def test_run_step_fail_bad_rule_path(self, config_lint_mock):
with TempDirectory() as temp_dir:
results_dir_path = os.path.join(temp_dir.path,
'step-runner-results')
results_file_name = 'step-runner-results.yml'
work_dir_path = os.path.join(temp_dir.path, 'working')
test_file_name = 'rules'
test_file_path = os.path.join(temp_dir.path, test_file_name)
temp_dir.write(test_file_path, b'ignored')
step_config = {
'configlint-yml-path': test_file_path,
'rules': 'invalid_file'
}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='validate-environment-configuration',
implementer='Configlint',
results_dir_path=results_dir_path,
results_file_name=results_file_name,
work_dir_path=work_dir_path,
)
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='validate-environment-configuration',
sub_step_name='Configlint',
sub_step_implementer_name='Configlint')
expected_step_result.success = False
expected_step_result.message = 'File specified in rules not found: invalid_file'
self.assertEqual(expected_step_result.get_step_result_dict(),
result.get_step_result_dict())
def test_run_step_fail_missing_path_file_from_deploy(self):
with TempDirectory() as temp_dir:
work_dir_path = os.path.join(temp_dir.path, 'working')
test_file_name = 'yamlnotused'
test_file_path = os.path.join(temp_dir.path, test_file_name)
temp_dir.write(test_file_path, b'ignored')
step_config = {}
artifact_config = {
'argocd-deployed-manifest': {
'value': f'{test_file_path}.bad'
}
}
workflow_result = self.setup_previous_result(
work_dir_path, artifact_config)
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='validate-environment-configuration',
implementer='ConfiglintArgocd',
workflow_result=workflow_result,
work_dir_path=work_dir_path)
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='validate-environment-configuration',
sub_step_name='ConfiglintArgocd',
sub_step_implementer_name='ConfiglintArgocd')
expected_step_result.success = False
expected_step_result.message = f'File specified in argocd-deployed-manifest {test_file_path}.bad not found'
self.assertEqual(expected_step_result.get_step_result_dict(),
result.get_step_result_dict())
def setup_previous_result(self, work_dir_path, artifact_config={}):
step_result = StepResult(
step_name='test-step',
sub_step_name='test-sub-step-name',
sub_step_implementer_name='test-step-implementer-name')
for key1, val1 in artifact_config.items():
description = ''
value = ''
for key2, val2 in val1.items():
if key2 == 'description':
description = val2
elif key2 == 'value':
value = val2
else:
raise StepRunnerException(
f'Given field is not apart of an artifact: {key2}')
step_result.add_artifact(
name=key1,
value=value,
description=description,
)
workflow_result = WorkflowResult()
workflow_result.add_step_result(step_result=step_result)
pickle_filename = os.path.join(work_dir_path,
'step-runner-results.pkl')
workflow_result.write_to_pickle_file(pickle_filename=pickle_filename)
def test_get_step_result_json(self):
step_result_expected = '{"step1": {"sub1": {"sub-step-implementer-name": "implementer1", "success": true, "message": "", "artifacts": {"artifact1": {"description": "description1", "value": "value1"}}}}}'
step_result = StepResult('step1', 'sub1', 'implementer1')
step_result.add_artifact('artifact1', 'value1', 'description1')
print(step_result)
self.assertEqual(step_result.get_step_result_json(),
step_result_expected)
def test_run_step_pass(self):
with TempDirectory() as temp_dir:
work_dir_path = os.path.join(temp_dir.path, 'working')
test_file_name = 'yamlnotused'
test_file_path = os.path.join(temp_dir.path, test_file_name)
temp_dir.write(test_file_path, b'ignored')
step_config = {}
artifact_config = {
'argocd-deployed-manifest': {
'value': test_file_path
}
}
workflow_result = self.setup_previous_result(
work_dir_path, artifact_config)
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='validate-environment-configuration',
implementer='ConfiglintArgocd',
workflow_result=workflow_result,
work_dir_path=work_dir_path)
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='validate-environment-configuration',
sub_step_name='ConfiglintArgocd',
sub_step_implementer_name='ConfiglintArgocd')
expected_step_result.add_artifact(name='configlint-yml-path',
value=test_file_path)
self.assertEqual(expected_step_result.get_step_result_dict(),
result.get_step_result_dict())
def test_run_step_fail_missing_version_in_package_file(self):
with TempDirectory() as temp_dir:
work_dir_path = os.path.join(temp_dir.path, 'working')
temp_dir.write(
'package.json', b'''{
"name": "my-awesome-package"
}''')
package_file_path = os.path.join(temp_dir.path, 'package.json')
step_config = {'package-file': package_file_path}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='generate-metadata',
implementer='Npm',
work_dir_path=work_dir_path,
)
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='generate-metadata',
sub_step_name='Npm',
sub_step_implementer_name='Npm',
)
expected_step_result.success = False
expected_step_result.message = f"Given npm package file ({package_file_path})" + \
' does not contain a \"version\" key.'
