From 420fb365767a5371200ec6c3189ee5c58d8cb737 Mon Sep 17 00:00:00 2001 From: Philipp Belitz Date: Fri, 23 Dec 2022 12:06:12 +0100 Subject: [PATCH] refactor: isort for package import --- connaisseur/__main__.py | 3 +-- connaisseur/alert.py | 4 ++-- connaisseur/config.py | 1 + connaisseur/constants.py | 1 + connaisseur/flask_application.py | 3 +-- connaisseur/kube_api.py | 1 + connaisseur/util.py | 2 +- .../validators/cosign/cosign_validator.py | 10 ++++++---- connaisseur/validators/notaryv1/key_store.py | 2 +- connaisseur/validators/notaryv1/trust_data.py | 2 +- connaisseur/workload_object.py | 1 - scripts/changelogger.py | 3 ++- setup.py | 2 +- tests/conftest.py | 17 +++++++++-------- tests/integration/alerting/app/alert_checker.py | 3 ++- tests/test_admission_request.py | 3 ++- tests/test_alert.py | 8 +++++--- tests/test_config.py | 4 +++- tests/test_exceptions.py | 2 ++ tests/test_flask_application.py | 5 ++++- tests/test_image.py | 6 ++++-- tests/test_kube_api.py | 4 +++- tests/test_logging_wrapper.py | 5 +++-- tests/test_trust_root.py | 3 ++- tests/test_util.py | 6 ++++-- tests/test_workload_object.py | 5 +++-- .../validators/cosign/test_cosign_validator.py | 11 +++++++---- tests/validators/notaryv1/test_keystore.py | 9 ++++++--- tests/validators/notaryv1/test_notary.py | 15 +++++++++------ .../notaryv1/test_notaryv1_validator.py | 9 ++++++--- tests/validators/notaryv1/test_trust_data.py | 11 +++++++---- tests/validators/notaryv1/test_tuf_role.py | 6 ++++-- .../notaryv2/test_notaryv2_validator.py | 4 +++- .../validators/static/test_static_validator.py | 6 ++++-- tests/validators/test_validators.py | 6 ++++-- 35 files changed, 115 insertions(+), 68 deletions(-) create mode 100644 connaisseur/constants.py diff --git a/connaisseur/__main__.py b/connaisseur/__main__.py index 8782e8cf6..cc582aa56 100644 --- a/connaisseur/__main__.py +++ b/connaisseur/__main__.py @@ -5,13 +5,12 @@ from logging.config import dictConfig from cheroot.server import HTTPServer -from cheroot.wsgi import Server from cheroot.ssl.builtin import BuiltinSSLAdapter +from cheroot.wsgi import Server from connaisseur.flask_application import APP from connaisseur.logging_wrapper import ConnaisseurLoggingWrapper - if __name__ == "__main__": LOG_LEVEL = os.environ.get("LOG_LEVEL", "INFO") diff --git a/connaisseur/alert.py b/connaisseur/alert.py index 4094f51ad..0d17333fa 100644 --- a/connaisseur/alert.py +++ b/connaisseur/alert.py @@ -7,14 +7,14 @@ import requests from jinja2 import StrictUndefined, Template -from connaisseur.util import safe_json_open, validate_schema +from connaisseur.admission_request import AdmissionRequest from connaisseur.exceptions import ( AlertSendingError, ConfigurationError, InvalidConfigurationFormatError, InvalidImageFormatError, ) -from connaisseur.admission_request import AdmissionRequest +from connaisseur.util import safe_json_open, validate_schema class AlertingConfiguration: diff --git a/connaisseur/config.py b/connaisseur/config.py index 83ecc25c6..b8454f7e4 100644 --- a/connaisseur/config.py +++ b/connaisseur/config.py @@ -1,6 +1,7 @@ import collections import fnmatch import os + import yaml from connaisseur.exceptions import ( diff --git a/connaisseur/constants.py b/connaisseur/constants.py new file mode 100644 index 000000000..946c32aee --- /dev/null +++ b/connaisseur/constants.py @@ -0,0 +1 @@ +SHA256 = "sha256" diff --git a/connaisseur/flask_application.py b/connaisseur/flask_application.py