Commit 0b9dc79b authored by Nong Hoang Tu's avatar Nong Hoang Tu
Browse files

New upstream version 21.4.3

parents
Pipeline #5779 failed with stages
in 0 seconds
[run]
omit =
tests/*
*/__init__.py
source =
ospd_openvas
# default reviewers
* @greenbone/ospd-maintainers
**What**:
<!--
Describe what changes are being made, e.g. which feature/bug is being
developed/fixed in this PR?
-->
**Why**:
<!-- Why are these changes necessary? -->
**How**:
<!--
How did you verify the changes in this PR?
If this PR contains tests this section can be considered done.
Otherwise please write down the steps on how you did test your changes and
verified that the changes are working as expected.
See https://www.ministryoftesting.com/dojo/lessons/community-stories-to-shift-left-start-right
for some background.
-->
**Checklist**:
<!-- add "N/A" to the end of each line not applicable to your changes -->
<!-- to check an item, place an "x" in the box like so: "- [x] Tests" -->
- [ ] Tests
- [ ] [CHANGELOG](https://github.com/greenbone/gsa/blob/master/CHANGELOG.md) Entry
version: 2
updates:
- package-ecosystem: pip
directory: "/"
schedule:
interval: weekly
time: "04:00"
open-pull-requests-limit: 10
name: Build and test Python package
on:
push:
branches: [ master, ospd-openvas-21.04, ospd-openvas-20.08 ]
pull_request:
branches: [ master, ospd-openvas-21.04, ospd-openvas-20.08 ]
jobs:
linting:
name: Linting
runs-on: 'ubuntu-latest'
strategy:
matrix:
python-version:
- 3.7
- 3.8
- 3.9
steps:
- uses: actions/checkout@v2
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python-version }}
- name: Install poetry and dependencies
uses: greenbone/actions/poetry@v1
- name: Check with black, pylint and pontos.version
uses: greenbone/actions/lint-python@v1
with:
packages: ospd_openvas tests
test:
name: Run all tests
runs-on: 'ubuntu-latest'
strategy:
matrix:
python-version:
- 3.7
- 3.8
- 3.9
steps:
- uses: actions/checkout@v2
- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v2
with:
python-version: ${{ matrix.python-version }}
- name: Install poetry and dependencies
uses: greenbone/actions/poetry@v1
- name: Run unit tests
run: poetry run python -m unittest
codecov:
name: Upload coverage to codecov.io
needs: test
runs-on: 'ubuntu-latest'
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.8
- name: Install poetry and dependencies
uses: greenbone/actions/poetry@v1
- name: Calculate and upload coverage to codecov.io
uses: greenbone/actions/coverage-python@v1
name: "CodeQL"
on:
push:
branches: [ master, ospd-openvas-21.04, ospd-openvas-20.08 ]
pull_request:
branches: [ master, ospd-openvas-21.04, ospd-openvas-20.08 ]
schedule:
- cron: '30 5 * * 0' # 5:30h on Sundays
jobs:
analyze:
name: Analyze
runs-on: ubuntu-latest
permissions:
actions: read
contents: read
security-events: write
strategy:
fail-fast: false
matrix:
language: [ 'python' ]
steps:
- name: Checkout repository
uses: actions/checkout@v2
- name: Initialize CodeQL
uses: github/codeql-action/init@v1
with:
languages: ${{ matrix.language }}
- name: Perform CodeQL Analysis
uses: github/codeql-action/analyze@v1
name: Deploy on PyPI
on:
release:
types: [created]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.8
- name: Install dependencies
run: |
python -m pip install --upgrade pip
python -m pip install --upgrade poetry
python -m pip install --upgrade twine
- name: Build and publish
env:
TWINE_USERNAME: __token__
TWINE_PASSWORD: ${{ secrets.PYPI_TOKEN }}
run: |
poetry build
