[CodeBuild] suggestions from code review

exasol · Sep 5, 2023 · e3bd512 · e3bd512
1 parent b30b621
commit e3bd512
Show file tree

Hide file tree

Showing 10 changed files with 48 additions and 36 deletions.
diff --git a/doc/user_guide/user_guide.md b/doc/user_guide/user_guide.md
@@ -101,17 +101,19 @@ deployment script below with the desired version. (see GitHub Releases
       --bucketfs-port <BUCKETFS_PORT> \
       --bucketfs-user <BUCKETFS_USER> \
       --bucketfs-password <BUCKETFS_PASSWORD> \
-      --bucketfs_use-https <USE_HTTPS_BOOL> \
+      --bucketfs-use-https <USE_HTTPS_BOOL> \
       --bucket <BUCKETFS_NAME> \
       --path-in-bucket <PATH_IN_BUCKET> \
       --language-alias <LANGUAGE_ALIAS> \ 
       --version <RELEASE_VERSION> \
-      --ssl_cert_path <SSL_CERT_PATH> \
-      --use_ssl_cert_validation <USE_CERT_VALIDATION_BOOL>
+      --ssl-cert-path <ssl-cert-path> \
+      --use-ssl-cert-validation \
+      --no-use-ssl-cert-valiation
   ```
-
-The ssl_cert_path is optional if your cert is in an atypical path. The use_ssl_cert_validation is True by default. 
-Use caution if you want to turn this of as it potentially lowers security of you Exasol Database.
+The `--ssl-cert-path` is optional if your cert is in an atypical path. The option `--use-ssl-cert-validation` 
+is the default, you can disable it with `--no-use-ssl-cert-validation`.
+Use caution if you want to turn certificate validation off as it potentially lowers the security of your 
+Database connection.
 
 #### Customized Installation
 In this installation, you can install the desired or customized language 
@@ -198,7 +200,7 @@ python -m exasol_transformers_extension.deploy scripts
     --db-user <DB_USER> \
     --db-pass <DB_PASSWORD> \
     --schema <SCHEMA> \
-    --language-alias <LANGUAGE_ALIAS> \
+    --language-alias <LANGUAGE_ALIAS>
 ```
 
 ## Store Models in BucketFS

diff --git a/exasol_transformers_extension/deployment/deployment_utils.py b/exasol_transformers_extension/deployment/deployment_utils.py
@@ -4,6 +4,7 @@
 import requests
 import tempfile
 import subprocess
+import ssl
 from pathlib import Path
 from getpass import getpass
 from contextlib import contextmanager
@@ -51,6 +52,18 @@ def _concatenate_slc_parts(tmp_dir):
     return slc_final_path
 
 
+def set_websocket_ssl_options(use_ssl_cert_validation: bool, ssl_cert_path: str):
+    websocket_sslopt = {
+        "cert_reqs": ssl.CERT_REQUIRED,
+    }
+    if not use_ssl_cert_validation:
+        websocket_sslopt["cert_reqs"] = ssl.CERT_NONE
+
+    if ssl_cert_path is not None:
+        websocket_sslopt["ca_certs"] = ssl_cert_path
+    return websocket_sslopt
+
+
 @contextmanager
 def get_container_file_from_github_release(version):
     with tempfile.TemporaryDirectory() as tmp_dir:

diff --git a/exasol_transformers_extension/deployment/language_container_deployer.py b/exasol_transformers_extension/deployment/language_container_deployer.py
@@ -5,7 +5,7 @@
 import logging
 from exasol_transformers_extension.utils.bucketfs_operations import \
     create_bucketfs_location
-import ssl
+from exasol_transformers_extension.deployment.deployment_utils import set_websocket_ssl_options
 
 logger = logging.getLogger(__name__)
 
@@ -94,14 +94,7 @@ def run(cls, bucketfs_name: str, bucketfs_host: str, bucketfs_port: int,
             dsn: str, db_user: str, db_password: str, language_alias: str,
             ssl_cert_path: str = None, use_ssl_cert_validation: bool = True):
 
