Extend test_updater_delegation_graphs.py with tests
for targets metadata search.
- create a new test class TestTargetFileSearch which creates
a single repository and pefrorms multiple file searches in
subtests.
- group the common functionality in a base class TestDelegations.
- extend the data classes to accomodate for target_files.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Reduce the number of variables in the while loop by using
len(visited_role_names) instead of number_of_delegations.
Include equality in the comparison with config.max_delegations
to account for visiting "targets". Shorten the commit message.
Add max number of delegations test case.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Simplified ``tox`` environ list not to expect that developer has
all multiple Python version, but instead run with the python version
available.
Also, it adds docs build to environ list.
Running ``tox`` will run the lint, docs, and py.
The CI covers the multiple supported Python versions, and the
developers still can use tox -e py{version}
Signed-off-by: Kairo de Araujo <kdearaujo@vmware.com>
This commit adds to the docs tox session the flag ``-W``, which
turns the warnings into errors.
The CI will fail once it gets errors.
Signed-off-by: Kairo de Araujo <kdearaujo@vmware.com>
This will be the final release of python-tuf that includes the
legacy implementation code. Please see the [*1.0.0
announcement*](1.0.0-ANNOUNCEMENT.md) page for more details about
the next release and the deprecation of the legacy implementation,
including migration instructions.
Co-authored-by: Jussi Kukkonen <jkukkonen@vmware.com>
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
* ngclient and Metadata API are production ready: start with them, then
mention legacy
* link to API reference instead of code
* link to examples instead of (legacy) getting started document
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
metadata_dir matches metadata_base_url better.
This is an API break for anyone using named arguments.
Fixes#1638
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
Replace the use of "patch" in test_graph_traversal
with the newly added fetch_tracker from RepositorySimulator.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Add tests creating delegations graphs with different complexity
and successfully updating the delegated roles metadata.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
I added "dateutil" as a possible argument type for
`Metadata.bump_expiration()` as we are already testing for this and
implying it should be supported.
The problem is that "dateutil" is not added as a nontest requirement
and after a discussion, we decided we don't want to add it as well.
That's why we decided to remove "dateutil" mentions from the code
and not confuse our users we support it.
We will create a separate issue discussing the validity of
`Metadata.bump_expiration()`.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Sanitize the delegated rolenames in the repo simulator when dumping in
a directory the same way the ngclient does.
That's necessary because when testing fishy role names leads to an
error:
"PermissionError: [Errno 13] Permission denied: '/.json'"
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Use a "try" block to catch exceptions during failing
subtests and always execute the subtest clean up code.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Reduce the number of function arguments and use
DelegatedRole instead.
When adding a list of delegations to the repository,
move the Targets creation inside the loop to create
a separate Targets object for each delegation.
Create a new Metadata obgect only for delegated roles
which do not exist yet in the repository.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
* Add a document that announces a stable "modern
implementation"-only 1.0.0 release, with the following contents:
- the scheduled release date
- contents of release (metadata API, ngclient, no legacy code)
- legacy code deprecation note (adr 2)
- note about lack of repository tool (adr 10)
- migration instructions
* Add "important notice" to head of main README, pointing to above
document.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Following parallel merges of #1700 (added new test method),
and #1710 (started running mypy on tests), ci/cd fails in the
develop branch. This is fixed in this patch.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Change the delta argument type from the tuf/api/metadata.py module
in Signed.bump_expiration() to include relativedelta as
this provides an easier interface for the callers.
We are already testing for that inside test/api line 338.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Mypy warns us when we assign a not defined variable to an object, but
that is something that we are warned for from pylint (seach for
"pylint: disable=no-member" in test_updater_key_rotations.py
and you will find an example where we have to disable it).
We don't want to have two linters checking for the same thing
as we can end up disabling two warnings that are actually the same
on a single line.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Make _fetch_metadata and _fetch_taget public by renaming them to
fetch_metadata and fetch_target.
This will allow the removal of multiple pylint disables because of
"accessing private members".
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Logging configuration is part from each test file begging from commit
03b15fb4be
We should that as well for tests/test_examples.py
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Mypy reported a couple of errors for missing stubs on GitHub
https://github.com/theupdateframework/python-tuf/runs/4431787287?check_suite_focus=true
The error noted that:
"tests/test_api.py:19: error: Library stubs not installed for
"dateutil.relativedelta" (or incompatible with Python 3.10)"
In order to resolve it I added "types-python-dateutil" into
requirements-test.txt
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Exclude regexs/globs are needed to exclude the test files testing
the old code.
After we remove those files we will be able to remove the exclude
regex/globs.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Rename test files testing the old code by adding an "old" suffix.
This is done, so we can easily exclude them from linting.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
The changes are automatic linting fixes from black.
The target files are only those who test the new code.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
This commit implements a feature in Repository Simulator to
track the fetch calls to the metadata and targets. This feature was
mentioned in PR #1666 that generated issue #1682.
This commit adds RepositorySimulator.fetch_tracker. It also changes
the tests/test_updater_consistent_snapshot.py to use the
fetch_tracker instead of using mock.
It implements a dataclass that stores the calls to fetch metadata
(_fetch_metadata) in fetch_tracker.metadata and targets
(_fetch_targets) in fetch_tracker.targets.
The fetch calls for metadata, and targets are stored as lists.
Signed-off-by: Kairo de Araujo <kdearaujo@vmware.com>
In addition to multiple smaller review fixes:
* Explain how the proposed library is minimal: more specific
functionality may be added as we get more experience
* Explain what a concrete Repository implementation must implement
(details are obviously subject to change but this is what the
current prototype requires)
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
