ruff check

Author: mmetc

test/pyproject.toml

@@ -27,74 +27,74 @@ dev = [
 
 line-length = 120
 
-#[tool.ruff.lint]
-#select = [
-#  "ALL"
-#]
-#
-#ignore = [
-#    "ANN",      # Missing type annotations
+[tool.ruff.lint]
+select = [
+  "ALL"
+]
+
+ignore = [
+    "ANN",      # Missing type annotations
 #    "A002",     # Function argument `id` is shadowing a Python builtin
-#    "ARG001",   # Unused function argument: `...`
-#    "COM812",   # Trailing comma missing
-#    "D100",     # Missing docstring in public module
+    "ARG001",   # Unused function argument: `...`
+    "COM812",   # Trailing comma missing
+    "D100",     # Missing docstring in public module
 #    "D101",     # Missing docstring in public class
 #    "D102",     # Missing docstring in public method
-#    "D103",     # Missing docstring in public function
-#    "D104",     # Missing docstring in public package
+    "D103",     # Missing docstring in public function
+    "D104",     # Missing docstring in public package
 #    "D107",     # Missing docstring in __init__
-#    "D203",     # incorrect-blank-line-before-class
-#    "D212",     # Multi-line docstring summary should start at the first line
-#    "D212",     # Multi-line docstring summary should start at the first line
-#    "D400",     # First line should end with a period
-#    "D415",     # First line should end with a period, question mark, or exclamation point
+    "D200",     # One-line docstring should fit on one line
+    "D203",     # incorrect-blank-line-before-class
+    "D212",     # Multi-line docstring summary should start at the first line
+    "D400",     # First line should end with a period
+    "D415",     # First line should end with a period, question mark, or exclamation point
 #    "DTZ005",   # `datetime.datetime.now()` called without a `tz` argument
 #    "EM102",    # Exception must not use an f-string literal, assign to variable first
-#    "ERA001",   # Found commented-out code
+    "ERA001",   # Found commented-out code
 #    "FBT002",   # Boolean default positional argument in function definition
-#    "FIX002",   # Line contains TODO, consider resolving the issue
-#    "FIX003",   # Line contains XXX, consider resolving the issue
+    "FIX002",   # Line contains TODO, consider resolving the issue
+    "FIX003",   # Line contains XXX, consider resolving the issue
 #    "N802",     # Function name `testLogging` should be lowercase
-#    "PLW1510",  # `subprocess.run` without explicit `check` argument
-#    "S101",     # Use of 'assert' detected
+    "PLW1510",  # `subprocess.run` without explicit `check` argument
+    "S101",     # Use of 'assert' detected
 #    "S104",     # Possible binding to all interfaces
 #    "S314",     # Using `xml` to parse untrusted data is known to be vulnerable to XML attacks; use `defusedxml` equivalents
-#    "S603",     # `subprocess` call: check for execution of untrusted input
+    "S603",     # `subprocess` call: check for execution of untrusted input
 #    "S604",     # Function call with `shell=True` parameter identified, security issue
-#    "S607",     # Starting a process with a partial executable path
+    "S607",     # Starting a process with a partial executable path
 #    "SIM108",   # Use ternary operator `...` instead of `if`-`else`-block
-#    "TD001",    # Invalid TODO tag: `XXX`
-#    "TD002",    # Missing author in TODO
-#    "TD003",    # Missing issue link for this TODO
+    "TD",
 #    "TRY003",   # Avoid specifying long messages outside the exception class
-#    "PLR2004",  # Magic value used in comparison, consider replacing `...` with a constant variable
-#    "PLR0913",  # Too many arguments in function definition (6 > 5)
-#    "PTH107",   # `os.remove()` should be replaced by `Path.unlink()`
-#    "PTH108",   # `os.unlink()` should be replaced by `Path.unlink()`
-#    "PTH110",   # `os.path.exists()` should be replaced by `Path.exists()`
-#    "PTH116",   # `os.stat()` should be replaced by `Path.stat()`, `Path.owner()`, or `Path.group()`
+    "PLR2004",  # Magic value used in comparison, consider replacing `...` with a constant variable
+    "PLR0913",  # Too many arguments in function definition (6 > 5)
+    "PTH107",   # `os.remove()` should be replaced by `Path.unlink()`
+    "PTH108",   # `os.unlink()` should be replaced by `Path.unlink()`
+    "PTH110",   # `os.path.exists()` should be replaced by `Path.exists()`
+    "PTH116",   # `os.stat()` should be replaced by `Path.stat()`, `Path.owner()`, or `Path.group()`
 #    "PTH120",   # `os.path.dirname()` should be replaced by `Path.parent`
 #    "PTH123",   # `open()` should be replaced by `Path.open()`
 #    "PT009",    # Use a regular `assert` instead of unittest-style `assertEqual`
-#    "PT022",    # No teardown in fixture `fw_cfg_factory`, use `return` instead of `yield`
+    "PT022",    # No teardown in fixture `fw_cfg_factory`, use `return` instead of `yield`
 #    "TID252",   # Prefer absolute imports over relative imports from parent modules
-#    "UP022",    # Prefer `capture_output` over sending `stdout` and `stderr` to `PIPE`
-#]
-#
-#[tool.basedpyright]
-#reportAny = "none"
-#reportArgumentType = "none"
-#reportAttributeAccessIssue = "none"
+    "UP022",    # Prefer `capture_output` over sending `stdout` and `stderr` to `PIPE`
+]
+
+[tool.basedpyright]
+reportAny = "none"
+reportArgumentType = "none"
+reportAttributeAccessIssue = "none"
 #reportImplicitOverride = "none"
 #reportImplicitStringConcatenation = "none"
-#reportMissingParameterType = "none"
-#reportMissingTypeStubs = "none"
-#reportOptionalMemberAccess = "none"
+reportMissingParameterType = "none"
+reportMissingTypeStubs = "none"
+reportOptionalMemberAccess = "none"
 #reportUnannotatedClassAttribute = "none"
 #reportUninitializedInstanceVariable = "none"
-#reportUnknownArgumentType = "none"
-#reportUnknownMemberType = "none"
-#reportUnknownParameterType = "none"
-#reportUnknownVariableType = "none"
-#reportUnusedCallResult = "none"
-#reportUnusedParameter = "none"
+reportUnknownArgumentType = "none"
+reportUnknownMemberType = "none"
+reportUnknownParameterType = "none"
+reportUnknownVariableType = "none"
+reportUnusedCallResult = "none"
+reportUnusedParameter = "none"
+reportUnusedVariable = "none"
+reportOperatorIssue = "none"