-        websocket_sslopt = {
-            "cert_reqs": ssl.CERT_REQUIRED,
-        }
-        if not use_ssl_cert_validation:
-            websocket_sslopt["cert_reqs"] = ssl.CERT_NONE
-
-        if ssl_cert_path is not None:
-            websocket_sslopt["ca_certs"] = ssl_cert_path
+        websocket_sslopt = set_websocket_ssl_options(use_ssl_cert_validation, ssl_cert_path)
 
         pyexasol_conn = pyexasol.connect(
             dsn=dsn,

diff --git a/exasol_transformers_extension/deployment/language_container_deployer_cli.py b/exasol_transformers_extension/deployment/language_container_deployer_cli.py
@@ -10,7 +10,7 @@
 @click.option('--bucketfs-name', type=str, required=True)
 @click.option('--bucketfs-host', type=str, required=True)
 @click.option('--bucketfs-port', type=int, required=True)
-@click.option('--bucketfs_use-https', type=bool, default=False)
+@click.option('--bucketfs-use-https', type=bool, default=False)
 @click.option('--bucketfs-user', type=str, required=True, default="w")
 @click.option('--bucketfs-password', prompt='bucketFS password', hide_input=True,
               default=lambda: os.environ.get(
@@ -26,8 +26,8 @@
               default=lambda: os.environ.get(
                   utils.DB_PASSWORD_ENVIRONMENT_VARIABLE, ""))
 @click.option('--language-alias', type=str, default="PYTHON3_TE")
-@click.option('--ssl_cert_path', type=str, default="")
-@click.option('--use_ssl_cert_validation', type=bool, default=True)
+@click.option('--ssl-cert-path', type=str, default="")
+@click.option('--use-ssl-cert-validation/--no-use-ssl-cert-validation', type=bool, default=True)
 def language_container_deployer_main(
         bucketfs_name: str,
         bucketfs_host: str,

diff --git a/exasol_transformers_extension/deployment/scripts_deployer.py b/exasol_transformers_extension/deployment/scripts_deployer.py
@@ -5,7 +5,6 @@
 
 logger = logging.getLogger(__name__)
 
-import ssl
 
 class ScriptsDeployer:
     def __init__(self, language_alias: str, schema: str,
@@ -49,14 +48,7 @@ def deploy_scripts(self) -> None:
     def run(cls, dsn: str, user: str, password: str,
             schema: str, language_alias: str,
             ssl_cert_path: str, use_ssl_cert_validation: bool = True):
-        websocket_sslopt = {
-            "cert_reqs": ssl.CERT_REQUIRED,
-        }
-        if not use_ssl_cert_validation:
-            websocket_sslopt["cert_reqs"] = ssl.CERT_NONE
-
-        if ssl_cert_path is not None:
-            websocket_sslopt["ca_certs"] = ssl_cert_path
+        websocket_sslopt = utils.set_websocket_ssl_options(use_ssl_cert_validation, ssl_cert_path)
 
         pyexasol_conn = pyexasol.connect(
             dsn=dsn,

diff --git a/exasol_transformers_extension/deployment/scripts_deployer_cli.py b/exasol_transformers_extension/deployment/scripts_deployer_cli.py
@@ -13,8 +13,8 @@
                   utils.DB_PASSWORD_ENVIRONMENT_VARIABLE, ""))
 @click.option('--schema', type=str, required=True)
 @click.option('--language-alias', type=str, default="PYTHON3_TE")
-@click.option('--ssl_cert_path', type=str, default="")
-@click.option('--use_ssl_cert_validation', type=bool, default=True)
+@click.option('--ssl-cert-path', type=str, default="")
+@click.option('--use-ssl-cert-validation/--no-use-ssl-cert-validation', type=bool, default=True)
 def scripts_deployer_main(
         dsn: str, db_user: str, db_pass: str, schema: str, language_alias: str,
         ssl_cert_path: str, use_ssl_cert_validation: bool):

diff --git a/exasol_transformers_extension/upload_model.py b/exasol_transformers_extension/upload_model.py
@@ -14,7 +14,7 @@
 @click.option('--bucketfs-name', type=str, required=True)
 @click.option('--bucketfs-host', type=str, required=True)
 @click.option('--bucketfs-port', type=int, required=True)
-@click.option('--bucketfs_use-https', type=bool, default=False)
+@click.option('--bucketfs-use-https', type=bool, default=False)
 @click.option('--bucketfs-user', type=str, required=True, default="w")
 @click.option('--bucketfs-password', prompt='bucketFS password', hide_input=True,
               default=lambda: os.environ.get(

