From e7c85714788b6e5b689f6296e9f41ea9243fb50a Mon Sep 17 00:00:00 2001 From: Michael Spector Date: Sun, 30 Jun 2024 10:39:12 +0300 Subject: [PATCH] Removed fake AWS credentials from arrow-rs test code --- README.md | 3 +++ arrow-rs/object_store/src/aws/credential.rs | 6 +++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 83e0e64..3f27a83 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,9 @@ The project is based on [arrow-rs](https://github.com/apache/arrow-rs) library. The clone of this repository presents in this repository under `arrow-rs` directory. The file `KUSTO.patch` contains all custom patches applied on the original `arrow-rs` code. +(In addition, some fake AWS secrets must be removed from `arrow-rs/object_store/src/aws/credential.rs` test code, + to avoid false positive alerts from security scanner). + # Building `cargo build --release` diff --git a/arrow-rs/object_store/src/aws/credential.rs b/arrow-rs/object_store/src/aws/credential.rs index c13f8aa..cb49847 100644 --- a/arrow-rs/object_store/src/aws/credential.rs +++ b/arrow-rs/object_store/src/aws/credential.rs @@ -852,8 +852,8 @@ mod tests { let client = Client::new(); let credential = AwsCredential { - key_id: "H20ABqCkLZID4rLe".to_string(), - secret_key: "jMqRDgxSsBqqznfmddGdu1TmmZOJQxdM".to_string(), + key_id: "".to_string(), + secret_key: "".to_string(), token: None, }; @@ -882,7 +882,7 @@ mod tests { }; authorizer.authorize(&mut request, None); - assert_eq!(request.headers().get(&AUTHORIZATION).unwrap(), "AWS4-HMAC-SHA256 Credential=H20ABqCkLZID4rLe/20220809/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=9ebf2f92872066c99ac94e573b4e1b80f4dbb8a32b1e8e23178318746e7d1b4d") + assert_eq!(request.headers().get(&AUTHORIZATION).unwrap(), "AWS4-HMAC-SHA256 Credential=/20220809/us-east-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=9ebf2f92872066c99ac94e573b4e1b80f4dbb8a32b1e8e23178318746e7d1b4d") } #[tokio::test]