self.assertEqual(result.get_step_result_dict(),
expected_step_result.get_step_result_dict())
def test__run_step_fail_no_image_spec_file(self, buildah_mock):
with TempDirectory() as temp_dir:
work_dir_path = os.path.join(temp_dir.path, 'working')
artifact_config = {
'container-image-version': {
'description': '',
'value': '1.0-123abc'
},
}
workflow_result = self.setup_previous_result(
work_dir_path, artifact_config)
step_config = {
'service-name': 'service-name',
'application-name': 'app-name'
}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='create-container-image',
implementer='Buildah',
workflow_result=workflow_result,
work_dir_path=work_dir_path)
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='create-container-image',
sub_step_name='Buildah',
sub_step_implementer_name='Buildah')
expected_step_result.success = False
expected_step_result.message = 'Image specification file does not exist in location: ./Dockerfile'
self.assertEqual(result.get_step_result_dict(),
expected_step_result.get_step_result_dict())
def test_run_step_pass(self):
with TempDirectory() as temp_dir:
work_dir_path = os.path.join(temp_dir.path, 'working')
temp_dir.write(
'package.json', b'''{
"name": "my-awesome-package",
"version": "42.1"
}''')
package_file_path = os.path.join(temp_dir.path, 'package.json')
step_config = {'package-file': package_file_path}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='generate-metadata',
implementer='Npm',
work_dir_path=work_dir_path,
)
result = step_implementer._run_step()
expected_step_result = StepResult(step_name='generate-metadata',
sub_step_name='Npm',
sub_step_implementer_name='Npm')
expected_step_result.add_artifact(name='app-version', value='42.1')
self.assertEqual(result.get_step_result_dict(),
expected_step_result.get_step_result_dict())
def test_run_step_fail_https_no_username_password(self, git_push_mock,
git_tag_mock,
git_url_mock,
get_tag_mock):
with TempDirectory() as temp_dir:
tag = '1.0+69442c8'
url = 'https://git.ploigos.xyz/ploigos-references/ploigos-reference-app-quarkus-rest-json.git'
results_dir_path = os.path.join(temp_dir.path,
'step-runner-results')
results_file_name = 'step-runner-results.yml'
work_dir_path = os.path.join(temp_dir.path, 'working')
step_config = {'url': url}
artifact_config = {
'version': {
'description': '',
'value': tag
},
'container-image-version': {
'description': '',
'value': tag
}
}
self.setup_previous_result(work_dir_path, artifact_config)
step_implementer = self.create_step_implementer(
step_config=step_config,
results_dir_path=results_dir_path,
results_file_name=results_file_name,
work_dir_path=work_dir_path,
)
def get_tag_side_effect():
return tag
get_tag_mock.side_effect = get_tag_side_effect
def git_url_side_effect():
return url
git_url_mock.side_effect = git_url_side_effect
result = step_implementer._run_step()
expected_step_result = StepResult(step_name='tag-source',
sub_step_name='Git',
sub_step_implementer_name='Git')
expected_step_result.success = False
expected_step_result.message = 'For a https:// git url, you need to also provide username/password pair'
# verifying all mocks were called
get_tag_mock.assert_called_once_with()
git_tag_mock.assert_called_once_with(tag)
git_url_mock.assert_called_once_with()
self.assertEqual(result.get_step_result_dict(),
expected_step_result.get_step_result_dict())
def test_run_step_pass_no_username_password(self, git_push_mock,
git_tag_mock, git_url_mock,
get_tag_mock):
with TempDirectory() as temp_dir:
