Fix the bug of pep8 and building api-guide
`sphinx-build` command is not found in test-env. To fix pep8, also blacklist the new bandit warning B105, this will be fixed in a followup. Change-Id: Ic1b8c3a4bfd67fff082297b881df66ffb9ca2c50
This commit is contained in:
pengyuesheng
Andreas Jaeger
parent
3c2a99604a
commit
bf95c37b84
@ -515,7 +515,7 @@ class PKCS11(object):
|
||||
return {
|
||||
"iv": self.ffi.buffer(iv)[:],
|
||||
"ct": self.ffi.buffer(ct, ct_len[0])[:]
|
||||
}
|
||||
}
|
||||
else:
|
||||
# HSM-generated IVs are appended to the end of the ciphertext
|
||||
return {
|
||||
|
||||
@ -234,7 +234,7 @@ class SimpleCryptoPlugin(c.CryptoPluginBase):
|
||||
length_factor = 2
|
||||
|
||||
if (algorithm.lower() in c.PluginSupportTypes.SYMMETRIC_ALGORITHMS
|
||||
and bit_length/length_factor
|
||||
and bit_length / length_factor
|
||||
in c.PluginSupportTypes.SYMMETRIC_KEY_LENGTHS):
|
||||
return True
|
||||
elif (algorithm.lower() in c.PluginSupportTypes.ASYMMETRIC_ALGORITHMS
|
||||
|
||||
@ -64,7 +64,7 @@ def read_multiple_backends_config():
|
||||
'global default plugin for deployment. '
|
||||
'Default is False.')
|
||||
),
|
||||
]
|
||||
]
|
||||
conf.register_group(store_opt_group)
|
||||
conf.register_opts(store_opts, group=store_opt_group)
|
||||
|
||||
|
||||
@ -145,12 +145,12 @@ def _convert_private_pem_to_der(pem):
|
||||
pem,
|
||||
password=None,
|
||||
backend=default_backend()
|
||||
)
|
||||
)
|
||||
der = private_key.private_bytes(
|
||||
encoding=serialization.Encoding.DER,
|
||||
format=serialization.PrivateFormat.PKCS8,
|
||||
encryption_algorithm=serialization.NoEncryption()
|
||||
)
|
||||
)
|
||||
return der
|
||||
|
||||
|
||||
@ -159,12 +159,12 @@ def _convert_private_der_to_pem(der):
|
||||
der,
|
||||
password=None,
|
||||
backend=default_backend()
|
||||
)
|
||||
)
|
||||
pem = private_key.private_bytes(
|
||||
encoding=serialization.Encoding.PEM,
|
||||
format=serialization.PrivateFormat.PKCS8,
|
||||
encryption_algorithm=serialization.NoEncryption()
|
||||
)
|
||||
)
|
||||
return pem
|
||||
|
||||
|
||||
@ -172,11 +172,11 @@ def _convert_public_pem_to_der(pem):
|
||||
public_key = serialization.load_pem_public_key(
|
||||
pem,
|
||||
backend=default_backend()
|
||||
)
|
||||
)
|
||||
der = public_key.public_bytes(
|
||||
encoding=serialization.Encoding.DER,
|
||||
format=serialization.PublicFormat.SubjectPublicKeyInfo
|
||||
)
|
||||
)
|
||||
return der
|
||||
|
||||
|
||||
@ -184,11 +184,11 @@ def _convert_public_der_to_pem(der):
|
||||
public_key = serialization.load_der_public_key(
|
||||
der,
|
||||
backend=default_backend()
|
||||
)
|
||||
)
|
||||
pem = public_key.public_bytes(
|
||||
encoding=serialization.Encoding.PEM,
|
||||
format=serialization.PublicFormat.SubjectPublicKeyInfo
|
||||
)
|
||||
)
|
||||
return pem
|
||||
|
||||
|
||||
|
||||
@ -286,7 +286,7 @@ class WhenTestingSecretValidator(utils.BaseTestCase):
|
||||
self.secret_req,
|
||||
)
|
||||
self.assertEqual('mode', exception.invalid_property)
|
||||
self.assertIn('mode', six.text_type(exception))
|
||||
self.assertIn('mode', six.text_type(exception))
|
||||
|
||||
def test_should_raise_mode_is_non_string(self):
|
||||
self.secret_req['mode'] = 123
|
||||
|
||||
@ -416,19 +416,19 @@ class TestPluginsGenerateStoreAPIMultipleBackend(
|
||||
'crypto_plugins': ['simple_crypto', '', 'p11_crypto'],
|
||||
'default_store_class': store_crypto.StoreCryptoAdapterPlugin,
|
||||
'default_crypto_class': simple_crypto.SimpleCryptoPlugin
|
||||
}],
|
||||
}],
|
||||
"kmip": [{
|
||||
'store_plugins': ['kmip_plugin', 'store_crypto', 'store_crypto'],
|
||||
'crypto_plugins': ['', 'p11_crypto', 'simple_crypto'],
|
||||
'default_store_class': kss.KMIPSecretStore,
|
||||
'default_crypto_class': None
|
||||
}],
|
||||
}],
|
||||
"pkcs11": [{
|
||||
'store_plugins': ['store_crypto', 'store_crypto', 'kmip_plugin'],
|
||||
