Fix the bug of pep8 and building api-guide

`sphinx-build` command is not found in test-env.

To fix pep8, also blacklist the new bandit warning B105, this will
be fixed in a followup.

(cherry picked from commit bf95c37b84)
Change-Id: Ic1b8c3a4bfd67fff082297b881df66ffb9ca2c50
(cherry picked from commit 367453b543)
This commit is contained in:
pengyuesheng 2019-06-25 11:22:40 +08:00 committed by Colleen Murphy
parent 6479e02ce2
commit 9314499b2b
9 changed files with 30 additions and 29 deletions

View File

@ -503,7 +503,7 @@ class PKCS11(object):
return { return {
"iv": self.ffi.buffer(iv)[:], "iv": self.ffi.buffer(iv)[:],
"ct": self.ffi.buffer(ct, ct_len[0])[:] "ct": self.ffi.buffer(ct, ct_len[0])[:]
} }
else: else:
# HSM-generated IVs are appended to the end of the ciphertext # HSM-generated IVs are appended to the end of the ciphertext
return { return {

View File

@ -234,7 +234,7 @@ class SimpleCryptoPlugin(c.CryptoPluginBase):
length_factor = 2 length_factor = 2
if (algorithm.lower() in c.PluginSupportTypes.SYMMETRIC_ALGORITHMS if (algorithm.lower() in c.PluginSupportTypes.SYMMETRIC_ALGORITHMS
and bit_length/length_factor and bit_length / length_factor
in c.PluginSupportTypes.SYMMETRIC_KEY_LENGTHS): in c.PluginSupportTypes.SYMMETRIC_KEY_LENGTHS):
return True return True
elif (algorithm.lower() in c.PluginSupportTypes.ASYMMETRIC_ALGORITHMS elif (algorithm.lower() in c.PluginSupportTypes.ASYMMETRIC_ALGORITHMS

View File

@ -64,7 +64,7 @@ def read_multiple_backends_config():
'global default plugin for deployment. ' 'global default plugin for deployment. '
'Default is False.') 'Default is False.')
), ),
] ]
conf.register_group(store_opt_group) conf.register_group(store_opt_group)
conf.register_opts(store_opts, group=store_opt_group) conf.register_opts(store_opts, group=store_opt_group)

View File

@ -145,12 +145,12 @@ def _convert_private_pem_to_der(pem):
pem, pem,
password=None, password=None,
backend=default_backend() backend=default_backend()
) )
der = private_key.private_bytes( der = private_key.private_bytes(
encoding=serialization.Encoding.DER, encoding=serialization.Encoding.DER,
format=serialization.PrivateFormat.PKCS8, format=serialization.PrivateFormat.PKCS8,
encryption_algorithm=serialization.NoEncryption() encryption_algorithm=serialization.NoEncryption()
) )
return der return der
@ -159,12 +159,12 @@ def _convert_private_der_to_pem(der):
der, der,
password=None, password=None,
backend=default_backend() backend=default_backend()
) )
pem = private_key.private_bytes( pem = private_key.private_bytes(
encoding=serialization.Encoding.PEM, encoding=serialization.Encoding.PEM,
format=serialization.PrivateFormat.PKCS8, format=serialization.PrivateFormat.PKCS8,
encryption_algorithm=serialization.NoEncryption() encryption_algorithm=serialization.NoEncryption()
) )
return pem return pem
@ -172,11 +172,11 @@ def _convert_public_pem_to_der(pem):
public_key = serialization.load_pem_public_key( public_key = serialization.load_pem_public_key(
pem, pem,
backend=default_backend() backend=default_backend()
) )
der = public_key.public_bytes( der = public_key.public_bytes(
encoding=serialization.Encoding.DER, encoding=serialization.Encoding.DER,
format=serialization.PublicFormat.SubjectPublicKeyInfo format=serialization.PublicFormat.SubjectPublicKeyInfo
) )
return der return der
@ -184,11 +184,11 @@ def _convert_public_der_to_pem(der):
public_key = serialization.load_der_public_key( public_key = serialization.load_der_public_key(
der, der,
backend=default_backend() backend=default_backend()
) )
pem = public_key.public_bytes( pem = public_key.public_bytes(
encoding=serialization.Encoding.PEM, encoding=serialization.Encoding.PEM,
format=serialization.PublicFormat.SubjectPublicKeyInfo format=serialization.PublicFormat.SubjectPublicKeyInfo
) )
return pem return pem