tag = '1.0+69442c8'
url = '[email protected]:ploigos/ploigos-step-runner.git'
results_dir_path = os.path.join(temp_dir.path,
'step-runner-results')
results_file_name = 'step-runner-results.yml'
work_dir_path = os.path.join(temp_dir.path, 'working')
step_config = {'url': url}
artifact_config = {
'version': {
'description': '',
'value': tag
},
'container-image-version': {
'description': '',
'value': tag
}
}
self.setup_previous_result(work_dir_path, artifact_config)
step_implementer = self.create_step_implementer(
step_config=step_config,
results_dir_path=results_dir_path,
results_file_name=results_file_name,
work_dir_path=work_dir_path,
)
def get_tag_side_effect():
return tag
get_tag_mock.side_effect = get_tag_side_effect
def git_url_side_effect():
return url
git_url_mock.side_effect = git_url_side_effect
result = step_implementer._run_step()
expected_step_result = StepResult(step_name='tag-source',
sub_step_name='Git',
sub_step_implementer_name='Git')
expected_step_result.add_artifact(name='tag', value=tag)
# verifying all mocks were called
get_tag_mock.assert_called_once_with()
git_tag_mock.assert_called_once_with(tag)
git_url_mock.assert_called_once_with()
git_push_mock.assert_called_once_with(None)
self.assertEqual(result.get_step_result_dict(),
expected_step_result.get_step_result_dict())
def test_get_artifact(self):
step_result_expected = {
'description': 'description1',
'value': 'value1'
}
step_result = StepResult('step1', 'sub1', 'implementer1')
step_result.add_artifact('artifact1', 'value1', 'description1')
self.assertEqual(step_result.get_artifact('artifact1'),
step_result_expected)
def test_add_step_result_duplicate_no_env(self):
duplicate_step_result = StepResult('step1', 'sub1', 'implementer1')
duplicate_step_result.add_artifact('newartifact', 'newvalue',
'newdescription')
wfr = setup_test()
with self.assertRaisesRegex(
StepRunnerException,
r"Can not add duplicate StepResult for step \(step1\),"
r" sub step \(sub1\), and environment \(None\)."):
wfr.add_step_result(duplicate_step_result)
def test_run_step_fail_scan(self, configlint_mock):
with TempDirectory() as temp_dir:
results_dir_path = os.path.join(temp_dir.path,
'step-runner-results')
results_file_name = 'step-runner-results.yml'
work_dir_path = os.path.join(temp_dir.path, 'working')
file_to_validate_contents = 'notused'
temp_dir.write('config-file-to-validate.yml',
file_to_validate_contents.encode())
file_to_validate_file_path = str(
os.path.join(temp_dir.path, 'config-file-to-validate.yml'))
# write config-lint rules file
configlint_rules_content = 'not used'
config_lint_rules_file_name = 'config-lint-test-rules.yml'
temp_dir.write(config_lint_rules_file_name,
configlint_rules_content.encode())
config_lint_rules_file_path = os.path.join(
temp_dir.path, config_lint_rules_file_name)
step_config = {
'configlint-yml-path': file_to_validate_file_path,
'rules': config_lint_rules_file_path
}
configlint_mock.side_effect = \
TestStepImplementerConfiglint.create_config_lint_side_effect(
config_lint_fail=True
)
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='validate-environment-configuration',
implementer='Configlint',
results_dir_path=results_dir_path,
results_file_name=results_file_name,
work_dir_path=work_dir_path,
)
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='validate-environment-configuration',
sub_step_name='Configlint',
sub_step_implementer_name='Configlint')
expected_step_result.success = False
expected_step_result.message = 'Failed config-lint scan.'