index 2b2d56d03..3877aa20a 100644 --- a/connaisseur/flask_application.py +++ b/connaisseur/flask_application.py @@ -4,7 +4,7 @@ import traceback from flask import Flask, jsonify, request -from prometheus_flask_exporter import PrometheusMetrics, NO_PREFIX +from prometheus_flask_exporter import NO_PREFIX, PrometheusMetrics import connaisseur.constants as const from connaisseur.admission_request import AdmissionRequest @@ -17,7 +17,6 @@ ) from connaisseur.util import get_admission_review - APP = Flask(__name__) """ Flask application that admits the request send to the k8s cluster, validates it and diff --git a/connaisseur/kube_api.py b/connaisseur/kube_api.py index a799f06bc..43f1c03f2 100644 --- a/connaisseur/kube_api.py +++ b/connaisseur/kube_api.py @@ -1,4 +1,5 @@ import os + import requests diff --git a/connaisseur/util.py b/connaisseur/util.py index 014157f8e..07b59fd49 100644 --- a/connaisseur/util.py +++ b/connaisseur/util.py @@ -5,7 +5,7 @@ from typing import Optional import yaml -from jsonschema import FormatChecker, validate, ValidationError +from jsonschema import FormatChecker, ValidationError, validate from connaisseur.exceptions import PathTraversalError diff --git a/connaisseur/validators/cosign/cosign_validator.py b/connaisseur/validators/cosign/cosign_validator.py index e577ba995..2d2b37367 100644 --- a/connaisseur/validators/cosign/cosign_validator.py +++ b/connaisseur/validators/cosign/cosign_validator.py @@ -4,21 +4,20 @@ import os import re import subprocess # nosec - from concurrent.futures import ThreadPoolExecutor import connaisseur.constants as const from connaisseur.exceptions import ( CosignError, CosignTimeout, - NotFoundException, InvalidFormatException, + NotFoundException, UnexpectedCosignData, ValidationError, WrongKeyError, ) from connaisseur.image import Image -from connaisseur.trust_root import KMSKey, TrustRoot, ECDSAKey +from connaisseur.trust_root import ECDSAKey, KMSKey, TrustRoot from connaisseur.util import safe_path_func # nosec from connaisseur.validators.interface import ValidatorInterface @@ -163,7 +162,10 @@ def __get_cosign_validated_digests(self, image: str, trust_root: dict): digest = sig_data["critical"]["image"].get( "docker-manifest-digest", "" ) - if re.match(rf"{const.SHA256}:[0-9A-Fa-f]{{64}}", digest) is None: + if ( + re.match(rf"{const.SHA256}:[0-9A-Fa-f]{{64}}", digest) + is None + ): msg = "Digest '{digest}' does not match expected digest pattern." raise InvalidFormatException(message=msg, digest=digest) except Exception as err: diff --git a/connaisseur/validators/notaryv1/key_store.py b/connaisseur/validators/notaryv1/key_store.py index 74c535bc7..18d6ccc8b 100644 --- a/connaisseur/validators/notaryv1/key_store.py +++ b/connaisseur/validators/notaryv1/key_store.py @@ -1,6 +1,6 @@ +import connaisseur.constants as const from connaisseur.exceptions import NotFoundException from connaisseur.trust_root import TrustRoot -import connaisseur.constants as const class KeyStore: diff --git a/connaisseur/validators/notaryv1/trust_data.py b/connaisseur/validators/notaryv1/trust_data.py index d8fa0e3c7..a83f2a76c 100644 --- a/connaisseur/validators/notaryv1/trust_data.py +++ b/connaisseur/validators/notaryv1/trust_data.py @@ -15,7 +15,7 @@ ValidationError, WrongKeyError, ) -from connaisseur.trust_root import TrustRoot, ECDSAKey +from connaisseur.trust_root import ECDSAKey, TrustRoot from connaisseur.util import validate_schema