'crypto_plugins': ['p11_crypto', 'simple_crypto', ''],
|
||||
'default_store_class': store_crypto.StoreCryptoAdapterPlugin,
|
||||
'default_crypto_class': p11_crypto.P11CryptoPlugin
|
||||
}]
|
||||
}]
|
||||
}
|
||||
|
||||
def setUp(self):
|
||||
|
||||
@ -1642,61 +1642,61 @@ class SecretsMultipleBackendTestCase(base.TestCase):
|
||||
'symmetric',
|
||||
oslo_base64.decode_as_bytes(get_default_payload()),
|
||||
get_default_data()
|
||||
],
|
||||
],
|
||||
'private_type_preferred_store': [
|
||||
admin_a,
|
||||
'private',
|
||||
keys.get_private_key_pem(),
|
||||
get_private_key_req()
|
||||
],
|
||||
],
|
||||
'public_type_preferred_store': [
|
||||
admin_a,
|
||||
'public',
|
||||
keys.get_public_key_pem(),
|
||||
get_public_key_req()
|
||||
],
|
||||
],
|
||||
'certificate_type_preferred_store': [
|
||||
admin_a,
|
||||
'certificate',
|
||||
keys.get_certificate_pem(),
|
||||
get_certificate_req()
|
||||
],
|
||||
],
|
||||
'passphrase_type_preferred_store': [
|
||||
admin_a,
|
||||
'passphrase',
|
||||
'mysecretpassphrase',
|
||||
get_passphrase_req()
|
||||
],
|
||||
],
|
||||
'symmetric_type_no_preferred_store': [
|
||||
admin_b,
|
||||
'symmetric',
|
||||
oslo_base64.decode_as_bytes(get_default_payload()),
|
||||
get_default_data()
|
||||
],
|
||||
],
|
||||
'private_type_no_preferred_store': [
|
||||
admin_b,
|
||||
'private',
|
||||
keys.get_private_key_pem(),
|
||||
get_private_key_req()
|
||||
],
|
||||
],
|
||||
'public_type_no_preferred_store': [
|
||||
admin_b,
|
||||
'public',
|
||||
keys.get_public_key_pem(),
|
||||
get_public_key_req()
|
||||
],
|
||||
],
|
||||
'certificate_type_no_preferred_store': [
|
||||
admin_b,
|
||||
'certificate',
|
||||
keys.get_certificate_pem(),
|
||||
get_certificate_req()
|
||||
],
|
||||
],
|
||||
'passphrase_type_no_preferred_store': [
|
||||
admin_b,
|
||||
'passphrase',
|
||||
b'mysecretpassphrase',
|
||||
get_passphrase_req()
|
||||
],
|
||||
],
|
||||
})
|
||||
def test_secret_create_for(self, user_name, secret_type, expected, spec):
|
||||
"""Create secrets with various secret types with multiple backends."""
|
||||
|
||||
@ -127,7 +127,7 @@ class SecretStoresTestCase(base.TestCase):
|
||||
|
||||
stores = json_data['secret_stores']
|
||||
|
||||
store = stores[len(stores)-1]
|
||||
store = stores[len(stores) - 1]
|
||||
secret_store_ref = store['secret_store_ref']
|
||||
resp = self.ss_behaviors.set_preferred_secret_store(secret_store_ref,
|
||||
user_name=user)
|
||||
@ -193,7 +193,7 @@ class SecretStoresTestCase(base.TestCase):
|
||||
|
||||
stores = json_data['secret_stores']
|
||||
|
||||
store = stores[len(stores)-1]
|
||||
store = stores[len(stores) - 1]
|
||||
secret_store_ref = store['secret_store_ref']
|
||||
resp = self.ss_behaviors.set_preferred_secret_store(secret_store_ref,
|
||||
user_name=user)
|
||||
|
||||
5
tox.ini
5
tox.ini
@ -50,7 +50,7 @@ commands =
|
||||
doc8 {posargs}
|
||||
flake8 {posargs}
|
||||
# Run security linter
|
||||
bandit -r barbican -x tests -n5
|
||||
bandit -r barbican -x tests -n5 -s B105
|
||||
|
||||
[testenv:genconfig]
|
||||
basepython = python3
|
||||
@ -91,6 +91,7 @@ whitelist_externals = rm
|
||||
basepython = python3
|
||||
# This environment is called from CI scripts to test and publish
|
||||
# the API Guide to developer.openstack.org.
|
||||
deps = -r{toxinidir}/doc/requirements.txt
|
||||
commands =
|
||||
rm -rf api-guide/build
|
||||
sphinx-build -W -b html -d api-guide/build/doctrees api-guide/source api-guide/build/html
|
||||
@ -148,7 +149,7 @@ exclude = .git,.idea,.tox,bin,dist,debian,rpmbuild,tools,*.egg-info,*.eggs,contr
|
||||
[testenv:bandit]
|
||||
basepython = python3
|
||||
deps = -r{toxinidir}/test-requirements.txt
|
||||
commands = bandit -r barbican -x tests -n5
|
||||
commands = bandit -r barbican -x tests -n5 -s B105
|
||||
|
||||
[testenv:bindep]
|
||||
basepython = python3
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user