diff --git a/tests/integration_tests/with_db/deployment/test_language_container_deployer_cli.py b/tests/integration_tests/with_db/deployment/test_language_container_deployer_cli.py
@@ -49,7 +49,7 @@ def call_language_definition_deployer_cli(dsn: str,
         "--bucketfs-name", bucketfs_params.name,
         "--bucketfs-host", parsed_url.hostname,
         "--bucketfs-port", parsed_url.port,
-        "--bucketfs_use-https", False,
+        "--bucketfs-use-https", False,
         "--bucketfs-user", bucketfs_config.username,
         "--bucketfs-password", bucketfs_config.password,
         "--bucket", bucketfs_params.bucket,
@@ -58,8 +58,16 @@ def call_language_definition_deployer_cli(dsn: str,
         "--db-user", exasol_config.username,
         "--db-pass", exasol_config.password,
         "--language-alias", language_alias,
-        "--use_ssl_cert_validation", use_ssl_cert_validation
+        "--no-use-ssl-cert-validation"
     ]
+    if use_ssl_cert_validation:
+        args_list += [
+            "--use-ssl-cert-validation"
+        ]
+    else:
+        args_list += [
+            "--no-use-ssl-cert-validation"
+        ]
     if version is not None:
         args_list += [
             "--version", version,
@@ -194,3 +202,7 @@ def test_language_container_deployer_cli_with_check_cert(
             and result.exception.args[0].message in expected_exception_message \
             and type(result.exception) == ExaConnectionFailedError
 
+E           AssertionError: assert (1 == 1 and 'Could not connect to Exasol: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate in certificate chain (_ssl.c:1131)' in
+                                               'Could not connect to Exasol: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self signed certificate in certificate chain (_ssl.c:1131)')
+E            +  where 1 = <Result ExaConnection'Could not connect to Exasol: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate in certificate chain (_ssl.c:1131)')>.exit_code
+E            +  and   'Could not connect to Exasol: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate in certificate chain (_ssl.c:1131)' = ExaConnectionFailedError(ExaConnectionFailedError(...), 'Could not connect to Exasol: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: self-signed certificate in certificate chain (_ssl.c:1131)').message
diff --git a/tests/integration_tests/with_db/deployment/test_scripts_deployer_cli.py b/tests/integration_tests/with_db/deployment/test_scripts_deployer_cli.py
@@ -24,7 +24,7 @@ def test_scripts_deployer_cli(language_alias: str,
         "--db-pass", exasol_config.password,
         "--schema", schema_name,
         "--language-alias", language_alias,
-        "--use_ssl_cert_validation", False
+        "--no-use-ssl-cert-validation"
     ]
     runner = CliRunner()
     result = runner.invoke(deploy.main, args_list)
@@ -47,7 +47,7 @@ def test_scripts_deployer_cli_with_encryption_verify(language_alias: str,
         "--db-pass", exasol_config.password,
         "--schema", schema_name,
         "--language-alias", language_alias,
-        "--use_ssl_cert_validation", True
+        "--use-ssl-cert-validation"
     ]
     expected_exception_message = 'Could not connect to Exasol: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify ' \
                                  'failed: self signed certificate in certificate chain (_ssl.c:1131)'

diff --git a/tests/integration_tests/with_db/test_upload_model.py b/tests/integration_tests/with_db/test_upload_model.py
@@ -45,7 +45,7 @@ def test_model_upload(setup_database, pyexasol_connection, download_sample_model
         "--bucketfs-name", bucketfs_params.name,
         "--bucketfs-host", host,
         "--bucketfs-port", port,
-        "--bucketfs_use-https", False,
+        "--bucketfs-use-https", False,
         "--bucketfs-user", bucketfs_config.username,
         "--bucketfs-password", bucketfs_config.password,
         "--bucket", bucketfs_params.bucket,