expected_step_result.add_artifact(
name='configlint-result-set',
value=
f'{work_dir_path}/validate-environment-configuration/configlint_results_file.txt'
)
expected_step_result.add_artifact(name='configlint-yml-path',
value=file_to_validate_file_path)
self.assertEqual(expected_step_result.get_step_result_dict(),
result.get_step_result_dict())
def test_add_step_result_duplicate_with_env(self):
duplicate_step_result = StepResult('deploy', 'deploy-sub', 'helm',
'dev')
duplicate_step_result.add_artifact('newartifact', 'newvalue',
'newdescription')
wfr = setup_test()
with self.assertRaisesRegex(
StepRunnerException,
r"Can not add duplicate StepResult for step \(deploy\),"
r" sub step \(deploy-sub\), and environment \(dev\)."):
wfr.add_step_result(duplicate_step_result)
def test_run_step_pass(self, curl_mock):
with TempDirectory() as temp_dir:
work_dir_path = os.path.join(temp_dir.path, 'working')
signature_file_path = 'signature-1'
temp_dir.write(signature_file_path, b'bogus signature')
container_image_signature_file_path = os.path.join(temp_dir.path, signature_file_path)
container_image_signature_name = 'jkeam/hello-node@sha256=2cbdb73c9177e63e85d267f738e' \
'99e368db3f806eab4c541f5c6b719e69f1a2b/signature-1'
step_config = {
'container-image-signature-server-url': 'https://sigserver/signatures',
'container-image-signature-server-username': '******',
'container-image-signature-server-password': '******',
'with-fips': True
}
# Previous (fake) results
artifact_config = {
'container-image-signature-file-path': {'value': container_image_signature_file_path},
'container-image-signature-name': {'value': container_image_signature_name},
}
workflow_result = self.setup_previous_result(work_dir_path, artifact_config)
# Actual results
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='sign-container-image',
implementer='CurlPush',
workflow_result=workflow_result,
work_dir_path=work_dir_path
)
result = step_implementer._run_step()
# Expected results
expected_step_result = StepResult(step_name='sign-container-image', sub_step_name='CurlPush',
sub_step_implementer_name='CurlPush')
expected_step_result.add_artifact(name='container-image-signature-url', value=f'https://sigserver/signatures/{container_image_signature_name}')
self.assertEqual(expected_step_result.get_step_result_dict(), result.get_step_result_dict())
curl_mock.assert_called_once_with(
'-sSfv',
'-X', 'PUT',
'--user', "admin:adminPassword",
'--upload-file', container_image_signature_file_path,
f"https://sigserver/signatures/{container_image_signature_name}",
_out=Any(IOBase),
_err_to_out=True,
_tee='out'
)
def test_run_step_fail_import_pgp_key(self, sign_image_mock,
import_pgp_key_mock):
with TempDirectory() as temp_dir:
work_dir_path = os.path.join(temp_dir.path, 'working')
step_config = TestStepImplementerSignContainerImagePodman.generate_config(
)
container_image_tag = 'does/not/matter:v0.42.0'
signature_name = 'does/not/matter/signature-0'
# Previous (fake) results
artifact_config = {
'container-image-tag': {
'value': container_image_tag
}
}
workflow_result = self.setup_previous_result(
work_dir_path, artifact_config)
import_pgp_key_mock.side_effect = StepRunnerException(
'mock error importing pgp key')
def sign_image_side_effect(pgp_private_key_fingerprint,
image_signatures_directory,
container_image_tag):
return os.path.join(image_signatures_directory, signature_name)
sign_image_mock.side_effect = sign_image_side_effect
# Actual results
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='sign-container-image',
implementer='PodmanSign',
workflow_result=workflow_result,
work_dir_path=work_dir_path)
result = step_implementer._run_step()
import_pgp_key_mock.assert_called_once_with(
pgp_private_key=step_config[
'container-image-signer-pgp-private-key'])
expected_step_result = StepResult(
step_name='sign-container-image',
sub_step_name='PodmanSign',
sub_step_implementer_name='PodmanSign')
expected_step_result.success = False
expected_step_result.message = 'mock error importing pgp key'
self.assertEqual(expected_step_result.get_step_result_dict(),
result.get_step_result_dict())
def _run_step(self):
"""Runs the step implemented by this StepImplementer.
