Skip to content

Commit

Permalink
Revert "DRIVERS-3019 Add ruff linter and apply fixes" (#539)
Browse files Browse the repository at this point in the history
  • Loading branch information
blink1073 authored Nov 1, 2024
1 parent e08d9ad commit c5f92c1
Show file tree
Hide file tree
Showing 37 changed files with 241 additions and 255 deletions.
13 changes: 7 additions & 6 deletions .evergreen/auth_aws/aws_tester.py
Original file line number Diff line number Diff line change
@@ -1,16 +1,17 @@
#!/usr/bin/env python3
"""
Script for testing MONGDOB-AWS authentication.
"""
import argparse
import json
import os
import subprocess
import json
import sys
import subprocess
from functools import partial
from urllib.parse import quote_plus

from pymongo import MongoClient
from pymongo.errors import OperationFailure
from urllib.parse import quote_plus

HERE = os.path.abspath(os.path.dirname(__file__))

Expand All @@ -19,10 +20,10 @@ def join(*parts):


sys.path.insert(0, join(HERE, 'lib'))
from aws_assign_instance_profile import _assign_instance_policy
from util import get_key as _get_key
from aws_assume_role import _assume_role
from aws_assume_web_role import _assume_role_with_web_identity
from util import get_key as _get_key
from aws_assign_instance_profile import _assign_instance_policy

ASSUMED_ROLE = "arn:aws:sts::557821124784:assumed-role/authtest_user_assume_role/*"
ASSUMED_WEB_ROLE = "arn:aws:sts::857654397073:assumed-role/webIdentityTestRole/*"
Expand All @@ -43,7 +44,7 @@ def join(*parts):
def run(args, env):
"""Run a python command in a subprocess."""
env.update(os.environ.copy())
return subprocess.run([sys.executable, *args], env=env, check=False).returncode
return subprocess.run([sys.executable] + args, env=env).returncode


def create_user(user, kwargs):
Expand Down
8 changes: 5 additions & 3 deletions .evergreen/auth_aws/lib/aws_assign_instance_profile.py
Original file line number Diff line number Diff line change
@@ -1,18 +1,20 @@
#!/usr/bin/env python3
"""
Script for assign an instance policy to the current machine.
"""

import argparse
import json
import urllib.request
import logging
import json
import os
import sys
import time
import urllib.request
from functools import partial

import boto3
import botocore

from util import get_key as _get_key

sys.path.insert(1, os.path.join(sys.path[0], '..'))
Expand All @@ -39,7 +41,7 @@ def _has_instance_profile():
try:
url = base_url + iam_role
print("Reading: " + url)
urllib.request.urlopen(url)
req = urllib.request.urlopen(url)
print("Assigned " + iam_role)
except urllib.error.HTTPError as e:
print(e)
Expand Down
3 changes: 2 additions & 1 deletion .evergreen/auth_aws/lib/aws_assume_role.py
Original file line number Diff line number Diff line change
@@ -1,10 +1,11 @@
#!/usr/bin/env python3
"""
Script for assuming an aws role.
"""

import argparse
import logging
import uuid
import logging

import boto3

Expand Down
3 changes: 2 additions & 1 deletion .evergreen/auth_aws/lib/aws_assume_web_role.py
Original file line number Diff line number Diff line change
@@ -1,11 +1,12 @@
#!/usr/bin/env python3
"""
Script for assuming an aws role using AssumeRoleWithWebIdentity.
"""

import argparse
import logging
import os
import uuid
import logging

import boto3

Expand Down
5 changes: 4 additions & 1 deletion .evergreen/auth_aws/lib/aws_handle_oidc_creds.py
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
#!/usr/bin/env python3
"""
Script for handling OIDC credentials.
"""
Expand All @@ -14,6 +15,7 @@
from pyop.userinfo import Userinfo



class CustomSubjectIdentifierFactory(HashBasedSubjectIdentifierFactory):
"""
Implements a hash based algorithm for creating a pairwise subject identifier.
Expand All @@ -31,7 +33,7 @@ def create_pairwise_identifier(self, user_id, sector_identifier):


def get_default_config():
return {
config = {
"issuer": os.getenv('IDP_ISSUER', ''),
"jwks_uri": os.getenv('IDP_JWKS_URI', ''),
'rsa_key': os.getenv('IDP_RSA_KEY', ''),
Expand All @@ -40,6 +42,7 @@ def get_default_config():
'username': os.getenv("IDP_USERNAME", 'test_user'),
'token_file': os.getenv('AWS_WEB_IDENTITY_TOKEN_FILE')
}
return config


