Even though we don't want to promote the usage of [''] as a value
for confined_target_dirs, it's good to test against because we
don't want to introduce a breaking change for our users.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
The field confined_target_dirs from the MIRROR_SCHEMA is
a list of strings. Those strings define the accessible target
paths for that mirror. For one target to be available for that mirror,
its path should have as a prefix at least one of the strings defined
in confined_target_dirs.
That's why when confined_target_dirs is a list with one element empty
string (e.g. ['']) this means all targets files on that mirror are
available and if confined_target_dirs is empty list (e.g. []) this
would be interpreted as none of the target files is available.
This is a confusing API that could easily lead to mistakes.
That's why it's better we promote to not set confined_target_dirs
at all if a user wants targets to be available.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
We don't need to lint the code with every version of Python, instead add
an extra tox env which lints once with the latest supported Python version
Signed-off-by: Joshua Lock <jlock@vmware.com>
The Targets constructor takes seven arguments, which violates pylints
default value of five for max-arguments:
R0913: Too many arguments (7/5) (too-many-arguments)
As this feels like a coding style decision that should be made and
documented disable that test for only the Targets constructor until
a coding style decision has been made and documented as a decision
record.
Signed-off-by: Joshua Lock <jlock@vmware.com>
Using an else after a raise results in a refactor message from pylint:
R1720: Unnecessary "elif" after "raise" (no-else-raise)
This is because the raise will exit the block, and pylint suggests that
explicit if's, rather than an if-elif-else, are clearer style. Update the
style of Metadata.verify() to match pylint expectations.
Signed-off-by: Joshua Lock <jlock@vmware.com>
A single letter variable name of 'f' causes pylint to throw a coding style
convention warning:
C0103: Variable name "f" doesn't conform to snake_case naming style
(invalid-name)
Signed-off-by: Joshua Lock <jlock@vmware.com>
Add a minimal pylintrc to lint for new code being developed in tuf/api and
update the tox configuration to ignore tuf/api with the default pylintrc
and run an extra invocation of pylint for just the modules in tuf/api.
Signed-off-by: Joshua Lock <jlock@vmware.com>
Our 'expires' strings are constrained by the ISO8601_DATETIME_SCHEMA
which matches regex '\d{4}-\d{2}-\d{2}T\d{2}:\d{2}:\d{2}Z'. This can be
parsed with just a datetime.strptime(): iso8601 module is not needed.
* Add formats.expiry_string_to_datetime() helper function
* Modify the 3 locations that used iso8601 and the api/metadata.py usage
of datetime.strptime()
* Remove related unnecessary logger setup
* Add the missing exception documentation to relevant functions (in many
cases the exception is rather unlikely as the schema has been verified
many times before this though...)
Fixes#1065
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
This allows clients to separate
a) missing local repository and
b) error while loading local repository
This is fully backwards-compliant: MissingLocalRepositoryError derives
from RepositoryError and every situation that now results in
MissingLocalRepositoryError used to result in a RepositoryError.
Fixes#1063
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
Filter out:
* DeprecationWarnings for updater module when we are on purpose
testing deprecated methods from updater
* SubjectAltNameWarning for connections to our test server
These warnings are visible with e.g.
python3 test_updater.py
The large change in test_download.py is just indentation into with-block.
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
* Strongly encourage the reader to use Python 3 for creating release
artefacts
* Recommend cleaning the tuf directory before creating the release
Signed-off-by: Joshua Lock <jlock@vmware.com>
This seems to be a common way to handle license files. Also, vendoring
tool fails to handle tuf without a LICENSE file.
Fixes#1160
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
It's convenient to be able to run unit test scripts directly, rather than
having to pass them as arguments to Python. This is already possible for
several of our unit tests, make it possible for all by setting the execute
bit.
Signed-off-by: Joshua Lock <jlock@vmware.com>
Modify test cases which use unsigned metadata.
Update test_sign_metadata to check for empty key list.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Except the UnsignedMetadataError generated by
check_signable_object_format() and log a warning.
When creating metadata objects on the repository side of TUF,
a use case may exist where metadata is generated unsigned on
one machine and signed on another.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Modify check_signable_object_format() to raise an error
if signable has an empty 'signatures' list.
Signed-off-by: Teodora Sechkova <tsechkova@vmware.com>
Fixes an issue where rmtree tries to access and consequently remove
a temp folder where the server has opened a file already.
This results in error:
"PermissionError: [WinError 32] The process cannot access the file
because it is being used by another process"
For reference read:
https://github.com/theupdateframework/tuf/issues/1119
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
I don't see a need to leave a comment about what setupClass,
tearDownClass, setup and tearDown functions do.
There is documentation that describes that.
Additionally, the links referenced in the comments are from
Python 2 is deprecated.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Logging the stdout and stderr from the test subprocesses into
temporary files clean the console from unnecessary messages from
the server-side such as "code 404, message File not found" or
"GET" queries.
I have decided to create TestServerProcess class that will handle
the server subprocess creation and redirection to a temporary file
object. That way that code can be reused in more than 10 files.
Also, I have cleaned some parts of the unit test to make them more
readable and efficient with the new abstraction.
The unit tests are executed in sequential order and that's why
we can reuse one temporary file object for multiple tests.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
Now clients can leave out targets_path or metadata_path if the
client knows the mirror does not have that type of targets.
This is backwards compatible: old mirror configs continue to work.
Fixes#1079
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
* Remove dead urls: trust reader to find Requests documentation on
their own
* Mention that "stream" means that downloading the body is deferred
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>