Returns
-------
StepResult
Object containing the dictionary results of this step.
"""
step_result = StepResult.from_step_implementer(self)
app_version = None
pre_release = None
build = None
release_branch = self.get_value('release-branch')
app_version = self.get_value('app-version')
pre_release = self.get_value('pre-release')
build = self.get_value('build')
if pre_release == release_branch:
version = f'{app_version}+{build}'
image_tag = f'{app_version}'
else:
version = f'{app_version}-{pre_release}+{build}'
image_tag = f'{app_version}-{pre_release}'
step_result.add_artifact(name='version', value=version)
step_result.add_artifact(name='container-image-version',
value=image_tag)
return step_result
def _run_step(self):
"""Runs the step implemented by this StepImplementer.
Returns
-------
StepResult
Object containing the dictionary results of this step.
"""
step_result = StepResult.from_step_implementer(self)
package_file = self.get_value('package-file')
with open(package_file) as package_file_object:
package_file_data = json.load(package_file_object)
if not "version" in package_file_data:
step_result.success = False
step_result.message = f'Given npm package file ({package_file})' + \
' does not contain a \"version\" key.'
return step_result
step_result.add_artifact(name='app-version',
value=package_file_data["version"])
return step_result
def test_add_duplicate(self):
step_result_expected = {
'artifact1': {
'description': 'description1',
'value': 'value1'
},
'artifact2': {
'description': '',
'value': 'lastonewins'
}
}
step_result = StepResult('step1', 'sub1', 'implementer1')
step_result.add_artifact('artifact1', 'value1', 'description1')
step_result.add_artifact('artifact2', 'here')
step_result.add_artifact('artifact2', 'andhere')
step_result.add_artifact('artifact2', 'lastonewins')
self.assertEqual(step_result.artifacts, step_result_expected)
def test_add_artifact(self):
step_result_expected = {
'step1': {
'sub1': {
'sub-step-implementer-name': 'implementer1',
'success': True,
'message': '',
'artifacts': {
'artifact1': {
'description': 'description1',
'value': 'value1'
},
'artifact2': {
'description': 'description2',
'value': 'value2'
},
'artifact3': {
'description': '',
'value': 'value3'
}
}
}
}
}
step_result = StepResult('step1', 'sub1', 'implementer1')
step_result.add_artifact('artifact1', 'value1', 'description1')
step_result.add_artifact('artifact2', 'value2', 'description2')
step_result.add_artifact('artifact3', 'value3')
self.assertEqual(step_result.get_step_result_dict(),
step_result_expected)
def test_run_step_pass_https(self, git_push_mock, git_tag_mock, git_url_mock, get_tag_mock):
with TempDirectory() as temp_dir:
tag = '1.0+69442c8'
url = 'https://git.ploigos.xyz/ploigos-references/ploigos-reference-app-quarkus-rest-json.git'
work_dir_path = os.path.join(temp_dir.path, 'working')
artifact_config = {
'version': {'description': '', 'value': tag},
'container-image-version': {'description': '', 'value': tag}
}
workflow_result = self.setup_previous_result(work_dir_path, artifact_config)
step_config = {
'url': url,
'git-username': '******',
'git-password': '******'
}
step_implementer = self.create_step_implementer(
step_config=step_config,
workflow_result=workflow_result,
work_dir_path=work_dir_path
)
def get_tag_side_effect():
return tag
get_tag_mock.side_effect = get_tag_side_effect
def git_url_side_effect():
return url
git_url_mock.side_effect = git_url_side_effect
result = step_implementer._run_step()
expected_step_result = StepResult(step_name='tag-source', sub_step_name='Git', sub_step_implementer_name='Git')
expected_step_result.add_artifact(name='tag', value=tag)
# verifying all mocks were called
get_tag_mock.assert_called_once_with()
git_tag_mock.assert_called_once_with(tag)
