From b5d8fb5f0703cfa66b7ce896e8c1f0b4f82a76eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Brunner?= Date: Wed, 6 Nov 2024 14:32:07 +0100 Subject: [PATCH] First build --- .bandit.yaml | 2 + .github/requirements.txt | 1 + .github/workflows/main.yaml | 38 +- config.md | 82 ++-- poetry.lock | 539 +++++++++++++++++++++++- pyproject.toml | 4 + tag_publish/__init__.py | 226 ++++++++++ tag_publish/applications-versions.yaml | 2 + tag_publish/cli.py | 138 +++--- tag_publish/configuration.py | 142 +++---- tag_publish/lib/docker.py | 20 +- tag_publish/lib/trigger_image_update.py | 36 -- tag_publish/new.py | 62 ++- tag_publish/package-lock.json | 437 ------------------- tag_publish/package.json | 9 - tag_publish/publish.py | 37 +- tag_publish/schema.json | 313 +++++++------- 17 files changed, 1198 insertions(+), 890 deletions(-) create mode 100644 .github/requirements.txt create mode 100644 tag_publish/applications-versions.yaml delete mode 100644 tag_publish/lib/trigger_image_update.py delete mode 100644 tag_publish/package-lock.json delete mode 100644 tag_publish/package.json diff --git a/.bandit.yaml b/.bandit.yaml index 1bf9b48..fdeda8f 100644 --- a/.bandit.yaml +++ b/.bandit.yaml @@ -1,2 +1,4 @@ skips: - B101 # Use of assert detected. + - B603 # subprocess call - check for execution of untrusted input. + - B607 # Starting a process with a partial executable path. diff --git a/.github/requirements.txt b/.github/requirements.txt new file mode 100644 index 0000000..ddf14cc --- /dev/null +++ b/.github/requirements.txt @@ -0,0 +1 @@ +c2cciutils==1.7.1 diff --git a/.github/workflows/main.yaml b/.github/workflows/main.yaml index 63cd630..dd04238 100644 --- a/.github/workflows/main.yaml +++ b/.github/workflows/main.yaml @@ -16,8 +16,8 @@ env: HAS_SECRETS: ${{ secrets.HAS_SECRETS }} jobs: - main: - name: Continuous integration + pre-commit: + name: Pre commit checks runs-on: ubuntu-24.04 timeout-minutes: 20 if: "!startsWith(github.event.head_commit.message, '[skip ci] ')" @@ -27,17 +27,10 @@ jobs: with: fetch-depth: 0 - - uses: camptocamp/initialise-gopass-summon-action@v2 - with: - ci-gpg-private-key: ${{secrets.CI_GPG_PRIVATE_KEY}} - github-gopass-ci-token: ${{secrets.GOPASS_CI_GITHUB_TOKEN}} - patterns: pypi - if: env.HAS_SECRETS == 'HAS_SECRETS' - - uses: actions/setup-python@v5 with: python-version: '3.13' - - run: python3 -m pip install --requirement=requirements.txt + - run: python3 -m pip install $(grep pre-commit== requirements.txt) - uses: actions/cache@v4 with: @@ -54,11 +47,34 @@ jobs: retention-days: 1 if: failure() + main: + name: Continuous integration + runs-on: ubuntu-24.04 + timeout-minutes: 20 + needs: pre-commit + + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + - uses: camptocamp/initialise-gopass-summon-action@v2 + with: + ci-gpg-private-key: ${{secrets.CI_GPG_PRIVATE_KEY}} + github-gopass-ci-token: ${{secrets.GOPASS_CI_GITHUB_TOKEN}} + patterns: pypi + if: env.HAS_SECRETS == 'HAS_SECRETS' + + - uses: actions/setup-python@v5 + with: + python-version: '3.13' + - run: python3 -m pip install --requirement=.github/requirements.txt + - run: python3 -m pip install --requirement=requirements.txt + - name: Print the environment run: c2cciutils-env env: GITHUB_EVENT: ${{ toJson(github) }} - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - run: poetry install - name: Prospector diff --git a/config.md b/config.md index 810ef4e..14e4f0a 100644 --- a/config.md +++ b/config.md @@ -10,60 +10,52 @@ _Tag Publish configuration file_ - **`docker`**: Refer to _[#/definitions/publish_docker](#definitions/publish_docker)_. - **`pypi`**: Refer to _[#/definitions/publish_pypi](#definitions/publish_pypi)_. - **`helm`**: Refer to _[#/definitions/publish_helm](#definitions/publish_helm)_. +- **`dispatch`** _(array)_: Default: `[{}]`. + - **Items** _(object)_: Send a dispatch event to an other repository. Default: `{}`. + - **`repository`** _(string)_: The repository name to be triggered. Default: `"camptocamp/argocd-gs-gmf-apps"`. + - **`event-type`** _(string)_: The event type to be triggered. Default: `"image-update"`. ## Definitions -- **`publish_docker`**: The configuration used to publish on Docker. - - **One of** - - _object_: The configuration used to publish on Docker. - - **`latest`** _(boolean)_: Publish the latest version on tag latest. Default: `true`. - - **`images`** _(array)_: List of images to be published. - - **Items** _(object)_ - - **`group`** _(string)_: The image is in the group, should be used with the --group option of tag-publish script. Default: `"default"`. - - **`name`** _(string)_: The image name. - - **`tags`** _(array)_: The tag name, will be formatted with the version=, the image with version=latest should be present when we call the tag-publish script. Default: `["{version}"]`. - - **Items** _(string)_ - - **`repository`** _(object)_: The repository where we should publish the images. Can contain additional properties. Default: `{"github": {"server": "ghcr.io", "versions": ["version_tag", "version_branch", "rebuild"]}, "dockerhub": {}}`. - - **Additional properties** _(object)_ - - **`server`** _(string)_: The server URL. - - **`versions`** _(array)_: The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script. Default: `["version_tag", "version_branch", "rebuild", "feature_branch"]`. - - **Items** _(string)_ - - **`dispatch`**: Send a dispatch event to an other repository. Default: `{}`. - - **One of** - - _object_: Send a dispatch event to an other repository. - - **`repository`** _(string)_: The repository name to be triggered. Default: `"camptocamp/argocd-gs-gmf-apps"`. - - **`event-type`** _(string)_: The event type to be triggered. Default: `"image-update"`. - - : Must be: `false`. - - **`snyk`** _(object)_: Checks the published images with Snyk. - - **`monitor_args`**: The arguments to pass to the Snyk container monitor command. Default: `["--app-vulns"]`. - - **One of** - - _array_ - - **Items** _(string)_ - - : Must be: `false`. - - **`test_args`**: The arguments to pass to the Snyk container test command. Default: `["--app-vulns", "--severity-threshold=critical"]`. - - **One of** - - _array_ - - **Items** _(string)_ - - : Must be: `false`. - - : Must be: `false`. -- **`publish_pypi`**: Configuration to publish on pypi. Default: `{}`. - - **One of** - - _object_: Configuration to publish on pypi. - - **`packages`** _(array)_: The configuration of packages that will be published. - - **Items** _(object)_: The configuration of package that will be published. - - **`group`** _(string)_: The image is in the group, should be used with the --group option of tag-publish script. Default: `"default"`. - - **`path`** _(string)_: The path of the pypi package. - - **`build_command`** _(array)_: The command used to do the build. - - **Items** _(string)_ - - **`versions`** _(array)_: The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script. +- **`publish_docker`** _(object)_: The configuration used to publish on Docker. + - **`latest`** _(boolean)_: Publish the latest version on tag latest. Default: `true`. + - **`images`** _(array)_: List of images to be published. + - **Items** _(object)_ + - **`group`** _(string)_: The image is in the group, should be used with the --group option of tag-publish script. Default: `"default"`. + - **`name`** _(string)_: The image name. + - **`tags`** _(array)_: The tag name, will be formatted with the version=, the image with version=latest should be present when we call the tag-publish script. Default: `["{version}"]`. - **Items** _(string)_ - - : Must be: `false`. + - **`repository`** _(object)_: The repository where we should publish the images. Can contain additional properties. Default: `{"github": {"server": "ghcr.io", "versions": ["version_tag", "version_branch", "rebuild"]}, "dockerhub": {}}`. + - **Additional properties** _(object)_ + - **`server`** _(string)_: The server URL. + - **`versions`** _(array)_: The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script. Default: `["version_tag", "version_branch", "rebuild", "feature_branch"]`. + - **Items** _(string)_ + - **`snyk`** _(object)_: Checks the published images with Snyk. + - **`monitor_args`**: The arguments to pass to the Snyk container monitor command. Default: `["--app-vulns"]`. + - **One of** + - _array_ + - **Items** _(string)_ + - : Must be: `false`. + - **`test_args`**: The arguments to pass to the Snyk container test command. Default: `["--app-vulns", "--severity-threshold=critical"]`. + - **One of** + - _array_ + - **Items** _(string)_ + - : Must be: `false`. +- **`publish_pypi`** _(object)_: Configuration to publish on pypi. + - **`packages`** _(array)_: The configuration of packages that will be published. + - **Items** _(object)_: The configuration of package that will be published. + - **`group`** _(string)_: The image is in the group, should be used with the --group option of tag-publish script. Default: `"default"`. + - **`path`** _(string)_: The path of the pypi package. + - **`build_command`** _(array)_: The command used to do the build. + - **Items** _(string)_ + - **`versions`** _(array)_: The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script. Default: `["version_tag"]`. + - **Items** _(string)_ - **`publish_helm`**: Configuration to publish Helm charts on GitHub release. - **One of** - _object_: Configuration to publish on Helm charts on GitHub release. - **`folders`** _(array)_: The folders that will be published. - **Items** _(string)_ - - **`versions`** _(array)_: The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script. + - **`versions`** _(array)_: The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script. Default: `["version_tag"]`. - **Items** _(string)_ - : Must be: `false`. - **`version_transform`** _(array)_: A version transformer definition. diff --git a/poetry.lock b/poetry.lock index 4c5a9c5..9831e17 100644 --- a/poetry.lock +++ b/poetry.lock @@ -11,6 +11,23 @@ files = [ {file = "annotated_types-0.7.0.tar.gz", hash = "sha256:aff07c09a53a08bc8cfccb9c85b05f1aa9a2a6f23728d790723543408344ce89"}, ] +[[package]] +name = "application-download" +version = "0.0.1.dev3" +description = "Tools used to publish Python packages, Docker images and Helm charts for GitHub tag and branch" +optional = false +python-versions = ">=3.9" +files = [ + {file = "application_download-0.0.1.dev3-py3-none-any.whl", hash = "sha256:89662f68d327ccd39c499947c58861ec0c94f648de471fd173d8df53dae25069"}, + {file = "application_download-0.0.1.dev3.tar.gz", hash = "sha256:bc7d894bab6f87d6e822c717eecdc169489e3dc2a61ce8ab7de26a785b40bb57"}, +] + +[package.dependencies] +jsonschema-validator-new = ">=0.0.0,<1.0.0" +PyYAML = ">=6.0.0,<7.0.0" +requests = ">=2.0.0,<3.0.0" +"ruamel.yaml" = ">=0.0.0,<1.0.0" + [[package]] name = "astroid" version = "3.3.5" @@ -25,6 +42,25 @@ files = [ [package.dependencies] typing-extensions = {version = ">=4.0.0", markers = "python_version < \"3.11\""} +[[package]] +name = "attrs" +version = "24.2.0" +description = "Classes Without Boilerplate" +optional = false +python-versions = ">=3.7" +files = [ + {file = "attrs-24.2.0-py3-none-any.whl", hash = "sha256:81921eb96de3191c8258c199618104dd27ac608d9366f5e35d011eae1867ede2"}, + {file = "attrs-24.2.0.tar.gz", hash = "sha256:5cfb1b9148b5b086569baec03f20d7b6bf3bcacc9a42bebf87ffaaca362f6346"}, +] + +[package.extras] +benchmark = ["cloudpickle", "hypothesis", "mypy (>=1.11.1)", "pympler", "pytest (>=4.3.0)", "pytest-codspeed", "pytest-mypy-plugins", "pytest-xdist[psutil]"] +cov = ["cloudpickle", "coverage[toml] (>=5.3)", "hypothesis", "mypy (>=1.11.1)", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins", "pytest-xdist[psutil]"] +dev = ["cloudpickle", "hypothesis", "mypy (>=1.11.1)", "pre-commit", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins", "pytest-xdist[psutil]"] +docs = ["cogapp", "furo", "myst-parser", "sphinx", "sphinx-notfound-page", "sphinxcontrib-towncrier", "towncrier (<24.7)"] +tests = ["cloudpickle", "hypothesis", "mypy (>=1.11.1)", "pympler", "pytest (>=4.3.0)", "pytest-mypy-plugins", "pytest-xdist[psutil]"] +tests-mypy = ["mypy (>=1.11.1)", "pytest-mypy-plugins"] + [[package]] name = "backports-tarfile" version = "1.2.0" @@ -179,6 +215,17 @@ files = [ [package.dependencies] pycparser = "*" +[[package]] +name = "chardet" +version = "5.2.0" +description = "Universal encoding detector for Python 3" +optional = false +python-versions = ">=3.7" +files = [ + {file = "chardet-5.2.0-py3-none-any.whl", hash = "sha256:e1cf59446890a00105fe7b7912492ea04b6e6f06d4b742b2c788469e34c82970"}, + {file = "chardet-5.2.0.tar.gz", hash = "sha256:1b3b6ff479a8c414bc3fa2c0852995695c4a026dcd6d0633b2dd092ca39c1cf7"}, +] + [[package]] name = "charset-normalizer" version = "3.4.0" @@ -304,6 +351,20 @@ files = [ {file = "colorama-0.4.6.tar.gz", hash = "sha256:08695f5cb7ed6e0531a20572697297273c47b8cae5a63ffc6d6ed5c201be6e44"}, ] +[[package]] +name = "configupdater" +version = "3.2" +description = "Parser like ConfigParser but for updating configuration files" +optional = false +python-versions = ">=3.6" +files = [ + {file = "ConfigUpdater-3.2-py2.py3-none-any.whl", hash = "sha256:0f65a041627d7693840b4dd743581db4c441c97195298a29d075f91b79539df2"}, + {file = "ConfigUpdater-3.2.tar.gz", hash = "sha256:9fdac53831c1b062929bf398b649b87ca30e7f1a735f3fbf482072804106306b"}, +] + +[package.extras] +testing = ["flake8", "pytest", "pytest-cov", "pytest-randomly", "pytest-xdist", "sphinx"] + [[package]] name = "cryptography" version = "43.0.3" @@ -353,6 +414,25 @@ ssh = ["bcrypt (>=3.1.5)"] test = ["certifi", "cryptography-vectors (==43.0.3)", "pretend", "pytest (>=6.2.0)", "pytest-benchmark", "pytest-cov", "pytest-xdist"] test-randomorder = ["pytest-randomly"] +[[package]] +name = "debian-inspector" +version = "31.1.0" +description = "Utilities to parse Debian package, copyright and control files." +optional = false +python-versions = ">=3.7" +files = [ + {file = "debian_inspector-31.1.0-py3-none-any.whl", hash = "sha256:77dfeb34492dd49d8593d4f7146ffa3f71fca703737824e09d7472e0eafca567"}, + {file = "debian_inspector-31.1.0.tar.gz", hash = "sha256:ebcfbc17064f10bd3b6d2122cdbc97b71a494af0ebbafaf9a8ceadfe8b164f99"}, +] + +[package.dependencies] +attrs = ">=19.2,<20.1.0 || >20.1.0" +chardet = ">=3.0.0" + +[package.extras] +docs = ["Sphinx (>=5.0.2)", "doc8 (>=0.11.2)", "sphinx-autobuild", "sphinx-copybutton", "sphinx-reredirects (>=0.1.2)", "sphinx-rtd-dark-mode (>=1.3.0)", "sphinx-rtd-theme (>=1.0.0)", "sphinxcontrib-apidoc (>=0.3.0)"] +testing = ["aboutcode-toolkit (>=7.0.2)", "black", "commoncode", "isort", "pycodestyle (>=2.8.0)", "pytest (>=6,!