Commit graph

3856 commits

Author SHA1 Message Date
Joshua Lock
1d9c6ac63b
Merge pull request #1153 from jku/allow-no-metadata-or-targets-in-client-config
mirrors: Make targets_path and metadata_path optional
2020-10-15 10:37:09 +01:00
Joshua Lock
b57aa5857b
Merge pull request #1173 from jku/add-missing-local-repository-error
Add MissingLocalRepositoryError
2020-10-15 10:35:39 +01:00
Joshua Lock
a7b74de454
Merge pull request #1170 from jku/filter-warnings
tests: Filter useless warnings
2020-10-14 15:54:05 +01:00
lukpueh
c3923613eb
Merge pull request #1176 from jku/remove-iso8601
Remove iso8601 dependency
2020-10-14 10:01:33 +02:00
Jussi Kukkonen
2f69986e2b Remove iso8601 dependency
Our 'expires' strings are constrained by the ISO8601_DATETIME_SCHEMA
which matches regex '\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}Z'. This can be
parsed with just a datetime.strptime(): iso8601 module is not needed.

* Add formats.expiry_string_to_datetime() helper function
* Modify the 3 locations that used iso8601 and the api/metadata.py usage
  of datetime.strptime()
* Remove related unnecessary logger setup
* Add the missing exception documentation to relevant functions (in many
  cases the exception is rather unlikely as the schema has been verified
  many times before this though...)

Fixes #1065

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-10-13 20:06:14 +03:00
Jussi Kukkonen
f8606d9645 sig: Remove iso8601 logger mentions
sig does not use iso8601: no need to silence its logging

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-10-13 12:11:37 +03:00
Jussi Kukkonen
7d73958a2a Add MissingLocalRepositoryError
This allows clients to separate
a) missing local repository and
b) error while loading local repository

This is fully backwards-compliant: MissingLocalRepositoryError derives
from RepositoryError and every situation that now results in
MissingLocalRepositoryError used to result in a RepositoryError.

Fixes #1063

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-10-12 15:23:15 +03:00
Jussi Kukkonen
060ef1dfd5 tests: Filter useless warnings
Filter out:
 * DeprecationWarnings for updater module when we are on purpose
   testing deprecated methods from updater
 * SubjectAltNameWarning for connections to our test server

These warnings are visible with e.g.
  python3 test_updater.py

The large change in test_download.py is just indentation into with-block.

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-10-09 12:10:49 +03:00
Trishank Karthik Kuppusamy
baae9bd1a2
Merge pull request #1162 from jku/1160-Add-LICENSE-to-MANIFEST-in
MANIFEST.in: Include LICENSE files
2020-10-05 14:38:07 -04:00
Jussi Kukkonen
f3ab08d73f MANIFEST.in: Include LICENSE files
This seems to be a common way to handle license files. Also, vendoring
tool fails to handle tuf without a LICENSE file.

Fixes #1160

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-10-05 13:13:58 +03:00
Joshua Lock
d51dbb8639
Merge pull request #1100 from sechkova/issue-1050
Raise an error on loading/writing unsigned metadata
2020-10-02 14:37:01 +01:00
Teodora Sechkova
bebf19ac20
Update test_updater_root_rotation_integration
Modify test_root_rotation_missing_keys to not use an empty signing
keys list.

Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
2020-10-02 16:05:12 +03:00
Teodora Sechkova
27388833e8
Update test_repository_lib and test_formats
Modify test cases which use unsigned metadata.
Update test_sign_metadata to check for empty key list.

Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
2020-10-02 16:05:12 +03:00
Teodora Sechkova
e0086d64a5
Log warning on UnsignedMetadataError in repository_lib
Except the UnsignedMetadataError generated by
check_signable_object_format() and log a warning.

When creating metadata objects on the repository side of TUF,
a use case may exist where  metadata is generated unsigned on
one machine and signed on another.

Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
2020-10-02 16:05:11 +03:00
Teodora Sechkova
d3c612bb53
Raise error on empty 'signatures' list
Modify  check_signable_object_format() to raise an error
if signable has an empty 'signatures' list.

Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
2020-10-02 16:05:07 +03:00
Joshua Lock
461663f363
Merge pull request #1151 from MVrachev/testing-doc
Add doc for the possible cmd args while testing
2020-10-01 21:58:11 +01:00
Martin Vrachev
cce6b7bb59 Add doc for the possible cmd args while testing
This information could be useful for newcomers
to better understand how to debug TUF.