from connaisseur.validators.notaryv1.key_store import KeyStore diff --git a/connaisseur/workload_object.py b/connaisseur/workload_object.py index 9e35d73da..286f155e0 100644 --- a/connaisseur/workload_object.py +++ b/connaisseur/workload_object.py @@ -2,7 +2,6 @@ from connaisseur.exceptions import ParentNotFoundError, UnknownAPIVersionError from connaisseur.image import Image - SUPPORTED_API_VERSIONS = { "Pod": ["v1"], "Deployment": ["apps/v1", "apps/v1beta1", "apps/v1beta2"], diff --git a/scripts/changelogger.py b/scripts/changelogger.py index 169766af7..9cce646ff 100644 --- a/scripts/changelogger.py +++ b/scripts/changelogger.py @@ -1,10 +1,11 @@ import argparse import base64 -import requests import subprocess import sys import time +import requests + sep = "@@__CHGLOG__@@" delim = "@@__CHGLOG_DELIMITER__@@" ha = "%H" diff --git a/setup.py b/setup.py index cacf9878a..69e6af81f 100644 --- a/setup.py +++ b/setup.py @@ -1,3 +1,3 @@ -from setuptools import setup, find_packages +from setuptools import find_packages, setup setup(name="connaisseur", packages=find_packages()) diff --git a/tests/conftest.py b/tests/conftest.py index bfd9e21cb..c6b11bca7 100644 --- a/tests/conftest.py +++ b/tests/conftest.py @@ -1,21 +1,22 @@ +import json import os import re -import json +from contextlib import contextmanager + import pytest import requests from aioresponses import CallbackResult -import connaisseur.kube_api -import connaisseur.config as co + import connaisseur.admission_request as admreq import connaisseur.alert as alert -from connaisseur.trust_root import TrustRoot -import connaisseur.validators.notaryv1.trust_data as td +import connaisseur.config as co +import connaisseur.kube_api +import connaisseur.util as util import connaisseur.validators.notaryv1.key_store as ks import connaisseur.validators.notaryv1.notary as no import connaisseur.validators.notaryv1.notaryv1_validator as nv1 -import connaisseur.util as util -from contextlib import contextmanager - +import connaisseur.validators.notaryv1.trust_data as td +from connaisseur.trust_root import TrustRoot """ This file is used for sharing fixtures across all other test files. diff --git a/tests/integration/alerting/app/alert_checker.py b/tests/integration/alerting/app/alert_checker.py index c41e30413..a961fe1ce 100644 --- a/tests/integration/alerting/app/alert_checker.py +++ b/tests/integration/alerting/app/alert_checker.py @@ -1,6 +1,7 @@ -from flask import Flask, request import json +from flask import Flask, request + APP = Flask(__name__) endpoint_hits = {} diff --git a/tests/test_admission_request.py b/tests/test_admission_request.py index 0c917597e..49799f495 100644 --- a/tests/test_admission_request.py +++ b/tests/test_admission_request.py @@ -1,8 +1,9 @@ import pytest -from . import conftest as fix + import connaisseur.admission_request as admreq import connaisseur.exceptions as exc +from . import conftest as fix static_adm_req = [ { diff --git a/tests/test_alert.py b/tests/test_alert.py index e3ec661aa..43de5e41a 100644 --- a/tests/test_alert.py +++ b/tests/test_alert.py @@ -1,12 +1,14 @@ -import pytest -from datetime import datetime, timedelta import json +from datetime import datetime, timedelta + +import pytest -from . import conftest as fix import connaisseur.alert as alert from connaisseur.admission_request import AdmissionRequest from connaisseur.exceptions import AlertSendingError, ConfigurationError +from . import