=7.0.0)", "pytest-xdist (>=2)", "twine"] + [[package]] name = "defusedxml" version = "0.7.1" @@ -364,6 +444,23 @@ files = [ {file = "defusedxml-0.7.1.tar.gz", hash = "sha256:1bb3032db185915b62d7c6209c5a8792be6a32ab2fedacc84e01b52c51aa3e69"}, ] +[[package]] +name = "deprecated" +version = "1.2.14" +description = "Python @deprecated decorator to deprecate old python classes, functions or methods." +optional = false +python-versions = ">=2.7, !=3.0.*, !=3.1.*, !=3.2.*, !=3.3.*" +files = [ + {file = "Deprecated-1.2.14-py2.py3-none-any.whl", hash = "sha256:6fac8b097794a90302bdbb17b9b815e732d3c4720583ff1b198499d78470466c"}, + {file = "Deprecated-1.2.14.tar.gz", hash = "sha256:e5323eb936458dccc2582dc6f9c322c852a775a27065ff2b0c4970b9d53d01b3"}, +] + +[package.dependencies] +wrapt = ">=1.10,<2" + +[package.extras] +dev = ["PyTest", "PyTest-Cov", "bump2version (<1)", "sphinx (<2)", "tox"] + [[package]] name = "dill" version = "0.3.9" @@ -483,6 +580,20 @@ dev = ["build", "bump (>=1.3.2)", "id[lint,test]"] lint = ["bandit", "interrogate", "mypy", "ruff (<0.4.2)", "types-requests"] test = ["coverage[toml]", "pretend", "pytest", "pytest-cov"] +[[package]] +name = "identify" +version = "2.6.1" +description = "File identification library for Python" +optional = false +python-versions = ">=3.8" +files = [ + {file = "identify-2.6.1-py2.py3-none-any.whl", hash = "sha256:53863bcac7caf8d2ed85bd20312ea5dcfc22226800f6d6881f232d861db5a8f0"}, + {file = "identify-2.6.1.tar.gz", hash = "sha256:91478c5fb7c3aac5ff7bf9b4344f803843dc586832d5f110d672b19aa1984c98"}, +] + +[package.extras] +license = ["ukkonen"] + [[package]] name = "idna" version = "3.10" @@ -607,6 +718,68 @@ files = [ test = ["async-timeout", "pytest", "pytest-asyncio (>=0.17)", "pytest-trio", "testpath", "trio"] trio = ["async_generator", "trio"] +[[package]] +name = "json5" +version = "0.9.25" +description = "A Python implementation of the JSON5 data format." +optional = false +python-versions = ">=3.8" +files = [ + {file = "json5-0.9.25-py3-none-any.whl", hash = "sha256:34ed7d834b1341a86987ed52f3f76cd8ee184394906b6e22a1e0deb9ab294e8f"}, + {file = "json5-0.9.25.tar.gz", hash = "sha256:548e41b9be043f9426776f05df8635a00fe06104ea51ed24b67f908856e151ae"}, +] + +[[package]] +name = "jsonschema" +version = "4.23.0" +description = "An implementation of JSON Schema validation for Python" +optional = false +python-versions = ">=3.8" +files = [ + {file = "jsonschema-4.23.0-py3-none-any.whl", hash = "sha256:fbadb6f8b144a8f8cf9f0b89ba94501d143e50411a1278633f56a7acf7fd5566"}, + {file = "jsonschema-4.23.0.tar.gz", hash = "sha256:d71497fef26351a33265337fa77ffeb82423f3ea21283cd9467bb03999266bc4"}, +] + +[package.dependencies] +attrs = ">=22.2.0" +jsonschema-specifications = ">=2023.03.6" +referencing = ">=0.28.4" +rpds-py = ">=0.7.1" + +[package.extras] +format = ["fqdn", "idna", "isoduration", "jsonpointer (>1.13)", "rfc3339-validator", "rfc3987", "uri-template", "webcolors (>=1.11)"] +format-nongpl = ["fqdn", "idna", "isoduration", "jsonpointer (>1.13)", "rfc3339-validator", "rfc3986-validator (>0.1.0)", "uri-template", "webcolors (>=24.6.0)"] + +[[package]] +name = "jsonschema-specifications" +version = "2024.10.1" +description = "The JSON Schema meta-schemas and vocabularies, exposed as a Registry" +optional = false +python-versions = ">=3.9" +files = [ + {file = "jsonschema_specifications-2024.10.1-py3-none-any.whl", hash = "sha256:a09a0680616357d9a0ecf05c12ad234479f549239d0f5b55f3deea67475da9bf"}, + {file = "jsonschema_specifications-2024.10.1.tar.gz", hash = "sha256:0f38b83639958ce1152d02a7f062902c41c8fd20d558b0c34344292d417ae272"}, +] + +[package.dependencies] +referencing = ">=0.31.0" + +[[package]] +name = "jsonschema-validator-new" +version = "0.1.0" +description = "Tool to validate files against a JSON Schema" +optional = false +python-versions = ">=3.8,<4" +files = [ + {file = "jsonschema_validator_new-0.1.0-py3-none-any.whl", hash = "sha256:f93e1a4ca92079f28fbad2b43a1733b5d51c6cc4c7fd327689a63a90b77cf4ff"}, + {file = "jsonschema_validator_new-0.1.0.tar.gz", hash = "sha256:deac226a3288222e9f1eb73267e496e33a598270529b31629f2407620a6dde37"}, +] + +[package.dependencies] +jsonschema = "*" +requests = "*" +"ruamel.yaml" = "*" + [[package]] name = "keyring" version = "25.5.0" @@ -721,6 +894,31 @@ files = [ {file = "more_itertools-10.5.0-py3-none-any.whl", hash = "sha256:037b0d3203ce90cca8ab1defbbdac29d5f993fc20131f3664dc8d6acfa872aef"}, ] +[[package]] +name = "multi-repo-automation" +version = "1.3.0" +description = "Library for automation updates on multiple repositories." +optional = false +python-versions = ">=3.9" +files = [ + {file = "multi_repo_automation-1.3.0-py3-none-any.whl", hash = "sha256:aea5b368bfcab3ccf488d55066d88ace08d709d16b8d7e9f72a15b0512e729a6"}, + {file = "multi_repo_automation-1.3.0.tar.gz", hash = "sha256:f9fdbd78f83a3a71d61515dcda6309ad84529eec662107b52642d038f2fca4a8"}, +] + +[package.dependencies] +configupdater = "*" +identify = "*" +idna = "*" +json5 = "*" +PyYAML = "*" +requests = "*" +"ruamel.yaml" = "*" +tomlkit = "*" +typing_extensions = "*" + +[package.extras] +update-stabilization-branches = ["c2cciutils"] + [[package]] name = "mypy" version = "1.13.0" @@ -1113,6 +1311,25 @@ files = [ {file = "pyflakes-3.1.0.tar.gz", hash = "sha256:a0aae034c444db0071aa077972ba4768d40c830d9539fd45bf4cd3f8f6992efc"}, ] +[[package]] +name = "pygithub" +version = "2.4.0" +description = "Use the full Github API v3" +optional = false +python-versions = ">=3.8" +files = [ + {file = "PyGithub-2.4.0-py3-none-any.whl", hash = "sha256:81935aa4bdc939fba98fee1cb47422c09157c56a27966476ff92775602b9ee24"}, + {file = "pygithub-2.4.0.tar.gz", hash = "sha256:6601e22627e87bac192f1e2e39c6e6f69a43152cfb8f307cee575879320b3051"}, +] + +[package.dependencies] +Deprecated = "*" +pyjwt = {version = ">=2.4.0", extras = ["crypto"]} +pynacl = ">=1.4.0" +requests = ">=2.14.0" +typing-extensions = ">=4.0.0" +urllib3 = ">=1.26.0" + [[package]] name = "pygments" version = "2.18.0" @@ -1127,6 +1344,26 @@ files = [ [package.extras] windows-terminal = ["colorama (>=0.4.6)"] +[[package]] +name = "pyjwt" +version = "2.9.0" +description = "JSON Web Token implementation in Python" +optional = false +python-versions = ">=3.8" +files = [ + {file = "PyJWT-2.9.0-py3-none-any.whl", hash = "sha256:3b02fb0f44517787776cf48f2ae25d8e14f300e6d7545a4315cee571a415e850"}, + {file = "pyjwt-2.9.0.tar.gz", hash = "sha256:7e1e5b56cc735432a7369cbfa0efe50fa113ebecdc04ae6922deba8b84582d0c"}, +] + +[package.dependencies] +cryptography = {version = ">=3.4.0", optional = true, markers = "extra == \"crypto\""} + +[package.extras] +crypto = ["cryptography (>=3.4.0)"] +dev = ["coverage[toml] (==5.0.4)", "cryptography (>=3.4.0)", "pre-commit", "pytest (>=6.0.0,<7.0.0)", "sphinx", "sphinx-rtd-theme", "zope.interface"] +docs = ["sphinx", "sphinx-rtd-theme", "zope.interface"] +tests = ["coverage[toml] (==5.0.4)", "pytest (>=6.0.0,<7.0.0)"] + [[package]] name = "pylint" version = "3.3.1" @@ -1217,6 +1454,32 @@ files = [ [package.dependencies] pylint = ">=1.7" +[[package]] +name = "pynacl" +version = "1.5.0" +description = "Python binding to the Networking and Cryptography (NaCl) library" +optional = false +python-versions = ">=3.6" +files = [ + {file = "PyNaCl-1.5.0-cp36-abi3-macosx_10_10_universal2.whl", hash = "sha256:401002a4aaa07c9414132aaed7f6836ff98f59277a234704ff66878c2ee4a0d1"}, + {file = "PyNaCl-1.5.0-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.manylinux_2_24_aarch64.whl", hash = "sha256:52cb72a79269189d4e0dc537556f4740f7f0a9ec41c1322598799b0bdad4ef92"}, + {file = "PyNaCl-1.5.0-cp36-abi3-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a36d4a9dda1f19ce6e03c9a784a2921a4b726b02e1c736600ca9c22029474394"}, + {file = "PyNaCl-1.5.0-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:0c84947a22519e013607c9be43706dd42513f9e6ae5d39d3613ca1e142fba44d"}, + {file = "PyNaCl-1.5.0-cp36-abi3-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:06b8f6fa7f5de8d5d2f7573fe8c863c051225a27b61e6860fd047b1775807858"}, + {file = "PyNaCl-1.5.0-cp36-abi3-musllinux_1_1_aarch64.whl", hash = "sha256:a422368fc821589c228f4c49438a368831cb5bbc0eab5ebe1d7fac9dded6567b"}, + {file = "PyNaCl-1.5.0-cp36-abi3-musllinux_1_1_x86_64.whl", hash = "sha256:61f642bf2378713e2c2e1de73444a3778e5f0a38be6fee0fe532fe30060282ff"}, + {file = "PyNaCl-1.5.0-cp36-abi3-win32.whl", hash = "sha256:e46dae94e34b085175f8abb3b0aaa7da40767865ac82c928eeb9e57e1ea8a543"}, + {file = "PyNaCl-1.5.0-cp36-abi3-win_amd64.whl", hash = "sha256:20f42270d27e1b6a29f54032090b972d97f0a1b0948cc52392041ef7831fee93"}, + {file = "PyNaCl-1.5.0.tar.gz", hash = "sha256:8ac7448f09ab85811607bdd21ec2464495ac8b7c66d146bf545b0f08fb9220ba"}, +] + +[package.dependencies] +cffi = ">=1.4.1" + +[package.extras] +docs = ["sphinx (>=1.6.5)", "sphinx-rtd-theme"] +tests = ["hypothesis (>=3.27.0)", "pytest (>=3.2.1,!=3.3.0)"] + [[package]] name = "pyproject-hooks" version = "1.2.0" @@ -1343,6 +1606,21 @@ Pygments = ">=2.5.1" [package.extras] md = ["cmarkgfm (>=0.8.0)"] +[[package]] +name = "referencing" +version = "0.35.1" +description = "JSON Referencing + Python" +optional = false +python-versions = ">=3.8" +files = [ + {file = "referencing-0.35.1-py3-none-any.whl", hash = "sha256:eda6d3234d62814d1c64e305c1331c9a3a6132da475ab6382eaa997b21ee75de"}, + {file = "referencing-0.35.1.tar.gz", hash = "sha256:25b42124a6c8b632a425174f24087783efb348a6f1e0008e63cd4466fedf703c"}, +] + +[package.dependencies] +attrs = ">=22.2.0" +rpds-py = ">=0.7.0" + [[package]] name = "requests" version = "2.32.3" @@ -1428,6 +1706,186 @@ typing-extensions = {version = ">=4.0.0,<5.0", markers = "python_version < \"3.1 [package.extras] jupyter = ["ipywidgets (>=7.5.1,<9)"] +[[package]] +name = "rpds-py" +version = "0.20.1" +description = "Python bindings to Rust's persistent data structures (rpds)" +optional = false +python-versions = ">=3.8" +files = [ + {file = "rpds_py-0.20.1-cp310-cp310-macosx_10_12_x86_64.whl", hash = "sha256:a649dfd735fff086e8a9d0503a9f0c7d01b7912a333c7ae77e1515c08c146dad"}, + {file = "rpds_py-0.20.1-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:f16bc1334853e91ddaaa1217045dd7be166170beec337576818461268a3de67f"}, + {file = "rpds_py-0.20.1-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:14511a539afee6f9ab492b543060c7491c99924314977a55c98bfa2ee29ce78c"}, + {file = "rpds_py-0.20.1-cp310-cp310-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:3ccb8ac2d3c71cda472b75af42818981bdacf48d2e21c36331b50b4f16930163"}, + {file = "rpds_py-0.20.1-cp310-cp310-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:c142b88039b92e7e0cb2552e8967077e3179b22359e945574f5e2764c3953dcf"}, + {file = "rpds_py-0.20.1-cp310-cp310-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:f19169781dddae7478a32301b499b2858bc52fc45a112955e798ee307e294977"}, + {file = "rpds_py-0.20.1-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:13c56de6518e14b9bf6edde23c4c39dac5b48dcf04160ea7bce8fca8397cdf86"}, + {file = "rpds_py-0.20.1-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:925d176a549f4832c6f69fa6026071294ab5910e82a0fe6c6228fce17b0706bd"}, + {file = "rpds_py-0.20.1-cp310-cp310-musllinux_1_2_aarch64.whl", hash = "sha256:78f0b6877bfce7a3d1ff150391354a410c55d3cdce386f862926a4958ad5ab7e"}, + {file = "rpds_py-0.20.1-cp310-cp310-musllinux_1_2_i686.whl", hash = "sha256:3dd645e2b0dcb0fd05bf58e2e54c13875847687d0b71941ad2e757e5d89d4356"}, + {file = "rpds_py-0.20.1-cp310-cp310-musllinux_1_2_x86_64.whl", hash = "sha256:4f676e21db2f8c72ff0936f895271e7a700aa1f8d31b40e4e43442ba94973899"}, + {file = "rpds_py-0.20.1-cp310-none-win32.whl", hash = "sha256:648386ddd1e19b4a6abab69139b002bc49ebf065b596119f8f37c38e9ecee8ff"}, + {file = "rpds_py-0.20.1-cp310-none-win_amd64.whl", hash = "sha256:d9ecb51120de61e4604650666d1f2b68444d46ae18fd492245a08f53ad2b7711"}, + {file = "rpds_py-0.20.1-cp311-cp311-macosx_10_12_x86_64.whl", hash = "sha256:762703bdd2b30983c1d9e62b4c88664df4a8a4d5ec0e9253b0231171f18f6d75"}, + {file = "rpds_py-0.20.1-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:0b581f47257a9fce535c4567782a8976002d6b8afa2c39ff616edf87cbeff712"}, + {file = "rpds_py-0.20.1-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:842c19a6ce894493563c3bd00d81d5100e8e57d70209e84d5491940fdb8b9e3a"}, + {file = "rpds_py-0.20.1-cp311-cp311-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:42cbde7789f5c0bcd6816cb29808e36c01b960fb5d29f11e052215aa85497c93"}, + {file = "rpds_py-0.20.1-cp311-cp311-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:6c8e9340ce5a52f95fa7d3b552b35c7e8f3874d74a03a8a69279fd5fca5dc751"}, + {file = "rpds_py-0.20.1-cp311-cp311-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:8ba6f89cac95c0900d932c9efb7f0fb6ca47f6687feec41abcb1bd5e2bd45535"}, + {file = "rpds_py-0.20.1-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:4a916087371afd9648e1962e67403c53f9c49ca47b9680adbeef79da3a7811b0"}, + {file = "rpds_py-0.20.1-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:200a23239781f46149e6a415f1e870c5ef1e712939fe8fa63035cd053ac2638e"}, + {file = "rpds_py-0.20.1-cp311-cp311-musllinux_1_2_aarch64.whl", hash = "sha256:58b1d5dd591973d426cbb2da5e27ba0339209832b2f3315928c9790e13f159e8"}, + {file = "rpds_py-0.20.1-cp311-cp311-musllinux_1_2_i686.whl", hash = "sha256:6b73c67850ca7cae0f6c56f71e356d7e9fa25958d3e18a64927c2d930859b8e4"}, + {file = "rpds_py-0.20.1-cp311-cp311-musllinux_1_2_x86_64.whl", hash = "sha256:d8761c3c891cc51e90bc9926d6d2f59b27beaf86c74622c8979380a29cc23ac3"}, + {file = "rpds_py-0.20.1-cp311-none-win32.whl", hash = "sha256:cd945871335a639275eee904caef90041568ce3b42f402c6959b460d25ae8732"}, + {file = "rpds_py-0.20.1-cp311-none-win_amd64.whl", hash = "sha256:7e21b7031e17c6b0e445f42ccc77f79a97e2687023c5746bfb7a9e45e0921b84"}, + {file = "rpds_py-0.20.1-cp312-cp312-macosx_10_12_x86_64.whl", hash = "sha256:36785be22066966a27348444b40389f8444671630063edfb1a2eb04318721e17"}, + {file = "rpds_py-0.20.1-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:142c0a5124d9bd0e2976089484af5c74f47bd3298f2ed651ef54ea728d2ea42c"}, + {file = "rpds_py-0.20.1-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:dbddc10776ca7ebf2a299c41a4dde8ea0d8e3547bfd731cb87af2e8f5bf8962d"}, + {file = "rpds_py-0.20.1-cp312-cp312-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:15a842bb369e00295392e7ce192de9dcbf136954614124a667f9f9f17d6a216f"}, + {file = "rpds_py-0.20.1-cp312-cp312-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:be5ef2f1fc586a7372bfc355986226484e06d1dc4f9402539872c8bb99e34b01"}, + {file = "rpds_py-0.20.1-cp312-cp312-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:dbcf360c9e3399b056a238523146ea77eeb2a596ce263b8814c900263e46031a"}, + {file = "rpds_py-0.20.1-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ecd27a66740ffd621d20b9a2f2b5ee4129a56e27bfb9458a3bcc2e45794c96cb"}, + {file = "rpds_py-0.20.1-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:d0b937b2a1988f184a3e9e577adaa8aede21ec0b38320d6009e02bd026db04fa"}, + {file = "rpds_py-0.20.1-cp312-cp312-musllinux_1_2_aarch64.whl", hash = "sha256:6889469bfdc1eddf489729b471303739bf04555bb151fe8875931f8564309afc"}, + {file = "rpds_py-0.20.1-cp312-cp312-musllinux_1_2_i686.whl", hash = "sha256:19b73643c802f4eaf13d97f7855d0fb527fbc92ab7013c4ad0e13a6ae0ed23bd"}, + {file = "rpds_py-0.20.1-cp312-cp312-musllinux_1_2_x86_64.whl", hash = "sha256:3c6afcf2338e7f374e8edc765c79fbcb4061d02b15dd5f8f314a4af2bdc7feb5"}, + {file = "rpds_py-0.20.1-cp312-none-win32.whl", hash = "sha256:dc73505153798c6f74854aba69cc75953888cf9866465196889c7cdd351e720c"}, + {file = "rpds_py-0.20.1-cp312-none-win_amd64.whl", hash = "sha256:8bbe951244a838a51289ee53a6bae3a07f26d4e179b96fc7ddd3301caf0518eb"}, + {file = "rpds_py-0.20.1-cp313-cp313-macosx_10_12_x86_64.whl", hash = "sha256:6ca91093a4a8da4afae7fe6a222c3b53ee4eef433ebfee4d54978a103435159e"}, + {file = "rpds_py-0.20.1-cp313-cp313-macosx_11_0_arm64.whl", hash = "sha256:b9c2fe36d1f758b28121bef29ed1dee9b7a2453e997528e7d1ac99b94892527c"}, + {file = "rpds_py-0.20.1-cp313-cp313-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:f009c69bc8c53db5dfab72ac760895dc1f2bc1b62ab7408b253c8d1ec52459fc"}, + {file = "rpds_py-0.20.1-cp313-cp313-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:6740a3e8d43a32629bb9b009017ea5b9e713b7210ba48ac8d4cb6d99d86c8ee8"}, + {file = "rpds_py-0.20.1-cp313-cp313-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:32b922e13d4c0080d03e7b62991ad7f5007d9cd74e239c4b16bc85ae8b70252d"}, + {file = "rpds_py-0.20.1-cp313-cp313-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:fe00a9057d100e69b4ae4a094203a708d65b0f345ed546fdef86498bf5390982"}, + {file = "rpds_py-0.20.1-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:49fe9b04b6fa685bd39237d45fad89ba19e9163a1ccaa16611a812e682913496"}, + {file = "rpds_py-0.20.1-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:aa7ac11e294304e615b43f8c441fee5d40094275ed7311f3420d805fde9b07b4"}, + {file = "rpds_py-0.20.1-cp313-cp313-musllinux_1_2_aarch64.whl", hash = "sha256:6aa97af1558a9bef4025f8f5d8c60d712e0a3b13a2fe875511defc6ee77a1ab7"}, + {file = "rpds_py-0.20.1-cp313-cp313-musllinux_1_2_i686.whl", hash = "sha256:483b29f6f7ffa6af845107d4efe2e3fa8fb2693de8657bc1849f674296ff6a5a"}, + {file = "rpds_py-0.20.1-cp313-cp313-musllinux_1_2_x86_64.whl", hash = "sha256:37fe0f12aebb6a0e3e17bb4cd356b1286d2d18d2e93b2d39fe647138458b4bcb"}, + {file = "rpds_py-0.20.1-cp313-none-win32.whl", hash = "sha256:a624cc00ef2158e04188df5e3016385b9353638139a06fb77057b3498f794782"}, + {file = "rpds_py-0.20.1-cp313-none-win_amd64.whl", hash = "sha256:b71b8666eeea69d6363248822078c075bac6ed135faa9216aa85f295ff009b1e"}, + {file = "rpds_py-0.20.1-cp38-cp38-macosx_10_12_x86_64.whl", hash = "sha256:5b48e790e0355865197ad0aca8cde3d8ede347831e1959e158369eb3493d2191"}, + {file = "rpds_py-0.20.1-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:3e310838a5801795207c66c73ea903deda321e6146d6f282e85fa7e3e4854804"}, + {file = "rpds_py-0.20.1-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:2249280b870e6a42c0d972339e9cc22ee98730a99cd7f2f727549af80dd5a963"}, + {file = "rpds_py-0.20.1-cp38-cp38-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:e79059d67bea28b53d255c1437b25391653263f0e69cd7dec170d778fdbca95e"}, + {file = "rpds_py-0.20.1-cp38-cp38-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:2b431c777c9653e569986ecf69ff4a5dba281cded16043d348bf9ba505486f36"}, + {file = "rpds_py-0.20.1-cp38-cp38-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:da584ff96ec95e97925174eb8237e32f626e7a1a97888cdd27ee2f1f24dd0ad8"}, + {file = "rpds_py-0.20.1-cp38-cp38-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:02a0629ec053fc013808a85178524e3cb63a61dbc35b22499870194a63578fb9"}, + {file = "rpds_py-0.20.1-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:fbf15aff64a163db29a91ed0868af181d6f68ec1a3a7d5afcfe4501252840bad"}, + {file = "rpds_py-0.20.1-cp38-cp38-musllinux_1_2_aarch64.whl", hash = "sha256:07924c1b938798797d60c6308fa8ad3b3f0201802f82e4a2c41bb3fafb44cc28"}, + {file = "rpds_py-0.20.1-cp38-cp38-musllinux_1_2_i686.whl", hash = "sha256:4a5a844f68776a7715ecb30843b453f07ac89bad393431efbf7accca3ef599c1"}, + {file = "rpds_py-0.20.1-cp38-cp38-musllinux_1_2_x86_64.whl", hash = "sha256:518d2ca43c358929bf08f9079b617f1c2ca6e8848f83c1225c88caeac46e6cbc"}, + {file = "rpds_py-0.20.1-cp38-none-win32.whl", hash = "sha256:3aea7eed3e55119635a74bbeb80b35e776bafccb70d97e8ff838816c124539f1"}, + {file = "rpds_py-0.20.1-cp38-none-win_amd64.whl", hash = "sha256:7dca7081e9a0c3b6490a145593f6fe3173a94197f2cb9891183ef75e9d64c425"}, + {file = "rpds_py-0.20.1-cp39-cp39-macosx_10_12_x86_64.whl", hash = "sha256:b41b6321805c472f66990c2849e152aff7bc359eb92f781e3f606609eac877ad"}, + {file = "rpds_py-0.20.1-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:0a90c373ea2975519b58dece25853dbcb9779b05cc46b4819cb1917e3b3215b6"}, + {file = "rpds_py-0.20.1-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:16d4477bcb9fbbd7b5b0e4a5d9b493e42026c0bf1f06f723a9353f5153e75d30"}, + {file = "rpds_py-0.20.1-cp39-cp39-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:84b8382a90539910b53a6307f7c35697bc7e6ffb25d9c1d4e998a13e842a5e83"}, + {file = "rpds_py-0.20.1-cp39-cp39-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:4888e117dd41b9d34194d9e31631af70d3d526efc363085e3089ab1a62c32ed1"}, + {file = "rpds_py-0.20.1-cp39-cp39-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:5265505b3d61a0f56618c9b941dc54dc334dc6e660f1592d112cd103d914a6db"}, + {file = "rpds_py-0.20.1-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:e75ba609dba23f2c95b776efb9dd3f0b78a76a151e96f96cc5b6b1b0004de66f"}, + {file = "rpds_py-0.20.1-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:1791ff70bc975b098fe6ecf04356a10e9e2bd7dc21fa7351c1742fdeb9b4966f"}, + {file = "rpds_py-0.20.1-cp39-cp39-musllinux_1_2_aarch64.whl", hash = "sha256:d126b52e4a473d40232ec2052a8b232270ed1f8c9571aaf33f73a14cc298c24f"}, + {file = "rpds_py-0.20.1-cp39-cp39-musllinux_1_2_i686.whl", hash = "sha256:c14937af98c4cc362a1d4374806204dd51b1e12dded1ae30645c298e5a5c4cb1"}, + {file = "rpds_py-0.20.1-cp39-cp39-musllinux_1_2_x86_64.whl", hash = "sha256:3d089d0b88996df627693639d123c8158cff41c0651f646cd8fd292c7da90eaf"}, + {file = "rpds_py-0.20.1-cp39-none-win32.whl", hash = "sha256:653647b8838cf83b2e7e6a0364f49af96deec64d2a6578324db58380cff82aca"}, + {file = "rpds_py-0.20.1-cp39-none-win_amd64.whl", hash = "sha256:fa41a64ac5b08b292906e248549ab48b69c5428f3987b09689ab2441f267d04d"}, + {file = "rpds_py-0.20.1-pp310-pypy310_pp73-macosx_10_12_x86_64.whl", hash = "sha256:7a07ced2b22f0cf0b55a6a510078174c31b6d8544f3bc00c2bcee52b3d613f74"}, + {file = "rpds_py-0.20.1-pp310-pypy310_pp73-macosx_11_0_arm64.whl", hash = "sha256:68cb0a499f2c4a088fd2f521453e22ed3527154136a855c62e148b7883b99f9a"}, + {file = "rpds_py-0.20.1-pp310-pypy310_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:fa3060d885657abc549b2a0f8e1b79699290e5d83845141717c6c90c2df38311"}, + {file = "rpds_py-0.20.1-pp310-pypy310_pp73-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:95f3b65d2392e1c5cec27cff08fdc0080270d5a1a4b2ea1d51d5f4a2620ff08d"}, + {file = "rpds_py-0.20.1-pp310-pypy310_pp73-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:2cc3712a4b0b76a1d45a9302dd2f53ff339614b1c29603a911318f2357b04dd2"}, + {file = "rpds_py-0.20.1-pp310-pypy310_pp73-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:5d4eea0761e37485c9b81400437adb11c40e13ef513375bbd6973e34100aeb06"}, + {file = "rpds_py-0.20.1-pp310-pypy310_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7f5179583d7a6cdb981151dd349786cbc318bab54963a192692d945dd3f6435d"}, + {file = "rpds_py-0.20.1-pp310-pypy310_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:2fbb0ffc754490aff6dabbf28064be47f0f9ca0b9755976f945214965b3ace7e"}, + {file = "rpds_py-0.20.1-pp310-pypy310_pp73-musllinux_1_2_aarch64.whl", hash = "sha256:a94e52537a0e0a85429eda9e49f272ada715506d3b2431f64b8a3e34eb5f3e75"}, + {file = "rpds_py-0.20.1-pp310-pypy310_pp73-musllinux_1_2_i686.whl", hash = "sha256:92b68b79c0da2a980b1c4197e56ac3dd0c8a149b4603747c4378914a68706979"}, + {file = "rpds_py-0.20.1-pp310-pypy310_pp73-musllinux_1_2_x86_64.whl", hash = "sha256:93da1d3db08a827eda74356f9f58884adb254e59b6664f64cc04cdff2cc19b0d"}, + {file = "rpds_py-0.20.1-pp310-pypy310_pp73-win_amd64.whl", hash = "sha256:754bbed1a4ca48479e9d4182a561d001bbf81543876cdded6f695ec3d465846b"}, + {file = "rpds_py-0.20.1-pp39-pypy39_pp73-macosx_10_12_x86_64.whl", hash = "sha256:ca449520e7484534a2a44faf629362cae62b660601432d04c482283c47eaebab"}, + {file = "rpds_py-0.20.1-pp39-pypy39_pp73-macosx_11_0_arm64.whl", hash = "sha256:9c4cb04a16b0f199a8c9bf807269b2f63b7b5b11425e4a6bd44bd6961d28282c"}, + {file = "rpds_py-0.20.1-pp39-pypy39_pp73-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:bb63804105143c7e24cee7db89e37cb3f3941f8e80c4379a0b355c52a52b6780"}, + {file = "rpds_py-0.20.1-pp39-pypy39_pp73-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:55cd1fa4ecfa6d9f14fbd97ac24803e6f73e897c738f771a9fe038f2f11ff07c"}, + {file = "rpds_py-0.20.1-pp39-pypy39_pp73-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:0f8f741b6292c86059ed175d80eefa80997125b7c478fb8769fd9ac8943a16c0"}, + {file = "rpds_py-0.20.1-pp39-pypy39_pp73-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:0fc212779bf8411667234b3cdd34d53de6c2b8b8b958e1e12cb473a5f367c338"}, + {file = "rpds_py-0.20.1-pp39-pypy39_pp73-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:0ad56edabcdb428c2e33bbf24f255fe2b43253b7d13a2cdbf05de955217313e6"}, + {file = "rpds_py-0.20.1-pp39-pypy39_pp73-manylinux_2_5_i686.manylinux1_i686.whl", hash = "sha256:0a3a1e9ee9728b2c1734f65d6a1d376c6f2f6fdcc13bb007a08cc4b1ff576dc5"}, + {file = "rpds_py-0.20.1-pp39-pypy39_pp73-musllinux_1_2_aarch64.whl", hash = "sha256:e13de156137b7095442b288e72f33503a469aa1980ed856b43c353ac86390519"}, + {file = "rpds_py-0.20.1-pp39-pypy39_pp73-musllinux_1_2_i686.whl", hash = "sha256:07f59760ef99f31422c49038964b31c4dfcfeb5d2384ebfc71058a7c9adae2d2"}, + {file = "rpds_py-0.20.1-pp39-pypy39_pp73-musllinux_1_2_x86_64.whl", hash = "sha256:59240685e7da61fb78f65a9f07f8108e36a83317c53f7b276b4175dc44151684"}, + {file = "rpds_py-0.20.1-pp39-pypy39_pp73-win_amd64.whl", hash = "sha256:83cba698cfb3c2c5a7c3c6bac12fe6c6a51aae69513726be6411076185a8b24a"}, + {file = "rpds_py-0.20.1.tar.gz", hash = "sha256:e1791c4aabd117653530dccd24108fa03cc6baf21f58b950d0a73c3b3b29a350"}, +] + +[[package]] +name = "ruamel-yaml" +version = "0.18.6" +description = "ruamel.yaml is a YAML parser/emitter that supports roundtrip preservation of comments, seq/map flow style, and map key order" +optional = false +python-versions = ">=3.7" +files = [ + {file = "ruamel.yaml-0.18.6-py3-none-any.whl", hash = "sha256:57b53ba33def16c4f3d807c0ccbc00f8a6081827e81ba2491691b76882d0c636"}, + {file = "ruamel.yaml-0.18.6.tar.gz", hash = "sha256:8b27e6a217e786c6fbe5634d8f3f11bc63e0f80f6a5890f28863d9c45aac311b"}, +] + +[package.dependencies] +"ruamel.yaml.clib" = {version = ">=0.2.7", markers = "platform_python_implementation == \"CPython\" and python_version < \"3.13\""} + +[package.extras] +docs = ["mercurial (>5.7)", "ryd"] +jinja2 = ["ruamel.yaml.jinja2 (>=0.2)"] + +[[package]] +name = "ruamel-yaml-clib" +version = "0.2.12" +description = "C version of reader, parser and emitter for ruamel.yaml derived from libyaml" +optional = false +python-versions = ">=3.9" +files = [ + {file = "ruamel.yaml.clib-0.2.12-cp310-cp310-macosx_13_0_arm64.whl", hash = "sha256:11f891336688faf5156a36293a9c362bdc7c88f03a8a027c2c1d8e0bcde998e5"}, + {file = "ruamel.yaml.clib-0.2.12-cp310-cp310-manylinux2014_aarch64.whl", hash = "sha256:a606ef75a60ecf3d924613892cc603b154178ee25abb3055db5062da811fd969"}, + {file = "ruamel.yaml.clib-0.2.12-cp310-cp310-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:fd5415dded15c3822597455bc02bcd66e81ef8b7a48cb71a33628fc9fdde39df"}, + {file = "ruamel.yaml.clib-0.2.12-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:f66efbc1caa63c088dead1c4170d148eabc9b80d95fb75b6c92ac0aad2437d76"}, + {file = "ruamel.yaml.clib-0.2.12-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:22353049ba4181685023b25b5b51a574bce33e7f51c759371a7422dcae5402a6"}, + {file = "ruamel.yaml.clib-0.2.12-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:932205970b9f9991b34f55136be327501903f7c66830e9760a8ffb15b07f05cd"}, + {file = "ruamel.yaml.clib-0.2.12-cp310-cp310-win32.whl", hash = "sha256:3eac5a91891ceb88138c113f9db04f3cebdae277f5d44eaa3651a4f573e6a5da"}, + {file = "ruamel.yaml.clib-0.2.12-cp310-cp310-win_amd64.whl", hash = "sha256:ab007f2f5a87bd08ab1499bdf96f3d5c6ad4dcfa364884cb4549aa0154b13a28"}, + {file = "ruamel.yaml.clib-0.2.12-cp311-cp311-macosx_13_0_arm64.whl", hash = "sha256:4a6679521a58256a90b0d89e03992c15144c5f3858f40d7c18886023d7943db6"}, + {file = "ruamel.yaml.clib-0.2.12-cp311-cp311-manylinux2014_aarch64.whl", hash = "sha256:d84318609196d6bd6da0edfa25cedfbabd8dbde5140a0a23af29ad4b8f91fb1e"}, + {file = "ruamel.yaml.clib-0.2.12-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:bb43a269eb827806502c7c8efb7ae7e9e9d0573257a46e8e952f4d4caba4f31e"}, + {file = "ruamel.yaml.clib-0.2.12-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:811ea1594b8a0fb466172c384267a4e5e367298af6b228931f273b111f17ef52"}, + {file = "ruamel.yaml.clib-0.2.12-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:cf12567a7b565cbf65d438dec6cfbe2917d3c1bdddfce84a9930b7d35ea59642"}, + {file = "ruamel.yaml.clib-0.2.12-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:7dd5adc8b930b12c8fc5b99e2d535a09889941aa0d0bd06f4749e9a9397c71d2"}, + {file = "ruamel.yaml.clib-0.2.12-cp311-cp311-win32.whl", hash = "sha256:bd0a08f0bab19093c54e18a14a10b4322e1eacc5217056f3c063bd2f59853ce4"}, + {file = "ruamel.yaml.clib-0.2.12-cp311-cp311-win_amd64.whl", hash = "sha256:a274fb2cb086c7a3dea4322ec27f4cb5cc4b6298adb583ab0e211a4682f241eb"}, + {file = "ruamel.yaml.clib-0.2.12-cp312-cp312-macosx_14_0_arm64.whl", hash = "sha256:20b0f8dc160ba83b6dcc0e256846e1a02d044e13f7ea74a3d1d56ede4e48c632"}, + {file = "ruamel.yaml.clib-0.2.12-cp312-cp312-manylinux2014_aarch64.whl", hash = "sha256:943f32bc9dedb3abff9879edc134901df92cfce2c3d5c9348f172f62eb2d771d"}, + {file = "ruamel.yaml.clib-0.2.12-cp312-cp312-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:95c3829bb364fdb8e0332c9931ecf57d9be3519241323c5274bd82f709cebc0c"}, + {file = "ruamel.yaml.clib-0.2.12-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:749c16fcc4a2b09f28843cda5a193e0283e47454b63ec4b81eaa2242f50e4ccd"}, + {file = "ruamel.yaml.clib-0.2.12-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:bf165fef1f223beae7333275156ab2022cffe255dcc51c27f066b4370da81e31"}, + {file = "ruamel.yaml.clib-0.2.12-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:32621c177bbf782ca5a18ba4d7af0f1082a3f6e517ac2a18b3974d4edf349680"}, + {file = "ruamel.yaml.clib-0.2.12-cp312-cp312-win32.whl", hash = "sha256:e8c4ebfcfd57177b572e2040777b8abc537cdef58a2120e830124946aa9b42c5"}, + {file = "ruamel.yaml.clib-0.2.12-cp312-cp312-win_amd64.whl", hash = "sha256:0467c5965282c62203273b838ae77c0d29d7638c8a4e3a1c8bdd3602c10904e4"}, + {file = "ruamel.yaml.clib-0.2.12-cp313-cp313-macosx_14_0_arm64.whl", hash = "sha256:4c8c5d82f50bb53986a5e02d1b3092b03622c02c2eb78e29bec33fd9593bae1a"}, + {file = "ruamel.yaml.clib-0.2.12-cp313-cp313-manylinux2014_aarch64.whl", hash = "sha256:e7e3736715fbf53e9be2a79eb4db68e4ed857017344d697e8b9749444ae57475"}, + {file = "ruamel.yaml.clib-0.2.12-cp313-cp313-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:0b7e75b4965e1d4690e93021adfcecccbca7d61c7bddd8e22406ef2ff20d74ef"}, + {file = "ruamel.yaml.clib-0.2.12-cp313-cp313-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:96777d473c05ee3e5e3c3e999f5d23c6f4ec5b0c38c098b3a5229085f74236c6"}, + {file = "ruamel.yaml.clib-0.2.12-cp313-cp313-musllinux_1_1_i686.whl", hash = "sha256:3bc2a80e6420ca8b7d3590791e2dfc709c88ab9152c00eeb511c9875ce5778bf"}, + {file = "ruamel.yaml.clib-0.2.12-cp313-cp313-musllinux_1_1_x86_64.whl", hash = "sha256:e188d2699864c11c36cdfdada94d781fd5d6b0071cd9c427bceb08ad3d7c70e1"}, + {file = "ruamel.yaml.clib-0.2.12-cp313-cp313-win32.whl", hash = "sha256:6442cb36270b3afb1b4951f060eccca1ce49f3d087ca1ca4563a6eb479cb3de6"}, + {file = "ruamel.yaml.clib-0.2.12-cp313-cp313-win_amd64.whl", hash = "sha256:e5b8daf27af0b90da7bb903a876477a9e6d7270be6146906b276605997c7e9a3"}, + {file = "ruamel.yaml.clib-0.2.12-cp39-cp39-macosx_12_0_arm64.whl", hash = "sha256:fc4b630cd3fa2cf7fce38afa91d7cfe844a9f75d7f0f36393fa98815e911d987"}, + {file = "ruamel.yaml.clib-0.2.12-cp39-cp39-manylinux2014_aarch64.whl", hash = "sha256:bc5f1e1c28e966d61d2519f2a3d451ba989f9ea0f2307de7bc45baa526de9e45"}, + {file = "ruamel.yaml.clib-0.2.12-cp39-cp39-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:5a0e060aace4c24dcaf71023bbd7d42674e3b230f7e7b97317baf1e953e5b519"}, + {file = "ruamel.yaml.clib-0.2.12-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:e2f1c3765db32be59d18ab3953f43ab62a761327aafc1594a2a1fbe038b8b8a7"}, + {file = "ruamel.yaml.clib-0.2.12-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:d85252669dc32f98ebcd5d36768f5d4faeaeaa2d655ac0473be490ecdae3c285"}, + {file = "ruamel.yaml.clib-0.2.12-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:e143ada795c341b56de9418c58d028989093ee611aa27ffb9b7f609c00d813ed"}, + {file = "ruamel.yaml.clib-0.2.12-cp39-cp39-win32.whl", hash = "sha256:beffaed67936fbbeffd10966a4eb53c402fafd3d6833770516bf7314bc6ffa12"}, + {file = "ruamel.yaml.clib-0.2.12-cp39-cp39-win_amd64.whl", hash = "sha256:040ae85536960525ea62868b642bdb0c2cc6021c9f9d507810c0c604e66f5a7b"}, + {file = "ruamel.yaml.clib-0.2.12.tar.gz", hash = "sha256:6c8fbb13ec503f99a91901ab46e0b07ae7941cd527393187039aec586fdfd36f"}, +] + [[package]] name = "secretstorage" version = "3.3.3" @@ -1659,6 +2117,85 @@ h2 = ["h2 (>=4,<5)"] socks = ["pysocks (>=1.5.6,!=1.5.7,<2.0)"] zstd = ["zstandard (>=0.18.0)"] +[[package]] +name = "wrapt" +version = "1.16.0" +description = "Module for decorators, wrappers and monkey patching." +optional = false +python-versions = ">=3.6" +files = [ + {file = "wrapt-1.16.0-cp310-cp310-macosx_10_9_x86_64.whl", hash = "sha256:ffa565331890b90056c01db69c0fe634a776f8019c143a5ae265f9c6bc4bd6d4"}, + {file = "wrapt-1.16.0-cp310-cp310-macosx_11_0_arm64.whl", hash = "sha256:e4fdb9275308292e880dcbeb12546df7f3e0f96c6b41197e0cf37d2826359020"}, + {file = "wrapt-1.16.0-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:bb2dee3874a500de01c93d5c71415fcaef1d858370d405824783e7a8ef5db440"}, + {file = "wrapt-1.16.0-cp310-cp310-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:2a88e6010048489cda82b1326889ec075a8c856c2e6a256072b28eaee3ccf487"}, + {file = "wrapt-1.16.0-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ac83a914ebaf589b69f7d0a1277602ff494e21f4c2f743313414378f8f50a4cf"}, + {file = "wrapt-1.16.0-cp310-cp310-musllinux_1_1_aarch64.whl", hash = "sha256:73aa7d98215d39b8455f103de64391cb79dfcad601701a3aa0dddacf74911d72"}, + {file = "wrapt-1.16.0-cp310-cp310-musllinux_1_1_i686.whl", hash = "sha256:807cc8543a477ab7422f1120a217054f958a66ef7314f76dd9e77d3f02cdccd0"}, + {file = "wrapt-1.16.0-cp310-cp310-musllinux_1_1_x86_64.whl", hash = "sha256:bf5703fdeb350e36885f2875d853ce13172ae281c56e509f4e6eca049bdfb136"}, + {file = "wrapt-1.16.0-cp310-cp310-win32.whl", hash = "sha256:f6b2d0c6703c988d334f297aa5df18c45e97b0af3679bb75059e0e0bd8b1069d"}, + {file = "wrapt-1.16.0-cp310-cp310-win_amd64.whl", hash = "sha256:decbfa2f618fa8ed81c95ee18a387ff973143c656ef800c9f24fb7e9c16054e2"}, + {file = "wrapt-1.16.0-cp311-cp311-macosx_10_9_x86_64.whl", hash = "sha256:1a5db485fe2de4403f13fafdc231b0dbae5eca4359232d2efc79025527375b09"}, + {file = "wrapt-1.16.0-cp311-cp311-macosx_11_0_arm64.whl", hash = "sha256:75ea7d0ee2a15733684badb16de6794894ed9c55aa5e9903260922f0482e687d"}, + {file = "wrapt-1.16.0-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a452f9ca3e3267cd4d0fcf2edd0d035b1934ac2bd7e0e57ac91ad6b95c0c6389"}, + {file = "wrapt-1.16.0-cp311-cp311-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:43aa59eadec7890d9958748db829df269f0368521ba6dc68cc172d5d03ed8060"}, + {file = "wrapt-1.16.0-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:72554a23c78a8e7aa02abbd699d129eead8b147a23c56e08d08dfc29cfdddca1"}, + {file = "wrapt-1.16.0-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:d2efee35b4b0a347e0d99d28e884dfd82797852d62fcd7ebdeee26f3ceb72cf3"}, + {file = "wrapt-1.16.0-cp311-cp311-musllinux_1_1_i686.whl", hash = "sha256:6dcfcffe73710be01d90cae08c3e548d90932d37b39ef83969ae135d36ef3956"}, + {file = "wrapt-1.16.0-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:eb6e651000a19c96f452c85132811d25e9264d836951022d6e81df2fff38337d"}, + {file = "wrapt-1.16.0-cp311-cp311-win32.whl", hash = "sha256:66027d667efe95cc4fa945af59f92c5a02c6f5bb6012bff9e60542c74c75c362"}, + {file = "wrapt-1.16.0-cp311-cp311-win_amd64.whl", hash = "sha256:aefbc4cb0a54f91af643660a0a150ce2c090d3652cf4052a5397fb2de549cd89"}, + {file = "wrapt-1.16.0-cp312-cp312-macosx_10_9_x86_64.whl", hash = "sha256:5eb404d89131ec9b4f748fa5cfb5346802e5ee8836f57d516576e61f304f3b7b"}, + {file = "wrapt-1.16.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:9090c9e676d5236a6948330e83cb89969f433b1943a558968f659ead07cb3b36"}, + {file = "wrapt-1.16.0-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:94265b00870aa407bd0cbcfd536f17ecde43b94fb8d228560a1e9d3041462d73"}, + {file = "wrapt-1.16.0-cp312-cp312-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:f2058f813d4f2b5e3a9eb2eb3faf8f1d99b81c3e51aeda4b168406443e8ba809"}, + {file = "wrapt-1.16.0-cp312-cp312-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:98b5e1f498a8ca1858a1cdbffb023bfd954da4e3fa2c0cb5853d40014557248b"}, + {file = "wrapt-1.16.0-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:14d7dc606219cdd7405133c713f2c218d4252f2a469003f8c46bb92d5d095d81"}, + {file = "wrapt-1.16.0-cp312-cp312-musllinux_1_1_i686.whl", hash = "sha256:49aac49dc4782cb04f58986e81ea0b4768e4ff197b57324dcbd7699c5dfb40b9"}, + {file = "wrapt-1.16.0-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:418abb18146475c310d7a6dc71143d6f7adec5b004ac9ce08dc7a34e2babdc5c"}, + {file = "wrapt-1.16.0-cp312-cp312-win32.whl", hash = "sha256:685f568fa5e627e93f3b52fda002c7ed2fa1800b50ce51f6ed1d572d8ab3e7fc"}, + {file = "wrapt-1.16.0-cp312-cp312-win_amd64.whl", hash = "sha256:dcdba5c86e368442528f7060039eda390cc4091bfd1dca41e8046af7c910dda8"}, + {file = "wrapt-1.16.0-cp36-cp36m-macosx_10_9_x86_64.whl", hash = "sha256:d462f28826f4657968ae51d2181a074dfe03c200d6131690b7d65d55b0f360f8"}, + {file = "wrapt-1.16.0-cp36-cp36m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a33a747400b94b6d6b8a165e4480264a64a78c8a4c734b62136062e9a248dd39"}, + {file = "wrapt-1.16.0-cp36-cp36m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:b3646eefa23daeba62643a58aac816945cadc0afaf21800a1421eeba5f6cfb9c"}, + {file = "wrapt-1.16.0-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:3ebf019be5c09d400cf7b024aa52b1f3aeebeff51550d007e92c3c1c4afc2a40"}, + {file = "wrapt-1.16.0-cp36-cp36m-musllinux_1_1_aarch64.whl", hash = "sha256:0d2691979e93d06a95a26257adb7bfd0c93818e89b1406f5a28f36e0d8c1e1fc"}, + {file = "wrapt-1.16.0-cp36-cp36m-musllinux_1_1_i686.whl", hash = "sha256:1acd723ee2a8826f3d53910255643e33673e1d11db84ce5880675954183ec47e"}, + {file = "wrapt-1.16.0-cp36-cp36m-musllinux_1_1_x86_64.whl", hash = "sha256:bc57efac2da352a51cc4658878a68d2b1b67dbe9d33c36cb826ca449d80a8465"}, + {file = "wrapt-1.16.0-cp36-cp36m-win32.whl", hash = "sha256:da4813f751142436b075ed7aa012a8778aa43a99f7b36afe9b742d3ed8bdc95e"}, + {file = "wrapt-1.16.0-cp36-cp36m-win_amd64.whl", hash = "sha256:6f6eac2360f2d543cc875a0e5efd413b6cbd483cb3ad7ebf888884a6e0d2e966"}, + {file = "wrapt-1.16.0-cp37-cp37m-macosx_10_9_x86_64.whl", hash = "sha256:a0ea261ce52b5952bf669684a251a66df239ec6d441ccb59ec7afa882265d593"}, + {file = "wrapt-1.16.0-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:7bd2d7ff69a2cac767fbf7a2b206add2e9a210e57947dd7ce03e25d03d2de292"}, + {file = "wrapt-1.16.0-cp37-cp37m-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:9159485323798c8dc530a224bd3ffcf76659319ccc7bbd52e01e73bd0241a0c5"}, + {file = "wrapt-1.16.0-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:a86373cf37cd7764f2201b76496aba58a52e76dedfaa698ef9e9688bfd9e41cf"}, + {file = "wrapt-1.16.0-cp37-cp37m-musllinux_1_1_aarch64.whl", hash = "sha256:73870c364c11f03ed072dda68ff7aea6d2a3a5c3fe250d917a429c7432e15228"}, + {file = "wrapt-1.16.0-cp37-cp37m-musllinux_1_1_i686.whl", hash = "sha256:b935ae30c6e7400022b50f8d359c03ed233d45b725cfdd299462f41ee5ffba6f"}, + {file = "wrapt-1.16.0-cp37-cp37m-musllinux_1_1_x86_64.whl", hash = "sha256:db98ad84a55eb09b3c32a96c576476777e87c520a34e2519d3e59c44710c002c"}, + {file = "wrapt-1.16.0-cp37-cp37m-win32.whl", hash = "sha256:9153ed35fc5e4fa3b2fe97bddaa7cbec0ed22412b85bcdaf54aeba92ea37428c"}, + {file = "wrapt-1.16.0-cp37-cp37m-win_amd64.whl", hash = "sha256:66dfbaa7cfa3eb707bbfcd46dab2bc6207b005cbc9caa2199bcbc81d95071a00"}, + {file = "wrapt-1.16.0-cp38-cp38-macosx_10_9_x86_64.whl", hash = "sha256:1dd50a2696ff89f57bd8847647a1c363b687d3d796dc30d4dd4a9d1689a706f0"}, + {file = "wrapt-1.16.0-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:44a2754372e32ab315734c6c73b24351d06e77ffff6ae27d2ecf14cf3d229202"}, + {file = "wrapt-1.16.0-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:8e9723528b9f787dc59168369e42ae1c3b0d3fadb2f1a71de14531d321ee05b0"}, + {file = "wrapt-1.16.0-cp38-cp38-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:dbed418ba5c3dce92619656802cc5355cb679e58d0d89b50f116e4a9d5a9603e"}, + {file = "wrapt-1.16.0-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:941988b89b4fd6b41c3f0bfb20e92bd23746579736b7343283297c4c8cbae68f"}, + {file = "wrapt-1.16.0-cp38-cp38-musllinux_1_1_aarch64.whl", hash = "sha256:6a42cd0cfa8ffc1915aef79cb4284f6383d8a3e9dcca70c445dcfdd639d51267"}, + {file = "wrapt-1.16.0-cp38-cp38-musllinux_1_1_i686.whl", hash = "sha256:1ca9b6085e4f866bd584fb135a041bfc32cab916e69f714a7d1d397f8c4891ca"}, + {file = "wrapt-1.16.0-cp38-cp38-musllinux_1_1_x86_64.whl", hash = "sha256:d5e49454f19ef621089e204f862388d29e6e8d8b162efce05208913dde5b9ad6"}, + {file = "wrapt-1.16.0-cp38-cp38-win32.whl", hash = "sha256:c31f72b1b6624c9d863fc095da460802f43a7c6868c5dda140f51da24fd47d7b"}, + {file = "wrapt-1.16.0-cp38-cp38-win_amd64.whl", hash = "sha256:490b0ee15c1a55be9c1bd8609b8cecd60e325f0575fc98f50058eae366e01f41"}, + {file = "wrapt-1.16.0-cp39-cp39-macosx_10_9_x86_64.whl", hash = "sha256:9b201ae332c3637a42f02d1045e1d0cccfdc41f1f2f801dafbaa7e9b4797bfc2"}, + {file = "wrapt-1.16.0-cp39-cp39-macosx_11_0_arm64.whl", hash = "sha256:2076fad65c6736184e77d7d4729b63a6d1ae0b70da4868adeec40989858eb3fb"}, + {file = "wrapt-1.16.0-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:c5cd603b575ebceca7da5a3a251e69561bec509e0b46e4993e1cac402b7247b8"}, + {file = "wrapt-1.16.0-cp39-cp39-manylinux_2_5_i686.manylinux1_i686.manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:b47cfad9e9bbbed2339081f4e346c93ecd7ab504299403320bf85f7f85c7d46c"}, + {file = "wrapt-1.16.0-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:f8212564d49c50eb4565e502814f694e240c55551a5f1bc841d4fcaabb0a9b8a"}, + {file = "wrapt-1.16.0-cp39-cp39-musllinux_1_1_aarch64.whl", hash = "sha256:5f15814a33e42b04e3de432e573aa557f9f0f56458745c2074952f564c50e664"}, + {file = "wrapt-1.16.0-cp39-cp39-musllinux_1_1_i686.whl", hash = "sha256:db2e408d983b0e61e238cf579c09ef7020560441906ca990fe8412153e3b291f"}, + {file = "wrapt-1.16.0-cp39-cp39-musllinux_1_1_x86_64.whl", hash = "sha256:edfad1d29c73f9b863ebe7082ae9321374ccb10879eeabc84ba3b69f2579d537"}, + {file = "wrapt-1.16.0-cp39-cp39-win32.whl", hash = "sha256:ed867c42c268f876097248e05b6117a65bcd1e63b779e916fe2e33cd6fd0d3c3"}, + {file = "wrapt-1.16.0-cp39-cp39-win_amd64.whl", hash = "sha256:eb1b046be06b0fce7249f1d025cd359b4b80fc1c3e24ad9eca33e0dcdb2e4a35"}, + {file = "wrapt-1.16.0-py3-none-any.whl", hash = "sha256:6906c4100a8fcbf2fa735f6059214bb13b97f75b1a61777fcf6432121ef12ef1"}, + {file = "wrapt-1.16.0.tar.gz", hash = "sha256:5f370f952971e7d17c7d1ead40e49f32345a7f7a5373571ef44d800d06b1899d"}, +] + [[package]] name = "zipp" version = "3.20.2" @@ -1681,4 +2218,4 @@ type = ["pytest-mypy"] [metadata] lock-version = "2.0" python-versions = ">=3.9,<4.0" -content-hash = "ef4f65da1d058e9d892ff8182d8e8d38a5ef9f20ca3435cd344ae35221598570" +content-hash = "6d01ee17306b54d746d5638ee00f1b9d64e39e69a257dd240185582f64eb6d58" diff --git a/pyproject.toml b/pyproject.toml index 931fdc5..6a849a5 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -66,6 +66,10 @@ twine = "5.1.1" PyYAML = "6.0.2" id = "1.4.0" security-md = "0.2.3" +application-download = "0.0.1.dev3" +PyGithub = "2.4.0" +debian-inspector = "31.1.0" +multi-repo-automation = "1.3.0" [tool.poetry.group.dev.dependencies] prospector = { version = "1.12.1", extras = ["with-bandit", "with-mypy", "with-pyroma"] } diff --git a/tag_publish/__init__.py b/tag_publish/__init__.py index e4c29cb..b093d3b 100644 --- a/tag_publish/__init__.py +++ b/tag_publish/__init__.py @@ -1,3 +1,229 @@ """ Tag Publish main module. """ + +import os.path +import re +import subprocess # nosec +from re import Match, Pattern +from typing import Any, Optional, TypedDict, cast + +import github +import requests +import ruamel.yaml +import security_md + +import tag_publish.configuration + +VersionTransform = TypedDict( + "VersionTransform", + { + # The from regular expression + "from": Pattern[str], + # The expand regular expression: https://docs.python.org/3/library/re.html#re.Match.expand + "to": str, + }, + total=False, +) + + +class GH: + """GitHub helper class.""" + + def __init__(self) -> None: + """Initialize the GitHub helper class.""" + self.auth = github.Auth.Token(os.environ["GITHUB_TOKEN"]) + self.github = github.Github(auth=self.auth) + self.repo = self.github.get_repo(os.environ["GITHUB_REPOSITORY"]) + self.default_branch = self.repo.default_branch + + +def get_security_md(gh: GH) -> security_md.Security: + """ + Get the SECURITY.md file. + + Arguments: + gh: The GitHub helper + + """ + security_file = gh.repo.get_contents("SECURITY.md") + assert isinstance(security_file, github.ContentFile.ContentFile) + return security_md.Security(security_file.decoded_content.decode("utf-8")) + + +def merge(default_config: Any, config: Any) -> Any: + """ + Deep merge the dictionaries (on dictionaries only, not on arrays). + + Arguments: + default_config: The default config that will be applied + config: The base config, will be modified + + """ + if not isinstance(default_config, dict) or not isinstance(config, dict): + return config + + for key in default_config: + if key not in config: + config[key] = default_config[key] + else: + merge(default_config[key], config[key]) + return config + + +def get_config(gh: GH) -> tag_publish.configuration.Configuration: + """ + Get the configuration, with project and auto detections. + """ + config: tag_publish.configuration.Configuration = {} + if os.path.exists("ci/config.yaml"): + with open("ci/config.yaml", encoding="utf-8") as open_file: + yaml_ = ruamel.yaml.YAML() + config = yaml_.load(open_file) + + merge( + { + "version": { + "tag_to_version_re": [ + {"from": r"([0-9]+.[0-9]+.[0-9]+)", "to": r"\1"}, + ], + "branch_to_version_re": [ + {"from": r"([0-9]+.[0-9]+)", "to": r"\1"}, + {"from": gh.default_branch, "to": gh.default_branch}, + ], + } + }, + config, + ) + + return config + + +def get_value(matched: Optional[Match[str]], config: Optional[VersionTransform], value: str) -> str: + """ + Get the final value. + + `match`, `config` and `value` are the result of `match`. + + The `config` should have a `to` key with an expand template. + + Arguments: + matched: The matched object to a regular expression + config: The result of `compile` + value: The default value on returned no match + + Return the value + + """ + return matched.expand(config.get("to", r"\1")) if matched is not None and config is not None else value + + +def compile_re( + config: tag_publish.configuration.VersionTransform, prefix: str = "" +) -> list[VersionTransform]: + """ + Compile the from as a regular expression of a dictionary of the config list. + + to be used with convert and match + + Arguments: + config: The transform config + prefix: The version prefix + + Return the compiled transform config. + + """ + result = [] + for conf in config: + new_conf = cast(VersionTransform, dict(conf)) + + from_re = conf.get("from", r"(.*)") + if from_re[0] == "^": + from_re = from_re[1:] + if from_re[-1] != "$": + from_re += "$" + from_re = f"^{re.escape(prefix)}{from_re}" + + new_conf["from"] = re.compile(from_re) + result.append(new_conf) + return result + + +def match( + value: str, config: list[VersionTransform] +) -> tuple[Optional[Match[str]], Optional[VersionTransform], str]: + """ + Get the matched version. + + Arguments: + --------- + value: That we want to match with + config: The result of `compile` + + Returns the re match object, the matched config and the value as a tuple + On no match it returns None, value + + """ + for conf in config: + matched = conf["from"].match(value) + if matched is not None: + return matched, conf, value + return None, None, value + + +def does_match(value: str, config: list[VersionTransform]) -> bool: + """ + Check if the version match with the config patterns. + + Arguments: + --------- + value: That we want to match with + config: The result of `compile` + + Returns True it it does match else False + + """ + matched, _, _ = match(value, config) + return matched is not None + + +def check_response(response: requests.Response, raise_for_status: bool = True) -> Any: + """ + Check the response and raise an exception if it's not ok. + + Also print the X-Ratelimit- headers to get information about the rate limiting. + """ + for header in response.headers: + if header.lower().startswith("x-ratelimit-"): + print(f"{header}: {response.headers[header]}") + if raise_for_status: + response.raise_for_status() + + +def add_authorization_header(headers: dict[str, str]) -> dict[str, str]: + """ + Add the Authorization header needed to be authenticated on GitHub. + + Arguments: + headers: The headers + + Return the headers (to be chained) + + """ + try: + token = os.environ["GITHUB_TOKEN"].strip() + headers["Authorization"] = f"Bearer {token}" + return headers + except FileNotFoundError: + return headers + + +def snyk_exec() -> tuple[str, dict[str, str]]: + """Get the Snyk cli executable path.""" + env = {**os.environ} + env["FORCE_COLOR"] = "true" + snyk_bin = os.path.expanduser(os.path.join("~", ".local", "bin", "snyk")) + if "SNYK_ORG" in env: + subprocess.run([snyk_bin, "config", "set", f"org={env['SNYK_ORG']}"], check=True, env=env) + + return snyk_bin, env diff --git a/tag_publish/applications-versions.yaml b/tag_publish/applications-versions.yaml new file mode 100644 index 0000000..1ee744e --- /dev/null +++ b/tag_publish/applications-versions.yaml @@ -0,0 +1,2 @@ +# https://docs.renovatebot.com/modules/datasource/#github-releases-datasource +helm/chart-releaser: v1.6.1 # github-releases diff --git a/tag_publish/cli.py b/tag_publish/cli.py index e5c3aa5..4c848a3 100644 --- a/tag_publish/cli.py +++ b/tag_publish/cli.py @@ -5,14 +5,17 @@ """ import argparse +import json import os +import os.path +import random import re import subprocess # nosec import sys from re import Match -from typing import Optional, cast +from typing import Any, Optional, cast -import requests +import application_download.cli import security_md import yaml @@ -21,8 +24,6 @@ import tag_publish.lib.docker import tag_publish.lib.oidc import tag_publish.publish -import tag_publish.scripts.download_applications -from tag_publish.scripts.trigger_image_update import dispatch def match(tpe: str, base_re: str) -> Optional[Match[str]]: @@ -86,7 +87,8 @@ def main() -> None: ) args = parser.parse_args() - config = tag_publish.get_config() + github = tag_publish.GH() + config = tag_publish.get_config(github) # Describe the kind of release we do: rebuild (specified with --type), version_tag, version_branch, # feature_branch, feature_tag (for pull request) @@ -166,10 +168,16 @@ def main() -> None: else: print(f"Create release type {version_type}: {version}") + github = tag_publish.GH() + success = True + published: list[Any] = [] + dispatch_payload: dict[str, Any] = { + "published": published, + } pypi_config = cast( - tag_publish.configuration.PublishPypiConfig, - config.get("publish", {}).get("pypi", {}) if config.get("publish", {}).get("pypi", False) else {}, + tag_publish.configuration.PublishPypi, + config.get("pypi", {}) if config.get("pypi", False) else {}, ) if pypi_config: if pypi_config["packages"]: @@ -180,41 +188,38 @@ def main() -> None: package.get("group", tag_publish.configuration.PUBLISH_PIP_PACKAGE_GROUP_DEFAULT) == args.group ): - publish = version_type in pypi_config.get("versions", []) + publish = version_type in pypi_config.get( + "versions", tag_publish.configuration.PUBLISH_PYPI_VERSIONS_DEFAULT + ) if args.dry_run: print( f"{'Publishing' if publish else 'Checking'} " f"'{package.get('path')}' to pypi, skipping (dry run)" ) else: - success &= tag_publish.publish.pip(package, version, version_type, publish) + success &= tag_publish.publish.pip(package, version, version_type, publish, github) + dispatch_payload["published"].append( + { + "type": "pypi", + "path": package.get("path"), + "version": version, + "version_type": version_type, + } + ) docker_config = cast( - tag_publish.configuration.PublishDockerConfig, - config.get("publish", {}).get("docker", {}) if config.get("publish", {}).get("docker", False) else {}, + tag_publish.configuration.PublishDocker, + config.get("docker", {}) if config.get("docker", False) else {}, ) if docker_config: - full_repo = tag_publish.get_repository() - full_repo_split = full_repo.split("/") - master_branch, _ = tag_publish.get_master_branch(full_repo_split) security_text = "" if local: with open("SECURITY.md", encoding="utf-8") as security_file: security_text = security_file.read() + security = security_md.Security(security_text) else: - security_response = requests.get( - f"https://raw.githubusercontent.com/{full_repo}/{master_branch}/SECURITY.md", - headers=tag_publish.add_authorization_header({}), - timeout=int(os.environ.get("C2CCIUTILS_TIMEOUT", "30")), - ) - tag_publish.check_response(security_response, False) - if security_response.ok: - security_text = security_response.text - elif security_response.status_code != 404: - print(f"::error:: {security_response.status_code} {security_response.text}") - sys.exit(1) - - security = security_md.Security(security_text) + security = tag_publish.get_security_md(github) + version_index = security.version_index alternate_tag_index = security.alternate_tag_index @@ -277,7 +282,6 @@ def main() -> None: check=True, ) - tags_calendar = [] for name, conf in { **cast( dict[str, tag_publish.configuration.PublishDockerRepository], @@ -286,9 +290,6 @@ def main() -> None: **docker_config.get("repository", {}), }.items(): for docker_version in versions: - tag_dst = tag_config.format(version=docker_version) - if tag_dst not in tags_calendar: - tags_calendar.append(tag_dst) if version_type in conf.get( "versions", tag_publish.configuration.PUBLISH_DOCKER_REPOSITORY_VERSIONS_DEFAULT, @@ -306,24 +307,19 @@ def main() -> None: ) else: success &= tag_publish.publish.docker( - conf, name, image_conf, tag_src, tags, images_full + conf, + name, + image_conf, + tag_src, + tags, + images_full, + version_type, + dispatch_payload["published"], ) if args.dry_run: sys.exit(0) - dispatch_config = docker_config.get("dispatch", {}) - if dispatch_config is not False and images_full: - dispatch( - dispatch_config.get( - "repository", tag_publish.configuration.DOCKER_DISPATCH_REPOSITORY_DEFAULT - ), - dispatch_config.get( - "event-type", tag_publish.configuration.DOCKER_DISPATCH_EVENT_TYPE_DEFAULT - ), - images_full, - ) - snyk_exec, env = tag_publish.snyk_exec() for image in images_snyk: print(f"::group::Snyk check {image}") @@ -407,23 +403,23 @@ def main() -> None: helm_config = cast( tag_publish.configuration.PublishHelmConfig, - config.get("publish", {}).get("helm", {}) if config.get("publish", {}).get("helm", False) else {}, + config.get("helm", {}) if config.get("helm", False) else {}, ) - if helm_config and helm_config["folders"] and version_type in helm_config.get("versions", []): - tag_publish.scripts.download_applications.download_tag_publish_applications("helm/chart-releaser") - - owner, repo = full_repo_split + if ( + helm_config + and helm_config["folders"] + and version_type + in helm_config.get("versions", tag_publish.configuration.PUBLISH_HELM_VERSIONS_DEFAULT) + ): + application_download.cli.download_application("helm/chart-releaser") + + owner = github.repo.owner.login + repo = github.repo.name commit_sha = ( subprocess.run(["git", "rev-parse", "HEAD"], check=True, stdout=subprocess.PIPE) .stdout.strip() .decode() ) - token = ( - os.environ["GITHUB_TOKEN"].strip() - if "GITHUB_TOKEN" in os.environ - else tag_publish.gopass("gs/ci/github/token/gopass") - ) - assert token is not None if version_type == "version_branch": last_tag = ( subprocess.run( @@ -449,7 +445,39 @@ def main() -> None: version = ".".join(versions) for folder in helm_config["folders"]: + token = os.environ["GITHUB_TOKEN"] success &= tag_publish.publish.helm(folder, version, owner, repo, commit_sha, token) + dispatch_payload["published"].append( + { + "type": "helm", + "path": folder, + "version": version, + "version_type": version_type, + } + ) + + config = tag_publish.get_config(tag_publish.GH()) + + # For backward compatibility with c2cciutils + dispatch_payload["name"] = " ".join(images_full) + + if dispatch_payload["published"]: + for dispatch_config in config.get("dispatch", []): + repository = dispatch_config.get("repository") + event_type = dispatch_config.get( + "event-type", tag_publish.configuration.DISPATCH_EVENT_TYPE_DEFAULT + ) + + id_ = random.randint(1, 100000) # nosec # noqa: S311 + dispatch_payload["id"] = id_ + + if repository: + print(f"Triggering {event_type}:{id_} on {repository} with {json.dumps(dispatch_payload)}") + github_repo = github.github.get_repo(repository) + else: + print(f"Triggering {event_type}:{id_} with {json.dumps(dispatch_payload)}") + github_repo = github.repo + github_repo.create_repository_dispatch(event_type, dispatch_payload) if not success: sys.exit(1) diff --git a/tag_publish/configuration.py b/tag_publish/configuration.py index 1c38955..6b99963 100644 --- a/tag_publish/configuration.py +++ b/tag_publish/configuration.py @@ -24,9 +24,6 @@ class Configuration(TypedDict, total=False): Publish Docker. The configuration used to publish on Docker - - Aggregation type: oneOf - Subtype: "PublishDockerConfig" """ pypi: "PublishPypi" @@ -34,12 +31,6 @@ class Configuration(TypedDict, total=False): publish pypi. Configuration to publish on pypi - - default: - {} - - Aggregation type: oneOf - Subtype: "PublishPypiConfig" """ helm: "PublishHelm" @@ -52,16 +43,28 @@ class Configuration(TypedDict, total=False): Subtype: "PublishHelmConfig" """ + dispatch: List["DispatchConfig"] + """ + Dispatch. + + default: + - {} + """ + DISPATCH_CONFIG_DEFAULT: Dict[str, Any] = {} -""" Default value of the field path 'Publish Docker config dispatch oneof0' """ +""" Default value of the field path 'Dispatch item' """ + +DISPATCH_DEFAULT = [{}] +""" Default value of the field path 'configuration dispatch' """ -DOCKER_DISPATCH_EVENT_TYPE_DEFAULT = "image-update" + +DISPATCH_EVENT_TYPE_DEFAULT = "image-update" """ Default value of the field path 'dispatch config event-type' """ -DOCKER_DISPATCH_REPOSITORY_DEFAULT = "camptocamp/argocd-gs-gmf-apps" +DISPATCH_REPOSITORY_DEFAULT = "camptocamp/argocd-gs-gmf-apps" """ Default value of the field path 'dispatch config repository' """ @@ -69,7 +72,7 @@ class Configuration(TypedDict, total=False): "github": {"server": "ghcr.io", "versions": ["version_tag", "version_branch", "rebuild"]}, "dockerhub": {}, } -""" Default value of the field path 'Publish Docker config repository' """ +""" Default value of the field path 'Publish Docker repository' """ # | dispatch config. @@ -81,13 +84,13 @@ class Configuration(TypedDict, total=False): DispatchConfig = TypedDict( "DispatchConfig", { - # | Docker dispatch repository. + # | Dispatch repository. # | # | The repository name to be triggered # | # | default: camptocamp/argocd-gs-gmf-apps "repository": str, - # | Docker dispatch event type. + # | Dispatch event type. # | # | The event type to be triggered # | @@ -107,7 +110,7 @@ class Configuration(TypedDict, total=False): PUBLISH_DOCKER_LATEST_DEFAULT = True -""" Default value of the field path 'Publish Docker config latest' """ +""" Default value of the field path 'Publish Docker latest' """ PUBLISH_DOCKER_REPOSITORY_VERSIONS_DEFAULT = ["version_tag", "version_branch", "rebuild", "feature_branch"] @@ -115,39 +118,28 @@ class Configuration(TypedDict, total=False): PUBLISH_DOCKER_SNYK_MONITOR_ARGS_DEFAULT = ["--app-vulns"] -""" Default value of the field path 'Publish Docker config snyk monitor_args' """ +""" Default value of the field path 'Publish Docker snyk monitor_args' """ PUBLISH_DOCKER_SNYK_TEST_ARGS_DEFAULT = ["--app-vulns", "--severity-threshold=critical"] -""" Default value of the field path 'Publish Docker config snyk test_args' """ - - -PUBLISH_PIP_PACKAGE_GROUP_DEFAULT = "default" -""" Default value of the field path 'publish pypi package group' """ - +""" Default value of the field path 'Publish Docker snyk test_args' """ -PUBLISH_PYPI_CONFIG_DEFAULT: Dict[str, Any] = {} -""" Default value of the field path 'publish pypi oneof0' """ +PUBLISH_HELM_VERSIONS_DEFAULT = ["version_tag"] +""" Default value of the field path 'publish helm config versions' """ -PUBLISH_PYPI_DEFAULT: Dict[str, Any] = {} -""" Default value of the field path 'publish_pypi' """ +PUBLISH_PIP_PACKAGE_GROUP_DEFAULT = "default" +""" Default value of the field path 'publish pypi package group' """ -PublishDocker = Union["PublishDockerConfig", Literal[False]] -""" -Publish Docker. -The configuration used to publish on Docker +PUBLISH_PYPI_VERSIONS_DEFAULT = ["version_tag"] +""" Default value of the field path 'publish pypi versions' """ -Aggregation type: oneOf -Subtype: "PublishDockerConfig" -""" - -class PublishDockerConfig(TypedDict, total=False): +class PublishDocker(TypedDict, total=False): """ - Publish Docker config. + Publish Docker. The configuration used to publish on Docker """ @@ -180,18 +172,7 @@ class PublishDockerConfig(TypedDict, total=False): - rebuild """ - dispatch: Union["DispatchConfig", "_PublishDockerConfigDispatchOneof1"] - """ - Send a dispatch event to an other repository - - default: - {} - - Aggregation type: oneOf - Subtype: "DispatchConfig" - """ - - snyk: "_PublishDockerConfigSnyk" + snyk: "_PublishDockerSnyk" """ Checks the published images with Snyk """ @@ -263,38 +244,35 @@ class PublishHelmConfig(TypedDict, total=False): """ The folders that will be published """ versions: List[str] - """ The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script """ - - -PublishPypi = Union["PublishPypiConfig", "_PublishPypiOneof1"] -""" -publish pypi. - -Configuration to publish on pypi + """ + publish helm versions. -default: - {} + The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script -Aggregation type: oneOf -Subtype: "PublishPypiConfig" -""" + default: + - version_tag + """ -class PublishPypiConfig(TypedDict, total=False): +class PublishPypi(TypedDict, total=False): """ - publish pypi config. + publish pypi. Configuration to publish on pypi - - default: - {} """ packages: List["PublishPypiPackage"] """ The configuration of packages that will be published """ versions: List[str] - """ The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script """ + """ + publish pypi versions. + + The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script + + default: + - version_tag + """ class PublishPypiPackage(TypedDict, total=False): @@ -350,14 +328,6 @@ class Version(TypedDict, total=False): """ -_PUBLISH_DOCKER_CONFIG_DISPATCH_DEFAULT: Dict[str, Any] = {} -""" Default value of the field path 'Publish Docker config dispatch' """ - - -_PUBLISH_DOCKER_CONFIG_DISPATCH_ONEOF1_DEFAULT: Dict[str, Any] = {} -""" Default value of the field path 'Publish Docker config dispatch oneof1' """ - - _PUBLISH_DOCKER_SNYK_MONITOR_ARGS_ONEOF0_DEFAULT = ["--app-vulns"] """ Default value of the field path 'Publish Docker Snyk monitor args oneof0' """ @@ -374,18 +344,7 @@ class Version(TypedDict, total=False): """ Default value of the field path 'Publish Docker Snyk test args oneof1' """ -_PUBLISH_PYPI_ONEOF1_DEFAULT: Dict[str, Any] = {} -""" Default value of the field path 'publish pypi oneof1' """ - - -_PublishDockerConfigDispatchOneof1 = Literal[False] -""" -default: - {} -""" - - -class _PublishDockerConfigSnyk(TypedDict, total=False): +class _PublishDockerSnyk(TypedDict, total=False): """Checks the published images with Snyk""" monitor_args: Union["_PublishDockerSnykMonitorArgsOneof0", "_PublishDockerSnykMonitorArgsOneof1"] @@ -444,13 +403,6 @@ class _PublishDockerConfigSnyk(TypedDict, total=False): """ -_PublishPypiOneof1 = Literal[False] -""" -default: - {} -""" - - _VersionTransformItem = TypedDict( "_VersionTransformItem", { diff --git a/tag_publish/lib/docker.py b/tag_publish/lib/docker.py index df2237b..51255b6 100644 --- a/tag_publish/lib/docker.py +++ b/tag_publish/lib/docker.py @@ -9,8 +9,6 @@ import yaml from debian_inspector.version import Version -import tag_publish.configuration - def get_dpkg_packages_versions( image: str, @@ -26,8 +24,6 @@ def get_dpkg_packages_versions( Where `debian_11` corresponds on last path element for 'Debian 11' from https://repology.org/repositories/statistics """ - dpkg_configuration = tag_publish.get_config().get("dpkg", {}) - os_release = {} try: os_release_process = subprocess.run( @@ -85,15 +81,13 @@ def get_dpkg_packages_versions( if version is None: print(f"Error: Missing version for package {package}") else: - if package not in dpkg_configuration.get("ignored_packages", []): - package = dpkg_configuration.get("packages_mapping", {}).get(package, package) - if package in package_version and version != package_version[package]: - print( - f"The package {package} has different version " - f"({package_version[package]} != {version})" - ) - if package not in ("base-files",): - package_version[package] = version + if package in package_version and version != package_version[package]: + print( + f"The package {package} has different version " + f"({package_version[package]} != {version})" + ) + if package not in ("base-files",): + package_version[package] = version package = value version = None if name == "Version" and version is None: diff --git a/tag_publish/lib/trigger_image_update.py b/tag_publish/lib/trigger_image_update.py deleted file mode 100644 index cb71893..0000000 --- a/tag_publish/lib/trigger_image_update.py +++ /dev/null @@ -1,36 +0,0 @@ -#!/usr/bin/env python3 - -""" -Trigger an image update on the argocd repository. -""" - -import os.path -import random -import subprocess # nosec - -import requests - - -def dispatch(repository: str, event_type: str, images_full: list[str]) -> None: - """ - Trigger an image update on the argocd repository. - """ - id_ = random.randint(1, 100000) # nosec # noqa: S311 - print(f"Triggering {event_type}:{id_} on {repository} with {','.join(images_full)}") - - response = requests.post( - f"https://api.github.com/repos/{repository}/dispatches", - headers={ - "Content-Type": "application/json2", - "Accept": "application/vnd.github.v3+json", - "Authorization": "token " - + subprocess.run( - ["gopass", "show", "gs/ci/github/token/gopass"], check=True, stdout=subprocess.PIPE - ) - .stdout.decode() - .strip(), - }, - json={"event_type": event_type, "client_payload": {"name": " ".join(images_full), "id": id_}}, - timeout=int(os.environ.get("C2CCIUTILS_TIMEOUT", "30")), - ) - response.raise_for_status() diff --git a/tag_publish/new.py b/tag_publish/new.py index d0962d6..5af676a 100644 --- a/tag_publish/new.py +++ b/tag_publish/new.py @@ -4,12 +4,19 @@ import json import os import re -import subprocess # nosec +import subprocess import multi_repo_automation as mra import ruamel +import security_md -import tag_publish + +def _get_default_branch() -> str: + """Get the default branch name.""" + return subprocess.run( + ["gh", "repo", "view", "--json", "defaultBranchRef", "--jq", ".defaultBranchRef.name"], + stdout=subprocess.PIPE, + ).stdout.strip() def main() -> None: @@ -54,6 +61,12 @@ def main() -> None: "--upstream-supported-until", help="The date until the version is supported upstream", ) + args_parser.add_argument( + "--remote", + default="origin", + help="The remote to push the branch", + ) + arguments = args_parser.parse_args() # Get the repo information e.g.: @@ -73,13 +86,13 @@ def main() -> None: check=True, ).stdout.strip() + default_branch = _get_default_branch() + # Checkout the master branch - subprocess.run(["git", "checkout", repo.get("master_branch", "master")], check=True) + subprocess.run(["git", "checkout", default_branch], check=True) # Pull it from origin - subprocess.run( - ["git", "pull", repo.get("remote", "origin"), repo.get("master_branch", "master")], check=True - ) + subprocess.run(["git", "pull", arguments, default_branch], check=True) # Push it to a new stabilization branch if arguments.version: @@ -104,10 +117,18 @@ def main() -> None: # # # Do the changes for the new version # # # - remotes = [r for r in mra.run(["git", "remote"], stdout=subprocess.PIPE).stdout.split() if r != ""] + remotes = [ + r + for r in subprocess.run( + ["git", "remote"], stdout=subprocess.PIPE, encoding="utf-8", check=True + ).stdout.split() + if r != "" + ] remote_branches = [ b.strip()[len("remotes/") :] - for b in mra.run(["git", "branch", "--all"], stdout=subprocess.PIPE).stdout.split() + for b in subprocess.run( + ["git", "branch", "--all"], stdout=subprocess.PIPE, encoding="utf-8", check=True + ).stdout.split() if b != "" and b.strip().startswith("remotes/") ] if "upstream" in remotes: @@ -117,14 +138,14 @@ def main() -> None: else: remote_branches = ["/".join(b.split("/")[1:]) for b in remote_branches] - config = tag_publish.get_config() - branch_re = tag_publish.compile_re(config["version"].get("branch_to_version_re", [])) - branches_match = [tag_publish.match(b, branch_re) for b in remote_branches] - version_branch = {m.groups()[0] if m.groups() else b: b for m, c, b in branches_match if m is not None} + if os.path.exists("SECURITY.md"): + with open("SECURITY.md", encoding="utf-8") as security_file: + security_text = security_file.read() + security = security_md.Security(security_text) - stabilization_branches = [ - version_branch.get(version, version) for version in mra.get_stabilization_versions(repo) - ] + stabilization_branches = security.stabilization_branches() + else: + stabilization_branches = [] modified_files = [] if version: @@ -132,8 +153,8 @@ def main() -> None: if os.path.exists("SECURITY.md"): modified_files.append("SECURITY.md") - with mra.Edit("SECURITY.md") as security_md: - security_md_lines = security_md.data.split("\n") + with mra.Edit("SECURITY.md") as security_md_file: + security_md_lines = security_md_file.data.split("\n") index = -1 for i, line in enumerate(security_md_lines): if line.startswith("| "): @@ -143,11 +164,11 @@ def main() -> None: if arguments.upstream_supported_until: new_line += f" {arguments.upstream_supported_until} |" - security_md.data = "\n".join( + security_md_file.data = "\n".join( [*security_md_lines[: index + 1], new_line, *security_md_lines[index + 1 :]] ) - stabilization_branches_with_master = [*stabilization_branches, repo.get("master_branch", "master")] + stabilization_branches_with_master = [*stabilization_branches, default_branch] for labels in mra.gh_json("label", ["name"], "list"): if ( @@ -237,7 +258,8 @@ def main() -> None: subprocess.run(["git", "checkout", old_branch_name, "--"], check=True) if url: - subprocess.run([mra.get_browser(), url], check=True) + pr_number = url.rsplit("/", 1)[-1] + mra.gh("browse", pr_number) else: mra.gh("browse") diff --git a/tag_publish/package-lock.json b/tag_publish/package-lock.json deleted file mode 100644 index f1557bc..0000000 --- a/tag_publish/package-lock.json +++ /dev/null @@ -1,437 +0,0 @@ -{ - "name": "c2ccicheck", - "version": "1.0.0", - "lockfileVersion": 3, - "requires": true, - "packages": { - "": { - "name": "c2ccicheck", - "version": "1.0.0", - "dependencies": { - "snyk": "1.1294.0" - } - }, - "node_modules/@sentry-internal/tracing": { - "version": "7.119.2", - "resolved": "https://registry.npmjs.org/@sentry-internal/tracing/-/tracing-7.119.2.tgz", - "integrity": "sha512-V2W+STWrafyGJhQv3ulMFXYDwWHiU6wHQAQBShsHVACiFaDrJ2kPRet38FKv4dMLlLlP2xN+ss2e5zv3tYlTiQ==", - "license": "MIT", - "dependencies": { - "@sentry/core": "7.119.2", - "@sentry/types": "7.119.2", - "@sentry/utils": "7.119.2" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@sentry/core": { - "version": "7.119.2", - "resolved": "https://registry.npmjs.org/@sentry/core/-/core-7.119.2.tgz", - "integrity": "sha512-hQr3d2yWq/2lMvoyBPOwXw1IHqTrCjOsU1vYKhAa6w9vGbJZFGhKGGE2KEi/92c3gqGn+gW/PC7cV6waCTDuVA==", - "license": "MIT", - "dependencies": { - "@sentry/types": "7.119.2", - "@sentry/utils": "7.119.2" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@sentry/integrations": { - "version": "7.119.2", - "resolved": "https://registry.npmjs.org/@sentry/integrations/-/integrations-7.119.2.tgz", - "integrity": "sha512-dCuXKvbUE3gXVVa696SYMjlhSP6CxpMH/gl4Jk26naEB8Xjsn98z/hqEoXLg6Nab73rjR9c/9AdKqBbwVMHyrQ==", - "license": "MIT", - "dependencies": { - "@sentry/core": "7.119.2", - "@sentry/types": "7.119.2", - "@sentry/utils": "7.119.2", - "localforage": "^1.8.1" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@sentry/node": { - "version": "7.119.2", - "resolved": "https://registry.npmjs.org/@sentry/node/-/node-7.119.2.tgz", - "integrity": "sha512-TPNnqxh+Myooe4jTyRiXrzrM2SH08R4+nrmBls4T7lKp2E5R/3mDSe/YTn5rRcUt1k1hPx1NgO/taG0DoS5cXA==", - "license": "MIT", - "dependencies": { - "@sentry-internal/tracing": "7.119.2", - "@sentry/core": "7.119.2", - "@sentry/integrations": "7.119.2", - "@sentry/types": "7.119.2", - "@sentry/utils": "7.119.2" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/@sentry/types": { - "version": "7.119.2", - "resolved": "https://registry.npmjs.org/@sentry/types/-/types-7.119.2.tgz", - "integrity": "sha512-ydq1tWsdG7QW+yFaTp0gFaowMLNVikIqM70wxWNK+u98QzKnVY/3XTixxNLsUtnAB4Y+isAzFhrc6Vb5GFdFeg==", - "license": "MIT", - "engines": { - "node": ">=8" - } - }, - "node_modules/@sentry/utils": { - "version": "7.119.2", - "resolved": "https://registry.npmjs.org/@sentry/utils/-/utils-7.119.2.tgz", - "integrity": "sha512-TLdUCvcNgzKP0r9YD7tgCL1PEUp42TObISridsPJ5rhpVGQJvpr+Six0zIkfDUxerLYWZoK8QMm9KgFlPLNQzA==", - "license": "MIT", - "dependencies": { - "@sentry/types": "7.119.2" - }, - "engines": { - "node": ">=8" - } - }, - "node_modules/boolean": { - "version": "3.2.0", - "resolved": "https://registry.npmjs.org/boolean/-/boolean-3.2.0.tgz", - "integrity": "sha512-d0II/GO9uf9lfUHH2BQsjxzRJZBdsjgsBiW4BvhWk/3qoKwQFjIDVN19PfX8F2D/r9PCMTtLWjYVCFrpeYUzsw==", - "deprecated": "Package no longer supported. Contact Support at https://www.npmjs.com/support for more info.", - "license": "MIT" - }, - "node_modules/define-data-property": { - "version": "1.1.4", - "resolved": "https://registry.npmjs.org/define-data-property/-/define-data-property-1.1.4.tgz", - "integrity": "sha512-rBMvIzlpA8v6E+SJZoo++HAYqsLrkg7MSfIinMPFhmkorw7X+dOXVJQs+QT69zGkzMyfDnIMN2Wid1+NbL3T+A==", - "license": "MIT", - "dependencies": { - "es-define-property": "^1.0.0", - "es-errors": "^1.3.0", - "gopd": "^1.0.1" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/define-properties": { - "version": "1.2.1", - "resolved": "https://registry.npmjs.org/define-properties/-/define-properties-1.2.1.tgz", - "integrity": "sha512-8QmQKqEASLd5nx0U1B1okLElbUuuttJ/AnYmRXbbbGDWh6uS208EjD4Xqq/I9wK7u0v6O08XhTWnt5XtEbR6Dg==", - "license": "MIT", - "dependencies": { - "define-data-property": "^1.0.1", - "has-property-descriptors": "^1.0.0", - "object-keys": "^1.1.1" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/detect-node": { - "version": "2.1.0", - "resolved": "https://registry.npmjs.org/detect-node/-/detect-node-2.1.0.tgz", - "integrity": "sha512-T0NIuQpnTvFDATNuHN5roPwSBG83rFsuO+MXXH9/3N1eFbn4wcPjttvjMLEPWJ0RGUYgQE7cGgS3tNxbqCGM7g==", - "license": "MIT" - }, - "node_modules/es-define-property": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/es-define-property/-/es-define-property-1.0.0.tgz", - "integrity": "sha512-jxayLKShrEqqzJ0eumQbVhTYQM27CfT1T35+gCgDFoL82JLsXqTJ76zv6A0YLOgEnLUMvLzsDsGIrl8NFpT2gQ==", - "license": "MIT", - "dependencies": { - "get-intrinsic": "^1.2.4" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/es-errors": { - "version": "1.3.0", - "resolved": "https://registry.npmjs.org/es-errors/-/es-errors-1.3.0.tgz", - "integrity": "sha512-Zf5H2Kxt2xjTvbJvP2ZWLEICxA6j+hAmMzIlypy4xcBg1vKVnx89Wy0GbS+kf5cwCVFFzdCFh2XSCFNULS6csw==", - "license": "MIT", - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/es6-error": { - "version": "4.1.1", - "resolved": "https://registry.npmjs.org/es6-error/-/es6-error-4.1.1.tgz", - "integrity": "sha512-Um/+FxMr9CISWh0bi5Zv0iOD+4cFh5qLeks1qhAopKVAJw3drgKbKySikp7wGhDL0HPeaja0P5ULZrxLkniUVg==", - "license": "MIT" - }, - "node_modules/escape-string-regexp": { - "version": "4.0.0", - "resolved": "https://registry.npmjs.org/escape-string-regexp/-/escape-string-regexp-4.0.0.tgz", - "integrity": "sha512-TtpcNJ3XAzx3Gq8sWRzJaVajRs0uVxA2YAkdb1jm2YkPz4G6egUFAyA3n5vtEIZefPk5Wa4UXbKuS5fKkJWdgA==", - "license": "MIT", - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/function-bind": { - "version": "1.1.2", - "resolved": "https://registry.npmjs.org/function-bind/-/function-bind-1.1.2.tgz", - "integrity": "sha512-7XHNxH7qX9xG5mIwxkhumTox/MIRNcOgDrxWsMt2pAr23WHp6MrRlN7FBSFpCpr+oVO0F744iUgR82nJMfG2SA==", - "license": "MIT", - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/get-intrinsic": { - "version": "1.2.4", - "resolved": "https://registry.npmjs.org/get-intrinsic/-/get-intrinsic-1.2.4.tgz", - "integrity": "sha512-5uYhsJH8VJBTv7oslg4BznJYhDoRI6waYCxMmCdnTrcCrHA/fCFKoTFz2JKKE0HdDFUF7/oQuhzumXJK7paBRQ==", - "license": "MIT", - "dependencies": { - "es-errors": "^1.3.0", - "function-bind": "^1.1.2", - "has-proto": "^1.0.1", - "has-symbols": "^1.0.3", - "hasown": "^2.0.0" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/global-agent": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/global-agent/-/global-agent-3.0.0.tgz", - "integrity": "sha512-PT6XReJ+D07JvGoxQMkT6qji/jVNfX/h364XHZOWeRzy64sSFr+xJ5OX7LI3b4MPQzdL4H8Y8M0xzPpsVMwA8Q==", - "license": "BSD-3-Clause", - "dependencies": { - "boolean": "^3.0.1", - "es6-error": "^4.1.1", - "matcher": "^3.0.0", - "roarr": "^2.15.3", - "semver": "^7.3.2", - "serialize-error": "^7.0.1" - }, - "engines": { - "node": ">=10.0" - } - }, - "node_modules/globalthis": { - "version": "1.0.4", - "resolved": "https://registry.npmjs.org/globalthis/-/globalthis-1.0.4.tgz", - "integrity": "sha512-DpLKbNU4WylpxJykQujfCcwYWiV/Jhm50Goo0wrVILAv5jOr9d+H+UR3PhSCD2rCCEIg0uc+G+muBTwD54JhDQ==", - "license": "MIT", - "dependencies": { - "define-properties": "^1.2.1", - "gopd": "^1.0.1" - }, - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/gopd": { - "version": "1.0.1", - "resolved": "https://registry.npmjs.org/gopd/-/gopd-1.0.1.tgz", - "integrity": "sha512-d65bNlIadxvpb/A2abVdlqKqV563juRnZ1Wtk6s1sIR8uNsXR70xqIzVqxVf1eTqDunwT2MkczEeaezCKTZhwA==", - "license": "MIT", - "dependencies": { - "get-intrinsic": "^1.1.3" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/has-property-descriptors": { - "version": "1.0.2", - "resolved": "https://registry.npmjs.org/has-property-descriptors/-/has-property-descriptors-1.0.2.tgz", - "integrity": "sha512-55JNKuIW+vq4Ke1BjOTjM2YctQIvCT7GFzHwmfZPGo5wnrgkid0YQtnAleFSqumZm4az3n2BS+erby5ipJdgrg==", - "license": "MIT", - "dependencies": { - "es-define-property": "^1.0.0" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/has-proto": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has-proto/-/has-proto-1.0.3.tgz", - "integrity": "sha512-SJ1amZAJUiZS+PhsVLf5tGydlaVB8EdFpaSO4gmiUKUOxk8qzn5AIy4ZeJUmh22znIdk/uMAUT2pl3FxzVUH+Q==", - "license": "MIT", - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/has-symbols": { - "version": "1.0.3", - "resolved": "https://registry.npmjs.org/has-symbols/-/has-symbols-1.0.3.tgz", - "integrity": "sha512-l3LCuF6MgDNwTDKkdYGEihYjt5pRPbEg46rtlmnSPlUbgmB8LOIrKJbYYFBSbnPaJexMKtiPO8hmeRjRz2Td+A==", - "license": "MIT", - "engines": { - "node": ">= 0.4" - }, - "funding": { - "url": "https://github.com/sponsors/ljharb" - } - }, - "node_modules/hasown": { - "version": "2.0.2", - "resolved": "https://registry.npmjs.org/hasown/-/hasown-2.0.2.tgz", - "integrity": "sha512-0hJU9SCPvmMzIBdZFqNPXWa6dqh7WdH0cII9y+CyS8rG3nL48Bclra9HmKhVVUHyPWNH5Y7xDwAB7bfgSjkUMQ==", - "license": "MIT", - "dependencies": { - "function-bind": "^1.1.2" - }, - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/immediate": { - "version": "3.0.6", - "resolved": "https://registry.npmjs.org/immediate/-/immediate-3.0.6.tgz", - "integrity": "sha512-XXOFtyqDjNDAQxVfYxuF7g9Il/IbWmmlQg2MYKOH8ExIT1qg6xc4zyS3HaEEATgs1btfzxq15ciUiY7gjSXRGQ==", - "license": "MIT" - }, - "node_modules/json-stringify-safe": { - "version": "5.0.1", - "resolved": "https://registry.npmjs.org/json-stringify-safe/-/json-stringify-safe-5.0.1.tgz", - "integrity": "sha512-ZClg6AaYvamvYEE82d3Iyd3vSSIjQ+odgjaTzRuO3s7toCdFKczob2i0zCh7JE8kWn17yvAWhUVxvqGwUalsRA==", - "license": "ISC" - }, - "node_modules/lie": { - "version": "3.1.1", - "resolved": "https://registry.npmjs.org/lie/-/lie-3.1.1.tgz", - "integrity": "sha512-RiNhHysUjhrDQntfYSfY4MU24coXXdEOgw9WGcKHNeEwffDYbF//u87M1EWaMGzuFoSbqW0C9C6lEEhDOAswfw==", - "license": "MIT", - "dependencies": { - "immediate": "~3.0.5" - } - }, - "node_modules/localforage": { - "version": "1.10.0", - "resolved": "https://registry.npmjs.org/localforage/-/localforage-1.10.0.tgz", - "integrity": "sha512-14/H1aX7hzBBmmh7sGPd+AOMkkIrHM3Z1PAyGgZigA1H1p5O5ANnMyWzvpAETtG68/dC4pC0ncy3+PPGzXZHPg==", - "license": "Apache-2.0", - "dependencies": { - "lie": "3.1.1" - } - }, - "node_modules/matcher": { - "version": "3.0.0", - "resolved": "https://registry.npmjs.org/matcher/-/matcher-3.0.0.tgz", - "integrity": "sha512-OkeDaAZ/bQCxeFAozM55PKcKU0yJMPGifLwV4Qgjitu+5MoAfSQN4lsLJeXZ1b8w0x+/Emda6MZgXS1jvsapng==", - "license": "MIT", - "dependencies": { - "escape-string-regexp": "^4.0.0" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/object-keys": { - "version": "1.1.1", - "resolved": "https://registry.npmjs.org/object-keys/-/object-keys-1.1.1.tgz", - "integrity": "sha512-NuAESUOUMrlIXOfHKzD6bpPu3tYt3xvjNdRIQ+FeT0lNb4K8WR70CaDxhuNguS2XG+GjkyMwOzsN5ZktImfhLA==", - "license": "MIT", - "engines": { - "node": ">= 