def get_provider(config=None, expires=None):
Expand Down
7 changes: 4 additions & 3 deletions .evergreen/auth_aws/lib/aws_unassign_instance_profile.py
Original file line number Diff line number Diff line change
@@ -1,13 +1,14 @@
#!/usr/bin/env python3
"""
Script for unassigning an instance policy from the current machine.
"""

import argparse
import urllib.error
import urllib.request
import logging
import sys
import time
import urllib.error
import urllib.request

import boto3
import botocore
Expand All @@ -31,7 +32,7 @@ def _has_instance_profile():
try:
url = base_url + iam_role
print("Reading: " + url)
urllib.request.urlopen(url)
req = urllib.request.urlopen(url)
except urllib.error.HTTPError as e:
print(e)
if e.code == 404:
Expand Down
9 changes: 5 additions & 4 deletions .evergreen/auth_aws/lib/container_tester.py
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
#!/usr/bin/env python3
"""
Script for testing mongodb in containers.
Expand Down Expand Up @@ -40,7 +41,7 @@

def _run_process(params, cwd=None):
LOGGER.info("RUNNING COMMAND: %s", params)
ret = subprocess.run(params, cwd=cwd, check=False)
ret = subprocess.run(params, cwd=cwd)
return ret.returncode

def _userandhostandport(endpoint):
Expand Down Expand Up @@ -136,7 +137,7 @@ def remote_ps_container(cluster):
assert private_ip_address

eni = ec2_client.describe_network_interfaces(NetworkInterfaceIds=enis)
public_ip = next(iter(n["Association"]["PublicIp"] for n in eni["NetworkInterfaces"]))
public_ip = [n["Association"]["PublicIp"] for n in eni["NetworkInterfaces"]][0]

for container in task['containers']:
taskArn = container['taskArn']
Expand All @@ -145,7 +146,7 @@ def remote_ps_container(cluster):
task_id = task_id + "/" + name
lastStatus = container['lastStatus']

print(f"{task_id:<43}{lastStatus:<9}{public_ip:<25}{private_ip_address:<25}{taskDefinition_short:<16}")
print("{:<43}{:<9}{:<25}{:<25}{:<16}".format(task_id, lastStatus, public_ip, private_ip_address, taskDefinition_short ))

def _remote_create_container_args(args):
remote_create_container(args.cluster, args.task_definition, args.service, args.subnets, args.security_group)
Expand Down Expand Up @@ -246,7 +247,7 @@ def remote_get_public_endpoint_str(cluster, service_name):
assert enis

eni = ec2_client.describe_network_interfaces(NetworkInterfaceIds=enis)
public_ip = next(iter(n["Association"]["PublicIp"] for n in eni["NetworkInterfaces"]))
public_ip = [n["Association"]["PublicIp"] for n in eni["NetworkInterfaces"]][0]
break

return f"root@{public_ip}:22"
Expand Down
3 changes: 2 additions & 1 deletion .evergreen/auth_aws/lib/util.py
Original file line number Diff line number Diff line change
@@ -1,4 +1,5 @@
def get_key(key: str, uppercase: bool) -> str:
if uppercase:
return key.upper()
return key
else:
return key
2 changes: 1 addition & 1 deletion .evergreen/auth_oidc/azure/handle_secrets.py
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@
import os
from base64 import b64decode

from azure.identity import DefaultAzureCredential
from azure.keyvault.secrets import SecretClient
from azure.identity import DefaultAzureCredential


def main():
Expand Down
13 changes: 6 additions & 7 deletions .evergreen/auth_oidc/azure/remote-scripts/test.py
Original file line number Diff line number Diff line change
@@ -1,8 +1,7 @@
import json
import os
from urllib.request import Request, urlopen

from pymongo import MongoClient
import os
import json
from urllib.request import urlopen, Request
from pymongo.auth_oidc import OIDCCallback, OIDCCallbackContext, OIDCCallbackResult

app_id = os.environ['AZUREOIDC_APPID']
Expand All @@ -23,16 +22,16 @@ def fetch(self, context: OIDCCallbackContext) -> OIDCCallbackResult:
body = response.read().decode('utf8')
except Exception as e:
msg = "Failed to acquire IMDS access token: %s" % e
raise ValueError(msg) from e
raise ValueError(msg)

if status != 200:
print(body)
msg = "Failed to acquire IMDS access token."
raise ValueError(msg)
try:
data = json.loads(body)
except Exception as e:
raise ValueError("Azure IMDS response must be in JSON format.") from e
except Exception:
raise ValueError("Azure IMDS response must be in JSON format.")

