Make tox flake8 setup a little more strict
- enable line length checking - enable function complexity checking co-authored-by: Tim Kelsey <tkelsey@hp.com> Change-Id: Ic853e49327305474a5ef948f6b63b011a5cb3703
This commit is contained in:
parent
961d585946
commit
073cec09db
|
@ -30,8 +30,9 @@ def config_check_domains(conf):
|
|||
if 'allowed_domains' in step[1]:
|
||||
for domain in step[1]['allowed_domains']:
|
||||
if not domain.startswith('.'):
|
||||
raise ConfigValidationException("Domain that does not start with "
|
||||
"a '.' <%s>", domain)
|
||||
raise ConfigValidationException(
|
||||
"Domain that does not start with "
|
||||
"a '.' <%s>", domain)
|
||||
|
||||
|
||||
def validate_config(conf):
|
||||
|
@ -59,8 +60,8 @@ def validate_config(conf):
|
|||
|
||||
if len(step) == 0:
|
||||
raise ConfigValidationException("Validator set <%s> contains "
|
||||
"a step with no validator name",
|
||||
name)
|
||||
"a step with no validator "
|
||||
"name", name)
|
||||
|
||||
if not hasattr(validators, step[0]):
|
||||
raise ConfigValidationException("Validator set <%s> contains "
|
||||
|
|
|
@ -35,7 +35,8 @@ def login(_, token):
|
|||
"id": token
|
||||
}}}})
|
||||
req = requests.post(conf.auth['keystone']['url'] + '/v3/auth/tokens',
|
||||
headers={'Content-Type': 'application/json'}, data=data)
|
||||
headers={'Content-Type': 'application/json'},
|
||||
data=data)
|
||||
if req.status_code != 200:
|
||||
logger.info("Authentication failed for token <%s>, status %s",
|
||||
token, req.status_code)
|
||||
|
|
|
@ -39,7 +39,8 @@ def login(user, secret):
|
|||
ldo = ldap.initialize("ldap://%s" % (conf.auth['ldap']['host'],))
|
||||
ldo.set_option(ldap.OPT_REFERRALS, 0)
|
||||
try:
|
||||
ldo.simple_bind_s("%s@%s" % (user, conf.auth['ldap']['domain']), secret)
|
||||
ldo.simple_bind_s("%s@%s" % (user, conf.auth['ldap']['domain']),
|
||||
secret)
|
||||
|
||||
filter_str = ('(sAMAccountName=%s)' %
|
||||
ldap.filter.escape_filter_chars(user))
|
||||
|
|
|
@ -44,7 +44,7 @@ def parse_csr(csr, encoding):
|
|||
"""
|
||||
# validate untrusted input
|
||||
if str(encoding).lower() not in VALID_ENCODINGS:
|
||||
logger.error("parse_csr failed: invalid encoding ({})".format(encoding))
|
||||
logger.error("parse_csr failed: bad encoding ({})".format(encoding))
|
||||
abort(400, "invalid CSR")
|
||||
|
||||
if csr is None:
|
||||
|
|
|
@ -27,7 +27,8 @@ validators = [
|
|||
{
|
||||
"name": "common",
|
||||
"steps": [
|
||||
('common_name', {'allowed_domains': ['example.com']}), # example.com should start with a '.'
