diff --git a/.github/workflows/ca-ssnv2-test.yml b/.github/workflows/ca-ssnv2-test.yml index 02091b75f4e..6162a6fe533 100644 --- a/.github/workflows/ca-ssnv2-test.yml +++ b/.github/workflows/ca-ssnv2-test.yml @@ -72,7 +72,7 @@ jobs: Loading deployment configuration from /usr/share/pki/server/examples/installation/ca.cfg. Installing CA into /var/lib/pki/pki-tomcat. - Installation failed: pki_serial_number_range_start format not valid, expecting 0x... + Installation failed: pki_serial_number_range_start must start with 0x EOF diff --git a/.github/workflows/python-lint-test.yml b/.github/workflows/python-lint-test.yml index e820d54bd62..a2f81ceb5c0 100644 --- a/.github/workflows/python-lint-test.yml +++ b/.github/workflows/python-lint-test.yml @@ -28,7 +28,13 @@ jobs: HOSTNAME: pki.example.com - name: Run Python lint + if: always() run: | docker exec pki pylint-3 --version + docker exec pki /usr/share/pki/tests/bin/python-lint.py + + - name: Run Python flake8 + if: always() + run: | docker exec pki python3-flake8 --version - docker exec pki /usr/share/pki/tests/bin/pki-lint + docker exec pki /usr/share/pki/tests/bin/python-flake8.py diff --git a/base/common/python/pki/account.py b/base/common/python/pki/account.py index 3662a4caae9..4086d50bebf 100644 --- a/base/common/python/pki/account.py +++ b/base/common/python/pki/account.py @@ -53,8 +53,8 @@ def __init__(self, parent, subsystem=None): if isinstance(parent, pki.client.PKIConnection): logger.warning( - '%s:%s: The PKIConnection parameter in AccountClient.__init__() has been deprecated. ' - 'Provide PKIClient instead.', + '%s:%s: The PKIConnection parameter in AccountClient.__init__() ' + 'has been deprecated. Provide PKIClient instead.', inspect.stack()[1].filename, inspect.stack()[1].lineno) self.subsystem_client = None diff --git a/base/server/healthcheck/pki/server/healthcheck/meta/connectivity.py b/base/server/healthcheck/pki/server/healthcheck/meta/connectivity.py index d7c6d5e9fd7..ff92b921d75 100644 --- a/base/server/healthcheck/pki/server/healthcheck/meta/connectivity.py +++ b/base/server/healthcheck/pki/server/healthcheck/meta/connectivity.py @@ -124,10 +124,11 @@ def check(self): # Make a plain HTTPS GET to retrieve KRA transport cert, to test that # the server is up AND is able to respond back - connection = pki.client.PKIConnection(protocol='https', - hostname='localhost', - port=https_port, - verify=False) + connection = pki.client.PKIConnection( + protocol='https', + hostname='localhost', + port=https_port, + verify=False) system_cert_client = pki.systemcert.SystemCertClient(connection) diff --git a/base/server/python/pki/server/cli/acme.py b/base/server/python/pki/server/cli/acme.py index 4dfc24f1ce1..f2f0d72a1dd 100644 --- a/base/server/python/pki/server/cli/acme.py +++ b/base/server/python/pki/server/cli/acme.py @@ -1213,7 +1213,8 @@ def execute(self, argv, args=None): print('Enter ID of the authority for issuing ACME certificates ' '(empty for main CA, subCA ID otherwise).') authority_id = config.get('authority-id') - authority_id = pki.util.read_text(' Authority ID', default=authority_id, required=True) + authority_id = pki.util.read_text( + ' Authority ID', default=authority_id, required=True) if authority_id: pki.util.set_property(config, 'authority-id', authority_id) @@ -1222,7 +1223,8 @@ def execute(self, argv, args=None): print('Enter DN of the authority for issuing ACME