View File

@ -286,7 +286,7 @@ class WhenTestingSecretValidator(utils.BaseTestCase):
self.secret_req, self.secret_req,
) )
self.assertEqual('mode', exception.invalid_property) self.assertEqual('mode', exception.invalid_property)
self.assertIn('mode', six.text_type(exception)) self.assertIn('mode', six.text_type(exception))
def test_should_raise_mode_is_non_string(self): def test_should_raise_mode_is_non_string(self):
self.secret_req['mode'] = 123 self.secret_req['mode'] = 123

View File

@ -416,19 +416,19 @@ class TestPluginsGenerateStoreAPIMultipleBackend(
'crypto_plugins': ['simple_crypto', '', 'p11_crypto'], 'crypto_plugins': ['simple_crypto', '', 'p11_crypto'],
'default_store_class': store_crypto.StoreCryptoAdapterPlugin, 'default_store_class': store_crypto.StoreCryptoAdapterPlugin,
'default_crypto_class': simple_crypto.SimpleCryptoPlugin 'default_crypto_class': simple_crypto.SimpleCryptoPlugin
}], }],
"kmip": [{ "kmip": [{
'store_plugins': ['kmip_plugin', 'store_crypto', 'store_crypto'], 'store_plugins': ['kmip_plugin', 'store_crypto', 'store_crypto'],
'crypto_plugins': ['', 'p11_crypto', 'simple_crypto'], 'crypto_plugins': ['', 'p11_crypto', 'simple_crypto'],
'default_store_class': kss.KMIPSecretStore, 'default_store_class': kss.KMIPSecretStore,
'default_crypto_class': None 'default_crypto_class': None
}], }],
"pkcs11": [{ "pkcs11": [{
'store_plugins': ['store_crypto', 'store_crypto', 'kmip_plugin'], 'store_plugins': ['store_crypto', 'store_crypto', 'kmip_plugin'],
'crypto_plugins': ['p11_crypto', 'simple_crypto', ''], 'crypto_plugins': ['p11_crypto', 'simple_crypto', ''],
'default_store_class': store_crypto.StoreCryptoAdapterPlugin, 'default_store_class': store_crypto.StoreCryptoAdapterPlugin,
'default_crypto_class': p11_crypto.P11CryptoPlugin 'default_crypto_class': p11_crypto.P11CryptoPlugin
}] }]
} }
def setUp(self): def setUp(self):

