Remove use of six
Signed-off-by: Velichka Atanasova <avelichka@vmware.com>
Replace the use of dict.items(mydict) with mydict.items(), dict.keys(mydict) with mydict.keys() and dict.values(mydict) with mydict.values()
Signed-off-by: Velichka Atanasova <avelichka@vmware.com>
Replace 'import urllib' and 'import urllib.x' with 'from urllib import x' for vendor compatibility
Signed-off-by: Velichka Atanasova <avelichka@vmware.com>
Currently, we are importing the "utils" module in tests/utils
with "import utils".
This could become a problem when there is another module with
the same general name "utils" and could lead to import mistakes.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
The field confined_target_dirs from the MIRROR_SCHEMA is
a list of strings. Those strings define the accessible target
paths for that mirror. For one target to be available for that mirror,
its path should have as a prefix at least one of the strings defined
in confined_target_dirs.
That's why when confined_target_dirs is a list with one element empty
string (e.g. ['']) this means all targets files on that mirror are
available and if confined_target_dirs is empty list (e.g. []) this
would be interpreted as none of the target files is available.
This is a confusing API that could easily lead to mistakes.
That's why it's better we promote to not set confined_target_dirs
at all if a user wants targets to be available.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Our 'expires' strings are constrained by the ISO8601_DATETIME_SCHEMA
which matches regex '\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}Z'. This can be
parsed with just a datetime.strptime(): iso8601 module is not needed.
* Add formats.expiry_string_to_datetime() helper function
* Modify the 3 locations that used iso8601 and the api/metadata.py usage
of datetime.strptime()
* Remove related unnecessary logger setup
* Add the missing exception documentation to relevant functions (in many
cases the exception is rather unlikely as the schema has been verified
many times before this though...)
Fixes#1065
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
Modify test cases which use unsigned metadata.
Update test_sign_metadata to check for empty key list.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
all test_*.py files now accept zero or more '-v' to increase tuf
logging level. The default is now ERROR.
default: ERROR
"-v": ERROR, but unittest prints test names
"-vv": WARNING
"-vvv": INFO
"-vvvv": DEBUG
Example to run a single test with DEBUG level:
python3 test_updater.py -vvvv TestUpdater.test_4_refresh
Also make test_log.py restore the log level it modifies during test.
Fixes#1093
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
This separation and refactoring is part of the change to
make length and hashes optional for timestamp and snapshot roles.
It separates FILEINFO_SCHEMA into two separate schemas:
TARGETS_FILEINFO_SCHEMA and METADATA_FILEINFO_SCHEMA.
The distinction is needed because as of version 1.0.1 of the tuf
spec targets role has mandatory length and hashes, and
snapshot and timestamp roles have a mandatory version, and optional
length and hashes.
That's why targets can't share the same schemas
as timestamp and snapshot.
Because of that schema distinction, make_fileinfo had to be too
separated into make_targets_fileinfo and make_metadata_fileinfo.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
TUF specific schemas have moved to tuf.formats, ensure they are used
throughout and remove stray references to no longer supported schemas
in securesystemslib.format
Signed-off-by: Joshua Lock <jlock@vmware.com>
Updates SPEC_VERSION definition in tuf/__init__.py, test files and
docstring in formats.build_dict_conforming_to_schema.
Test metadata will be updated in separate commits.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Add schemas KEYDB_SCHEMA, SIGNATURESTATUS_SCHEMA and
VERSIONINFO_SCHEMA, removed in
secure-systems-lab/securesystemslib#165 as TUF specific, and adopt
usage accordingly.
NOTE: The usefulness of these schemas may be assessed in a
different PR.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Raise an error if it's not a schema.Object instance (not just
if it's not a schema.Schema instance).
Also adds a test for this.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
in tuf.formats.build_dict_conforming_to_schema
Populate _type with the expected value for the given schema, and
populate spec_version with tuf.SPECIFICATION_VERSION. Do this only
when the values are not provided, and support overriding them.
Also adds testing for the above and takes advantage of the above
in repository_lib's _generate metadata functions.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
tuf.formats.make_role_metadata concerned itself with exclusivity checks
for paths and path_hash_prefixes, but no code actually used it for
relevant data. It's yet another custom metadata writer replaced by
build_dict_conforming_to_schema.
Signed-off-by: Sebastien Awwad <sebastien.awwad@gmail.com>
The repository tools should properly write and load consistent versions of root.json and snapshot.json. Version numbers were previously prepended to these two roles.
