListObjects operation: Access denied.

Versions

Operating system: Ubuntu 24.04.1 LTS

Juju CLI: 3.5.3-genericlinux-amd64 (also tried 3.4.x, but same result)

Juju agent: 3.5.3 (also tried 3.4.x, but same result)

Charm revision: 58ff61a399f3846178514b9fedb8eff40f36f0ac (latest commit right now, but occurring on the previous revisions too)

LXD: 6.1

Log output

Juju debug log: vm_SignatureDoesNotMatch.log

Additional context

Same thing happens on the k8s.

[syncronize-issues-to-jira[bot]]

Thank you for reporting us your feedback!

The internal ticket has been created: https://warthogs.atlassian.net/browse/DPE-5592.

This message was autogenerated

[marceloneppel]

Hi, @Zvirovyi! Thanks for the report.

The issue is caused by the GCP credentials not being present in the SECRETS_FROM_GITHUB environment variable; the test teardown code is trying to list objects from GCS (as well as from AWS) at https://github.com/canonical/postgresql-operator/blob/ef94d6c2a67232aa7c1ce253ed21255111659af2/tests/integration/test_backups_pitr.py#L90, but there are no credentials to access the bucket/path.

One possible solution is to check whether the credentials are available in the test teardown code before trying to list the objects from GCS.