twine upload dist/*
name: Manually release gvm-libs with pontos
on:
workflow_dispatch:
jobs:
release-patch:
env:
GITHUB_USER: ${{ secrets.GREENBONE_BOT }}
GITHUB_MAIL: ${{ secrets.GREENBONE_BOT_MAIL }}
GITHUB_TOKEN: ${{ secrets.GREENBONE_BOT_TOKEN }}
GPG_KEY: ${{ secrets.GPG_KEY }}
GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
name: Release patch with pontos
runs-on: 'ubuntu-latest'
steps:
- uses: actions/checkout@v2
with:
persist-credentials: false
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.8
- name: Install poetry and dependencies
uses: greenbone/actions/poetry@v1
- name: Tell git who I am
run: |
git config --global user.name "${{ env.GITHUB_USER }}"
git config --global user.email "${{ env.GITHUB_MAIL }}"
git remote set-url origin https://${{ env.GITHUB_TOKEN }}@github.com/${{ github.repository }}
- run: echo "Current Branch is $GITHUB_BASE_REF"
- name: Prepare patch release with pontos
run: |
poetry run pontos-release prepare --patch
echo "VERSION=$(poetry run pontos-version show)" >> $GITHUB_ENV
- name: Release with pontos
run: |
poetry run pontos-release release
- name: Import key from secrets
run: |
echo -e "${{ env.GPG_KEY }}" >> tmp.file
gpg \
--pinentry-mode loopback \
--passphrase ${{ env.GPG_PASSPHRASE }} \
--import tmp.file
rm tmp.file
- name: Sign with pontos-release sign
run: |
echo "Signing assets for ${{env.VERSION}}"
poetry run pontos-release sign \
--signing-key ${{ env.GPG_FINGERPRINT }} \
--passphrase ${{ env.GPG_PASSPHRASE }} \
--release-version ${{ env.VERSION }}
name: Release Python package patch version with pontos
on:
pull_request:
types: [closed]
branches: [ 'ospd-openvas-21.04', 'ospd-openvas-20.08' ]
jobs:
release-patch:
env:
GITHUB_USER: ${{ secrets.GREENBONE_BOT }}
GITHUB_MAIL: ${{ secrets.GREENBONE_BOT_MAIL }}
GITHUB_TOKEN: ${{ secrets.GREENBONE_BOT_TOKEN }}
GPG_KEY: ${{ secrets.GPG_KEY }}
GPG_FINGERPRINT: ${{ secrets.GPG_FINGERPRINT }}
GPG_PASSPHRASE: ${{ secrets.GPG_PASSPHRASE }}
name: Release patch with pontos
# If the label 'make patch release' is set. If PR is closed because of an merge
if: contains( github.event.pull_request.labels.*.name, 'make patch release') && github.event.pull_request.merged == true
runs-on: 'ubuntu-latest'
steps:
- uses: actions/checkout@v2
with:
persist-credentials: false
- name: Set up Python
uses: actions/setup-python@v2
with:
python-version: 3.8
- name: Install poetry and dependencies
uses: greenbone/actions/poetry@v1
- name: Tell git who I am
run: |
git config --global user.name "${{ env.GITHUB_USER }}"
git config --global user.email "${{ env.GITHUB_MAIL }}"
git remote set-url origin https://${{ env.GITHUB_TOKEN }}@github.com/${{ github.repository }}
- run: echo "Current Branch is $GITHUB_BASE_REF"
- name: Prepare patch release with pontos
run: |
poetry run pontos-release prepare --patch
echo "VERSION=$(poetry run pontos-version show)" >> $GITHUB_ENV
- name: Release with pontos
run: |
poetry run pontos-release release
- name: Import key from secrets
run: |
echo -e "${{ env.GPG_KEY }}" >> tmp.file
gpg \
--pinentry-mode loopback \
--passphrase ${{ env.GPG_PASSPHRASE }} \
--import tmp.file
rm tmp.file
- name: Sign with pontos-release sign
run: |
echo "Signing assets for ${{env.VERSION}}"
poetry run pontos-release sign \
--signing-key ${{ env.GPG_FINGERPRINT }} \
--passphrase ${{ env.GPG_PASSPHRASE }} \
--release-version ${{ env.VERSION }}
__pycache__
*.pyc
*.log
.egg
*.egg-info
dist
build
.idea
.vscode
.coverage
.venv
[MASTER]