certificates ' '(empty for main CA, subCA DN otherwise).') authority_dn = config.get('authority-dn') - authority_dn = pki.util.read_text(' Authority ID', default=authority_id, required=True) + authority_dn = pki.util.read_text( + ' Authority ID', default=authority_id, required=True) if authority_dn: pki.util.set_property(config, 'authority-dn', authority_dn) diff --git a/base/server/python/pki/server/cli/cert.py b/base/server/python/pki/server/cli/cert.py index 6caef1bfb88..82bdf451757 100644 --- a/base/server/python/pki/server/cli/cert.py +++ b/base/server/python/pki/server/cli/cert.py @@ -1250,7 +1250,7 @@ def execute(self, argv, args=None): if args.cert: all_certs = False fix_certs.append(args.cert) - + if args.extra_cert: # TODO: add support for hex serial number try: diff --git a/base/server/python/pki/server/deployment/__init__.py b/base/server/python/pki/server/deployment/__init__.py index baac6d3f0a4..70505aa746c 100644 --- a/base/server/python/pki/server/deployment/__init__.py +++ b/base/server/python/pki/server/deployment/__init__.py @@ -1264,31 +1264,31 @@ def configure_ca(self, subsystem): serial_number_range_start = self.mdict.get('pki_serial_number_range_start') if serial_number_range_start: if not serial_number_range_start.startswith('0x'): - raise Exception('pki_serial_number_range_start format not valid, expecting 0x...') + raise Exception('pki_serial_number_range_start must start with 0x') subsystem.set_config('dbs.beginSerialNumber', serial_number_range_start) serial_number_range_end = self.mdict.get('pki_serial_number_range_end') if serial_number_range_end: if not serial_number_range_end.startswith('0x'): - raise Exception('pki_serial_number_range_end format not valid, expecting 0x...') + raise Exception('pki_serial_number_range_end must start with 0x') subsystem.set_config('dbs.endSerialNumber', serial_number_range_end) serial_increment = self.mdict.get('pki_serial_number_range_increment') if serial_increment: if not serial_increment.startswith('0x'): - raise Exception('pki_serial_number_range_increment format not valid, expecting 0x...') + raise Exception('pki_serial_number_range_increment must start with 0x') subsystem.set_config('dbs.serialIncrement', serial_increment) serial_minimum = self.mdict.get('pki_serial_number_range_minimum') if serial_minimum: if not serial_minimum.startswith('0x'): - raise Exception('pki_serial_number_range_minimum format not valid, expecting 0x...') + raise Exception('pki_serial_number_range_minimum must start with 0x') subsystem.set_config('dbs.serialLowWaterMark', serial_minimum) serial_transfer = self.mdict.get('pki_serial_number_range_transfer') if serial_transfer: if not serial_transfer.startswith('0x'): - raise Exception('pki_serial_number_range_transfer format not valid, expecting 0x...') + raise Exception('pki_serial_number_range_transfer must start with 0x') subsystem.set_config('dbs.serialCloneTransferNumber', serial_transfer) subsystem.set_config('dbs.serialRangeDN', 'ou=certificateRepository,ou=ranges_v2') @@ -1296,7 +1296,6 @@ def configure_ca(self, subsystem): else: # random subsystem.set_config('dbs.cert.id.length', self.mdict['pki_cert_id_length']) - replica_number_range_start = self.mdict.get('pki_replica_number_range_start') if replica_number_range_start: subsystem.set_config('dbs.beginReplicaNumber', replica_number_range_start) @@ -5191,10 +5190,10 @@ def restore_selinux_contexts(self): # The