diff --git a/.ansible-lint b/.ansible-lint index 0e80b05b..4ffc0efa 100644 --- a/.ansible-lint +++ b/.ansible-lint @@ -1,10 +1,9 @@ --- -# See https://ansible-lint.readthedocs.io/en/latest/configuring.html -# for a list of the configuration elements that can exist in this -# file. +# See https://ansible-lint.readthedocs.io/configuring/ for a list of +# the configuration elements that can exist in this file. enable_list: # Useful checks that one must opt-into. See here for more details: - # https://ansible-lint.readthedocs.io/en/latest/rules.html + # https://ansible-lint.readthedocs.io/rules/ - fcqn-builtins - no-log-password - no-same-owner diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 24a571ff..cf389d05 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -3,8 +3,12 @@ # These owners will be the default owners for everything in the # repo. Unless a later match takes precedence, these owners will be # requested for review when someone opens a pull request. +<<<<<<< HEAD * @dav3r @dylanj1752 @felddy @INLGuy @itsmostafa @izzy64 @jsf9k @mcdonnnj @xlyk +======= +* @dav3r @felddy @jasonodoom @jsf9k @mcdonnnj +>>>>>>> 8237d2703dc248b80cbac9ac6a805a08e43db3c2 # These folks own any files in the .github directory at the root of # the repository and any of its subdirectories. -/.github/ @dav3r @felddy @jsf9k @mcdonnnj +/.github/ @dav3r @felddy @jasonodoom @jsf9k @mcdonnnj diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 8b751e30..dd5b971a 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -61,13 +61,16 @@ jobs: - id: setup-python uses: actions/setup-python@v4 with: - python-version: "3.10" + python-version: "3.11" # We need the Go version and Go cache location for the actions/cache step, # so the Go installation must happen before that. - id: setup-go - uses: actions/setup-go@v3 + uses: actions/setup-go@v4 with: - go-version: "1.19" + # There is no expectation for actual Go code so we disable caching as + # it relies on the existence of a go.sum file. + cache: false + go-version: "1.20" - name: Lookup Go cache directory id: go-cache run: | @@ -131,7 +134,7 @@ jobs: run: go install ${PACKAGE_URL}@${PACKAGE_VERSION} - name: Install dependencies run: | - python -m pip install --upgrade pip + python -m pip install --upgrade pip setuptools wheel pip install --upgrade --requirement requirements-test.txt - name: Set up pre-commit hook environments run: pre-commit install-hooks @@ -321,7 +324,7 @@ jobs: - id: setup-python uses: actions/setup-python@v4 with: - python-version: "3.10" + python-version: "3.11" - name: Cache testing environments uses: actions/cache@v3 env: @@ -340,7 +343,7 @@ jobs: run: cp etc/env.dist .env - name: Install dependencies run: | - python -m pip install --upgrade pip + python -m pip install --upgrade pip setuptools wheel pip install --upgrade --requirement requirements-test.txt - name: Download docker image artifact uses: actions/download-artifact@v3 diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 908ee825..327996b8 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -35,17 +35,17 @@ repos: # Text file hooks - repo: https://github.com/igorshubovych/markdownlint-cli - rev: v0.33.0 + rev: v0.34.0 hooks: - id: markdownlint args: - --config=.mdl_config.yaml - repo: https://github.com/pre-commit/mirrors-prettier - rev: v3.0.0-alpha.4 + rev: v3.0.0-alpha.9-for-vscode hooks: - id: prettier - repo: https://github.com/adrienverge/yamllint - rev: v1.29.0 + rev: v1.32.0 hooks: - id: yamllint exclude: .pre-commit-config.yaml @@ -54,17 +54,36 @@ repos: # GitHub Actions hooks - repo: https://github.com/python-jsonschema/check-jsonschema - rev: 0.21.0 + rev: 0.23.1 hooks: - id: check-github-actions - id: check-github-workflows # pre-commit hooks - repo: https://github.com/pre-commit/pre-commit - rev: v3.0.2 + rev: v3.3.2 