[pre-commit.ci] auto fixes from pre-commit.com hooks

for more information, see https://pre-commit.ci
ansible · Sep 4, 2024 · cfeb4c8 · cfeb4c8
1 parent af9404e
commit cfeb4c8
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 18 deletions.
diff --git a/src/awx_plugins/credentials/aws_assumerole.py b/src/awx_plugins/credentials/aws_assumerole.py
@@ -37,7 +37,8 @@
                                   'label': 'AWS ARN Role Name',
                                   'type': 'string',
                                   'secret': True,
-                                  'help_text': _('The ARN Role Name to be assumed in AWS')},
+                                  'help_text': _('The ARN Role Name to be assumed in AWS'),
+                                  },
                                  ],
                       'metadata': [{'id': 'identifier',
                                     'label': 'Identifier',
@@ -51,20 +52,23 @@
 
 def aws_assumerole_getcreds(access_key, secret_key, role_arn, external_id):
     if (access_key is None or len(access_key) == 0) and (
-            secret_key is None or len(secret_key) == 0):
+            secret_key is None or len(secret_key) == 0
+    ):
         # Connect using credentials in the EE
         connection = boto3.client(service_name='sts')
     else:
         # Connect to AWS using provided credentials
         connection = boto3.client(
             service_name='sts',
             aws_access_key_id=access_key,
-            aws_secret_access_key=secret_key)
+            aws_secret_access_key=secret_key,
+        )
     try:
         response = connection.assume_role(
             RoleArn=role_arn,
             RoleSessionName='AAP_AWS_Role_Session1',
-            ExternalId=external_id)
+            ExternalId=external_id,
+        )
     except ClientError as ce:
         raise ValueError(f'Got a bad client response from AWS: {ce.msg}.')
 
@@ -74,7 +78,8 @@ def aws_assumerole_getcreds(access_key, secret_key, role_arn, external_id):
 
 
 def aws_assumerole_backend(**kwargs):
-    """This backend function actually contacts AWS to assume a given role for the specified user"""
+    """This backend function actually contacts AWS to assume a given role for
+    the specified user."""
     access_key = kwargs.get('access_key')
     secret_key = kwargs.get('secret_key')
     role_arn = kwargs.get('role_arn')
@@ -87,19 +92,24 @@ def aws_assumerole_backend(**kwargs):
     # multiple roles.
     #
     credential_key_hash = hashlib.sha256(
-        (str(access_key or '') + role_arn).encode('utf-8'))
+        (str(access_key or '') + role_arn).encode('utf-8'),
+    )
     credential_key = credential_key_hash.hexdigest()
 
     credentials = _aws_cred_cache.get(credential_key, None)
 
     # If there are no credentials for this user/ARN *or* the credentials
     # we have in the cache have expired, then we need to contact AWS again.
     #
-    if (credentials is None) or (credentials['Expiration'] < datetime.datetime.now(
-            credentials['Expiration'].tzinfo)):
+    if (credentials is None) or (
+        credentials['Expiration'] < datetime.datetime.now(
+            credentials['Expiration'].tzinfo,
+        )
+    ):
 
         credentials = aws_assumerole_getcreds(
-            access_key, secret_key, role_arn, external_id)
+            access_key, secret_key, role_arn, external_id,
+        )
 
         _aws_cred_cache[credential_key] = credentials
 
@@ -114,4 +124,5 @@ def aws_assumerole_backend(**kwargs):
 aws_assumerole_plugin = CredentialPlugin(
     'AWS Assume Role Plugin',
     inputs=assume_role_inputs,
-    backend=aws_assumerole_backend)
+    backend=aws_assumerole_backend,
+)
diff --git a/tests/credential_plugins_test.py b/tests/credential_plugins_test.py
@@ -133,9 +133,8 @@ def test_hashivault_handle_auth_not_enough_args():
 
 
 def test_aws_assumerole_with_accesssecret():
-    '''
-    Test that the aws_assumerole_backend function call returns a token given the access_key and secret_key.
-    '''
+    """Test that the aws_assumerole_backend function call returns a token given
+    the access_key and secret_key."""
     kwargs = {
         'access_key': 'my_access_key',
         'secret_key': 'my_secret_key',
@@ -154,7 +153,8 @@ def test_aws_assumerole_with_accesssecret():
             kwargs.get('access_key'),
             kwargs.get('secret_key'),
             kwargs.get('role_arn'),
-            None)
+            None,
+        )
         assert token == 'the_access_token'
         kwargs['identifier'] = 'secret_key'
         method_mock.reset_mock()
@@ -169,9 +169,7 @@ def test_aws_assumerole_with_accesssecret():
 
 
 def test_aws_assumerole_with_arnonly():
-    '''
-    Test backend function with only the role ARN provided.
-    '''
+    """Test backend function with only the role ARN provided."""
     kwargs = {
         'role_arn': 'the_arn',
         'identifier': 'access_token',
@@ -185,7 +183,8 @@ def test_aws_assumerole_with_arnonly():
         }
         token = aws_assumerole.aws_assumerole_backend(**kwargs)
         method_mock.assert_called_with(
-            None, None, kwargs.get('role_arn'), None)
+            None, None, kwargs.get('role_arn'), None,
+        )
         assert token == 'the_access_token'
         kwargs['identifier'] = 'secret_key'
         method_mock.reset_mock()