test/tests/bouncer/test_custom_bouncer.py

@@ -1,5 +1,6 @@
 import json
 import time
+from pathlib import Path
 
 
 def test_no_custom_binary(crowdsec, bouncer, cb_cfg_factory):
@@ -212,15 +213,15 @@ def test_add_decisions(bouncer_with_lapi):
 
         time.sleep(1)
 
-        with open(data) as f:
+        with Path(data).open() as f:
             lines = f.readlines()
         assert len(lines) == 5
 
         for i, line in enumerate(lines, start=1):
-            line = json.loads(line)
-            line.pop("duration", None)
-            line.pop("uuid", None)
-            assert line == {
+            j = json.loads(line)
+            j.pop("duration", None)
+            j.pop("uuid", None)
+            assert j == {
                 "action": "add",
                 "id": i,
                 "origin": "cscli",
@@ -252,7 +253,7 @@ def test_bin_args(bouncer_with_lapi, tmp_path_factory):
 
         time.sleep(2)
 
-        with open(data) as f:
+        with Path(data).open() as f:
             lines = f.readlines()
         assert len(lines) == 5
 
@@ -274,7 +275,7 @@ def test_cache_retention(bouncer_with_lapi):
             res = lapi.cont.exec_run(f"cscli decisions add -i 1.2.3.{i}")
             assert res.exit_code == 0
         time.sleep(1)
-        with open(data) as f:
+        with Path(data).open() as f:
             lines = f.readlines()
         assert len(lines) == 2
 
@@ -297,14 +298,14 @@ def test_delete_decisions(bouncer_with_lapi):
             res = lapi.cont.exec_run(f"cscli decisions delete --ip 1.2.3.{i}")
             assert res.exit_code == 0
         time.sleep(1)
-        with open(data) as f:
+        with Path(data).open() as f:
             lines = f.readlines()
         assert len(lines) == 10
         current_decisions = set()
         for line in lines:
-            line = json.loads(line)
-            if line["action"] == "add":
-                current_decisions.add(line["id"])
-            elif line["action"] == "del":
-                current_decisions.remove(line["id"])
+            j = json.loads(line)
+            if j["action"] == "add":
+                current_decisions.add(j["id"])
+            elif j["action"] == "del":
+                current_decisions.remove(j["id"])
         assert len(current_decisions) == 0

