diff --git a/eng/ci/official-build.yml b/eng/ci/official-build.yml
index ab2dc802..ad332eb2 100644
--- a/eng/ci/official-build.yml
+++ b/eng/ci/official-build.yml
@@ -30,6 +30,8 @@ resources:
variables:
- template: /eng/templates/utils/variables.yml@self
- template: /eng/templates/utils/official-variables.yml@self
+ - name: codeql.excludePathPatterns
+ value: deps/,build/
extends:
template: v1/1ES.Official.PipelineTemplate.yml@1es
diff --git a/eng/ci/public-build.yml b/eng/ci/public-build.yml
index 67559744..a9854e7f 100644
--- a/eng/ci/public-build.yml
+++ b/eng/ci/public-build.yml
@@ -28,6 +28,12 @@ resources:
variables:
- template: /eng/templates/utils/variables.yml@self
+ - name: codeql.excludePathPatterns
+ value: deps/,build/
+ - name: codeql.compiled.enabled
+ value: true
+ - name: codeql.runSourceLanguagesInSourceAnalysis
+ value: true
extends:
template: v1/1ES.Unofficial.PipelineTemplate.yml@1es
@@ -36,11 +42,6 @@ extends:
name: 1es-pool-azfunc-public
image: 1es-windows-2022
os: windows
- sdl:
- codeql:
- compiled:
- enabled: true # still only runs for default branch
- runSourceLanguagesInSourceAnalysis: true
settings:
skipBuildTagsForGitHubPullRequests: ${{ variables['System.PullRequest.IsFork'] }}
stages:
diff --git a/pack/templates/macos_64_env_gen.yml b/pack/templates/macos_64_env_gen.yml
index 9bf2027a..90a3578d 100644
--- a/pack/templates/macos_64_env_gen.yml
+++ b/pack/templates/macos_64_env_gen.yml
@@ -16,6 +16,7 @@ steps:
pip install pip-audit
pip-audit -r requirements.txt
displayName: 'Run vulnerability scan'
+ condition: ne(variables['pythonVersion'], '3.7')
- task: CopyFiles@2
inputs:
contents: |
diff --git a/pack/templates/nix_env_gen.yml b/pack/templates/nix_env_gen.yml
index b89d4813..ae3cf433 100644
--- a/pack/templates/nix_env_gen.yml
+++ b/pack/templates/nix_env_gen.yml
@@ -16,6 +16,7 @@ steps:
pip install pip-audit
pip-audit -r requirements.txt
displayName: 'Run vulnerability scan'
+ condition: ne(variables['pythonVersion'], '3.7')
- task: CopyFiles@2
inputs:
contents: |
diff --git a/pack/templates/win_env_gen.yml b/pack/templates/win_env_gen.yml
index 8e9b0321..2eee3411 100644
--- a/pack/templates/win_env_gen.yml
+++ b/pack/templates/win_env_gen.yml
@@ -16,6 +16,7 @@ steps:
pip install pip-audit
pip-audit -r requirements.txt
displayName: 'Run vulnerability scan'
+ condition: ne(variables['pythonVersion'], '3.7')
- task: CopyFiles@2
inputs:
contents: |
diff --git a/tests/unittests/test_third_party_http_functions.py b/tests/unittests/test_third_party_http_functions.py
index 73aca898..7dd57e88 100644
--- a/tests/unittests/test_third_party_http_functions.py
+++ b/tests/unittests/test_third_party_http_functions.py
@@ -132,48 +132,12 @@ def check_log_print_to_console_stderr(self,
# System logs stderr now exist in host_out
self.assertIn('Secret42', host_out)
- def test_raw_body_bytes(self):
- parent_dir = pathlib.Path(__file__).parent.parent
- image_file = parent_dir / 'unittests/resources/functions.png'
- with open(image_file, 'rb') as image:
- img = image.read()
- encoded_image = base64.b64encode(img).decode('utf-8')
- html_img_tag = \
- f'' # noqa
- sanitized_img_len = len(html_img_tag)
- r = self.webhost.request('POST', 'raw_body_bytes', data=img,
- no_prefix=True)
-
- received_body_len = int(r.headers['body-len'])
- self.assertEqual(received_body_len, sanitized_img_len)
-
- encoded_image_data = encoded_image.split(",")[0]
- body = base64.b64decode(encoded_image_data)
- try:
- received_img_file = parent_dir / 'received_img.png'
- with open(received_img_file, 'wb') as received_img:
- received_img.write(body)
- self.assertTrue(filecmp.cmp(received_img_file, image_file))
- finally:
- if (os.path.exists(received_img_file)):
- os.remove(received_img_file)
-
def test_return_http_no_body(self):
r = self.webhost.request('GET', 'return_http_no_body',
no_prefix=True)
self.assertEqual(r.text, '')
self.assertEqual(r.status_code, 200)
- def test_return_http_redirect(self):
- r = self.webhost.request('GET', 'return_http_redirect',
- no_prefix=True)
- self.assertEqual(r.status_code, 200)
- self.assertEqual(r.text, '
Hello World™
')
-
- r = self.webhost.request('GET', 'return_http_redirect',
- allow_redirects=False, no_prefix=True)
- self.assertEqual(r.status_code, 302)
-
def test_unhandled_error(self):
r = self.webhost.request('GET', 'unhandled_error', no_prefix=True)
