Merge branch 'dev' into jviau/targets

Azure · Dec 11, 2024 · 80129e9 · 80129e9
2 parents 47eb886 + bbb6624
commit 80129e9
Show file tree

Hide file tree

Showing 8 changed files with 47 additions and 82 deletions.
diff --git a/eng/ci/official-build.yml b/eng/ci/official-build.yml
@@ -30,6 +30,8 @@ resources:
 variables:
   - template: /eng/templates/utils/variables.yml@self
   - template: /eng/templates/utils/official-variables.yml@self
+  - name: codeql.excludePathPatterns
+    value: deps/,build/
 
 extends:
   template: v1/1ES.Official.PipelineTemplate.yml@1es

diff --git a/eng/ci/public-build.yml b/eng/ci/public-build.yml
@@ -28,6 +28,12 @@ resources:
 
 variables:
   - template: /eng/templates/utils/variables.yml@self
+  - name: codeql.excludePathPatterns
+    value: deps/,build/
+  - name: codeql.compiled.enabled
+    value: true
+  - name: codeql.runSourceLanguagesInSourceAnalysis
+    value: true
 
 extends:
   template: v1/1ES.Unofficial.PipelineTemplate.yml@1es
@@ -36,11 +42,6 @@ extends:
       name: 1es-pool-azfunc-public
       image: 1es-windows-2022
       os: windows
-    sdl:
-      codeql:
-         compiled:
-           enabled: true # still only runs for default branch
-         runSourceLanguagesInSourceAnalysis: true
     settings:
       skipBuildTagsForGitHubPullRequests: ${{ variables['System.PullRequest.IsFork'] }}
     stages:

diff --git a/pack/templates/macos_64_env_gen.yml b/pack/templates/macos_64_env_gen.yml
@@ -16,6 +16,7 @@ steps:
     pip install pip-audit
     pip-audit -r requirements.txt
   displayName: 'Run vulnerability scan'
+  condition: ne(variables['pythonVersion'], '3.7')
 - task: CopyFiles@2
   inputs:
     contents: |

diff --git a/pack/templates/nix_env_gen.yml b/pack/templates/nix_env_gen.yml
@@ -16,6 +16,7 @@ steps:
     pip install pip-audit
     pip-audit -r requirements.txt
   displayName: 'Run vulnerability scan'
+  condition: ne(variables['pythonVersion'], '3.7')
 - task: CopyFiles@2
   inputs:
     contents: |

diff --git a/pack/templates/win_env_gen.yml b/pack/templates/win_env_gen.yml
@@ -16,6 +16,7 @@ steps:
     pip install pip-audit
     pip-audit -r requirements.txt
   displayName: 'Run vulnerability scan'
+  condition: ne(variables['pythonVersion'], '3.7')
 - task: CopyFiles@2
   inputs:
     contents: |

diff --git a/tests/unittests/test_third_party_http_functions.py b/tests/unittests/test_third_party_http_functions.py
@@ -132,48 +132,12 @@ def check_log_print_to_console_stderr(self,
             # System logs stderr now exist in host_out
             self.assertIn('Secret42', host_out)
 
-        def test_raw_body_bytes(self):
-            parent_dir = pathlib.Path(__file__).parent.parent
-            image_file = parent_dir / 'unittests/resources/functions.png'
-            with open(image_file, 'rb') as image:
-                img = image.read()
-                encoded_image = base64.b64encode(img).decode('utf-8')
-                html_img_tag = \
-                    f'<img src="data:image/png;base64,{encoded_image}" alt="PNG Image"/>'  # noqa
-                sanitized_img_len = len(html_img_tag)
-                r = self.webhost.request('POST', 'raw_body_bytes', data=img,
-                                         no_prefix=True)
-
-            received_body_len = int(r.headers['body-len'])
-            self.assertEqual(received_body_len, sanitized_img_len)
-
-            encoded_image_data = encoded_image.split(",")[0]
-            body = base64.b64decode(encoded_image_data)
-            try:
-                received_img_file = parent_dir / 'received_img.png'
-                with open(received_img_file, 'wb') as received_img:
-                    received_img.write(body)
-                self.assertTrue(filecmp.cmp(received_img_file, image_file))
-            finally:
-                if (os.path.exists(received_img_file)):
-                    os.remove(received_img_file)
-
         def test_return_http_no_body(self):
             r = self.webhost.request('GET', 'return_http_no_body',
                                      no_prefix=True)
             self.assertEqual(r.text, '')
             self.assertEqual(r.status_code, 200)
 
-        def test_return_http_redirect(self):
-            r = self.webhost.request('GET', 'return_http_redirect',
-                                     no_prefix=True)
-            self.assertEqual(r.status_code, 200)
-            self.assertEqual(r.text, '<h1>Hello World™</h1>')
-
-            r = self.webhost.request('GET', 'return_http_redirect',
-                                     allow_redirects=False, no_prefix=True)
-            self.assertEqual(r.status_code, 302)
-
         def test_unhandled_error(self):
             r = self.webhost.request('GET', 'unhandled_error', no_prefix=True)
             self.assertEqual(r.status_code, 500)
@@ -228,10 +192,46 @@ def check_log_hijack_current_event_loop(self,
         self.assertIn('parallelly_log_system at disguised_logger',
                       host_out)
 