conftest as fix + with open( "tests/data/sample_admission_requests/ad_request_deployments.json", "r" ) as readfile: diff --git a/tests/test_config.py b/tests/test_config.py index 5947aa03b..fa09cc307 100644 --- a/tests/test_config.py +++ b/tests/test_config.py @@ -1,10 +1,12 @@ import pytest -from . import conftest as fix + import connaisseur.config as co import connaisseur.exceptions as exc import connaisseur.validators as vals from connaisseur.image import Image +from . import conftest as fix + @pytest.fixture(autouse=True) def mock_config_path(monkeypatch): diff --git a/tests/test_exceptions.py b/tests/test_exceptions.py index a99cef574..8a6843e60 100644 --- a/tests/test_exceptions.py +++ b/tests/test_exceptions.py @@ -1,5 +1,7 @@ import os + import pytest + import connaisseur.exceptions as exc diff --git a/tests/test_flask_application.py b/tests/test_flask_application.py index 0c258dc09..748770484 100644 --- a/tests/test_flask_application.py +++ b/tests/test_flask_application.py @@ -1,7 +1,8 @@ import re + import pytest from aioresponses import aioresponses -from . import conftest as fix + import connaisseur.alert as alert import connaisseur.config as co import connaisseur.exceptions as exc @@ -9,6 +10,8 @@ from connaisseur.image import Image from connaisseur.validators.static.static_validator import StaticValidator +from . import conftest as fix + @pytest.fixture(autouse=True) def m_config(monkeypatch, sample_nv1): diff --git a/tests/test_image.py b/tests/test_image.py index c6c2a9ec3..7b213bd09 100644 --- a/tests/test_image.py +++ b/tests/test_image.py @@ -1,7 +1,9 @@ import pytest -from . import conftest as fix -import connaisseur.image as img + import connaisseur.exceptions as exc +import connaisseur.image as img + +from . import conftest as fix @pytest.mark.parametrize( diff --git a/tests/test_kube_api.py b/tests/test_kube_api.py index a8b3e74e8..85d5d96dd 100644 --- a/tests/test_kube_api.py +++ b/tests/test_kube_api.py @@ -1,7 +1,9 @@ import pytest -from . import conftest as fix + import connaisseur.kube_api as k_api +from . import conftest as fix + @pytest.mark.parametrize( "url, response", diff --git a/tests/test_logging_wrapper.py b/tests/test_logging_wrapper.py index 6e20961fb..a70a9b1e9 100644 --- a/tests/test_logging_wrapper.py +++ b/tests/test_logging_wrapper.py @@ -1,10 +1,11 @@ -import pytest import time -from . import conftest as fix +import pytest import connaisseur.logging_wrapper as lw +from . import conftest as fix + @pytest.fixture def mock_time(monkeypatch): diff --git a/tests/test_trust_root.py b/tests/test_trust_root.py index 5ccd838f1..a38444607 100644 --- a/tests/test_trust_root.py +++ b/tests/test_trust_root.py @@ -1,8 +1,9 @@ import pytest -from . import conftest as fix + import connaisseur.exceptions as exc import connaisseur.trust_root as trust_root +from . import conftest as fix sample_ecdsa = "-----BEGIN PUBLIC KEY-----\nMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEOXYta5TgdCwXTCnLU09W5T4M4r9f\nQQrqJuADP6U7g5r9ICgPSmZuRHP/1AYUfOQW3baveKsT969EfELKj1lfCA==\n-----END PUBLIC KEY-----" sample_rsa = "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs5pC7R5OTSTUMJHUniPk\nrLfmGDAUxZtRlvIE+pGPCD6cUXH22advkK87xwpupjxdVYuKTFnWHUIyFJwjI3vu\nsievezcAr0E/xxyeo49tWog9kFoooK3qmXjpETC8OpvNROZ0K3qhlm9PZkGo3gSJ\n/B4rMU/d+jkCI8eiUPpdVQOczdBoD5nzQAF1mfmffWGsbKY+d8/l77Vset0GXExR\nzUtnglMhREyHNpDeQUg5OEn+kuGLlTzIxpIF+MlbzP3+xmNEzH2iafr0ae2g5kX2\n880priXpxG8GXW2ybZmPvchclnvFu4ZfZcM10FpgYJFvR/9iofFeAka9u5z6VZcc\nmQIDAQAB\n-----END