Canonical Click Reviewers tools (obsolete)

Merge lp:~ricardokirkner/click-reviewers-tools/override-frameworks into lp:click-reviewers-tools

  1. override-frameworks
  2. Merge into trunk
Proposed by Ricardo Kirkner
Status: Merged
Merged at revision: 292
Proposed branch: lp:~ricardokirkner/click-reviewers-tools/override-frameworks
Merge into: lp:click-reviewers-tools
Diff against target: 271 lines (+104/-24)
7 files modified
bin/click-check-lint (+9/-1)
bin/click-check-security (+9/-1)
clickreviews/cr_lint.py (+4/-2)
clickreviews/cr_security.py (+35/-9)
clickreviews/frameworks.py (+16/-9)
clickreviews/tests/test_cr_lint.py (+15/-1)
clickreviews/tests/test_cr_security.py (+16/-1)
To merge this branch: bzr merge lp:~ricardokirkner/click-reviewers-tools/override-frameworks
Reviewer Review Type Date Requested Status
Jamie Strandboge (community) Approve
Review via email: mp+241998@code.launchpad.net

Commit message

allow specifying overrides for framework checks

- support overriding frameworks for lint check
- support overriding framework policy data for security checks

To post a comment you must log in.
Revision history for this message
Jamie Strandboge (jdstrand) wrote :

Looks great, thanks!

