Merge Release from main (#176)

* Chore: fix a github action issue * bandit failure because of underlying container, so disabled * Fix pip install deprecation warning * Fix: Remove boto3_type_annotations from requirements due to rpm deps issue * validate config with schema * MMENG-3153 Signed-off-by: Harsh Modi <[email protected]> * update rpm spec to fix rpm build * CLOUDBLD-3153 Signed-off-by: Harsh Modi <[email protected]> * remove `ignore_patterns` as a required property * MMENG-3153 Signed-off-by: Harsh Modi <[email protected]> * fix schema retrieval Instead of trying to fetch from relative paths, package schemas with charon and retrieve from pkg resources * MMENG-3153 Signed-off-by: Harsh Modi <[email protected]> * bump charon version * MMENG-3153 Signed-off-by: Harsh Modi <[email protected]> * make tests more robust * fix test paths to avoid failures when CWD is different * fix getenv * MMENG-3141 Signed-off-by: Harsh Modi <[email protected]> * switch to tox env for running tests instead of relying on containers * MMENG-3141 Signed-off-by: Harsh Modi <[email protected]> * update github actions to use tox * MMENG-3141 Signed-off-by: Harsh Modi <[email protected]> * enable mypy type checkers * MMENG-3141 Signed-off-by: Harsh Modi <[email protected]> * enable bandit analyzer * MMENG-3141 Signed-off-by: Harsh Modi <[email protected]> * disable mypy it's not ideal currently to enable it. Revisit this later. * MMENG-3141 Signed-off-by: Harsh Modi <[email protected]> * fix pytest issue current latest pytest==7.2.0 is having dependency conflicts Signed-off-by: Harsh Modi <[email protected]> * initial implementation of singature for artifacts (#169) * initial implementation of singature for artifacts * add API doc to generate_sign function * update README file * use configuration file to controll artifacts needs sign * fix some minor problem * change suffix to exclude instead * remove unused logger * fix minor problem * change charon.yml to a proper extension, change name of suffix confi * add rpm-sign as method of signature (#170) * move subprocess command to configuration, make subprocess to run async (#172) * move subprocess command to configuration, make subprocess to run async * simplify template rendering of sign command * Remove unwanted file * changed semaphore passing in asynic function (#173) * use shlex to replace split instead (#174) * add maven sign unit test (#175) --------- Signed-off-by: Harsh Modi <[email protected]> Co-authored-by: Gang Li <[email protected]> Co-authored-by: Harsh Modi <[email protected]>
Commonjava · Jun 29, 2023 · eb68a14 · eb68a14
1 parent 1a93b60
commit eb68a14
Show file tree

Hide file tree

Showing 48 changed files with 1,512 additions and 735 deletions.
diff --git a/.github/workflows/linters.yaml b/.github/workflows/linters.yaml
@@ -9,80 +9,56 @@ on:
       - release_*
 
 jobs:
-  bandit:
-    name: Bandit analyzer for Python ${{ matrix.os.python }} on
-      ${{ matrix.os.name }}-${{ matrix.os.version }}
+  flake8:
+    name: Flake8 for Python ${{ matrix.python-version }}
     runs-on: ubuntu-latest
 
     strategy:
-      fail-fast: false
       matrix:
-        os:
-          - name: centos
-            version: 7
-            python: 3
-            engine: docker
-
-          - name: fedora
-            version: 34
-            python: 3
-            engine: docker
+        python-version: [ "3.8" ]
 
     steps:
-      - uses: actions/checkout@v1
-
-      - run: ./test.sh
-        env:
-          OS: ${{ matrix.os.name }}
-          OS_VERSION: ${{ matrix.os.version }}
-          PYTHON_VERSION: ${{ matrix.os.python }}
-          ENGINE: ${{ matrix.os.engine }}
-          ACTION: bandit
-
-  flake8:
-    name: Flake8 for Python 3
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Check out repo
-        uses: actions/checkout@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip setuptools tox
 
-      - name: Run flake8 for Python 3
-        uses: containerbuildsystem/actions/flake8@master
+      - name: Run flake8 on python${{ matrix.python-version }}
+        run: python -m tox -e flake8
 
-  # markdownlint:
-  #   name: Markdownlint
-  #   runs-on: ubuntu-latest
+  markdownlint:
+   name: Markdownlint
+   runs-on: ubuntu-latest
 
-  #   steps:
-  #     - name: Check out repo
-  #       uses: actions/checkout@v2
+   steps:
+     - name: Check out repo
+       uses: actions/checkout@v2
 
-  #     - name: Run markdownlint
-  #       uses: containerbuildsystem/actions/markdownlint@master
+     - name: Run markdownlint
+       uses: containerbuildsystem/actions/markdownlint@master
 
   pylint:
-    name: Pylint analyzer for Python ${{ matrix.os.python }}
+    name: Pylint analyzer for Python ${{ matrix.python-version }}
     runs-on: ubuntu-latest
 
     strategy:
       matrix:
-        os:
-          - name: fedora
-            version: 34
-            python: 3
-            engine: docker
+        python-version: [ "3.8" ]
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip setuptools tox
 