PUBLIC KEY-----" diff --git a/tests/test_util.py b/tests/test_util.py index 3267c3fd7..66a61f466 100644 --- a/tests/test_util.py +++ b/tests/test_util.py @@ -1,7 +1,9 @@ import pytest -from . import conftest as fix -import connaisseur.util as ut + import connaisseur.exceptions as exc +import connaisseur.util as ut + +from . import conftest as fix @pytest.mark.parametrize( diff --git a/tests/test_workload_object.py b/tests/test_workload_object.py index 53116905d..a766be35e 100644 --- a/tests/test_workload_object.py +++ b/tests/test_workload_object.py @@ -1,9 +1,10 @@ import pytest -from . import conftest as fix -import connaisseur.workload_object as wl + import connaisseur.exceptions as exc +import connaisseur.workload_object as wl from connaisseur.image import Image +from . import conftest as fix static_k8s = [ { diff --git a/tests/validators/cosign/test_cosign_validator.py b/tests/validators/cosign/test_cosign_validator.py index f9cb8e204..862b7efc2 100644 --- a/tests/validators/cosign/test_cosign_validator.py +++ b/tests/validators/cosign/test_cosign_validator.py @@ -1,12 +1,15 @@ +import subprocess + import pytest import pytest_subprocess -import subprocess -from ... import conftest as fix -from connaisseur.image import Image -import connaisseur.validators.cosign.cosign_validator as co + import connaisseur.exceptions as exc +import connaisseur.validators.cosign.cosign_validator as co +from connaisseur.image import Image from connaisseur.trust_root import TrustRoot +from ... import conftest as fix + example_key = ( "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE6uuXb" "ZhEfTYb4Mnb/LdrtXKTIIbzNBp8mwriocbaxXxzqu" diff --git a/tests/validators/notaryv1/test_keystore.py b/tests/validators/notaryv1/test_keystore.py index 269c4c7b6..6744a3ba4 100644 --- a/tests/validators/notaryv1/test_keystore.py +++ b/tests/validators/notaryv1/test_keystore.py @@ -1,10 +1,13 @@ import base64 -from connaisseur.trust_root import TrustRoot + import pytest -from ... import conftest as fix + +import connaisseur.exceptions as exc import connaisseur.validators.notaryv1.key_store as ks +from connaisseur.trust_root import TrustRoot from connaisseur.validators.notaryv1.trust_data import TrustData -import connaisseur.exceptions as exc + +from ... import conftest as fix sample_key = ( "MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEtR5kwrDK22SyCu" diff --git a/tests/validators/notaryv1/test_notary.py b/tests/validators/notaryv1/test_notary.py index b6ce5f71d..6142ed49b 100644 --- a/tests/validators/notaryv1/test_notary.py +++ b/tests/validators/notaryv1/test_notary.py @@ -1,15 +1,18 @@ -from requests.models import HTTPError -import yaml -import pytest import re -from aioresponses import aioresponses + +import pytest +import yaml from aiohttp.client_exceptions import ClientResponseError -from ... import conftest as fix -import connaisseur.validators.notaryv1.notary as notary +from aioresponses import aioresponses +from requests.models import HTTPError + import connaisseur.exceptions as exc import connaisseur.util +import connaisseur.validators.notaryv1.notary as notary from connaisseur.image import Image +from ... import conftest as fix + @pytest.fixture def sample_notaries(): diff --git a/tests/validators/notaryv1/test_notaryv1_validator.py b/tests/validators/notaryv1/test_notaryv1_validator.py index dc95cad32..8e97cb5ab 