restocon API is not working in RHEL # (see https://issues.redhat.com/browse/RHEL-73348). # - #selinux.restorecon(self.instance.base_dir, True) - #selinux.restorecon(config.PKI_DEPLOYMENT_LOG_ROOT, True) - #selinux.restorecon(self.instance.actual_logs_dir, True) - #selinux.restorecon(self.instance.actual_conf_dir, True) + # selinux.restorecon(self.instance.base_dir, True) + # selinux.restorecon(config.PKI_DEPLOYMENT_LOG_ROOT, True) + # selinux.restorecon(self.instance.actual_logs_dir, True) + # selinux.restorecon(self.instance.actual_conf_dir, True) folders = [ self.instance.base_dir, config.PKI_DEPLOYMENT_LOG_ROOT, diff --git a/tests/bin/pki-lint b/tests/bin/python-flake8.py similarity index 83% rename from tests/bin/pki-lint rename to tests/bin/python-flake8.py index 2981605efc9..49f68abc99f 100755 --- a/tests/bin/pki-lint +++ b/tests/bin/python-flake8.py @@ -6,14 +6,12 @@ BIN_DIR=`dirname "$SCRIPT_PATH"` TESTS_DIR=`dirname "$BIN_DIR"` -RC_FILE="$TESTS_DIR/pylintrc" FLAKE8_CONFIG="$TESTS_DIR/tox.ini" usage() { echo "Usage: $SCRIPT_NAME [OPTIONS]" echo echo "Options:" - echo " --rcfile= pylint configuration (default: $RC_FILE)" echo " --config= flake8 configuration (default: $FLAKE8_CONFIG)" echo " -v,--verbose Run in verbose mode." echo " --debug Run in debug mode." @@ -29,9 +27,6 @@ LONG_OPTARG="${OPTARG#*=}" case $OPTARG in - rcfile=?*) - RC_FILE="$LONG_OPTARG" - ;; config?*) FLAKE8_CONFIG="$LONG_OPTARG" ;; @@ -42,7 +37,7 @@ '') break # "--" terminates argument processing ;; - rcfile* | config*) + config*) echo "ERROR: Missing argument for --$OPTARG option" >&2 exit 1 ;; @@ -70,12 +65,6 @@ SOURCES="$SOURCES `find /usr/share/pki/upgrade -name "*.py"`" SOURCES="$SOURCES `find /usr/share/pki/server/upgrade -name "*.py"`" -echo "Running pylint..." -pylint-3 \ - --rcfile=${RC_FILE} \ - $SOURCES - -echo "Running flake8..." python3-flake8 \ --config ${FLAKE8_CONFIG} \ $SOURCES diff --git a/tests/bin/python-lint.py b/tests/bin/python-lint.py new file mode 100755 index 00000000000..c4c6bbc508a --- /dev/null +++ b/tests/bin/python-lint.py @@ -0,0 +1,70 @@ +#! /bin/bash -e + +SCRIPT_PATH=`readlink -f "$0"` +SCRIPT_NAME=`basename "$SCRIPT_PATH"` + +BIN_DIR=`dirname "$SCRIPT_PATH"` +TESTS_DIR=`dirname "$BIN_DIR"` + +RC_FILE="$TESTS_DIR/pylintrc" + +usage() { + echo "Usage: $SCRIPT_NAME [OPTIONS]" + echo + echo "Options:" + echo " --rcfile= pylint configuration (default: $RC_FILE)" + echo " -v,--verbose Run in verbose mode." + echo " --debug Run in debug mode." + echo " --help Show help message." +} + +while getopts v-: arg ; do + case $arg in + v) + set -x + ;; + -) + LONG_OPTARG="${OPTARG#*=}" + + case $OPTARG in + rcfile=?*) + RC_FILE="$LONG_OPTARG" + ;; + help) + usage + exit + ;; + '') + break # "--" terminates argument processing + ;; + rcfile*) + echo "ERROR: Missing argument for --$OPTARG option" >&2 + exit 1 + ;; + *) + echo "ERROR: Illegal option --$OPTARG" >&2 + exit 1 + ;; + esac + ;; + \?) + exit 1 # getopts already reported the illegal option + ;; + esac +done + +PATHS=`python3 -Ic "import sys; print(' '.join(sys.path))"` +SOURCES="" + +for path in $PATHS; do + if [ -d $path/pki ]; then + SOURCES="$SOURCES `find $path/pki -name "*.py"`" + fi +done + +SOURCES="$SOURCES `find /usr/share/pki/upgrade -name "*.py"`" +SOURCES="$SOURCES `find /usr/share/pki/server/upgrade -name "*.py"`" + +pylint-3 \ + --rcfile=${RC_FILE} \ + $SOURCES