self.assertEqual(r.status_code, 500)
@@ -228,6 +192,32 @@ def check_log_hijack_current_event_loop(self,
self.assertIn('parallelly_log_system at disguised_logger',
host_out)
+ def test_raw_body_bytes(self):
+ parent_dir = pathlib.Path(__file__).parent.parent
+ image_file = parent_dir / 'unittests/resources/functions.png'
+ with open(image_file, 'rb') as image:
+ img = image.read()
+ encoded_image = base64.b64encode(img).decode('utf-8')
+ html_img_tag = \
+ f'' # noqa
+ sanitized_img_len = len(html_img_tag)
+ r = self.webhost.request('POST', 'raw_body_bytes', data=img,
+ no_prefix=True)
+
+ received_body_len = int(r.headers['body-len'])
+ self.assertEqual(received_body_len, sanitized_img_len)
+
+ encoded_image_data = encoded_image.split(",")[0]
+ body = base64.b64decode(encoded_image_data)
+ try:
+ received_img_file = parent_dir / 'received_img.png'
+ with open(received_img_file, 'wb') as received_img:
+ received_img.write(body)
+ self.assertTrue(filecmp.cmp(received_img_file, image_file))
+ finally:
+ if (os.path.exists(received_img_file)):
+ os.remove(received_img_file)
+
class TestWsgiHttpFunctions(
ThirdPartyHttpFunctionsTestBase.TestThirdPartyHttpFunctions):
@@ -235,3 +225,13 @@ class TestWsgiHttpFunctions(
def get_script_dir(cls):
return UNIT_TESTS_ROOT / 'third_party_http_functions' / 'stein' / \
'wsgi_function'
+
+ def test_return_http_redirect(self):
+ r = self.webhost.request('GET', 'return_http_redirect',
+ no_prefix=True)
+ self.assertEqual(r.status_code, 200)
+ self.assertEqual(r.text, 'Hello World™
')
+
+ r = self.webhost.request('GET', 'return_http_redirect',
+ allow_redirects=False, no_prefix=True)
+ self.assertEqual(r.status_code, 302)
diff --git a/tests/unittests/third_party_http_functions/stein/asgi_function/function_app.py b/tests/unittests/third_party_http_functions/stein/asgi_function/function_app.py
index 916b5d86..da76f071 100644
--- a/tests/unittests/third_party_http_functions/stein/asgi_function/function_app.py
+++ b/tests/unittests/third_party_http_functions/stein/asgi_function/function_app.py
@@ -1,13 +1,11 @@
import asyncio
import logging
-import re
import sys
from urllib.request import urlopen
import base64
import azure.functions as func
from fastapi import FastAPI, Request, Response
-from fastapi.responses import RedirectResponse
fast_app = FastAPI()
logger = logging.getLogger("my-function")
@@ -151,33 +149,6 @@ async def return_http(request: Request):
return Response('Hello World™
', media_type='text/html')
-@fast_app.get("/return_http_redirect")
-async def return_http_redirect(request: Request, code: str = ''):
- # Expected format: 127.0.0.1:
- host_and_port = request.url.components[1]
-
- # Validate to ensure it's a valid host and port structure
- match = re.match(r'^127\.0\.0\.1:(\d+)$', host_and_port)
- if not match:
- return Response("Invalid request", status_code=400)
-
- # Validate port is within specific range
- port = int(match.group(1))
- if port < 50000 or port > 65999:
- return Response("Invalid port", status_code=400)
-
- # Validate the code param
- allowed_codes = ['', 'testFunctionKey']
- if code not in allowed_codes:
- return Response("Invalid code", status_code=400)
-
- # Return after all validation succeeds
- location = 'return_http?code={}'.format(code)
- return RedirectResponse(status_code=302,
- url=f"http://{host_and_port}/"
- f"{location}")
-
-
@fast_app.get("/unhandled_error")
async def unhandled_error():
1 / 0
diff --git a/tests/unittests/third_party_http_functions/stein/wsgi_function/function_app.py b/tests/unittests/third_party_http_functions/stein/wsgi_function/function_app.py
index e717f395..3d2f63d9 100644
--- a/tests/unittests/third_party_http_functions/stein/wsgi_function/function_app.py
+++ b/tests/unittests/third_party_http_functions/stein/wsgi_function/function_app.py
@@ -1,7 +1,6 @@
import logging
import sys
from urllib.request import urlopen
-import base64
import azure.functions as func
from flask import Flask, Response, redirect, request, url_for
@@ -58,17 +57,6 @@ def print_logging():
return 'OK-print-logging'
-@flask_app.post("/raw_body_bytes")
-def raw_body_bytes():
- body = request.get_data()
-
- base64_encoded = base64.b64encode(body).decode('utf-8')
- html_img_tag = \
- f''
-
- return Response(html_img_tag, headers={'body-len': str(len(html_img_tag))})
-
-
@flask_app.get("/return_http_no_body")
def return_http_no_body():
return ''