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-10-01 15:20:59 +03:00
Joshua Lock
fb2eaa5f23
Merge pull request #1104 from MVrachev/silence-log-with-temp-files
Log subproceses stdout and stderr in temp files
2020-10-01 12:40:23 +01:00
Martin Vrachev
e2ccfdb213 Reorder the tearDownClass cleanup
Fixes an issue where rmtree tries to access and consequently remove
a temp folder where the server has opened a file already.
This results in error:
"PermissionError: [WinError 32] The process cannot access the file
because it is being used by another process"

For reference read:
https://github.com/theupdateframework/tuf/issues/1119

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-10-01 12:22:19 +03:00
Martin Vrachev
2693620ee8 Make TimeoutError message more comprehensive
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-10-01 12:22:19 +03:00
Martin Vrachev
7f885d2160 Remove redundant comments from test classes
I don't see a need to leave a comment about what setupClass,
tearDownClass, setup and tearDown functions do.
There is documentation that describes that.
Additionally, the links referenced in the comments are from
Python 2 is deprecated.

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-10-01 12:22:19 +03:00
Martin Vrachev
02c67d1980 Remove a not used function
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-10-01 12:22:19 +03:00
Martin Vrachev
5b44dd8808 Remove unneceserry checks in server files
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-10-01 12:22:19 +03:00
Martin Vrachev
6f02646408 Log subproceses stdout and stderr in temp files
Logging the stdout and stderr from the test subprocesses into
temporary files clean the console from unnecessary messages from
the server-side such as "code 404, message File not found" or
"GET" queries.

I have decided to create TestServerProcess class that will handle
the server subprocess creation and redirection to a temporary file
object. That way that code can be reused in more than 10 files.

Also, I have cleaned some parts of the unit test to make them more
readable and efficient with the new abstraction.

The unit tests are executed in sequential order and that's why
we can reuse one temporary file object for multiple tests.

Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-10-01 12:22:08 +03:00
lukpueh
e06e8e1afc
Merge pull request #1078 from joshuagl/joshuagl/existing-fileinfo
Minor error message clarifications and greater testing for generating targets metadata with existing fileinfo
2020-09-29 17:19:24 +02:00
Jussi Kukkonen
7a94f7856a mirrors: Make targets_path and metadata_path optional
Now clients can leave out targets_path or metadata_path if the
client knows the mirror does not have that type of targets.

This is backwards compatible: old mirror configs continue to work.

Fixes #1079

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-09-25 10:01:44 +03:00
Martin Vrachev
45d031957f Remove redundant "url" class member from tests
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
2020-09-23 17:17:41 +03:00
Joshua Lock
fdccb8dc0b
Merge pull request #1149 from theupdateframework/dependabot/pip/cryptography-3.1.1
build(deps): bump cryptography from 3.1 to 3.1.1
2020-09-23 13:00:55 +01:00
dependabot-preview[bot]
ec90e1cd75
build(deps): bump cryptography from 3.1 to 3.1.1
Bumps [cryptography](https://github.com/pyca/cryptography) from 3.1 to 3.1.1.
- [Release notes](https://github.com/pyca/cryptography/releases)
- [Changelog](https://github.com/pyca/cryptography/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pyca/cryptography/compare/3.1...3.1.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-23 10:30:35 +00:00
Joshua Lock
505f3545d5
Merge pull request #1145 from jku/silence-errors-to-be-raised
Silence errors to be raised
2020-09-22 13:42:27 +01:00
Joshua Lock
687506fa61
Merge pull request #1147 from jku/close-all-the-things
Close file objects, requests.Responses
2020-09-22 13:03:21 +01:00
Jussi Kukkonen
fb9d8e7d64 Download: Fix documentation
* Remove dead urls: trust reader to find Requests documentation on
  their own
* Mention that "stream" means that downloading the body is deferred

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-09-22 14:22:46 +03:00
Jussi Kukkonen
26f45858d7 Download: Don't leak requests.Responses
Use 'with' to avoid leaking responses when response.raise_for_status()
is used.

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-09-22 14:22:46 +03:00
Jussi Kukkonen
b5a3c705db Avoid leaving unclosed file objects
* move code to only create objects after potential raises
* Use 'with' when possible
* close manually if those did not help

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-09-22 14:22:46 +03:00
Jussi Kukkonen
1e7ca5fb42 tests: Set root logger level too
We want the tests own log output visible as well, and they are not
under the "tuf" logger. Set root level to the same value as "tuf".