|
||||
# example.com should start with a '.'
|
||||
('common_name', {'allowed_domains': ['example.com']}),
|
||||
('alternative_names', {'allowed_domains': ['example.com']}),
|
||||
('server_group', {'group_prefixes': {
|
||||
'nv': 'Nova_Team',
|
||||
|
@ -39,8 +40,17 @@ validators = [
|
|||
'ops': 'SysEng_Team',
|
||||
'qu': 'Neutron_Team',
|
||||
}}),
|
||||
('extensions', {'allowed_extensions': ['keyUsage', 'subjectAltName', 'basicConstraints', 'subjectKeyIdentifier']}),
|
||||
('key_usage', {'allowed_usage': ['Digital Signature', 'Key Encipherment', 'Non Repudiation', 'Certificate Sign', 'CRL Sign']}),
|
||||
('extensions', {'allowed_extensions': [
|
||||
'keyUsage',
|
||||
'subjectAltName',
|
||||
'basicConstraints',
|
||||
'subjectKeyIdentifier']}),
|
||||
('key_usage', {'allowed_usage': [
|
||||
'Digital Signature',
|
||||
'Key Encipherment',
|
||||
'Non Repudiation',
|
||||
'Certificate Sign',
|
||||
'CRL Sign']}),
|
||||
('ca_status', {'ca_requested': False}),
|
||||
('source_cidrs', {'cidrs': ["127.0.0.0/8"]}),
|
||||
]
|
||||
|
|
|
@ -47,8 +47,17 @@ validators = [
|
|||
'ops': 'SysEng_Team',
|
||||
'qu': 'Neutron_Team',
|
||||
}}),
|
||||
('extensions', {'allowed_extensions': ['keyUsage', 'subjectAltName', 'basicConstraints', 'subjectKeyIdentifier']}),
|
||||
('key_usage', {'allowed_usage': ['Digital Signature', 'Key Encipherment', 'Non Repudiation', 'Certificate Sign', 'CRL Sign']}),
|
||||
('extensions', {'allowed_extensions': [
|
||||
'keyUsage',
|
||||
'subjectAltName',
|
||||
'basicConstraints',
|
||||
'subjectKeyIdentifier']}),
|
||||
('key_usage', {'allowed_usage': [
|
||||
'Digital Signature',
|
||||
'Key Encipherment',
|
||||
'Non Repudiation',
|
||||
'Certificate Sign',
|
||||
'CRL Sign']}),
|
||||
('ca_status', {'ca_requested': False}),
|
||||
('source_cidrs', {'cidrs': ["127.0.0.0/8"]}),
|
||||
]
|
||||
|
|
|
@ -67,7 +67,8 @@ class TestValidators(unittest.TestCase):
|
|||
def test_check_networks_bad_domain(self):
|
||||
bad_domain = 'bad!$domain'
|
||||
allowed_networks = ['127/8', '10/8']
|
||||
self.assertFalse(validators.check_networks(bad_domain, allowed_networks))
|
||||
self.assertFalse(validators.check_networks(
|
||||
bad_domain, allowed_networks))
|
||||
|
||||
@mock.patch('socket.gethostbyname_ex')
|
||||
def test_check_networks_both(self, gethostbyname_ex):
|
||||
|
@ -82,11 +83,14 @@ class TestValidators(unittest.TestCase):
|
|||
'74.125.224.70',
|
||||
]
|
||||
)
|
||||
self.assertTrue(validators.check_networks('example.com', allowed_networks))
|
||||
self.assertTrue(validators.check_networks_strict('example.com', allowed_networks))
|
||||
self.assertTrue(validators.check_networks(
|
||||
'example.com', allowed_networks))
|
||||
self.assertTrue(validators.check_networks_strict(
|
||||
'example.com', allowed_networks))
|
||||
|
||||
gethostbyname_ex.return_value = ('example.com', [], ['12.2.2.2'])
|
||||
self.assertFalse(validators.check_networks('example.com', allowed_networks))
|
||||
self.assertFalse(validators.check_networks(
|
||||
'example.com', allowed_networks))
|
||||
|
||||
gethostbyname_ex.return_value = (
|
||||
'example.com',
|
||||
|
@ -97,4 +101,5 @@ class TestValidators(unittest.TestCase):
|
|||
'16.1.1.1',
|
||||
]
|
||||
)
|
||||
self.assertFalse(validators.check_networks_strict('example.com', allowed_networks))
|
||||
self.assertFalse(validators.check_networks_strict(
|
||||
'example.com', allowed_networks))
|
||||
|
|
10
tox.ini
10
tox.ini
|
@ -16,7 +16,8 @@ commands =
|
|||
coverage report -m
|
||||
|
||||
[testenv:pep8]
|
||||
commands = flake8 {posargs} anchor
|
||||
commands =
|
||||
flake8 {posargs} anchor
|
||||
flake8 {posargs} tests
|
||||
|
||||
[testenv:venv]
|
||||
|
@ -34,9 +35,10 @@ commands =
|
|||
# F403 unable to detect undefined names
|
||||
# H104 file contains nothing but comments
|
||||
# H302 import only modules
|
||||
# H301,H305,H405,H404,H306,E226,H904,H307,F401
|
||||
|
||||
# H307 like imports should be grouped together
|
||||
# H304 no relative imports
|
||||
show-source = True
|
||||
ignore = E123,E125,H303,F403,H104,H302,E501,H307,H304
|
||||
ignore = E123,E125,H303,F403,H104,H302,H307,H304
|
||||
builtins = _
|
||||
exclude=.venv,.git,.tox,dist,doc,*openstack/common*,*lib/python*,*egg,build
|
||||
max-complexity=25
|
||||
|
|
Loading…
Reference in New Issue