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'bin/click-check-lint'
--- bin/click-check-lint 2013-09-26 12:24:10 +0000
+++ bin/click-check-lint 2014-11-17 17:14:19 +0000
@@ -16,6 +16,7 @@
16# along with this program. If not, see <http://www.gnu.org/licenses/>.16# along with this program. If not, see <http://www.gnu.org/licenses/>.
1717
18from __future__ import print_function18from __future__ import print_function
19import json
19import sys20import sys
2021
21import clickreviews.cr_common as cr_common22import clickreviews.cr_common as cr_common
@@ -25,7 +26,14 @@
25 if len(sys.argv) < 2:26 if len(sys.argv) < 2:
26 cr_common.error("Must give path to click package")27 cr_common.error("Must give path to click package")
2728
28 review = cr_lint.ClickReviewLint(sys.argv[1])29 # extract args
30 fn = sys.argv[1]
31 if len(sys.argv) > 2:
32 overrides = json.loads(sys.argv[2])
33 else:
34 overrides = None
35
36 review = cr_lint.ClickReviewLint(fn, overrides=overrides)
29 review.do_checks()37 review.do_checks()
30 rc = review.do_report()38 rc = review.do_report()
31 sys.exit(rc)39 sys.exit(rc)
3240
=== modified file 'bin/click-check-security'
--- bin/click-check-security 2013-09-26 12:24:10 +0000
+++ bin/click-check-security 2014-11-17 17:14:19 +0000
@@ -16,6 +16,7 @@
16# along with this program. If not, see <http://www.gnu.org/licenses/>.16# along with this program. If not, see <http://www.gnu.org/licenses/>.
1717
18from __future__ import print_function18from __future__ import print_function
19import json
19import sys20import sys
2021
21import clickreviews.cr_common as cr_common22import clickreviews.cr_common as cr_common
@@ -25,7 +26,14 @@
25 if len(sys.argv) < 2:26 if len(sys.argv) < 2:
26 cr_common.error("Must give path to click package")27 cr_common.error("Must give path to click package")
2728
28 review = cr_security.ClickReviewSecurity(sys.argv[1])29 # extract args
30 fn = sys.argv[1]
31 if len(sys.argv) > 2:
32 overrides = json.loads(sys.argv[2])
33 else:
34 overrides = None
35
36 review = cr_security.ClickReviewSecurity(fn, overrides=overrides)
29 review.do_checks()37 review.do_checks()
30 rc = review.do_report()38 rc = review.do_report()
31 sys.exit(rc)39 sys.exit(rc)
3240
=== modified file 'clickreviews/cr_lint.py'
--- clickreviews/cr_lint.py 2014-11-11 15:19:59 +0000
+++ clickreviews/cr_lint.py 2014-11-17 17:14:19 +0000
@@ -31,7 +31,7 @@
31class ClickReviewLint(ClickReview):31class ClickReviewLint(ClickReview):
32 '''This class represents click lint reviews'''32 '''This class represents click lint reviews'''
3333
34 def __init__(self, fn):34 def __init__(self, fn, overrides=None):
35 '''Set up the class.'''35 '''Set up the class.'''
36 ClickReview.__init__(self, fn, "lint")36 ClickReview.__init__(self, fn, "lint")
37 self.control_files = dict()37 self.control_files = dict()
@@ -87,6 +87,7 @@
87 'urls']87 'urls']
8888
89 self.redflagged_hooks = ['pay-ui']89 self.redflagged_hooks = ['pay-ui']
90 self.overrides = overrides if overrides is not None else {}
9091
91 def _list_control_files(self):92 def _list_control_files(self):
92 '''List all control files with their full path.'''93 '''List all control files with their full path.'''
@@ -641,7 +642,8 @@
641 '''Check framework()'''642 '''Check framework()'''
642 n = 'framework'643 n = 'framework'
643 l = "http://askubuntu.com/questions/460512/what-framework-should-i-use-in-my-manifest-file"644 l = "http://askubuntu.com/questions/460512/what-framework-should-i-use-in-my-manifest-file"
644 frameworks = Frameworks()645 framework_overrides = self.overrides.get('framework')
646 frameworks = Frameworks(overrides=framework_overrides)
645 if self.manifest['framework'] in frameworks.AVAILABLE_FRAMEWORKS:647 if self.manifest['framework'] in frameworks.AVAILABLE_FRAMEWORKS:
646 t = 'info'648 t = 'info'
647 s = 'OK'649 s = 'OK'
648650
=== modified file 'clickreviews/cr_security.py'
--- clickreviews/cr_security.py 2014-10-14 13:14:05 +0000
+++ clickreviews/cr_security.py 2014-11-17 17:14:19 +0000
@@ -25,7 +25,7 @@
2525
26class ClickReviewSecurity(ClickReview):26class ClickReviewSecurity(ClickReview):