git_url_mock.assert_called_once_with()
git_push_mock.assert_called_once_with('https://*****:*****@' + url[8:])
self.assertEqual(result.get_step_result_dict(), expected_step_result.get_step_result_dict())
def test_run_step_error_git_url(self, git_push_mock, git_tag_mock,
git_url_mock, get_tag_mock):
with TempDirectory() as temp_dir:
tag = '1.0+69442c8'
url = '[email protected]:ploigos/ploigos-step-runner.git'
results_dir_path = os.path.join(temp_dir.path,
'step-runner-results')
results_file_name = 'step-runner-results.yml'
work_dir_path = os.path.join(temp_dir.path, 'working')
step_config = {
'url': url,
'git-username': '******',
'git-password': '******'
}
artifact_config = {
'version': {
'description': '',
'value': tag
},
'container-image-version': {
'description': '',
'value': tag
}
}
self.setup_previous_result(work_dir_path, artifact_config)
step_implementer = self.create_step_implementer(
step_config=step_config,
results_dir_path=results_dir_path,
results_file_name=results_file_name,
work_dir_path=work_dir_path,
)
def get_tag_side_effect():
return tag
get_tag_mock.side_effect = get_tag_side_effect
# this is the test here
git_url_mock.side_effect = StepRunnerException('mock error')
result = step_implementer._run_step()
# verify test results
expected_step_result = StepResult(step_name='tag-source',
sub_step_name='Git',
sub_step_implementer_name='Git')
expected_step_result.add_artifact(name='tag', value=tag)
expected_step_result.success = False
expected_step_result.message = "mock error"
# verifying correct mocks were called
git_tag_mock.assert_called_once_with(tag)
git_url_mock.assert_called_once_with()
self.assertEqual(result.get_step_result_dict(),
expected_step_result.get_step_result_dict())
def test_run_step_fail_sign_image(self, sign_image_mock, import_pgp_key_mock):
with TempDirectory() as temp_dir:
results_dir_path = os.path.join(temp_dir.path, 'step-runner-results')
results_file_name = 'step-runner-results.yml'
work_dir_path = os.path.join(temp_dir.path, 'working')
pgp_private_key_fingerprint = 'abc123'
step_config = TestStepImplementerSignContainerImagePodman.generate_config()
container_image_tag = 'does/not/matter:v0.42.0'
# Previous (fake) results
artifact_config = {
'container-image-tag': {'value': container_image_tag}
}
self.setup_previous_result(work_dir_path, artifact_config)
def import_pgp_key_side_effect(pgp_private_key):
return pgp_private_key_fingerprint
import_pgp_key_mock.side_effect = import_pgp_key_side_effect
sign_image_mock.side_effect = StepRunnerException('mock error signing image')
# Actual results
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='sign-container-image',
implementer='PodmanSign',
results_dir_path=results_dir_path,
results_file_name=results_file_name,
work_dir_path=work_dir_path,
)
result = step_implementer._run_step()
import_pgp_key_mock.assert_called_once_with(
pgp_private_key=step_config['container-image-signer-pgp-private-key']
)
sign_image_mock.assert_called_once_with(
pgp_private_key_fingerprint=pgp_private_key_fingerprint,
image_signatures_directory= os.path.join(
work_dir_path,
'sign-container-image/image-signature'
),
container_image_tag=container_image_tag
)
expected_step_result = StepResult(
step_name='sign-container-image',
sub_step_name='PodmanSign',
sub_step_implementer_name='PodmanSign'
)
expected_step_result.add_artifact(
name='container-image-signature-private-key-fingerprint',
value=pgp_private_key_fingerprint
)
expected_step_result.success = False
expected_step_result.message = 'mock error signing image'
self.assertEqual(expected_step_result.get_step_result_dict(), result.get_step_result_dict())
def _run_step(self):
"""Runs the step implemented by this StepImplementer.
Returns
-------
StepResult
Object containing the dictionary results of this step.
