def test_source_file_does_not_exist(self): with self.assertRaisesRegex( ValueError, r'Given file path \(/does/not/exist\) to upload does not exist.' ): upload_file(file_path='/does/not/exist', destination_uri='/does/not/matter')
def test_https_prefix_http_error(self, opener_open_mock): opener_open_mock.side_effect = urllib.error.HTTPError( url='https://ploigos.com/test/foo42', code=442, msg='mock error', hdrs=None, fp=None ) sample_file_path = os.path.join( os.path.dirname(__file__), 'files', 'sample.yaml' ) with self.assertRaisesRegex( RuntimeError, rf'Error uploading file \({sample_file_path}\)' r' to destination \(https://ploigos.com/test/foo42\) with user name' r' \(None\) and password \(None\): HTTP Error 442: mock error' ): upload_file( file_path=sample_file_path, destination_uri="https://ploigos.com/test/foo42" )
def test_invalid_destination_uri(self): sample_file_path = os.path.join(os.path.dirname(__file__), 'files', 'sample.yaml') with self.assertRaisesRegex( ValueError, r'Unexpected error, should have been caught by step validation.' r' Destination \(wont-work:///does/not/matter\) must start with known protocol' r'\(/|file://|http://|https://\).'): upload_file(file_path=sample_file_path, destination_uri='wont-work:///does/not/matter')
def _run_step(self): """Runs the step implemented by this StepImplementer. Returns ------- StepResult Object containing the dictionary results of this step. """ step_result = StepResult.from_step_implementer(self) results_artifacts_archive = self.__create_archive() if results_artifacts_archive: results_artifacts_archive_value = results_artifacts_archive else: results_artifacts_archive_value = 'No result artifact values to archive.' step_result.add_artifact( name='result-artifacts-archive', value=results_artifacts_archive_value, description= 'Archive of all of the step result artifacts marked for archiving.' ) # if destination URL specified, then upload the results archvie results_archive_destination_url = self.get_value( 'results-archive-destination-url') if results_artifacts_archive and results_archive_destination_url: org = self.get_value('organization') app = self.get_value('application-name') service = self.get_value('service-name') results_artifacts_archive_name = os.path.basename( results_artifacts_archive) results_archive_destination_uri = f"{results_archive_destination_url}/" \ f"{org}/{app}/{service}/{results_artifacts_archive_name}" step_result.add_artifact( name='results-archive-uri', description='URI of the uploaded results archive.', value=results_archive_destination_uri) try: upload_result = upload_file( file_path=results_artifacts_archive_value, destination_uri=results_archive_destination_uri, username=self.get_value( 'results-archive-destination-username'), password=self.get_value( 'results-archive-destination-password')) step_result.add_artifact( name='results-archive-upload-results', description='Results of uploading the results archive ' \ 'to the given destination.', value=upload_result ) except RuntimeError as error: step_result.success = False step_result.message = str(error) return step_result
def test_https_prefix_no_auth(self, opener_open_mock): opener_open_mock.side_effect = self.__create_http_response_side_effect( b'hello world 42') sample_file_path = os.path.join(os.path.dirname(__file__), 'files', 'sample.yaml') actual_result = upload_file( file_path=sample_file_path, destination_uri="https://ploigos.com/test/foo42") self.assertEqual('status=201, reason=Created, body=hello world 42', actual_result)
def test_https_prefix_auth(self, pass_manager_mock, opener_open_mock): opener_open_mock.side_effect = self.__create_http_response_side_effect( b'hello world 42') sample_file_path = os.path.join(os.path.dirname(__file__), 'files', 'sample.yaml') actual_result = upload_file( file_path=sample_file_path, destination_uri="https://ploigos.com/test/foo42", username='******', password='******') self.assertEqual('status=201, reason=Created, body=hello world 42', actual_result) pass_manager_mock().add_password.assert_called_once_with( None, 'ploigos.com', 'test_user', 'pass123')
def test_forward_slash_prefix(self): sample_file_path = os.path.join(os.path.dirname(__file__), 'files', 'sample.yaml') with TempDirectory() as test_dir: destination_dir_path = os.path.join(test_dir.path, 'test_dest') actual_result = upload_file( file_path=sample_file_path, destination_uri=f"{destination_dir_path}") expected_result = os.path.join(destination_dir_path, 'sample.yaml') self.assertEqual(expected_result, actual_result) with \ open(actual_result, 'r') as uploaded_file, \ open(sample_file_path, 'r') as original_file: self.assertEqual(original_file.read(), uploaded_file.read())
def _run_step(self): """Runs the step implemented by this StepImplementer. Returns ------- StepResult Object containing the dictionary results of this step. """ step_result = StepResult.from_step_implementer(self) #Gather all evidence from steps/sub steps evidence = self.__gather_evidence() #If no evidence is found then return a step result reflecting that status. if not evidence: step_result.add_artifact( name='result-generate-evidence', value='No evidence to generate.', description='Evidence from all previously run steps.') step_result.message = "No evidence generated from previously run steps" return step_result org = self.get_value('organization') app = self.get_value('application-name') service = self.get_value('service-name') version = self.get_value('version') result_evidence_name = f"{org}-{app}-{service}-{version}-evidence.json" work_dir = self.work_dir_path evidence_path = os.path.join(work_dir, result_evidence_name) #Format into json and write out to file in working directory with open(evidence_path, "w", encoding='utf-8') as evidence_file: json.dump(evidence, evidence_file, indent=4) evidence_destination_url = self.get_value('evidence-destination-url') evidence_destination_uri = f"{evidence_destination_url}/" \ f"{org}/{app}/{service}/{result_evidence_name}" #Upload file to datastore if evidence_file and evidence_destination_url: try: upload_result = upload_file( file_path=evidence_path, destination_uri=evidence_destination_uri, username=self.get_value('evidence-destination-username'), password=self.get_value('evidence-destination-password')) step_result.add_artifact( name='evidence-upload-results', description='Results of uploading the evidence JSON file ' \ 'to the given destination.', value=upload_result ) step_result.add_artifact( name='evidence-uri', description='URI of the uploaded results archive.', value=evidence_destination_uri) step_result.success = True step_result.message = 'Evidence successfully packaged ' \ 'in JSON file and uploaded to data store.' except RuntimeError as error: step_result.success = False step_result.message = str(error) return step_result else: step_result.success = True step_result.message = 'Evidence successfully packaged ' \ 'in JSON file but was not uploaded to data store (no '\ 'destination URI specified).' step_result.add_artifact(name='evidence-path', value=evidence_path, description='File path of evidence.') return step_result