27 '''This class represents click lint reviews'''27 '''This class represents click lint reviews'''
28 def __init__(self, fn):28 def __init__(self, fn, overrides=None):
29 ClickReview.__init__(self, fn, "security")29 ClickReview.__init__(self, fn, "security")
3030
31 local_copy = os.path.join(os.path.dirname(__file__),31 local_copy = os.path.join(os.path.dirname(__file__),
@@ -78,10 +78,19 @@
78 # framework policy is based on major framework version. In 13.10, there78 # framework policy is based on major framework version. In 13.10, there
79 # was only 'ubuntu-sdk-13.10', but in 14.04, there will be several,79 # was only 'ubuntu-sdk-13.10', but in 14.04, there will be several,
80 # like 'ubuntu-sdk-14.04-html5', 'ubuntu-sdk-14.04-platform', etc80 # like 'ubuntu-sdk-14.04-html5', 'ubuntu-sdk-14.04-platform', etc
81 self.major_framework_policy = {'ubuntu-sdk-13.10': 1.0,81 self.major_framework_policy = {
82 'ubuntu-sdk-14.04': 1.1,82 'ubuntu-sdk-13.10': {
83 'ubuntu-sdk-14.10': 1.2,83 'policy_version': 1.0,
84 }84 },
85 'ubuntu-sdk-14.04': {
86 'policy_version': 1.1,
87 },
88 'ubuntu-sdk-14.10': {
89 'policy_version': 1.2,
90 },
91 }
92 framework_overrides = overrides.get('framework') if overrides else {}
93 self._override_framework_policies(framework_overrides)
8594
86 self.security_manifests = dict()95 self.security_manifests = dict()
87 self.security_apps = []96 self.security_apps = []
@@ -102,6 +111,23 @@
102 self._extract_security_manifest(app)111 self._extract_security_manifest(app)
103 self.security_apps.append(app)112 self.security_apps.append(app)
104113
114 def _override_framework_policies(self, overrides):
115 # override major framework policies
116 self.major_framework_policy.update(overrides)
117
118 # override apparmor policies
119 for name, data in overrides.items():
120 vendor = data.get('policy_vendor')
121 version = str(data.get('policy_version'))
122
123 if vendor not in self.aa_policy:
124 self.aa_policy[vendor] = {}
125
126 if version not in self.aa_policy[vendor]:
127 # just ensure the version is defined
128 # TODO: add support to override templates and policy groups
129 self.aa_policy[vendor][version] = {}
130
105 def _extract_security_manifest(self, app):131 def _extract_security_manifest(self, app):
106 '''Extract security manifest and verify it has the expected132 '''Extract security manifest and verify it has the expected
107 structure'''133 structure'''
@@ -269,15 +295,15 @@
269 n = 'policy_version_matches_framework (%s)' % (f)295 n = 'policy_version_matches_framework (%s)' % (f)
270 s = "OK"296 s = "OK"
271 found_major = False297 found_major = False
272 for k in self.major_framework_policy.keys():298 for name, data in self.major_framework_policy.items():
273 # TODO: use libclick when it is available299 # TODO: use libclick when it is available
274 if not self.manifest['framework'].startswith(k):300 if not self.manifest['framework'].startswith(name):
275 continue301 continue
276 found_major = True302 found_major = True
277 if m['policy_version'] != self.major_framework_policy[k]:303 if m['policy_version'] != data['policy_version']:
278 t = 'error'304 t = 'error'
279 s = '%s != %s (%s)' % (str(m['policy_version']),305 s = '%s != %s (%s)' % (str(m['policy_version']),
280 self.major_framework_policy[k],306 data['policy_version'],
281 self.manifest['framework'])307 self.manifest['framework'])
282 if not found_major:308 if not found_major:
283 t = 'error'309 t = 'error'
284310
=== modified file 'clickreviews/frameworks.py'
--- clickreviews/frameworks.py 2014-11-11 16:12:57 +0000
+++ clickreviews/frameworks.py 2014-11-17 17:14:19 +0000
@@ -32,14 +32,21 @@
32 OBSOLETE_FRAMEWORKS = []32 OBSOLETE_FRAMEWORKS = []
33 AVAILABLE_FRAMEWORKS = []33 AVAILABLE_FRAMEWORKS = []
3434
35 def __init__(self):35 def __init__(self, overrides=None):
36 self.FRAMEWORKS = clickreviews.remote.read_cr_file(USER_DATA_FILE,36 self.FRAMEWORKS = clickreviews.remote.read_cr_file(USER_DATA_FILE,
37 FRAMEWORKS_DATA_URL)37 FRAMEWORKS_DATA_URL)
3838 if overrides is not None:
39 for k, v in self.FRAMEWORKS.items():39 self.FRAMEWORKS.update(overrides)