"""
step_result = StepResult.from_step_implementer(self)
# extract configs
signature_server_url = self.get_value(
'container-image-signature-server-url')
signature_server_username = self.get_value(
'container-image-signature-server-username')
signature_server_password = self.get_value(
'container-image-signature-server-password')
# extract step results
container_image_signature_file_path = self.get_value(
'container-image-signature-file-path')
container_image_signature_name = self.get_value(
'container-image-signature-name')
with_fips = self.get_value('with-fips')
try:
container_image_signature_url, signature_file_md5, signature_file_sha1 = \
CurlPush.__curl_file(
container_image_signature_file_path=container_image_signature_file_path,
container_image_signature_name=container_image_signature_name,
signature_server_url=signature_server_url,
signature_server_username=signature_server_username,
signature_server_password=signature_server_password,
with_fips=with_fips
)
step_result.add_artifact(
name='container-image-signature-url',
value=container_image_signature_url,
)
if not with_fips:
step_result.add_artifact(
name='container-image-signature-file-md5',
value=signature_file_md5,
)
step_result.add_artifact(
name='container-image-signature-file-sha1',
value=signature_file_sha1)
except StepRunnerException as error:
step_result.success = False
step_result.message = str(error)
return step_result
def _run_step(self):
"""Runs the step implemented by this StepImplementer.
Returns
-------
StepResult
Object containing the dictionary results of this step.
"""
step_result = StepResult.from_step_implementer(self)
username = None
password = None
if self.has_config_value(AUTHENTICATION_CONFIG):
username = self.get_value('git-username')
password = self.get_value('git-password')
else:
print('No username/password found, assuming ssh')
tag = self.__get_tag()
try:
self.__git_tag(tag)
git_url = self.__git_url()
if git_url.startswith('http://'):
if username and password:
self.__git_push('http://' + username + ':' + password +
'@' + git_url[7:])
else:
step_result.success = False
step_result.message = 'For a http:// git url, you need to also provide ' \
'username/password pair'
return step_result
elif git_url.startswith('https://'):
if username and password:
self.__git_push('https://' + username + ':' + password +
'@' + git_url[8:])
else:
step_result.success = False
step_result.message = 'For a https:// git url, you need to also provide ' \
'username/password pair'
return step_result
else:
self.__git_push(None)
except StepRunnerException as error:
step_result.success = False
step_result.message = str(error)
step_result.add_artifact(name='tag', value=tag)
return step_result
def test_run_step_pass(self, config_lint_mock):
with TempDirectory() as temp_dir:
results_dir_path = os.path.join(temp_dir.path,
'step-runner-results')
results_file_name = 'step-runner-results.yml'
work_dir_path = os.path.join(temp_dir.path, 'working')
test_file_name = 'file.txt'
test_file_path = os.path.join(temp_dir.path, test_file_name)
temp_dir.write(test_file_path, b'ignored')
step_config = {
'rules': test_file_path,
'configlint-yml-path': test_file_path
}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='validate-environment-configuration',
implementer='Configlint',
results_dir_path=results_dir_path,
results_file_name=results_file_name,
work_dir_path=work_dir_path,
)
config_lint_mock.side_effect = sh.ErrorReturnCode(
'config_lint', b'mock out', b'mock error')
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='validate-environment-configuration',
sub_step_name='Configlint',
sub_step_implementer_name='Configlint')
expected_step_result.success = False
expected_step_result.message = 'Unexpected Error invoking config-lint.'
expected_step_result.add_artifact(
name='configlint-result-set',
value=
f'{work_dir_path}/validate-environment-configuration/configlint_results_file.txt'
)
expected_step_result.add_artifact(name='configlint-yml-path',
value=test_file_path)
self.assertEqual(expected_step_result.get_step_result_dict(),
result.get_step_result_dict())
def test_run_step_fail_missing_version_in_pom_file(self):
with TempDirectory() as temp_dir:
results_dir_path = os.path.join(temp_dir.path, 'step-runner-results')
results_file_name = 'step-runner-results.yml'
work_dir_path = os.path.join(temp_dir.path, 'working')
temp_dir.write('pom.xml', b'''<project>
<modelVersion>4.0.0</modelVersion>
<groupId>com.mycompany.app</groupId>
<artifactId>my-app</artifactId>
</project>''')
pom_file_path = os.path.join(temp_dir.path, 'pom.xml')
step_config = {
'pom-file': pom_file_path
}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='generate-metadata',
implementer='Maven',
results_dir_path=results_dir_path,
results_file_name=results_file_name,
work_dir_path=work_dir_path,
)
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='generate-metadata',
sub_step_name='Maven',
sub_step_implementer_name='Maven'
)
expected_step_result.success = False
expected_step_result.message = f"Given pom file ({pom_file_path}) does not contain " + \
"a \"version\" key."