+    def test_raw_body_bytes(self):
+        parent_dir = pathlib.Path(__file__).parent.parent
+        image_file = parent_dir / 'unittests/resources/functions.png'
+        with open(image_file, 'rb') as image:
+            img = image.read()
+            encoded_image = base64.b64encode(img).decode('utf-8')
+            html_img_tag = \
+                f'<img src="data:image/png;base64,{encoded_image}" alt="PNG Image"/>'  # noqa
+            sanitized_img_len = len(html_img_tag)
+            r = self.webhost.request('POST', 'raw_body_bytes', data=img,
+                                     no_prefix=True)
+
+        received_body_len = int(r.headers['body-len'])
+        self.assertEqual(received_body_len, sanitized_img_len)
+
+        encoded_image_data = encoded_image.split(",")[0]
+        body = base64.b64decode(encoded_image_data)
+        try:
+            received_img_file = parent_dir / 'received_img.png'
+            with open(received_img_file, 'wb') as received_img:
+                received_img.write(body)
+            self.assertTrue(filecmp.cmp(received_img_file, image_file))
+        finally:
+            if (os.path.exists(received_img_file)):
+                os.remove(received_img_file)
+
 
 class TestWsgiHttpFunctions(
         ThirdPartyHttpFunctionsTestBase.TestThirdPartyHttpFunctions):
     @classmethod
     def get_script_dir(cls):
         return UNIT_TESTS_ROOT / 'third_party_http_functions' / 'stein' / \
             'wsgi_function'
+
+    def test_return_http_redirect(self):
+        r = self.webhost.request('GET', 'return_http_redirect',
+                                 no_prefix=True)
+        self.assertEqual(r.status_code, 200)
+        self.assertEqual(r.text, '<h1>Hello World™</h1>')
+
+        r = self.webhost.request('GET', 'return_http_redirect',
+                                 allow_redirects=False, no_prefix=True)
+        self.assertEqual(r.status_code, 302)
diff --git a/tests/unittests/third_party_http_functions/stein/asgi_function/function_app.py b/tests/unittests/third_party_http_functions/stein/asgi_function/function_app.py
@@ -1,13 +1,11 @@
 import asyncio
 import logging
-import re
 import sys
 from urllib.request import urlopen
 import base64
 
 import azure.functions as func
 from fastapi import FastAPI, Request, Response
-from fastapi.responses import RedirectResponse
 
 fast_app = FastAPI()
 logger = logging.getLogger("my-function")
@@ -151,33 +149,6 @@ async def return_http(request: Request):
     return Response('<h1>Hello World™</h1>', media_type='text/html')
 
 
-@fast_app.get("/return_http_redirect")
-async def return_http_redirect(request: Request, code: str = ''):
-    # Expected format: 127.0.0.1:<port>
-    host_and_port = request.url.components[1]
-
-    # Validate to ensure it's a valid host and port structure
-    match = re.match(r'^127\.0\.0\.1:(\d+)$', host_and_port)
-    if not match:
-        return Response("Invalid request", status_code=400)
-
-    # Validate port is within specific range
-    port = int(match.group(1))
-    if port < 50000 or port > 65999:
-        return Response("Invalid port", status_code=400)
-
-    # Validate the code param
-    allowed_codes = ['', 'testFunctionKey']
-    if code not in allowed_codes:
-        return Response("Invalid code", status_code=400)
-
-    # Return after all validation succeeds
-    location = 'return_http?code={}'.format(code)
-    return RedirectResponse(status_code=302,
-                            url=f"http://{host_and_port}/"
-                                f"{location}")
-
-
 @fast_app.get("/unhandled_error")
 async def unhandled_error():
     1 / 0

diff --git a/tests/unittests/third_party_http_functions/stein/wsgi_function/function_app.py b/tests/unittests/third_party_http_functions/stein/wsgi_function/function_app.py
@@ -1,7 +1,6 @@
 import logging
 import sys
 from urllib.request import urlopen
-import base64
 
 import azure.functions as func
 from flask import Flask, Response, redirect, request, url_for
@@ -58,17 +57,6 @@ def print_logging():
     return 'OK-print-logging'
 
 
-@flask_app.post("/raw_body_bytes")
-def raw_body_bytes():
-    body = request.get_data()
-
-    base64_encoded = base64.b64encode(body).decode('utf-8')
-    html_img_tag = \
-        f'<img src="data:image/png;base64,{base64_encoded}" alt="PNG Image"/>'
-
-    return Response(html_img_tag, headers={'body-len': str(len(html_img_tag))})
-
-
 @flask_app.get("/return_http_no_body")
 def return_http_no_body():
     return ''