def _run_step(self): """Runs the step implemented by this StepImplementer. Returns ------- StepResult Object containing the dictionary results of this step. """ step_result = StepResult.from_step_implementer(self) # get the pgp private key to sign the image with signer_pgp_private_key = self.get_value([ 'signer-pgp-private-key', 'container-image-signer-pgp-private-key' ]) # get the uri to the image to sign container_image_address = self._get_deploy_time_container_image_address( ) image_signatures_directory = self.create_working_dir_sub_dir( sub_dir_relative_path='image-signature') try: # import the PGP key and get the finger print signer_pgp_private_key_fingerprint = import_pgp_key( pgp_private_key=signer_pgp_private_key) step_result.add_artifact( name='container-image-signature-signer-private-key-fingerprint', value=signer_pgp_private_key_fingerprint) # login to any provider container registries # NOTE 1: can not use auth file, even though we want to, because podman image sign # does not accept authfile. # https://github.com/containers/podman/issues/10866 # NOTE 2: have to force login to use podman because even though logging in with # any of the tools should work, in testing the podman sign only worked # from within the python virtual environment if the login happened with podman. container_registries_login( registries=self.get_value('container-registries'), containers_config_tls_verify=util.strtobool( self.get_value('src-tls-verify')), container_command_short_name='podman') # sign the image signature_file_path = PodmanSign.__sign_image( pgp_private_key_fingerprint=signer_pgp_private_key_fingerprint, image_signatures_directory=image_signatures_directory, container_image_address=container_image_address) step_result.add_artifact( name='container-image-signed-address', value=container_image_address, ) step_result.add_artifact( name='container-image-signature-file-path', value=signature_file_path, ) signature_name = os.path.relpath(signature_file_path, image_signatures_directory) step_result.add_artifact(name='container-image-signature-name', value=signature_name) # upload the image signature container_image_signature_destination_url = self.get_value( 'container-image-signature-destination-url') if container_image_signature_destination_url: container_image_signature_destination_uri = \ f"{container_image_signature_destination_url}/{signature_name}" step_result.add_artifact( name='container-image-signature-uri', description='URI of the uploaded container image signature', value=container_image_signature_destination_uri) upload_result = upload_file( file_path=signature_file_path, destination_uri=container_image_signature_destination_uri, username=self.get_value( 'container-image-signature-destination-username'), password=self.get_value( 'container-image-signature-destination-password')) step_result.add_artifact( name='container-image-signature-upload-results', description='Results of uploading the container image signature' \ ' to the given destination.', value=upload_result ) except (RuntimeError, StepRunnerException) as error: step_result.success = False step_result.message = str(error) return step_result
def _run_step(self): """Runs the step implemented by this StepImplementer. Returns ------- StepResult Object containing the dictionary results of this step. """ step_result = StepResult.from_step_implementer(self) # get the pgp private key to sign the image with signer_pgp_private_key = self.get_value( ['signer-pgp-private-key', 'container-image-signer-pgp-private-key'] ) # get the uri to the image to sign container_image_tag = self.get_value('container-image-tag') image_signatures_directory = self.create_working_dir_sub_dir( sub_dir_relative_path='image-signature' ) try: # import the PGP key and get the finger print signer_pgp_private_key_fingerprint = import_pgp_key( pgp_private_key=signer_pgp_private_key ) step_result.add_artifact( name='container-image-signature-signer-private-key-fingerprint', value=signer_pgp_private_key_fingerprint ) # sign the image signature_file_path = PodmanSign.__sign_image( pgp_private_key_fingerprint=signer_pgp_private_key_fingerprint, image_signatures_directory=image_signatures_directory, container_image_tag=container_image_tag ) step_result.add_artifact( name='container-image-signature-file-path', value=signature_file_path, ) signature_name = os.path.relpath(signature_file_path, image_signatures_directory) step_result.add_artifact( name='container-image-signature-name', value=signature_name ) except (RuntimeError, StepRunnerException) as error: step_result.success = False step_result.message = str(error) # upload the image signature container_image_signature_destination_url = self.get_value( 'container-image-signature-destination-url' ) if container_image_signature_destination_url: container_image_signature_destination_uri = \ f"{container_image_signature_destination_url}/{signature_name}" step_result.add_artifact( name='container-image-signature-uri', description='URI of the uploaded container image signature', value=container_image_signature_destination_uri ) try: upload_result = upload_file( file_path=signature_file_path, destination_uri=container_image_signature_destination_uri, username=self.get_value('container-image-signature-destination-username'), password=self.get_value('container-image-signature-destination-password') ) step_result.add_artifact( name='container-image-signature-upload-results', description='Results of uploading the container image signature' \ ' to the given destination.', value=upload_result ) except RuntimeError as error: step_result.success = False step_result.message = str(error) return step_result