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-09-16 14:38:10 +03:00
Jussi Kukkonen
1e0a2a3103 docs: Mention how to run individual tests
Fixes #1076.

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-09-15 22:34:12 +03:00
Jussi Kukkonen
03b15fb4be tests: Configure logging for all test files
all test_*.py files now accept zero or more '-v' to increase tuf
logging level. The default is now ERROR.

default: ERROR
"-v":    ERROR, but unittest prints test names
"-vv":   WARNING
"-vvv":  INFO
"-vvvv": DEBUG

Example to run a single test with DEBUG level:
  python3 test_updater.py -vvvv TestUpdater.test_4_refresh

Also make test_log.py restore the log level it modifies during test.

Fixes #1093

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-09-15 21:36:50 +03:00
Jussi Kukkonen
aad3bd49eb tests: remove test_init and test_exceptions
All of these tests create an exception and log it. They do not
actually test anything.

The alternative would be to change the log level to something that is
not error to prevent verbose error output on successful test runs --
but that still wouldn't make them actual tests.

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-09-15 19:49:04 +03:00
Jussi Kukkonen
69a45946e6 Updater: Don't log errors that will be raised
Don't use log level ERROR when we are only raising an exception for user
to handle (the issue is not a bug in TUF: TUF is working as expected in
all of these cases). Don't log at all if all the info is included in the
raised exception.

Also definitely don't log at error level when we don't know if this will
even be raised (e.g. a 404 is expected at least once on every
Updater.refresh()).

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-09-15 19:49:04 +03:00
Joshua Lock
87e92d589f
Merge pull request #1146 from theupdateframework/dependabot/pip/cffi-1.14.3
build(deps): bump cffi from 1.14.2 to 1.14.3
2020-09-15 16:56:31 +01:00
dependabot-preview[bot]
549222a414
build(deps): bump cffi from 1.14.2 to 1.14.3
Bumps [cffi](https://github.com/python-cffi/release-doc) from 1.14.2 to 1.14.3.
- [Release notes](https://github.com/python-cffi/release-doc/releases)
- [Commits](https://github.com/python-cffi/release-doc/commits)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-15 10:42:28 +00:00
Joshua Lock
74dd43bac8
Merge pull request #1144 from theupdateframework/dependabot/pip/iso8601-0.1.13
build(deps): bump iso8601 from 0.1.12 to 0.1.13
2020-09-15 11:36:01 +01:00
Jussi Kukkonen
4bcf761f35 Download: Do not log unnecessary errors
A mismatched length will lead to DownloadLengthMismatchError that will
be handled by user. There is no need to log Errors or Criticals on the
way.

Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
2020-09-15 10:58:32 +03:00
dependabot-preview[bot]
ccfee2cf50
build(deps): bump iso8601 from 0.1.12 to 0.1.13
Bumps [iso8601](https://github.com/micktwomey/pyiso8601) from 0.1.12 to 0.1.13.
- [Release notes](https://github.com/micktwomey/pyiso8601/releases)
- [Commits](https://github.com/micktwomey/pyiso8601/compare/0.1.12...0.1.13)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-09-14 10:22:36 +00:00
lukpueh
eda46e11da
Merge pull request #1112 from lukpueh/simple-tuf-api
Add simple TUF role metadata model
2020-09-10 17:07:35 +02:00
Lukas Puehringer
f106435aa5 Remove iso8601 dependency from simple metadata api
Use builtin datetime instead of external iso6801 for simple
datetime string parsing. Also see
https://github.com/theupdateframework/tuf/issues/1065

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2020-09-10 16:18:28 +02:00
Lukas Puehringer
228a4c72e0 Ticketize doc header todo items
See:
Add root metadata class to new TUF metadata model #1137
Add classes for complex metadata fields #1139
Add input validation to simple metadata api #1140

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2020-09-10 16:18:28 +02:00
Lukas Puehringer
73dd72d54d Raise on bad signature count in Metadata.verify
Change Metadata.verify(key) behavior to raise an exception if
none or multiple signatures for the passed key are found on the
Metadata object.

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2020-09-10 16:18:28 +02:00
Lukas Puehringer
f9a4ebe1ea Re-order metadata methods logically and add vspace
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2020-09-10 16:18:28 +02:00
Lukas Puehringer
387169fc11 Add from_json metadata convenience wrapper
Add convenience wrapper that takes a json string and passes it
to from_dict to create a Metadata object.

Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
2020-09-10 16:18:28 +02:00