for key in ["access_token", "expires_in"]:
if not data.get(key):
Expand Down
7 changes: 3 additions & 4 deletions .evergreen/auth_oidc/azure_func/self-test/function_app.py
Original file line number Diff line number Diff line change
@@ -1,9 +1,8 @@
import json
import azure.functions as func
import logging
import os
from urllib.request import Request, urlopen

import azure.functions as func
from urllib.request import urlopen, Request
import json
from pymongo import MongoClient
from pymongo.auth_oidc import OIDCCallback, OIDCCallbackContext, OIDCCallbackResult

Expand Down
8 changes: 4 additions & 4 deletions .evergreen/auth_oidc/gcp/remote-scripts/test.py
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
import os
from urllib.request import Request, urlopen

from pymongo import MongoClient
import os
import json
from urllib.request import urlopen, Request
from pymongo.auth_oidc import OIDCCallback, OIDCCallbackContext, OIDCCallbackResult

audience = os.environ['GCPOIDC_AUDIENCE']
Expand All @@ -20,7 +20,7 @@ def fetch(self, context: OIDCCallbackContext) -> OIDCCallbackResult:
body = response.read().decode('utf8')
except Exception as e:
msg = "Failed to acquire IMDS access token: %s" % e
raise ValueError(msg) from e
raise ValueError(msg)

if status != 200:
print(body)
Expand Down
3 changes: 1 addition & 2 deletions .evergreen/auth_oidc/k8s/remote-scripts/test.py
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
import os

from pymongo import MongoClient
import os
from pymongo.auth_oidc import OIDCCallback, OIDCCallbackContext, OIDCCallbackResult

atlas_uri = os.environ["MONGODB_URI"]
Expand Down
3 changes: 1 addition & 2 deletions .evergreen/auth_oidc/oidc_get_tokens.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,7 @@

HERE = os.path.abspath(os.path.dirname(__file__))
sys.path.insert(0, HERE)
from utils import DEFAULT_CLIENT, get_id_token, get_secrets, join

from utils import get_secrets, get_id_token, DEFAULT_CLIENT, join
TOKEN_DIR = os.environ['OIDC_TOKEN_DIR'].replace(os.sep, '/')

def generate_tokens(config, base_name):
Expand Down
6 changes: 4 additions & 2 deletions .evergreen/auth_oidc/oidc_write_orchestration.py
Original file line number Diff line number Diff line change
@@ -1,13 +1,15 @@
#!/usr/bin/env python3
"""
Script for managing OIDC.
"""
import json
import os
import json
import sys


HERE = os.path.abspath(os.path.dirname(__file__))
sys.path.insert(0, HERE)
from utils import DEFAULT_CLIENT, get_secrets
from utils import get_secrets, MOCK_ENDPOINT, DEFAULT_CLIENT


def azure():
Expand Down
6 changes: 4 additions & 2 deletions .evergreen/auth_oidc/utils.py
Original file line number Diff line number Diff line change
@@ -1,15 +1,17 @@
import json
import os
import sys

import boto3

HERE = os.path.abspath(os.path.dirname(__file__))

def join(*args):
return os.path.join(*args).replace(os.sep, '/')

aws_lib = join(os.path.dirname(HERE), 'auth_aws', 'lib')
sys.path.insert(0, aws_lib)
from aws_handle_oidc_creds import MOCK_ENDPOINT, get_id_token # noqa: F401

from aws_handle_oidc_creds import get_id_token, MOCK_ENDPOINT
secrets_root = join(os.path.dirname(HERE), 'secrets_handling')
sys.path.insert(0, secrets_root)
from setup_secrets import get_secrets as root_get_secrets
Expand Down
10 changes: 5 additions & 5 deletions .evergreen/csfle/fake_azure.py
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,7 @@
imds = Bottle(autojson=True)
"""An Azure IMDS server"""

from collections.abc import Iterable
from typing import TYPE_CHECKING, Any, Callable, cast, overload
from typing import TYPE_CHECKING, Any, Callable, Iterable, cast, overload

if not TYPE_CHECKING:
from bottle import request
Expand Down Expand Up @@ -116,7 +115,7 @@ def get_oauth2_token():
if case == 'slow':
return _slow()

assert case in (None, ''), f'Unknown HTTP test case "{case}"'
assert case in (None, ''), 'Unknown HTTP test case "{}"'.format(case)

return {
'access_token': 'magic-cookie',
Expand Down Expand Up @@ -149,6 +148,7 @@ def _slow() -> Iterable[bytes]:

if __name__ == '__main__':
print(
f'RECOMMENDED: Run this script using bottle.py (e.g. [{sys.executable} {Path(__file__).resolve().parent}/bottle.py fake_azure:imds])'
)
'RECOMMENDED: Run this script using bottle.py (e.g. [{} {}/bottle.py fake_azure:imds])'
.format(sys.executable,
Path(__file__).resolve().parent))
imds.run()
Loading

0 comments on commit c5f92c1

Please sign in to comment.