40 if v == 'deprecated':40
41 self.DEPRECATED_FRAMEWORKS.append(k)41 for name, data in self.FRAMEWORKS.items():
42 elif v == 'obsolete':42 if type(data) is dict:
43 self.OBSOLETE_FRAMEWORKS.append(k)43 state = data.get('state')
44 elif v == 'available':44 else:
45 self.AVAILABLE_FRAMEWORKS.append(k)45 state = data
46
47 if state == 'deprecated':
48 self.DEPRECATED_FRAMEWORKS.append(name)
49 elif state == 'obsolete':
50 self.OBSOLETE_FRAMEWORKS.append(name)
51 elif state == 'available':
52 self.AVAILABLE_FRAMEWORKS.append(name)
4653
=== modified file 'clickreviews/tests/test_cr_lint.py'
--- clickreviews/tests/test_cr_lint.py 2014-11-11 16:12:57 +0000
+++ clickreviews/tests/test_cr_lint.py 2014-11-17 17:14:19 +0000
@@ -31,7 +31,7 @@
31 super()31 super()
3232
33 def patch_frameworks(self):33 def patch_frameworks(self):
34 def _mock_frameworks(self):34 def _mock_frameworks(self, overrides=None):
35 self.FRAMEWORKS = {35 self.FRAMEWORKS = {
36 'ubuntu-sdk-14.10-qml-dev2': 'available',36 'ubuntu-sdk-14.10-qml-dev2': 'available',
37 'ubuntu-sdk-13.10': 'deprecated',37 'ubuntu-sdk-13.10': 'deprecated',
@@ -752,6 +752,20 @@
752 expected_counts = {'info': None, 'warn': 0, 'error': 1}752 expected_counts = {'info': None, 'warn': 0, 'error': 1}
753 self.check_results(r, expected_counts)753 self.check_results(r, expected_counts)
754754
755 @patch('clickreviews.remote.read_cr_file')
756 def test_check_framework_with_overrides(self, mock_read_cr_file):
757 '''Test check_framework() - using overrides'''
758 mock_read_cr_file.return_value = {
759 'ubuntu-sdk-14.10-qml-dev2': 'available',
760 }
761 self.set_test_manifest("framework", "nonexistent")
762 overrides = {'framework': {'nonexistent': {'state': 'available'}}}
763 c = ClickReviewLint(self.test_name, overrides=overrides)
764 c.check_framework()
765 r = c.click_report
766 expected_counts = {'info': 1, 'warn': 0, 'error': 0}
767 self.check_results(r, expected_counts)
768
755 def test_check_hooks(self):769 def test_check_hooks(self):
756 '''Test check_hooks()'''770 '''Test check_hooks()'''
757 self.set_test_manifest("framework", "ubuntu-sdk-13.10")771 self.set_test_manifest("framework", "ubuntu-sdk-13.10")
758772
=== modified file 'clickreviews/tests/test_cr_security.py'
--- clickreviews/tests/test_cr_security.py 2014-10-08 20:08:44 +0000
+++ clickreviews/tests/test_cr_security.py 2014-11-17 17:14:19 +0000
@@ -136,7 +136,7 @@
136 policy_version = 0136 policy_version = 0
137 for k in tmp.major_framework_policy.keys():137 for k in tmp.major_framework_policy.keys():
138 if f.startswith(k):138 if f.startswith(k):
139 policy_version = tmp.major_framework_policy[k]139 policy_version = tmp.major_framework_policy[k]['policy_version']
140 self.set_test_security_manifest(self.default_appname,140 self.set_test_security_manifest(self.default_appname,
141 "policy_version",141 "policy_version",
142 policy_version)142 policy_version)
@@ -209,6 +209,21 @@
209 {"text": "Invalid framework 'nonexistent'"}209 {"text": "Invalid framework 'nonexistent'"}
210 self.check_results(report, expected=expected)210 self.check_results(report, expected=expected)
211211
212 def test_check_policy_version_framework_with_overrides(self):
213 '''Test check_policy_version() - override framework (nonexistent)'''
214 self.set_test_manifest("framework", "nonexistent")
215 self.set_test_security_manifest(self.default_appname,
216 "policy_version", 1.3)
217 overrides = {'framework': {'nonexistent': {'state': 'available',
218 'policy_vendor': 'ubuntu',
219 'policy_version': 1.3}}}
220 c = ClickReviewSecurity(self.test_name, overrides=overrides)
221 c.check_policy_version()
222 report = c.click_report
223
224 expected_counts = {'info': 3, 'warn': 0, 'error': 0}
225 self.check_results(report, expected_counts)
226
212 def test_check_policy_vendor_unspecified(self):227 def test_check_policy_vendor_unspecified(self):
213 '''Test check_policy_vendor() - unspecified'''228 '''Test check_policy_vendor() - unspecified'''
214 c = ClickReviewSecurity(self.test_name)229 c = ClickReviewSecurity(self.test_name)

Subscribers

People subscribed via source and target branches