# A comma-separated list of package or module names from where C extensions may
# be loaded. Extensions are loading into the active Python interpreter and may
# run arbitrary code
extension-pkg-whitelist=lxml
# Add files or directories to the blacklist. They should be base names, not
# paths.
ignore=CVS
# Add files or directories matching the regex patterns to the blacklist. The
# regex matches against base names, not paths.
ignore-patterns=docs
# Pickle collected data for later comparisons.
persistent=yes
# When enabled, pylint would attempt to guess common misconfiguration and emit
# user-friendly hints instead of false-positive error messages
suggestion-mode=yes
# Allow loading of arbitrary C extensions. Extensions are imported into the
# active Python interpreter and may run arbitrary code.
unsafe-load-any-extension=no
[MESSAGES CONTROL]
# Only show warnings with the listed confidence levels. Leave empty to show
# all. Valid levels: HIGH, INFERENCE, INFERENCE_FAILURE, UNDEFINED
confidence=
# Disable the message, report, category or checker with the given id(s). You
# can either give multiple identifiers separated by comma (,) or put this
# option multiple times (only on the command line, not in the configuration
# file where it should appear only once).You can also use "--disable=all" to
# disable everything first and then reenable specific checks. For example, if
# you want to run only the similarities checker, you can use "--disable=all
# --enable=similarities". If you want to run only the classes checker, but have
# no Warning level messages displayed, use"--disable=all --enable=classes
# --disable=W"
#
# bad-continuation is disabled because of a bug in pylint.
# See https://github.com/ambv/black/issues/48 and https://github.com/PyCQA/pylint/issues/289
disable=len-as-condition,
attribute-defined-outside-init,
missing-docstring,
bad-continuation,
R
#disable=print-statement,
# parameter-unpacking,
# unpacking-in-except,
# old-raise-syntax,
# backtick,
# long-suffix,
# old-ne-operator,
# old-octal-literal,
# import-star-module-level,
# non-ascii-bytes-literal,
# raw-checker-failed,
# bad-inline-option,
# locally-disabled,
# locally-enabled,
# file-ignored,
# suppressed-message,
# useless-suppression,
# deprecated-pragma,
# apply-builtin,
# basestring-builtin,
# buffer-builtin,
# cmp-builtin,
# coerce-builtin,
# execfile-builtin,
# file-builtin,
# long-builtin,
# raw_input-builtin,
# reduce-builtin,
# standarderror-builtin,
# unicode-builtin,
# xrange-builtin,
# coerce-method,
# delslice-method,
# getslice-method,
# setslice-method,
# no-absolute-import,
# old-division,
# dict-iter-method,
# dict-view-method,
# next-method-called,
# metaclass-assignment,
# indexing-exception,
# raising-string,
# reload-builtin,
# oct-method,
# hex-method,
# nonzero-method,
# cmp-method,
# input-builtin,
# round-builtin,
# intern-builtin,
# unichr-builtin,
# map-builtin-not-iterating,
# zip-builtin-not-iterating,
# range-builtin-not-iterating,
# filter-builtin-not-iterating,
# using-cmp-argument,
# eq-without-hash,
# div-method,
# idiv-method,
# rdiv-method,
# exception-message-attribute,
# invalid-str-codec,
# sys-max-int,
# bad-python3-import,
# deprecated-string-function,
# deprecated-str-translate-call,
# deprecated-itertools-function,
# deprecated-types-field,
# next-method-defined,
# dict-items-not-iterating,
# dict-keys-not-iterating,
# dict-values-not-iterating
# Enable the message, report, category or checker with the given id(s). You can
# either give multiple identifier separated by comma (,) or put this option
# multiple time (only on the command line, not in the configuration file where
# it should appear only once). See also the "--disable" option for examples.
enable=c-extension-no-member
[REPORTS]
# Python expression which should return a note less than 10 (10 is the highest
# note). You have access to the variables errors warning, statement which
# respectively contain the number of errors / warnings messages and the total
# number of statements analyzed. This is used by the global evaluation report
# (RP0004).
evaluation=10.0 - ((float(5 * error + warning + refactor + convention) / statement) * 10)
# Template used to display messages. This is a python new-style format string
# used to format the message information. See doc for all details
#msg-template=
# Set the output format. Available formats are text, parseable, colorized, json
# and msvs (visual studio).You can also give a reporter class, eg
# mypackage.mymodule.MyReporterClass.
output-format=text
# Tells whether to display a full report or only the messages
reports=no
# Activate the evaluation score.
score=no
[REFACTORING]