hooks: - id: validate_manifest + # Go hooks + - repo: https://github.com/TekWizely/pre-commit-golang + rev: v1.0.0-rc.1 + hooks: + # Style Checkers + - id: go-critic + # StaticCheck + - id: go-staticcheck-repo-mod + # Go Build + - id: go-build-repo-mod + # Go Mod Tidy + - id: go-mod-tidy-repo + # Go Test + - id: go-test-repo-mod + # Go Vet + - id: go-vet-repo-mod + # GoSec + - id: go-sec-repo-mod + # Shell script hooks - repo: https://github.com/cisagov/pre-commit-shfmt rev: v0.0.2 @@ -88,7 +107,7 @@ repos: # Python hooks # Run bandit on the "tests" tree with a configuration - repo: https://github.com/PyCQA/bandit - rev: 1.7.4 + rev: 1.7.5 hooks: - id: bandit name: bandit (tests tree) @@ -97,13 +116,13 @@ repos: - --config=.bandit.yml # Run bandit on everything except the "tests" tree - repo: https://github.com/PyCQA/bandit - rev: 1.7.4 + rev: 1.7.5 hooks: - id: bandit name: bandit (everything else) exclude: tests - repo: https://github.com/psf/black - rev: 22.12.0 + rev: 23.3.0 hooks: - id: black - repo: https://github.com/PyCQA/flake8 @@ -117,31 +136,31 @@ repos: hooks: - id: isort - repo: https://github.com/pre-commit/mirrors-mypy - rev: v0.991 + rev: v1.3.0 hooks: - id: mypy - repo: https://github.com/asottile/pyupgrade - rev: v3.3.1 + rev: v3.4.0 hooks: - id: pyupgrade # Ansible hooks - repo: https://github.com/ansible-community/ansible-lint - rev: v5.4.0 + rev: v6.17.0 hooks: - id: ansible-lint # files: molecule/default/playbook.yml # Terraform hooks - repo: https://github.com/antonbabenko/pre-commit-terraform - rev: v1.77.0 + rev: v1.80.0 hooks: - id: terraform_fmt - id: terraform_validate # Docker hooks - repo: https://github.com/IamTheFij/docker-pre-commit - rev: v2.1.1 + rev: v3.0.1 hooks: - id: docker-compose-check diff --git a/Dockerfile b/Dockerfile index 25df9ffd..06785b84 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,11 @@ ARG VERSION=unspecified +<<<<<<< HEAD # Stage 1 - Build FROM node:18-alpine as node +======= +FROM python:3.11.4-alpine +>>>>>>> 8237d2703dc248b80cbac9ac6a805a08e43db3c2 # Set working directory WORKDIR /app diff --git a/requirements-test.txt b/requirements-test.txt index 5f3337c0..8b41b2f9 100644 --- a/requirements-test.txt +++ b/requirements-test.txt @@ -1,4 +1,4 @@ --requirement requirements.txt pre-commit pytest -pytest-dockerc +python-on-whales diff --git a/setup-env b/setup-env index f526cdb3..77926bf8 100644 --- a/setup-env +++ b/setup-env @@ -65,7 +65,7 @@ done eval set -- "$PARAMS" # Check to see if pyenv is installed -if [ -z "$(command -v pyenv)" ] || [ -z "$(command -v pyenv-virtualenv)" ]; then +if [ -z "$(command -v pyenv)" ] || { [ -z "$(command -v pyenv-virtualenv)" ] && [ ! -f "$(pyenv root)/plugins/pyenv-virtualenv/bin/pyenv-virtualenv" ]; }; then echo "pyenv and pyenv-virtualenv are required." if [[ "$OSTYPE" == "darwin"* ]]; then cat << 'END_OF_LINE' @@ -186,5 +186,5 @@ else: END_OF_LINE )" -# Qapla +# Qapla' echo "Success!" diff --git a/tests/conftest.py b/tests/conftest.py index 879e3bda..ce6d3d4e 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -4,17 +4,39 @@ """ # Third-Party Libraries import pytest +from python_on_whales import docker MAIN_SERVICE_NAME = "web" +@pytest.fixture(scope="session") +def dockerc(): + """Start up the Docker composition.""" + docker.compose.up(detach=True) + yield docker + docker.compose.down() + + @pytest.fixture(scope="session") def main_container(dockerc): """Return the main container from the Docker composition.""" # find the container by name even if it is stopped already - return dockerc.containers(service_names=[MAIN_SERVICE_NAME], stopped=True)[0] + return dockerc.compose.ps(services=[MAIN_SERVICE_NAME], all=True)[0] + + +<<<<<<< HEAD +======= +@pytest.fixture(scope="session") +def version_container(dockerc): + """Return the version