test/tests/bouncer/test_tls.py

@@ -3,7 +3,6 @@
 
 def test_tls_server(crowdsec, certs_dir, api_key_factory, bouncer, cb_stream_cfg_factory):
     """TLS with server-only certificate"""
-
     api_key = api_key_factory()
 
     lapi_env = {
@@ -56,7 +55,6 @@ def test_tls_server(crowdsec, certs_dir, api_key_factory, bouncer, cb_stream_cfg
 
 def test_tls_mutual(crowdsec, certs_dir, api_key_factory, bouncer, cb_stream_cfg_factory, bouncer_under_test):
     """TLS with two-way bouncer/lapi authentication"""
-
     lapi_env = {
         "CACERT_FILE": "/etc/ssl/crowdsec/ca.crt",
         "LAPI_CERT_FILE": "/etc/ssl/crowdsec/lapi.crt",

test/tests/conftest.py

@@ -17,7 +17,14 @@ def bouncer_under_test():
 # Create a lapi container, register a bouncer and run it with the updated config.
 # - Return context manager that yields a tuple of (bouncer, lapi)
 @pytest.fixture(scope="session")
-def bouncer_with_lapi(bouncer, crowdsec, cb_stream_cfg_factory, api_key_factory, tmp_path_factory, bouncer_binary):
+def bouncer_with_lapi(
+    bouncer,
+    crowdsec,
+    cb_stream_cfg_factory,
+    api_key_factory: plugin.ApiKeyFactoryType,
+    tmp_path_factory,
+    bouncer_binary,
+):
     @contextlib.contextmanager
     def closure(config_lapi=None, config_bouncer=None, api_key=None):
         if config_bouncer is None:

test/tests/install/no_crowdsec/test_no_crowdsec_deb.py

@@ -1,5 +1,6 @@
 import os
 import subprocess
+from pathlib import Path
 
 import pytest
 
@@ -16,10 +17,10 @@ def test_deb_install_purge(deb_package_path, bouncer_under_test, must_be_root):
     assert deb_package_path.exists(), f"This test requires {deb_package_path}"
 
     bouncer_exe = f"/usr/bin/{bouncer_under_test}"
-    assert not os.path.exists(bouncer_exe)
+    assert not Path(bouncer_exe).exists()
 
     config = f"/etc/crowdsec/bouncers/{bouncer_under_test}.yaml"
-    assert not os.path.exists(config)
+    assert not Path(config).exists()
 
     # install the package
     p = subprocess.run(
@@ -30,7 +31,7 @@ def test_deb_install_purge(deb_package_path, bouncer_under_test, must_be_root):
     )
     assert p.returncode == 0, f"Failed to install {deb_package_path}"
 
-    assert os.path.exists(bouncer_exe)
+    assert Path(bouncer_exe).exists()
     assert os.stat(bouncer_exe).st_mode & 0o777 == 0o755
 
     assert os.path.exists(config)

test/tests/install/no_crowdsec/test_no_crowdsec_scripts.py

@@ -1,19 +1,20 @@
 import os
-import pexpect
-import yaml
+from pathlib import Path
 
+import pexpect
 import pytest
+import yaml
 
 BOUNCER = "crowdsec-custom-bouncer"
 CONFIG = f"/etc/crowdsec/bouncers/{BOUNCER}.yaml"
 
 
-@pytest.mark.dependency()
+@pytest.mark.dependency
 def test_install_no_crowdsec(project_repo, bouncer_binary, must_be_root):
     c = pexpect.spawn("/usr/bin/sh", ["scripts/install.sh"], cwd=project_repo)
 
     c.expect("Path to your custom binary:")
-    c.sendline("/tmp/foo")
+    c.sendline("/path/to/binary")
     c.expect(f"Installing {BOUNCER}")
     c.expect("WARN.* cscli not found, you will need to generate an api key.")
     c.expect(f"WARN.* service not started. You need to get an API key and configure it in {CONFIG}")
@@ -22,10 +23,10 @@ def test_install_no_crowdsec(project_repo, bouncer_binary, must_be_root):
     assert c.terminated
     assert c.exitstatus == 0
 
