Integrate skeleton-python-library and Migrate to Python 3 #2
Conversation
Switch CI from Travis to GitHub actions
…t_autoupdate Add updates from running pre-commit autoupdate
Replace Travis-CI with GitHub actions
Split workflow into multiple jobs. Add artifact output.
Re-enable ansible-lint and autoupgrade.
…nsible-lint and the updated version is included in the version being used now.
Pull upstream changes from skeleton-generic.
These seem to be very large caches. Restoring an old one and updating it results in a cache larger than the maximum allowed cache size: 200MB. "Cache size of 254757924 bytes is over the 200MB limit, not saving cache." So if the config changes it is best to just take the cache-miss and start from scratch.
Add GitHub action caching of pre-commit hooks and pip packages.
Add caches for GitHub Actions.
Dockerfile
Outdated
| FROM python:2 | ||
| MAINTAINER Mark Feldhousen <mark.feldhousen@hq.dhs.gov> | ||
| FROM python:3 | ||
| MAINTAINER Mark Feldhousen <mark.feldhousen@cisa.dhs.gov> |
There was a problem hiding this comment.
I know we are thinking of getting rid of this file, but please note that this is no longer the preferred way to specify the maintainer. You should use a label instead. @felddy recently had a PR (I can't find that PR right now - can you provide a link @felddy?) where he used the set of labels specified by the Open Container Initiative](https://opencontainers.org/). See here, for example. The OCI label standard supersedes the other standard in common use, which was Label Schema.
There was a problem hiding this comment.
I believe the PR you are looking for is cisagov/skeleton-docker#38, specifically this Dockerfile bit.
There was a problem hiding this comment.
I believe the PR you are looking for is cisagov/skeleton-docker#38, specifically this Dockerfile bit.
Yep, that's the one!
| download_url="https://github.com/cisagov/cyhy-runner", | ||
| # Author details | ||
| author="Cyber and Infrastructure Security Agency", | ||
| author_email="ncats@hq.dhs.gov", |
There was a problem hiding this comment.
Updated the issue to mention updating the URL as well.
| # Standard Python Libraries | ||
| from typing import List | ||
|
|
||
| from ._version import __version__ # noqa: F401 |
There was a problem hiding this comment.
A comment here explaining what F401 is would be good. I recognize that this change might be better made upstream.
There was a problem hiding this comment.
I've added a suggestion for this for ease of resolution
There was a problem hiding this comment.
Yes, this should be updated in cisagov/skeleton-python-library as these two lines are related and both lack explanation:
https://github.com/cisagov/skeleton-python-library/blob/0f6efe072d3045b2dd97a190ef498f4ba89303b7/src/example/__init__.py#L2
https://github.com/cisagov/skeleton-python-library/blob/0f6efe072d3045b2dd97a190ef498f4ba89303b7/setup.py#L29
There was a problem hiding this comment.
I created an issue upstream to flesh them both out: cisagov/skeleton-python-library#58
| # Standard Python Libraries | ||
| from typing import List | ||
|
|
||
| from ._version import __version__ # noqa: F401 |
There was a problem hiding this comment.
| from ._version import __version__ # noqa: F401 | |
| # Module imported but unused - ignored to preserve skeleton functionality | |
| from ._version import __version__ # noqa: F401 |
There was a problem hiding this comment.
It is not directly used, which is what makes flake8 mad, but it populates cyhy_runner.__version__, which is used to get version information about the package. A comment fleshing out why it's got a noqa on it should be added to cisagov/skeleton-python-library. This is related to how we've chosen to SSoT the package version from the options recommended by Python packaging conventions.
Sort the install_requires and extras_require["test"] arguments by key.
|
This pull request fixes 3 alerts when merging 01fcc26 into 74d2cfb - view on LGTM.com fixed alerts:
|
Group related pre-commit hooks together. Make sure that hooks are alphabetically sorted within those groups.
Switch to the file line reading version of extracting the version from https://packaging.python.org/guides/single-sourcing-package-version/ instead of the exec method on the same page. The exec method required us to use a "# nosec" to manually disable Bandit checking on that line. Although that method is more straightforward, I do not feel that it is worth using an exec in the codebase when another option is available.
Organize and Sort pre-commit Hooks
…gihub-dir Ensure that the cisagov devs are the owners of the .github directory
…re-simply Use the python version output by actions/setup-python
Also updated the test and build jobs in the build workflow to mirror cache key format changes in the lint job.
⚠️ CONFLICT! Lineage pull request for: skeleton
Sort the Package Requirements in setup.py
Remove or Explain Manual Testing Check Disables
|
This pull request fixes 3 alerts when merging 514e491 into 74d2cfb - view on LGTM.com fixed alerts:
|
I believe that this was missed when #3 was merged due to timing between when this change was made in cisagov/skeleton-python-library#51 and when #2 was merged.
🗣 Description
This PR merges histories with cisagov/skeleton-python-library to bring this project into the modern era. This also results in dropping Python 2 support and becoming a Python 3 project. This closes #1 .
This PR should only be merged along with the following PRs:
cisagov/cyhy_amis#292
https://github.com/jsf9k/cyhy-commander/pull/17
Opinions Wanted
I would like to remove the
Dockerfilefrom this repo as it is not used as far as I am aware. If a Docker configuration was required I believe it would be straightforward to create a new project based on cisagov/skeleton-docker to fill that need.💭 Motivation and Context
Python 2 support is very dead, so any Python projects we are actively using need to migrate to Python 3. This project is not dependent on other CyHy projects, so it can migrate to Python 3 without issue.
This will also allow instances that use only this project (like the
portscanandvulnscaninstances in the CyHy environment) to drop Python 2 altogether and use a recent OS version (such as Debian Buster).🧪 Testing
I deployed
portscanandvulnscaninstances in a cisagov/cyhy_amis testing environment and was able to send work and retrieve results successfully.✅ Checklist