container from the Docker composition. + + The version container should just output the version of its underlying contents. + """ + # find the container by name even if it is stopped already + return dockerc.compose.ps(services=[VERSION_SERVICE_NAME], all=True)[0] +>>>>>>> a9d6c92ea3ca2760e4a18276d06c668058dd3670 def pytest_addoption(parser): """Add new commandline options to pytest.""" parser.addoption( diff --git a/tests/container_test.py b/tests/container_test.py index e9aea226..9155abf9 100644 --- a/tests/container_test.py +++ b/tests/container_test.py @@ -14,7 +14,11 @@ def test_container_count(dockerc): """Verify correct number of containers are running.""" # stopped parameter allows non-running containers in results assert ( +<<<<<<< HEAD len(dockerc.containers(stopped=True)) == 1 +======= + len(dockerc.compose.ps(all=True)) == 2 +>>>>>>> a9d6c92ea3ca2760e4a18276d06c668058dd3670 ), "Wrong number of containers were started." @@ -24,7 +28,7 @@ def test_container(main_container): # this to be shorter, so hence the longer timeout. TIMEOUT = 360 for i in range(TIMEOUT): - if READY_MESSAGE in main_container.logs().decode("utf-8"): + if READY_MESSAGE in main_container.logs(): break time.sleep(1) else: @@ -37,10 +41,21 @@ def test_container(main_container): # it's still running. time.sleep(10) +<<<<<<< HEAD # Make sure the container is not exiting. assert main_container.is_running is True, "Docker container is not running." assert main_container.is_restarting is False, "Docker container is restarting." assert main_container.exit_code == 0, "Docker container exited." +======= +def test_wait_for_exits(dockerc, main_container, version_container): + """Wait for containers to exit.""" + assert ( + dockerc.wait(main_container.id) == 0 + ), "Container service (main) did not exit cleanly" + assert ( + dockerc.wait(version_container.id) == 0 + ), "Container service (version) did not exit cleanly" +>>>>>>> a9d6c92ea3ca2760e4a18276d06c668058dd3670 # Get project version pkg_vars = {} @@ -48,12 +63,39 @@ def test_container(main_container): exec(f.read(), pkg_vars) # nosec project_version = pkg_vars["__version__"] +<<<<<<< HEAD # Get log output log_output = main_container.logs().decode("utf-8") +======= +def test_output(dockerc, main_container): + """Verify the container had the correct output.""" + # make sure container exited if running test isolated + dockerc.wait(main_container.id) + log_output = main_container.logs() + assert SECRET_QUOTE in log_output, "Secret not found in log output." +>>>>>>> a9d6c92ea3ca2760e4a18276d06c668058dd3670 # Assert version output is in the logs. assert ( +<<<<<<< HEAD f"Running Con-PCA version {project_version}" in log_output +======= + RELEASE_TAG == f"v{project_version}" + ), "RELEASE_TAG does not match the project version" + + +def test_log_version(dockerc, version_container): + """Verify the container outputs the correct version to the logs.""" + # make sure container exited if running test isolated + dockerc.wait(version_container.id) + log_output = version_container.logs().strip() + pkg_vars = {} + with open(VERSION_FILE) as f: + exec(f.read(), pkg_vars) # nosec + project_version = pkg_vars["__version__"] + assert ( + log_output == project_version +>>>>>>> a9d6c92ea3ca2760e4a18276d06c668058dd3670 ), f"Container version output to log does not match project version file {VERSION_FILE}" # Assert release Version Label @@ -64,5 +106,10 @@ def test_container(main_container): # Assert container version label matches assert ( +<<<<<<< HEAD main_container.labels["org.opencontainers.image.version"] == project_version +======= + version_container.config.labels["org.opencontainers.image.version"] + == project_version +>>>>>>> a9d6c92ea3ca2760e4a18276d06c668058dd3670 ), "Dockerfile version label does not match project version"