View File

@ -1637,61 +1637,61 @@ class SecretsMultipleBackendTestCase(base.TestCase):
'symmetric', 'symmetric',
oslo_base64.decode_as_bytes(get_default_payload()), oslo_base64.decode_as_bytes(get_default_payload()),
get_default_data() get_default_data()
], ],
'private_type_preferred_store': [ 'private_type_preferred_store': [
admin_a, admin_a,
'private', 'private',
keys.get_private_key_pem(), keys.get_private_key_pem(),
get_private_key_req() get_private_key_req()
], ],
'public_type_preferred_store': [ 'public_type_preferred_store': [
admin_a, admin_a,
'public', 'public',
keys.get_public_key_pem(), keys.get_public_key_pem(),
get_public_key_req() get_public_key_req()
], ],
'certificate_type_preferred_store': [ 'certificate_type_preferred_store': [
admin_a, admin_a,
'certificate', 'certificate',
keys.get_certificate_pem(), keys.get_certificate_pem(),
get_certificate_req() get_certificate_req()
], ],
'passphrase_type_preferred_store': [ 'passphrase_type_preferred_store': [
admin_a, admin_a,
'passphrase', 'passphrase',
'mysecretpassphrase', 'mysecretpassphrase',
get_passphrase_req() get_passphrase_req()
], ],
'symmetric_type_no_preferred_store': [ 'symmetric_type_no_preferred_store': [
admin_b, admin_b,
'symmetric', 'symmetric',
oslo_base64.decode_as_bytes(get_default_payload()), oslo_base64.decode_as_bytes(get_default_payload()),
get_default_data() get_default_data()
], ],
'private_type_no_preferred_store': [ 'private_type_no_preferred_store': [
admin_b, admin_b,
'private', 'private',
keys.get_private_key_pem(), keys.get_private_key_pem(),
get_private_key_req() get_private_key_req()
], ],
'public_type_no_preferred_store': [ 'public_type_no_preferred_store': [
admin_b, admin_b,
'public', 'public',
keys.get_public_key_pem(), keys.get_public_key_pem(),
get_public_key_req() get_public_key_req()
], ],
'certificate_type_no_preferred_store': [ 'certificate_type_no_preferred_store': [
admin_b, admin_b,
'certificate', 'certificate',
keys.get_certificate_pem(), keys.get_certificate_pem(),
get_certificate_req() get_certificate_req()
], ],
'passphrase_type_no_preferred_store': [ 'passphrase_type_no_preferred_store': [
admin_b, admin_b,
'passphrase', 'passphrase',
b'mysecretpassphrase', b'mysecretpassphrase',
get_passphrase_req() get_passphrase_req()
], ],
}) })
def test_secret_create_for(self, user_name, secret_type, expected, spec): def test_secret_create_for(self, user_name, secret_type, expected, spec):
"""Create secrets with various secret types with multiple backends.""" """Create secrets with various secret types with multiple backends."""

View File

@ -127,7 +127,7 @@ class SecretStoresTestCase(base.TestCase):
stores = json_data['secret-stores'] stores = json_data['secret-stores']
store = stores[len(stores)-1] store = stores[len(stores) - 1]
secret_store_ref = store['secret_store_ref'] secret_store_ref = store['secret_store_ref']
resp = self.ss_behaviors.set_preferred_secret_store(secret_store_ref, resp = self.ss_behaviors.set_preferred_secret_store(secret_store_ref,
user_name=user) user_name=user)
@ -193,7 +193,7 @@ class SecretStoresTestCase(base.TestCase):
stores = json_data['secret-stores'] stores = json_data['secret-stores']
store = stores[len(stores)-1] store = stores[len(stores) - 1]
secret_store_ref = store['secret_store_ref'] secret_store_ref = store['secret_store_ref']
resp = self.ss_behaviors.set_preferred_secret_store(secret_store_ref, resp = self.ss_behaviors.set_preferred_secret_store(secret_store_ref,
user_name=user) user_name=user)

View File

@ -49,7 +49,7 @@ commands =
doc8 {posargs} doc8 {posargs}
flake8 {posargs} flake8 {posargs}
# Run security linter # Run security linter
bandit -r barbican -x tests -n5 bandit -r barbican -x tests -n5 -s B105
[testenv:genconfig] [testenv:genconfig]
basepython = python3 basepython = python3
@ -89,6 +89,7 @@ whitelist_externals = rm
basepython = python3 basepython = python3
# This environment is called from CI scripts to test and publish # This environment is called from CI scripts to test and publish
# the API Guide to developer.openstack.org. # the API Guide to developer.openstack.org.
deps = -r{toxinidir}/doc/requirements.txt
commands = commands =
rm -rf api-guide/build rm -rf api-guide/build
sphinx-build -W -b html -d api-guide/build/doctrees api-guide/source api-guide/build/html sphinx-build -W -b html -d api-guide/build/doctrees api-guide/source api-guide/build/html
@ -158,7 +159,7 @@ exclude = .git,.idea,.tox,bin,dist,debian,rpmbuild,tools,*.egg-info,*.eggs,contr
[testenv:bandit] [testenv:bandit]
basepython = python3 basepython = python3
deps = -r{toxinidir}/test-requirements.txt deps = -r{toxinidir}/test-requirements.txt
commands = bandit -r barbican -x tests -n5 commands = bandit -r barbican -x tests -n5 -s B105
[testenv:bindep] [testenv:bindep]
basepython = python3 basepython = python3