New pylint warnings appeared related to changes
in urlib3:
- tests/test_fetcher_ng.py:128: error: Argument 1 to "ReadTimeoutError"
has incompatible type "None"; expected "ConnectionPool" [arg-type]
- tests/test_fetcher_ng.py:128: error: Argument 2 to "ReadTimeoutError"
has incompatible type "None"; expected "str" [arg-type]
I noticed these error in this CI run:
https://github.com/theupdateframework/python-tuf/runs/4764931441?check_suite_focus=true
I fixed them by creating a urllib3.HTTPConnectionPool() instance as
the first argument and replaced the second argument with an empty
string.
This seems to do the job.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
After making a successful update of valid metadata which stores it
in cache and performing a second update with a new updater while
the metadata is already stored in cache, this test verifies that
timestamp, snaphot and targets are loaded from cache and not
downloaded
Fixes#1681
Signed-off-by: Ivana Atanasova <iyovcheva@vmware.com>
This test simulates the targets fast-forward attack recovery.
It simulates that the targets keys were compromised, the attacker
generated a new high version of the targets.
The repository generates new key for snapshot to rollback the
targets version to the initial version.
Signed-off-by: Kairo de Araujo <kdearaujo@vmware.com>
Move the remaining
test_snapshot_rollback_with_local_snapshot_hash_mismatch
to test_updater_top_level_update.py and remove the file.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Remove TestUpdater.test_refresh from test_updater_with_simulator.
Testing refresh() is now extensively covered in the newly added
test_updater_top_level_update.py.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Remove `bump_expiration()` method, which is unlikely to be used as
is, i.e. bump to "current expiration date plus delta". A more
realistic use case is to bump to "now plus delta" (see #1727 for
details).
Moreover, bump_expiration can either way easily be replaced by a
one-liner expression using the 'datetime' module. A corresponding
code snippet is added to the `expires` property's docstring. Note:
`expires` became a property with a millisec-removing setter (for
spec conformance) in #1712, which further reduces the need for a
convenience bump_expiration method.
This patch also removes a related unit test and updates another
one.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Add test cases covering downloading and loading from cache
targets with non-matching hash and length.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Remove parts of the test case which are covered in other
tests, this way making its purpose clearer.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Add a new test file and class for testing target files
fetching.
Move test_targets from test_updater_with_simulator.py to
tests/test_updater_fetch_targets.py.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Remove ambiguous, unspecific, opinionated and trivial 'update'
methods, which can be replaced by feasible one-liners that assign
values directly to the object attribute to be *updated*. (see #1627
for details).
Reasons to have these methods would be increased usability in terms of
- reduced work
- immediate feedback on invalid assignments
However, given above described issues, the reasons against the
methods as they are now seem to outweigh the reasons for them.
Furthermore, it seems easier to re-add similar methods, which
addressed these issues, after the upcoming 1.0.0 release than to
remove or modify them.
This patch also removes the corresponding tests as they become
irrelevant (there is no need to test object assignment). In the
case of the timestamp test, the removal also includes redundant
test logic, which is already tested in `test_metadata_base`.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
This test simulates the snapshot fast-forward attack recovery.
It simulates that the snapshot keys were compromised, the attacker
generated a new high version of the snapshot.
The repository generates new keys for snapshot and timestamp and
rollbacks the snapshot version to the initial version.
Signed-off-by: Kairo de Araujo <kdearaujo@vmware.com>
Using a raw string allows the use of backslashes
in the docstring comment whithout them being interpreted
as an escape character.
It also silences pylint W1401: anomalous-backslash-in-string.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Extend test_updater_delegation_graphs.py with tests
for targets metadata search.
- create a new test class TestTargetFileSearch which creates
a single repository and pefrorms multiple file searches in
subtests.
- group the common functionality in a base class TestDelegations.
- extend the data classes to accomodate for target_files.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Reduce the number of variables in the while loop by using
len(visited_role_names) instead of number_of_delegations.
Include equality in the comparison with config.max_delegations
to account for visiting "targets". Shorten the commit message.
Add max number of delegations test case.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
This test simulates the timestamp fast-forward attack recovery.
It simulates that the timestamp keys were compromised, the attacker
generated a new high version of the timestamp.
The repository generates a new key and rollbacks the timestamp
version to the initial version.
Signed-off-by: Kairo de Araujo <kdearaujo@vmware.com>
metadata_dir matches metadata_base_url better.
This is an API break for anyone using named arguments.
Fixes#1638
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
Replace the use of "patch" in test_graph_traversal
with the newly added fetch_tracker from RepositorySimulator.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Add tests creating delegations graphs with different complexity
and successfully updating the delegated roles metadata.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
I added "dateutil" as a possible argument type for
`Metadata.bump_expiration()` as we are already testing for this and
implying it should be supported.
The problem is that "dateutil" is not added as a nontest requirement
and after a discussion, we decided we don't want to add it as well.
That's why we decided to remove "dateutil" mentions from the code
and not confuse our users we support it.
We will create a separate issue discussing the validity of
`Metadata.bump_expiration()`.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Sanitize the delegated rolenames in the repo simulator when dumping in
a directory the same way the ngclient does.
That's necessary because when testing fishy role names leads to an
error:
"PermissionError: [Errno 13] Permission denied: '/.json'"
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Use a "try" block to catch exceptions during failing
subtests and always execute the subtest clean up code.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Reduce the number of function arguments and use
DelegatedRole instead.
When adding a list of delegations to the repository,
move the Targets creation inside the loop to create
a separate Targets object for each delegation.
Create a new Metadata obgect only for delegated roles
which do not exist yet in the repository.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Following parallel merges of #1700 (added new test method),
and #1710 (started running mypy on tests), ci/cd fails in the
develop branch. This is fixed in this patch.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Make _fetch_metadata and _fetch_taget public by renaming them to
fetch_metadata and fetch_target.
This will allow the removal of multiple pylint disables because of
"accessing private members".
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Logging configuration is part from each test file begging from commit
03b15fb4be
We should that as well for tests/test_examples.py
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Rename test files testing the old code by adding an "old" suffix.
This is done, so we can easily exclude them from linting.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
