feat(object): encryption create is working issue with read

Author: Laure-di

internal/services/object/object.go

@@ -107,7 +107,7 @@ func ResourceObject() *schema.Resource {
 					string(s3Types.ObjectCannedACLPublicRead),
 				}, false),
 			},
-			"sse-customer-key": {
+			"sse_customer_key": {
 				Type:        schema.TypeString,
 				Optional:    true,
 				Sensitive:   true,
@@ -156,12 +156,18 @@ func resourceObjectCreate(ctx context.Context, d *schema.ResourceData, m interfa
 		req.ACL = s3Types.ObjectCannedACL(*visibilityStr)
 	}
 
-	if encryptionKeyStr, ok := d.Get("sse-customer-key").(string); ok {
-		encryptionKey := base64.StdEncoding.EncodeToString([]byte(encryptionKeyStr))
-		encryptionKeyMD5 := md5.Sum([]byte(encryptionKey))
+	if encryptionKeyStr, ok := d.Get("sse_customer_key").(string); ok {
+		encryptionKey := []byte(encryptionKeyStr)
+		h := md5.New()
+		_, err := h.Write(encryptionKey)
+		if err != nil {
+			return diag.FromErr(err)
+		}
+		digest := h.Sum(nil)
+		digestMD5 := base64.StdEncoding.EncodeToString(digest)
 		req.SSECustomerAlgorithm = scw.StringPtr("AES256")
-		req.SSECustomerKeyMD5 = aws.String(string(encryptionKeyMD5[:]))
-		req.SSECustomerKey = aws.String(string(encryptionKey[:]))
+		req.SSECustomerKeyMD5 = &digestMD5
+		req.SSECustomerKey = aws.String(base64.StdEncoding.EncodeToString(encryptionKey))
 	}
 
 	if filePath, hasFile := d.GetOk("file"); hasFile {
@@ -290,10 +296,12 @@ func resourceObjectRead(ctx context.Context, d *schema.ResourceData, m interface
 	ctx, cancel := context.WithTimeout(ctx, d.Timeout(schema.TimeoutRead))
 	defer cancel()
 
-	obj, err := s3Client.HeadObject(ctx, &s3.HeadObjectInput{
+	req := &s3.HeadObjectInput{
 		Bucket: types.ExpandStringPtr(bucket),
 		Key:    types.ExpandStringPtr(key),
-	})
+	}
+
+	obj, err := s3Client.HeadObject(ctx, req)
 	if err != nil {
 		return diag.FromErr(err)
 	}

internal/services/object/object_test.go

@@ -21,9 +21,10 @@ import (
 
 // // Service information constants
 const (
-	ServiceName = "scw"       // Name of service.
-	EndpointsID = ServiceName // ID to look up a service endpoint with.
-	encryptionStr = "Pignouf"
+	ServiceName     = "scw"       // Name of service.
+	EndpointsID     = ServiceName // ID to look up a service endpoint with.
+	encryptionStr   = "1234567890abcdef1234567890abcdef"
+	contentToEncypt = "Hello World"
 )
 
 func TestAccObject_Basic(t *testing.T) {
@@ -738,7 +739,7 @@ func TestAccObject_WithBucketName(t *testing.T) {
 func TestAccObject_Encryption(t *testing.T) {
 	tt := acctest.NewTestTools(t)
 	defer tt.Cleanup()
-	bucketName := sdkacctest.RandomWithPrefix("test-acc-scaleway-object-basic")
+	bucketName := sdkacctest.RandomWithPrefix("test-acc-scaleway-object-encryption")
 	resource.ParallelTest(t, resource.TestCase{
 		PreCheck:          func() { acctest.PreCheck(t) },
 		ProviderFactories: tt.ProviderFactories,
@@ -747,27 +748,6 @@ func TestAccObject_Encryption(t *testing.T) {
 			objectchecks.IsBucketDestroyed(tt),
 		),
 		Steps: []resource.TestStep{
-			{
-				Config: fmt.Sprintf(`
-					resource "scaleway_object_bucket" "base-01" {
-						name = "%s"
-						region= "%s"
-						tags = {
-							foo = "bar"
-						}
-					}
-
-					resource scaleway_object "file" {
-						bucket = scaleway_object_bucket.base-01.id
-						key = "myfile"
-						file   = "testfixture/empty.qcow2"
-					}
-				`, bucketName, objectTestsMainRegion),
-				Check: resource.ComposeTestCheckFunc(
-					objectchecks.CheckBucketExists(tt, "scaleway_object_bucket.base-01", true),
-					testAccCheckObjectExists(tt, "scaleway_object.file"),
-				),
-			},
 			{
 				Config: fmt.Sprintf(`
 					resource "scaleway_object_bucket" "base-01" {
@@ -781,12 +761,13 @@ func TestAccObject_Encryption(t *testing.T) {
 					resource scaleway_object "file" {
 						bucket = scaleway_object_bucket.base-01.id
 						key = "myfile/foo"
-						file   = "testfixture/empty.qcow2"
+						content = "Hello World"
+						sse_customer_key = "%s"
 					}
-				`, bucketName, objectTestsMainRegion),
+				`, bucketName, objectTestsMainRegion, encryptionStr),
 				Check: resource.ComposeTestCheckFunc(
 					objectchecks.CheckBucketExists(tt, "scaleway_object_bucket.base-01", true),
-					testAccCheckObjectExists(tt, "scaleway_object.file"),
+					testAccCheckObjectExists(tt, "scaleway_object.content"),
 				),
 			},
 			{
@@ -802,12 +783,13 @@ func TestAccObject_Encryption(t *testing.T) {
 					resource scaleway_object "file" {
 						bucket = scaleway_object_bucket.base-01.id
 						key = "myfile/foo/bar"
-						file   = "testfixture/empty.qcow2"
+						content = "Hello World"
+						sse_customer_key = "%s"
 					}
-				`, bucketName, objectTestsMainRegion),
+				`, bucketName, objectTestsMainRegion, encryptionStr),
 				Check: resource.ComposeTestCheckFunc(
 					objectchecks.CheckBucketExists(tt, "scaleway_object_bucket.base-01", true),
-					testAccCheckObjectExists(tt, "scaleway_object.file"),
+					testAccCheckObjectExists(tt, "scaleway_object.content"),
 				),
 			},
 		},
@@ -844,7 +826,6 @@ func testAccCheckObjectExists(tt *acctest.TestTools, n string) resource.TestChec
 		_, err = s3Client.GetObject(ctx, &s3.GetObjectInput{
 			Bucket: scw.StringPtr(bucketName),
 			Key:    scw.StringPtr(key),
-			SSECustomerKey:
 		})
 		if err != nil {
 			if object.IsS3Err(err, object.ErrCodeNoSuchBucket, "") {