100644 --- a/tests/validators/notaryv1/test_notaryv1_validator.py +++ b/tests/validators/notaryv1/test_notaryv1_validator.py @@ -1,12 +1,15 @@ import os import re -from connaisseur.trust_root import TrustRoot + import pytest from aioresponses import aioresponses -from ... import conftest as fix + +import connaisseur.exceptions as exc import connaisseur.validators.notaryv1.notaryv1_validator as nv1 from connaisseur.image import Image -import connaisseur.exceptions as exc +from connaisseur.trust_root import TrustRoot + +from ... import conftest as fix @pytest.mark.parametrize( diff --git a/tests/validators/notaryv1/test_trust_data.py b/tests/validators/notaryv1/test_trust_data.py index 355b39ab9..637df3967 100644 --- a/tests/validators/notaryv1/test_trust_data.py +++ b/tests/validators/notaryv1/test_trust_data.py @@ -1,12 +1,15 @@ -import pytest +import datetime as dt import json + +import pytest import pytz -import datetime as dt -from ... import conftest as fix -import connaisseur.validators.notaryv1.trust_data as td + import connaisseur.exceptions as exc +import connaisseur.validators.notaryv1.trust_data as td from connaisseur.trust_root import TrustRoot +from ... import conftest as fix + pub_root_keys = { "2cd463575a31cb3184320e889e82fb1f9e3bbebee2ae42b2f825b0c8a734e798": { "keytype": "ecdsa-x509", diff --git a/tests/validators/notaryv1/test_tuf_role.py b/tests/validators/notaryv1/test_tuf_role.py index dffcc83d4..3890abb63 100644 --- a/tests/validators/notaryv1/test_tuf_role.py +++ b/tests/validators/notaryv1/test_tuf_role.py @@ -1,7 +1,9 @@ import pytest -from ... import conftest as fix -import connaisseur.validators.notaryv1.tuf_role as tuf + import connaisseur.exceptions as exc +import connaisseur.validators.notaryv1.tuf_role as tuf + +from ... import conftest as fix @pytest.mark.parametrize( diff --git a/tests/validators/notaryv2/test_notaryv2_validator.py b/tests/validators/notaryv2/test_notaryv2_validator.py index db403b454..8e011fff2 100644 --- a/tests/validators/notaryv2/test_notaryv2_validator.py +++ b/tests/validators/notaryv2/test_notaryv2_validator.py @@ -1,7 +1,9 @@ import pytest -from ... import conftest as fix + import connaisseur.validators.notaryv2.notaryv2_validator as nv2 +from ... import conftest as fix + @pytest.mark.parametrize("", []) def test_init(): diff --git a/tests/validators/static/test_static_validator.py b/tests/validators/static/test_static_validator.py index 34d1855de..ffa1dc517 100644 --- a/tests/validators/static/test_static_validator.py +++ b/tests/validators/static/test_static_validator.py @@ -1,9 +1,11 @@ import pytest -from ... import conftest as fix -import connaisseur.validators.static.static_validator as st + import connaisseur.exceptions as exc +import connaisseur.validators.static.static_validator as st from connaisseur.image import Image +from ... import conftest as fix + @pytest.mark.parametrize("name, approve", [("sample", True), ("sample", False)]) def test_init(name, approve): diff --git a/tests/validators/test_validators.py b/tests/validators/test_validators.py index 07143b799..61575033f 100644 --- a/tests/validators/test_validators.py +++ b/tests/validators/test_validators.py @@ -1,7 +1,9 @@ import pytest -from .. import conftest as fix -import connaisseur.validators.validator as val + import connaisseur.exceptions as exc +import connaisseur.validators.validator as val + +from .. import conftest as fix @pytest.mark.parametrize(