RFE: ability to add custom cert or disable cert validation in S3 endpoint

grafana / k6-jslib-aws

Javascript Library allowing to interact with AWS resources from k6 scripts

Apache License 2.0

18 stars 28 forks source link

RFE: ability to add custom cert or disable cert validation in S3 endpoint #91

Open rgordill opened 6 months ago

rgordill commented 6 months ago

Hi.

When using the s3.js functions, if the s3 endpoint is an internal one with custom certs, it throws an error:

level=warning msg="Request Failed" error="Put "https://s3.internal.com:443/k6-s3/results-1-0.json\": tls: failed to verify certificate: x509: certificate signed by unknown authority"

This is an usual situation when using minio, ceph rgw, etc. We need an option to disable cert validation (non sensible envs) or add custom certs to validate them correctly.

joanlopez commented 5 months ago

Hi @rgordill,

First of all, sorry for the delayed answer 🙏🏻

That being said, I'd like to ask you: have you tried with either Insecure skip TLS verify or TLS auth k6 options?

If I'm not wrong, the S3Client relies on standard k6 http client (see here and its usages), and as explained here, these are the options to configure TLS.

Thanks!

rgordill commented 5 months ago

Hi, @joanlopez.

Yes, I made it working by disabling validation globally with the procedure you have mentioned. But IMHO, there should be a particular configuration that impacts only to the S3Client, while we use the former workaround.

Thanks