# Maximum number of nested blocks for function / method body
max-nested-blocks=5
# Complete name of functions that never returns. When checking for
# inconsistent-return-statements if a never returning function is called then
# it will be considered as an explicit return statement and no message will be
# printed.
never-returning-functions=optparse.Values,sys.exit
[VARIABLES]
# List of additional names supposed to be defined in builtins. Remember that
# you should avoid to define new builtins when possible.
additional-builtins=
# Tells whether unused global variables should be treated as a violation.
allow-global-unused-variables=yes
# List of strings which can identify a callback function by name. A callback
# name must start or end with one of those strings.
callbacks=cb_,
_cb
# A regular expression matching the name of dummy variables (i.e. expectedly
# not used).
dummy-variables-rgx=_+$|(_[a-zA-Z0-9_]*[a-zA-Z0-9]+?$)|dummy|^ignored_|^unused_
# Argument names that match this expression will be ignored. Default to name
# with leading underscore
ignored-argument-names=_.*|^ignored_|^unused_
# Tells whether we should check for unused import in __init__ files.
init-import=no
# List of qualified module names which can have objects that can redefine
# builtins.
redefining-builtins-modules=six.moves,past.builtins,future.builtins
[MISCELLANEOUS]
# List of note tags to take in consideration, separated by a comma.
notes=FIXME,
XXX,
TODO
[BASIC]
# Regular expression which should only match correct argument names
argument-rgx=[a-z_][a-z0-9_]{1,40}$
# Regular expression which should only match correct instance attribute names
attr-rgx=[a-z_][a-z0-9_]{1,40}$
# Bad variable names which should always be refused, separated by a comma
bad-names=foo,
bar,
baz,
toto,
tutu,
tata
# Regular expression matching correct class attribute names.
class-attribute-rgx=([a-z_][a-z0-9_]{1,40})|([A-Z_][A-Z0-9_]{1,30})$
# Naming style matching correct class names
class-naming-style=PascalCase
# Naming style matching correct constant names
const-naming-style=UPPER_CASE
# Minimum line length for functions/classes that require docstrings, shorter
# ones are exempt.
docstring-min-length=3
# Regular expression which should only match correct function names
function-rgx=[a-z_][a-z0-9_]+$
# Good variable names which should always be accepted, separated by a comma
good-names=e,
f,
i,
j,
k,
ex,
Run,
logger,
_
# Include a hint for the correct naming format with invalid-name
include-naming-hint=yes
# Regular expression matching correct inline iteration names.
inlinevar-rgx=[A-Za-z_][A-Za-z0-9_]*$
# Regular expression which should only match correct method names
method-rgx=[a-z_][a-z0-9_]+$
# Regular expression which should only match correct module names
module-rgx=([a-z]+)|(test_*)$
# Regular expression which should only match function or class names that do
# not require a docstring.
no-docstring-rgx=^_
# List of decorators that produce properties, such as abc.abstractproperty. Add
# to this list to register other decorators that produce valid properties.
property-classes=abc.abstractproperty
# Regular expression which should only match correct variable names
variable-rgx=[a-z_][a-z0-9_]+$
[SIMILARITIES]
# Ignore comments when computing similarities.
ignore-comments=yes
# Ignore docstrings when computing similarities.
ignore-docstrings=yes
# Ignore imports when computing similarities.
ignore-imports=no
# Minimum lines number of a similarity.
min-similarity-lines=4
[LOGGING]
# Logging modules to check that the string format arguments are in logging
# function parameter format
logging-modules=logging
[TYPECHECK]
# List of decorators that produce context managers, such as
# contextlib.contextmanager. Add to this list to register other decorators that
# produce valid context managers.
contextmanager-decorators=contextlib.contextmanager
# List of members which are set dynamically and missed by pylint inference
# system, and so shouldn't trigger E1101 when accessed. Python regular
# expressions are accepted.
generated-members=
# Tells whether missing members accessed in mixin class should be ignored. A
# mixin class is detected if its name ends with "mixin" (case insensitive).
ignore-mixin-members=yes
# This flag controls whether pylint should warn about no-member and similar
# checks whenever an opaque object is returned when inferring. The inference
# can return multiple potential results while evaluating a Python object, but
# some branches might not be evaluated, which results in partial inference. In
# that case, it might be useful to still emit no-member and other checks for
# the rest of the inferred objects.
ignore-on-opaque-inference=yes
# List of class names for which member attributes should not be checked (useful
# for classes with dynamically set attributes). This supports the use of
# qualified names.
ignored-classes=optparse.Values,thread._local,_thread._local