0.4" - } - }, - "node_modules/roarr": { - "version": "2.15.4", - "resolved": "https://registry.npmjs.org/roarr/-/roarr-2.15.4.tgz", - "integrity": "sha512-CHhPh+UNHD2GTXNYhPWLnU8ONHdI+5DI+4EYIAOaiD63rHeYlZvyh8P+in5999TTSFgUYuKUAjzRI4mdh/p+2A==", - "license": "BSD-3-Clause", - "dependencies": { - "boolean": "^3.0.1", - "detect-node": "^2.0.4", - "globalthis": "^1.0.1", - "json-stringify-safe": "^5.0.1", - "semver-compare": "^1.0.0", - "sprintf-js": "^1.1.2" - }, - "engines": { - "node": ">=8.0" - } - }, - "node_modules/semver": { - "version": "7.6.3", - "resolved": "https://registry.npmjs.org/semver/-/semver-7.6.3.tgz", - "integrity": "sha512-oVekP1cKtI+CTDvHWYFUcMtsK/00wmAEfyqKfNdARm8u1wNVhSgaX7A8d4UuIlUI5e84iEwOhs7ZPYRmzU9U6A==", - "license": "ISC", - "bin": { - "semver": "bin/semver.js" - }, - "engines": { - "node": ">=10" - } - }, - "node_modules/semver-compare": { - "version": "1.0.0", - "resolved": "https://registry.npmjs.org/semver-compare/-/semver-compare-1.0.0.tgz", - "integrity": "sha512-YM3/ITh2MJ5MtzaM429anh+x2jiLVjqILF4m4oyQB18W7Ggea7BfqdH/wGMK7dDiMghv/6WG7znWMwUDzJiXow==", - "license": "MIT" - }, - "node_modules/serialize-error": { - "version": "7.0.1", - "resolved": "https://registry.npmjs.org/serialize-error/-/serialize-error-7.0.1.tgz", - "integrity": "sha512-8I8TjW5KMOKsZQTvoxjuSIa7foAwPWGOts+6o7sgjz41/qMD9VQHEDxi6PBvK2l0MXUmqZyNpUK+T2tQaaElvw==", - "license": "MIT", - "dependencies": { - "type-fest": "^0.13.1" - }, - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - }, - "node_modules/snyk": { - "version": "1.1294.0", - "resolved": "https://registry.npmjs.org/snyk/-/snyk-1.1294.0.tgz", - "integrity": "sha512-4RBj3Lfccz5+6L2Kw9bt7icF+ex3antwt9PkSl2oEulI7mgqvc8VUFLnezg8c6PY60IPM9DrSSmNjXBac10I3Q==", - "hasInstallScript": true, - "license": "Apache-2.0", - "dependencies": { - "@sentry/node": "^7.36.0", - "global-agent": "^3.0.0" - }, - "bin": { - "snyk": "bin/snyk" - }, - "engines": { - "node": ">=12" - } - }, - "node_modules/sprintf-js": { - "version": "1.1.3", - "resolved": "https://registry.npmjs.org/sprintf-js/-/sprintf-js-1.1.3.tgz", - "integrity": "sha512-Oo+0REFV59/rz3gfJNKQiBlwfHaSESl1pcGyABQsnnIfWOFt6JNj5gCog2U6MLZ//IGYD+nA8nI+mTShREReaA==", - "license": "BSD-3-Clause" - }, - "node_modules/type-fest": { - "version": "0.13.1", - "resolved": "https://registry.npmjs.org/type-fest/-/type-fest-0.13.1.tgz", - "integrity": "sha512-34R7HTnG0XIJcBSn5XhDd7nNFPRcXYRZrBB2O2jdKqYODldSzBAqzsWoZYYvduky73toYS/ESqxPvkDf/F0XMg==", - "license": "(MIT OR CC0-1.0)", - "engines": { - "node": ">=10" - }, - "funding": { - "url": "https://github.com/sponsors/sindresorhus" - } - } - } -} diff --git a/tag_publish/package.json b/tag_publish/package.json deleted file mode 100644 index 001faa2..0000000 --- a/tag_publish/package.json +++ /dev/null @@ -1,9 +0,0 @@ -{ - "name": "c2ccicheck", - "version": "1.0.0", - "description": "", - "author": "", - "dependencies": { - "snyk": "1.1294.0" - } -} diff --git a/tag_publish/publish.py b/tag_publish/publish.py index 433e7ac..76d7b1a 100644 --- a/tag_publish/publish.py +++ b/tag_publish/publish.py @@ -8,6 +8,7 @@ import re import subprocess # nosec import sys +from typing import Any import ruamel import tomllib @@ -16,7 +17,11 @@ def pip( - package: tag_publish.configuration.PublishPypiPackage, version: str, version_type: str, publish: bool + package: tag_publish.configuration.PublishPypiPackage, + version: str, + version_type: str, + publish: bool, + github: tag_publish.GH, ) -> bool: """ Publish to pypi. @@ -27,6 +32,7 @@ def pip( version_branch, feature_branch, feature_tag (for pull request) publish: If False only check the package package: The package configuration + github: The GitHub helper """ print(f"::group::{'Publishing' if publish else 'Checking'} '{package.get('path')}' to pypi") @@ -37,10 +43,8 @@ def pip( env = {} env["VERSION"] = version env["VERSION_TYPE"] = version_type - full_repo = tag_publish.get_repository() - full_repo_split = full_repo.split("/") - master_branch, _ = tag_publish.get_master_branch(full_repo_split) - is_master = master_branch == version + default_branch = github.repo.default_branch + is_master = default_branch == version env["IS_MASTER"] = "TRUE" if is_master else "FALSE" cwd = os.path.abspath(package.get("path", ".")) @@ -109,6 +113,8 @@ def docker( tag_src: str, dst_tags: list[str], images_full: list[str], + version_type: str, + published: list[Any], ) -> bool: """ Publish to a Docker registry. @@ -126,6 +132,9 @@ def docker( tag_src: The source tag (usually latest) dst_tags: Publish using the provided tags images_full: The list of published images (with tag), used to build the dispatch event + version_type: Describe the kind of release we do: rebuild (specified using --type), version_tag, + version_branch, feature_branch, feature_tag (for pull request) + published: The list of published artifacts to be filled """ print( @@ -149,6 +158,15 @@ def docker( check=True, ) new_images_full.append(f"{config['server']}/{image_config['name']}:{tag}") + published.append( + { + "type": "docker", + "repository": config["server"], + "image": image_config["name"], + "tag": tag, + "version_type": version_type, + } + ) else: for tag in dst_tags: if tag_src != tag: @@ -161,6 +179,15 @@ def docker( ], check=True, ) + published.append( + { + "type": "docker", + "repository": "docker.io", + "image": image_config["name"], + "tag": tag, + "version_type": version_type, + } + ) new_images_full.append(f"{image_config['name']}:{tag}") for image in new_images_full: diff --git a/tag_publish/schema.json b/tag_publish/schema.json index 0e827aa..d340e8e 100644 --- a/tag_publish/schema.json +++ b/tag_publish/schema.json @@ -9,194 +9,153 @@ "publish_docker": { "title": "Publish Docker", "description": "The configuration used to publish on Docker", - "oneOf": [ - { - "title": "Publish Docker config", - "description": "The configuration used to publish on Docker", - "type": "object", - "properties": { - "latest": { - "description": "Publish the latest version on tag latest", - "title": "Publish Docker latest", - "default": true, - "type": "boolean" - }, - "images": { - "description": "List of images to be published", - "type": "array", - "items": { - "title": "Publish Docker image", - "type": "object", - "properties": { - "group": { - "description": "The image is in the group, should be used with the --group option of tag-publish script", - "title": "Publish Docker image group", - "default": "default", - "type": "string" - }, - "name": { - "description": "The image name", - "type": "string" - }, - "tags": { - "description": "The tag name, will be formatted with the version=, the image with version=latest should be present when we call the tag-publish script", - "title": "publish docker image tags", - "type": "array", - "default": ["{version}"], - "items": { - "type": "string" - } - } + "type": "object", + "properties": { + "latest": { + "description": "Publish the latest version on tag latest", + "title": "Publish Docker latest", + "default": true, + "type": "boolean" + }, + "images": { + "description": "List of images to be published", + "type": "array", + "items": { + "title": "Publish Docker image", + "type": "object", + "properties": { + "group": { + "description": "The image is in the group, should be used with the --group option of tag-publish script", + "title": "Publish Docker image group", + "default": "default", + "type": "string" + }, + "name": { + "description": "The image name", + "type": "string" + }, + "tags": { + "description": "The tag name, will be formatted with the version=, the image with version=latest should be present when we call the tag-publish script", + "title": "publish docker image tags", + "type": "array", + "default": ["{version}"], + "items": { + "type": "string" } } + } + } + }, + "repository": { + "title": "Docker repository", + "description": "The repository where we should publish the images", + "default": { + "github": { + "server": "ghcr.io", + "versions": ["version_tag", "version_branch", "rebuild"] }, - "repository": { - "title": "Docker repository", - "description": "The repository where we should publish the images", - "default": { - "github": { - "server": "ghcr.io", - "versions": ["version_tag", "version_branch", "rebuild"] - }, - "dockerhub": {} + "dockerhub": {} + }, + "type": "object", + "additionalProperties": { + "title": "Publish Docker repository", + "type": "object", + "properties": { + "server": { + "description": "The server URL", + "type": "string" }, - "type": "object", - "additionalProperties": { - "title": "Publish Docker repository", - "type": "object", - "properties": { - "server": { - "description": "The server URL", - "type": "string" - }, - "versions": { - "description": "The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script", - "title": "Publish Docker repository versions", - "type": "array", - "default": ["version_tag", "version_branch", "rebuild", "feature_branch"], - "items": { - "type": "string" - } - } + "versions": { + "description": "The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script", + "title": "Publish Docker repository versions", + "type": "array", + "default": ["version_tag", "version_branch", "rebuild", "feature_branch"], + "items": { + "type": "string" } } - }, - "dispatch": { - "description": "Send a dispatch event to an other repository", - "default": {}, + } + } + }, + "snyk": { + "description": "Checks the published images with Snyk", + "type": "object", + "properties": { + "monitor_args": { + "description": "The arguments to pass to the Snyk container monitor command", + "title": "Publish Docker Snyk monitor args", + "default": ["--app-vulns"], "oneOf": [ { - "type": "object", - "title": "dispatch config", - "description": "Send a dispatch event to an other repository", - "properties": { - "repository": { - "title": "Docker dispatch repository", - "description": "The repository name to be triggered", - "default": "camptocamp/argocd-gs-gmf-apps", - "type": "string" - }, - "event-type": { - "title": "Docker dispatch event type", - "description": "The event type to be triggered", - "default": "image-update", - "type": "string" - } + "type": "array", + "items": { + "type": "string" } }, { "const": false } ] }, - "snyk": { - "description": "Checks the published images with Snyk", - "type": "object", - "properties": { - "monitor_args": { - "description": "The arguments to pass to the Snyk container monitor command", - "title": "Publish Docker Snyk monitor args", - "default": ["--app-vulns"], - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { "const": false } - ] + "test_args": { + "description": "The arguments to pass to the Snyk container test command", + "title": "Publish Docker Snyk test args", + "default": ["--app-vulns", "--severity-threshold=critical"], + "oneOf": [ + { + "type": "array", + "items": { + "type": "string" + } }, - "test_args": { - "description": "The arguments to pass to the Snyk container test command", - "title": "Publish Docker Snyk test args", - "default": ["--app-vulns", "--severity-threshold=critical"], - "oneOf": [ - { - "type": "array", - "items": { - "type": "string" - } - }, - { "const": false } - ] - } - } + { "const": false } + ] } } - }, - { "const": false } - ] + } + } }, "publish_pypi": { "title": "publish pypi", "description": "Configuration to publish on pypi", - "default": {}, - "oneOf": [ - { - "title": "publish pypi config", - "description": "Configuration to publish on pypi", - "type": "object", - "properties": { - "packages": { - "description": "The configuration of packages that will be published", - "type": "array", - "items": { - "title": "publish pypi package", - "description": "The configuration of package that will be published", - "type": "object", - "properties": { - "group": { - "description": "The image is in the group, should be used with the --group option of tag-publish script", - "title": "Publish pip package group", - "default": "default", - "type": "string" - }, - "path": { - "description": "The path of the pypi package", - "type": "string" - }, - "build_command": { - "description": "The command used to do the build", - "type": "array", - "items": { - "type": "string" - } - } - } - } - }, - "versions": { - "description": "The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script", - "type": "array", - "items": { + "type": "object", + "properties": { + "packages": { + "description": "The configuration of packages that will be published", + "type": "array", + "items": { + "title": "publish pypi package", + "description": "The configuration of package that will be published", + "type": "object", + "properties": { + "group": { + "description": "The image is in the group, should be used with the --group option of tag-publish script", + "title": "Publish pip package group", + "default": "default", "type": "string" + }, + "path": { + "description": "The path of the pypi package", + "type": "string" + }, + "build_command": { + "description": "The command used to do the build", + "type": "array", + "items": { + "type": "string" + } } } } }, - { - "const": false + "versions": { + "title": "publish pypi versions", + "description": "The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script", + "type": "array", + "default": ["version_tag"], + "items": { + "type": "string" + } } - ] + } }, "publish_helm": { "title": "publish helm", @@ -215,8 +174,10 @@ } }, "versions": { + "title": "publish helm versions", "description": "The kind or version that should be published, tag, branch or value of the --version argument of the tag-publish script", "type": "array", + "default": ["version_tag"], "items": { "type": "string" } @@ -259,6 +220,32 @@ }, "docker": { "$ref": "#/definitions/publish_docker" }, "pypi": { "$ref": "#/definitions/publish_pypi" }, - "helm": { "$ref": "#/definitions/publish_helm" } + "helm": { "$ref": "#/definitions/publish_helm" }, + "dispatch": { + "title": "Dispatch", + "type": "array", + "default": [{}], + + "items": { + "title": "dispatch config", + "description": "Send a dispatch event to an other repository", + "default": {}, + "type": "object", + "properties": { + "repository": { + "title": "Dispatch repository", + "description": "The repository name to be triggered", + "default": "camptocamp/argocd-gs-gmf-apps", + "type": "string" + }, + "event-type": { + "title": "Dispatch event type", + "description": "The event type to be triggered", + "default": "image-update", + "type": "string" + } + } + } + } } }