hacking 3.1.0 depended on 'flake8<3.8.0,>=3.6.0', while we were
specifying flake 3.8.3. This resulted in an error when using the
dependency resolver introduced in pip 20.3. Resolve this by bumping to
hacking 3.2.0.
We also remove bandit and pre-commit from test-requirements, since these
are linters which are not managed by upper-constraints and are not
necessary to run tests. oslo.context is also specified in both
requirements.txt and test-requirements.txt, so we remove it from the
latter.
Change-Id: I829870c327b73b583877b9b969ee38f0bcaa1495
Signed-off-by: Stephen Finucane <sfinucan@redhat.com>
flake8 new release 3.8.0 added new checks and gate pep8
job start failing. hacking 3.0.1 fix the pinning of flake8 to
avoid bringing in a new version with new checks.
Though it is fixed in latest hacking but 2.0 and 3.0 has cap for
flake8 as <4.0.0 which mean flake8 new version 3.9.0 can also
break the pep8 job if new check are added.
To avoid similar gate break in future, we need to bump the hacking min
version.
- http://lists.openstack.org/pipermail/openstack-discuss/2020-May/014828.html
Change-Id: I20e3db3b092462c85d784aad51d5e98f3499f3f1
Introduced changes:
- pre-commit config and rules
- Add pre-commit to pep8 gate, Flake8 is covered in the pre-commit hooks.
- Applying fixes for pre-commit compliance in all code.
Also commit hash will be used instead of version tags in pre-commit to
prevend arbitrary code from running in developer's machines.
pre-commit will be used to:
- trailing whitespace;
- Replaces or checks mixed line ending (mixed-line-ending);
- Forbid files which have a UTF-8 byte-order marker (check-byte-order-marker);
- Checks that non-binary executables have a proper
shebang (check-executables-have-shebangs);
- Check for files that contain merge conflict strings (check-merge-conflict);
- Check for debugger imports and py37+ breakpoint()
calls in python source (debug-statements);
- Attempts to load all yaml files to verify syntax (check-yaml);
- Run flake8 checks (flake8) (local)
For further details about tests please refer to:
https://github.com/pre-commit/pre-commit-hooks
Change-Id: Ia9f7040f9966f1492c590a005f55ef7f3b67f0c9
Signed-off-by: Moisés Guimarães de Medeiros <moguimar@redhat.com>
This patch bumps bandit allowed version to >=1.6.0,<1.7.0 in order to
avoid the errors detailed here https://github.com/PyCQA/bandit/pull/393
Change-Id: I0570c916cffc08bcbaebb385a9cc4a4c7038b215
Signed-off-by: Moisés Guimarães de Medeiros <moguimar@redhat.com>
The repo is Python 3 now, so update hacking to version 3.0 which
supports Python 3.
Blacklist:
W503 line break before binary operator
W504 line break after binary operator
Fix:
E123 closing bracket does not match indentation of opening bracket's line
E126 continuation line over-indented for hanging indent
Change-Id: I39003496a3f4be5a4cb05cdbae53a9c097e34e14
Bandit 1.6.0 accidentally changed how the exclusion list option is
handled and breaks our use of it. Cap to the previous version until
Bandit has fixed the problem.
Sphinx 2.0 no longer works on python 2.7, so we need to start capping
it there as well.
Change-Id: Idead9b4198c6b05d72bae60dee06e5aebc223822
Reference: https://github.com/PyCQA/bandit/pull/489
This commit makes it easier for services to protect APIs meant for
domain-only operations. It does this by making "domain-scope" an
official scope type to check for during policy enforcement.
A good example of where this would be useful is protecting the user
API in keystone, since user's are technically owned by domains.
This commit bumps the version of oslo.context to 2.22.0, which also
has domain support.
Depends-On: https://review.openstack.org/#/c/613635/
Change-Id: Ifc83a5f261bc823060eca5c4d0a4bf07966794c4
The ``creds`` dictionary passed into oslo.policy's enforce() method
assumes a lot of the same values already specified by oslo.context
RequestContext objects.
This commit teaches enforce() to handle being passed an instance of
a RequestContext object, and populate credential values accordingly.
Change-Id: Ia74bf6c40b1e05a1c958f4325e00f68be28d91b9
Closes-Bug: 1779172
This commit fixes two issues that are currently blocking the gate.
The first is that it bumps the Sphinx requirement to be within
acceptable constraints. The second is that it converts oslo.policy to
use stestr instead of testr. This is all being done in one patch
because proposing them individually causes deadlock (the patch to
bump the sphinx requirement fails because we're still using testr and
the patch to convert to stestr fails the requirements-check job).
The following explains the reasoning behind the stestr change.
With the upgrade to oslotest 3.6.0 [0], testr no longer works [1].
This is because oslotest no longer requires testr and we don't depend
on it directly in oslo.policy.
[0] d5a3c58f71
[1] 897823fbd6
Change-Id: I6dac4c8e7b39c9b80cc8f3728763e8d783c9e940
Since pbr already landed and the old version of hacking seems not
work very well with pbr>=2, we should update it to match global
requirement.
Partial-Bug: #1668848
Change-Id: Ia07952992bd90213ed9ad9b0adaa7a47553708f7
We're trying to remove httpretty from openstack requirements in favour
of requests-mock.
Replace httpretty in testing.
Change-Id: I3d02d2ccffc6535d519e49e4fbd9f0ab7490c3b5
The requests interface is much nicer and easier to
use so we might as well use it instead of direct urllib
usage.
Change-Id: I364ddb5f86900a3e166f4480d9f4889a68de247f