def FetchBuilderJsonFromMilo(master,
builder,
limit=100,
service_account_file=None): # pragma: no cover
LOGGER.debug('Fetching buildbot json for %s/%s from milo', master, builder)
body = {'master': master, 'builder': builder, 'limit': limit}
headers = {
'Accept': 'application/json',
'Content-Type': 'application/json',
}
http = httplib2.Http(timeout=300)
if service_account_file:
creds = infra_libs.get_signed_jwt_assertion_credentials(
service_account_file, scope=OAUTH_SCOPES)
creds.authorize(http)
resp, content = http.request(MILO_JSON_ENDPOINT,
method='POST',
headers=headers,
body=json.dumps(body))
if resp.status != 200:
raise httplib2.HttpLib2Error('Invalid response status: %s\n%s' %
(resp.status, content))
# Strip off jsonp header.
data = json.loads(content[4:])
builds = [
json.loads(base64.b64decode(build['data'])) for build in data['builds']
]
return {build['number']: build for build in builds}
def test_valid_credentials(self):
creds = infra_libs.get_signed_jwt_assertion_credentials(
'valid_creds.json', service_accounts_creds_root=DATA_DIR)
self.assertIsInstance(
creds, oauth2client.client.SignedJwtAssertionCredentials)
# A default scope must be provided, we don't care which one
self.assertTrue(creds.scope)
def test_valid_credentials_with_scope_as_list(self):
creds = infra_libs.get_signed_jwt_assertion_credentials(
'valid_creds.json',
scope=['gist'],
service_accounts_creds_root=DATA_DIR)
self.assertIsInstance(creds,
oauth2client.client.SignedJwtAssertionCredentials)
self.assertIn('gist', creds.scope)
def test_valid_credentials(self):
creds = infra_libs.get_signed_jwt_assertion_credentials(
'valid_creds.json',
service_accounts_creds_root=DATA_DIR)
self.assertIsInstance(creds,
oauth2client.client.SignedJwtAssertionCredentials)
# A default scope must be provided, we don't care which one
self.assertTrue(creds.scope)
def test_valid_credentials_with_scope_as_list(self):
creds = infra_libs.get_signed_jwt_assertion_credentials(
'valid_creds.json',
scope=['gist'],
service_accounts_creds_root=DATA_DIR)
self.assertIsInstance(creds,
oauth2client.client.SignedJwtAssertionCredentials)
self.assertIn('gist', creds.scope)
def _FetchFromBuildbucketImpl(project,
bucket_name,
builder,
service_account_file=None): # pragma: no cover
request_pb = rpc_pb2.SearchBuildsRequest()
request_pb.predicate.builder.project = project
request_pb.predicate.builder.bucket = bucket_name
request_pb.predicate.builder.builder = builder
request_pb.predicate.status = common_pb2.ENDED_MASK
request_pb.fields.paths.extend([
'builds.*.number',
'builds.*.status',
'builds.*.input.gitiles_commit.id',
])
headers = {
'Accept': 'application/prpc; encoding=binary',
'Content-Type': 'application/prpc; encoding=binary',
}
http = httplib2.Http(timeout=300)
creds = None
if service_account_file:
creds = infra_libs.get_signed_jwt_assertion_credentials(
service_account_file, scope=OAUTH_SCOPES)
elif luci_auth.available():
creds = luci_auth.LUCICredentials(scopes=OAUTH_SCOPES)
if creds:
creds.authorize(http)
resp, content = http.request(_BUILDBUCKET_SEARCH_ENDPOINT_V2.format(
buildbucket_instance=_DEFAULT_BUILDBUCKET_INSTANCE),
method='POST',
headers=headers,
body=request_pb.SerializeToString())
grpc_code = resp.get('X-Prpc-Grpc-Code'.lower())
if grpc_code != '0':
raise httplib2.HttpLib2Error('Invalid GRPC exit code: %s\n%s' %
(grpc_code, content))
response_pb = rpc_pb2.SearchBuildsResponse()
response_pb.ParseFromString(content)
return response_pb
def test_malformed_credentials(self):
with self.assertRaises(infra_libs.AuthError):
infra_libs.get_signed_jwt_assertion_credentials(
'creds_malformed.json',
service_accounts_creds_root=DATA_DIR)
def test_authorize(self):
http = infra_libs.RetriableHttp(httplib2.Http())
creds = infra_libs.get_signed_jwt_assertion_credentials(
'valid_creds.json',
service_accounts_creds_root=DATA_DIR)
creds.authorize(http)
def test_malformed_credentials(self):
with self.assertRaises(infra_libs.AuthError):
infra_libs.get_signed_jwt_assertion_credentials(
'creds_malformed.json',
service_accounts_creds_root=DATA_DIR)