-    with open(CONFIG) as f:
+    with Path(CONFIG).open() as f:
         y = yaml.safe_load(f)
         assert y["api_key"] == "<API_KEY>"
-        assert y["bin_path"] == "/tmp/foo"
+        assert y["bin_path"] == "/path/to/binary"
 
     assert os.path.exists(CONFIG)
     assert os.stat(CONFIG).st_mode & 0o777 == 0o600

test/tests/install/with_crowdsec/test_crowdsec_deb.py

@@ -1,9 +1,9 @@
 import os
 import subprocess
-import yaml
 from pathlib import Path
 
 import pytest
+import yaml
 from zxcvbn import zxcvbn
 
 pytestmark = pytest.mark.deb
@@ -47,13 +47,13 @@ def test_deb_install_purge(deb_package_path, bouncer_under_test, must_be_root):
     assert os.path.exists(config)
     assert os.stat(config).st_mode & 0o777 == 0o600
 
-    with open(config) as f:
+    with Path(config).open() as f:
         cfg = yaml.safe_load(f)
         api_key = cfg["api_key"]
         # the api key has been set to a random value
         assert zxcvbn(api_key)["score"] == 4, f"weak api_key: '{api_key}'"
 
-    with open(config + ".id") as f:
+    with Path(config + ".id").open() as f:
         bouncer_name = f.read().strip()
 
     p = subprocess.check_output(["cscli", "bouncers", "list", "-o", "json"])
@@ -78,7 +78,6 @@ def test_deb_install_purge_yaml_local(deb_package_path, bouncer_under_test, must
 
     => the configuration files are not touched (no new api key)
     """
-
     assert deb_package_path.exists(), f"This test requires {deb_package_path}"
 
     p = subprocess.check_output(["dpkg-deb", "-f", deb_package_path.as_posix(), "Package"], encoding="utf-8")
@@ -93,7 +92,7 @@ def test_deb_install_purge_yaml_local(deb_package_path, bouncer_under_test, must
 
     subprocess.check_call(["cscli", "bouncers", "add", "testbouncer", "-k", "123456"])
 
-    with open(config.with_suffix(".yaml.local"), "w") as f:
+    with config.with_suffix(".yaml.local").open("w") as f:
         f.write('api_key: "123456"')
 
     p = subprocess.run(
@@ -107,7 +106,7 @@ def test_deb_install_purge_yaml_local(deb_package_path, bouncer_under_test, must
     assert os.path.exists(bouncer_exe)
     assert os.path.exists(config)
 
-    with open(config) as f:
+    with Path(config).open() as f:
         cfg = yaml.safe_load(f)
         api_key = cfg["api_key"]
         # the api key has not been set

test/tests/install/with_crowdsec/test_crowdsec_scripts.py

@@ -1,16 +1,17 @@
 import os
-import pexpect
-import yaml
+from pathlib import Path
 
+import pexpect
 import pytest
+import yaml
 from pytest_cs.lib import cscli, text
 
 BOUNCER = "crowdsec-custom-bouncer"
 CONFIG = f"/etc/crowdsec/bouncers/{BOUNCER}.yaml"
 
 
 @pytest.mark.systemd_debug(BOUNCER)
-@pytest.mark.dependency()
+@pytest.mark.dependency
 def test_install_crowdsec(project_repo, bouncer_binary, tmp_path, must_be_root):
     c = pexpect.spawn("/usr/bin/sh", ["scripts/install.sh"], encoding="utf-8", cwd=project_repo)
 
@@ -36,13 +37,13 @@ def test_install_crowdsec(project_repo, bouncer_binary, tmp_path, must_be_root):
     assert os.stat(f"/usr/local/bin/{BOUNCER}").st_mode & 0o777 == 0o755
 
     # configuration check
-    with open(CONFIG) as f:
+    with Path(CONFIG).open() as f:
         y = yaml.safe_load(f)
         assert y["api_key"] == api_key
         assert y["bin_path"] == foo.as_posix()
 
     # the bouncer is registered
-    with open(f"{CONFIG}.id") as f:
+    with Path(f"{CONFIG}.id").open() as f:
         bouncer_name = f.read().strip()
 
     assert len(list(cscli.get_bouncers(name=bouncer_name))) == 1
@@ -70,7 +71,7 @@ def test_upgrade_crowdsec(project_repo, must_be_root):
 @pytest.mark.dependency(depends=["test_upgrade_crowdsec"])
 def test_uninstall_crowdsec(project_repo, must_be_root):
     # the bouncer is registered
-    with open(f"{CONFIG}.id") as f:
+    with Path(f"{CONFIG}.id").open() as f:
         bouncer_name = f.read().strip()
 
     c = pexpect.spawn("/usr/bin/sh", ["scripts/uninstall.sh"], encoding="utf-8", cwd=project_repo)