self.assertEqual(result.get_step_result_dict(), expected_step_result.get_step_result_dict())
def test__get_tag_no_version(self, git_push_mock, git_tag_mock, git_url_mock):
with TempDirectory() as temp_dir:
tag = 'latest'
url = '[email protected]:ploigos/ploigos-step-runner.git'
work_dir_path = os.path.join(temp_dir.path, 'working')
artifact_config = {
'container-image-version': {'description': '', 'value': tag}
}
workflow_result = self.setup_previous_result(work_dir_path, artifact_config)
step_config = {
'url': url
}
step_implementer = self.create_step_implementer(
step_config=step_config,
workflow_result=workflow_result,
work_dir_path=work_dir_path
)
def git_url_side_effect():
return url
git_url_mock.side_effect = git_url_side_effect
result = step_implementer._run_step()
expected_step_result = StepResult(step_name='tag-source', sub_step_name='Git', sub_step_implementer_name='Git')
expected_step_result.add_artifact(name='tag', value=tag)
# verifying all mocks were called
git_tag_mock.assert_called_once_with(tag)
git_url_mock.assert_called_once_with()
git_push_mock.assert_called_once_with(None)
self.assertEqual(result.get_step_result_dict(), expected_step_result.get_step_result_dict())
def test_run_step_pass(self):
with TempDirectory() as temp_dir:
results_dir_path = os.path.join(temp_dir.path, 'step-runner-results')
results_file_name = 'step-runner-results.yml'
work_dir_path = os.path.join(temp_dir.path, 'working')
temp_dir.write('pom.xml', b'''<project>
<modelVersion>4.0.0</modelVersion>
<groupId>com.mycompany.app</groupId>
<artifactId>my-app</artifactId>
<version>42.1</version>
</project>''')
pom_file_path = os.path.join(temp_dir.path, 'pom.xml')
step_config = {
'pom-file': pom_file_path
}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='generate-metadata',
implementer='Maven',
results_dir_path=results_dir_path,
results_file_name=results_file_name,
work_dir_path=work_dir_path,
)
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='generate-metadata',
sub_step_name='Maven',
sub_step_implementer_name='Maven'
)
expected_step_result.add_artifact(name='app-version', value='42.1')
self.assertEqual(result.get_step_result_dict(), expected_step_result.get_step_result_dict())
def _run_step(self):
"""Runs the step implemented by this StepImplementer.
Returns
-------
StepResult
Object containing the dictionary results of this step.
"""
step_result = StepResult.from_step_implementer(self)
# get the pgp private key to sign the image with
image_signer_pgp_private_key = self.get_value(
'container-image-signer-pgp-private-key')
# get the uri to the image to sign
container_image_tag = self.get_value('container-image-tag')
image_signatures_directory = self.create_working_dir_sub_dir(
sub_dir_relative_path='image-signature')
# import the PGP key and get the finger print
try:
image_signer_pgp_private_key_fingerprint = PodmanSign.__import_pgp_key(
pgp_private_key=image_signer_pgp_private_key)
step_result.add_artifact(
name='container-image-signature-private-key-fingerprint',
value=image_signer_pgp_private_key_fingerprint)
# sign the image
signature_file_path = PodmanSign.__sign_image(
pgp_private_key_fingerprint=
image_signer_pgp_private_key_fingerprint,
image_signatures_directory=image_signatures_directory,
container_image_tag=container_image_tag)
step_result.add_artifact(
name='container-image-signature-file-path',
value=signature_file_path,
)
signature_name = os.path.relpath(signature_file_path,
image_signatures_directory)
step_result.add_artifact(name='container-image-signature-name',
value=signature_name)
except StepRunnerException as error:
step_result.success = False
step_result.message = str(error)
return step_result