-      - run: ./test.sh
-        env:
-          OS: ${{ matrix.os.name }}
-          OS_VERSION: ${{ matrix.os.version }}
-          PYTHON_VERSION: ${{ matrix.os.python }}
-          ENGINE: ${{ matrix.os.engine }}
-          ACTION: pylint
+      - name: Run pylint on python${{ matrix.python-version }}
+        run: python -m tox -e pylint
 
   shellcheck:
     name: Shellcheck
@@ -94,3 +70,43 @@ jobs:
 
       - name: Run ShellCheck
         uses: containerbuildsystem/actions/shellcheck@master
+
+#  mypy:
+#    name: mypy type checker for Python ${{ matrix.python-version }}
+#    runs-on: ubuntu-latest
+#
+#    strategy:
+#      matrix:
+#        python-version: [ "3.8" ]
+#
+#    steps:
+#      - uses: actions/checkout@v3
+#      - uses: actions/setup-python@v4
+#        with:
+#          python-version: ${{ matrix.python-version }}
+#      - name: Install dependencies
+#        run: |
+#          python -m pip install --upgrade pip setuptools tox
+#
+#      - name: Run mypy on python${{ matrix.python-version }}
+#        run: python -m tox -e mypy
+
+  bandit:
+    name: Bandit analyzer for Python ${{ matrix.python-version }}
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        python-version: [ "3.8" ]
+
+    steps:
+      - uses: actions/checkout@v1
+      - uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip setuptools tox
+
+      - name: Run bandit analyzer on python${{ matrix.python-version }}
+        run: python -m tox -e bandit
diff --git a/.github/workflows/unittests.yaml b/.github/workflows/unittests.yaml
@@ -10,68 +10,51 @@ on:
 
 jobs:
   test:
-    name: Python ${{ matrix.os.python }} tests on ${{ matrix.os.name }}-${{ matrix.os.version }}
-    runs-on: ubuntu-18.04
+    name: Python ${{ matrix.python-version }} tests
+    runs-on: ubuntu-latest
 
     strategy:
       fail-fast: false
       matrix:
-        os:
-          - name: centos
-            version: 7
-            python: 3
-            engine: docker
-
-          - name: fedora
-            version: 33
-            python: 3
-            engine: docker
-
-          - name: fedora
-            version: 34
-            python: 3
-            engine: docker
+        python-version: ["3.7", "3.8", "3.9"]
 
     steps:
-      - name: Check out repo
-        uses: actions/checkout@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip setuptools tox
 
-      - name: pytests via test.sh
-        env:
-          OS: ${{ matrix.os.name }}
-          OS_VERSION: ${{ matrix.os.version }}
-          PYTHON_VERSION: ${{ matrix.os.python }}
-          ENGINE: ${{ matrix.os.engine }}
-        run: ./test.sh
+      - name: Run unittests on python${{ matrix.python-version }}
+        run: python -m tox -e test
 
       - name: Upload pytest html report
         uses: actions/upload-artifact@v2
         if: failure()
         with:
-          path: __pytest_reports/atomic-reactor-unit-tests.html
-          name: atomic-reactor-unit-tests_${{ matrix.os.name }}_${{ matrix.os.version }}.python${{ matrix.os.python }}.html
+          path: __pytest_reports/charon-unit-tests.html
+          name: charon-unit-tests_python${{ matrix.os.python }}.html
+
 
       - name: Run coveralls-python
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          COVERALLS_FLAG_NAME: ${{ matrix.os.name }}-${{ matrix.os.version }}-python${{ matrix.os.python }}
+          COVERALLS_FLAG_NAME: python${{ matrix.python-version }}
           COVERALLS_PARALLEL: true
         run: |
-          pip3 install --upgrade pip
-          pip3 install --upgrade setuptools
-          pip3 install --upgrade coveralls
-          /home/runner/.local/bin/coveralls --service=github
+          python -m pip install --upgrade coveralls
+          python -m coveralls --service=github
 
   coveralls-finish:
     name: Finish coveralls-python
     needs: test
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-latest
     steps:
       - name: Finished
         run: |
-          pip3 install --upgrade pip
-          pip3 install --upgrade setuptools
-          pip3 install --upgrade coveralls
+          pip3 install --upgrade pip setuptools coveralls
           /home/runner/.local/bin/coveralls --finish --service=github
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/README.md b/README.md
@@ -14,6 +14,10 @@ future. And Ronda service will be hosted in AWS S3.
 
 See [AWS CLi V2 installation](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-linux.html#cliv2-linux-install)
 
+### [Optional] rpm-sign or GnuPG CLI tool
+
+Can be configured to use rpm-sign or any command to generate .asc file.
+
 ## Installation
 
 ### From git
@@ -49,7 +53,7 @@ to configure AWS access credentials.
 ### charon-upload: upload a repo to S3
 
 ```bash
-usage: charon upload $tarball --product/-p ${prod} --version/-v ${ver} [--root_path] [--ignore_patterns] [--debug]
+usage: charon upload $tarball --product/-p ${prod} --version/-v ${ver} [--root_path] [--ignore_patterns] [--debug] [--contain_signature] [--key]
 ```
 
 This command will upload the repo in tarball to S3.