Redo package server upload script #121
Conversation
redump folders Mid-air refactoring
|
Some tests (5, but actually just 2, rest is parametrized) still fail, I marked them with |
There was a problem hiding this comment.
Great! It uses argparse, explicitly deprecates packages.yaml, and is properly tested! So I'm happy. And type annotations, and pathlib.
My main concern is that Password seems to make it easy to accidentally leak a password in some unexpected way. But there is no concrete reason to expect that though, so still approved.
Also 2 comments on how to get the test working.
irdb/tests/test_publish.py
Outdated
| return ["", "-l", "fake_username", "-p", "fake_password", "test_package"] | ||
|
|
||
|
|
||
| @pytest.mark.xfail |
There was a problem hiding this comment.
This test fails because there is no test_package.2023-07-20.zip and no test_package.2023-07-20.dev.zip in _ZIPPED_PACKAGES.
I´d be fine if we just commit those two files to the repository. Or we could create them in the test, or in a fixture, or we just keep the xfail, all fine with me.
There was a problem hiding this comment.
That's what I attempted to do with the temp_zipfiles fixture. Obviously didn't work for some reason. It did work on my machine, I also don't have these two versions of the test_package in _ZIPPED_PACKAGES. I think the way to go would be to try and make the fixture approach work (at a later point).
irdb/publish.py
Outdated
| def __str__(self): | ||
| return self.value |
There was a problem hiding this comment.
Having __str__() defined in a password class doesn´t feel right to me. Maybe this will lead to passwords being printed in some debug log or whatever. Is it only for __eq__? I think it would be better to remove this function, because I can't see how it can lead to something good, but I can see how it leads to something bad. Or am I missing anything?
| def __str__(self): | |
| return self.value |
irdb/publish.py
Outdated
| def __eq__(self, other): | ||
| if not isinstance(other, self.__class__): | ||
| raise TypeError() | ||
| return str(self) == str(other) |
There was a problem hiding this comment.
To make __eq__() work with my suggestion to remove __str__()
| return str(self) == str(other) | |
| return self.value == other.value |
| dest="username", | ||
| required=True, | ||
| help=r"UniVie u:space username - e.g. u\kieranl14.") | ||
| parser.add_argument("-p", |
There was a problem hiding this comment.
Minor nitpicking, the default of -p requires one to enter a password even if -u is not specified. And -l is also required. So just compiling a package now requires something like python ./irdb/publish.py -c test_package -l Q -p Q. But that's good enough, since we are the only ones using it. And I believe this was already the case in the old version.
Co-authored-by: Hugo Buddelmeijer <[email protected]>
|
Comment on the password situation (you had three separate comments above, I'll just put it all here): Firstly, I'm not totally happy with how it turned out. Mostly because it now shows the prompt every time the thing is executed without I spent some time on stackoverflow et al. to see how this is done in other projects. The main complication was to allow both command line argument and the more secure prompt. For the latter, And yes, requiring The most straightforward way to solve most if not all of that would probably be to prompt both username and password (using Either way, I think "merge for now, improve later" is probably the most reasonably approach. This is already a rather large change. |
|
Erm, your As I'll already be on a plane tomorrow morning: If you do manage to fix that test tomorrow (or later), please feel free to commit that fix and merge this! 👍 |
|
Hmmz, that |
|
It works nicely now. The secret to capturing the output was using The other xfail-ed test works now too, I just added your I did change the Password class a bit though; simply by using |
New upload script
This is a complete revamp of the IRDB publish script used to push packages to the server, in line with the changes made to the download in AstarVienna/ScopeSim#234. The script now used
argparseinstead of manually parsing command-line arguments. These arguments have been modified and the descriptions updated accordingly. The password can now be entered in a non-echoing way, however passing it as an argument is still supported, mainly intended for automated use. When publishing a new stable version of a package, the user is prompted for confirmation, to avoid unintended uploads. This can be disabled for automated use. Since we're not using thepackages.yamlfile anymore, the serverside sub-directories for the packages (locations,telescopesandinstruments) are now stored inserver_folders.yaml. If upload of a package without an entry in that file is attempted, the user is prompted to enter the folder interactively (or abort).Tests
The test suite has been more or less completely redone, which was necessary for the new structure of the upload script. Multiple combinations of command-line arguments are tested.
Still to do
ScopeSimand here. This has now increased, which is not ideal. This code should be in a separate package (scopesim_core?), that would then be a dependency of bothScopeSimandIRDB.