Feature.extendprecommit (#375)

* Added ruff to the pre-commit * add mypy to pre-commit and solved mypy errors * small code improvements based on sonar cloud warnings * solve severity high issues of sonar cloud * Replace packages by ruff * added mypy.ini * updated requirements --------- Co-authored-by: Josephine.Rutten <[email protected]>
SUNET · Dec 5, 2024 · b4f3e2c · b4f3e2c
1 parent d4e8589
commit b4f3e2c
Show file tree

Hide file tree

Showing 78 changed files with 1,085 additions and 868 deletions.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -5,16 +5,27 @@ repos:
       - id: check-yaml
       - id: end-of-file-fixer
       - id: trailing-whitespace
-  - repo: https://github.com/psf/black
-    rev: 23.11.0
+  - repo: https://github.com/astral-sh/ruff-pre-commit
+    rev: v0.6.1
     hooks:
-      - id: black
-  - repo: https://github.com/pycqa/isort
-    rev: 5.12.0
+      - id: ruff
+        args: [ --fix, --exit-non-zero-on-fix, --show-fixes, --line-length=120 ]
+        exclude: (alembic/.*)
+  - repo: local
     hooks:
-      - id: isort
-        name: isort (python)
-  - repo: https://github.com/pycqa/flake8
-    rev: 6.1.0
-    hooks:
-    - id: flake8
+      - id: mypy
+        name: mypy
+        language: system
+        entry: "mypy"
+        types: [ python ]
+        require_serial: true
+        verbose: true
+        args:
+          - --no-warn-incomplete-stub
+          - --ignore-missing-imports
+          - --no-warn-unused-ignores
+          - --allow-untyped-decorators
+          - --no-namespace-packages
+          - --allow-untyped-globals
+          - --check-untyped-defs
+        exclude: "(alembic/.*)|(.*test.*)"
diff --git a/mypy.ini b/mypy.ini
@@ -0,0 +1,2 @@
+[mypy]
+[mypy-pyproj.*]
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,21 +1,21 @@
-[tool.isort]
-profile="black"
-line_length = 120
-skip = ["venv"]
+[tool.ruff]
+# Exclude a variety of commonly ignored directories.
+exclude = [
+    ".eggs",
+    ".git",
+    ".hg",
+    ".mypy_cache",
+    ".tox",
+    ".venv",
+    "venv",
+]
 
-[tool.black]
 line-length = 120
-target-version = ["py37", ]
-exclude = '''
-(
-  /(
-      \.eggs         # exclude a few common directories in the
-    | \.git          # root of the project
-    | \.hg
-    | \.mypy_cache
-    | \.tox
-    | \.venv
-    | venv
-  )/
-)
-'''
+target-version = "py311"
+
+[tool.ruff.lint]
+# Enable Pyflakes (`F`) and a subset of the pycodestyle (`E`)  codes by default.
+# Unlike Flake8, Ruff doesn't enable pycodestyle warnings (`W`) or
+# McCabe complexity (`C901`) by default.
+select = ["E4", "E7", "E9", "F", "W", "I001"]
+ignore = []
diff --git a/requirements-dev.txt b/requirements-dev.txt
@@ -1,17 +1,4 @@
-black
-isort
-flake8
-flake8-bandit
-flake8-bugbear
-flake8-comprehensions
-flake8-docstrings
-flake8-junit-report
-flake8-logging-format
-flake8-pep3101
-flake8-print
-flake8-rst
-flake8-rst-docstrings
-flake8-tidy-imports
+ruff
 pre-commit
 mypy
 mypy-extensions
diff --git a/requirements.txt b/requirements.txt
@@ -28,7 +28,6 @@ redis==5.0.8
 redis-lru==0.1.0
 Sphinx==8.0.2
 SQLAlchemy==2.0.32
-sqlalchemy-stubs==0.4
 SQLAlchemy-Utils==0.41.2
 pydantic==2.8.2
 Werkzeug==3.0.3
@@ -37,3 +36,8 @@ pydantic_settings==2.4.0
 Authlib==1.3.1
 python-jose==3.3.0
 portalocker==2.8.2
+requests==2.32.3
+PyYAML==5.3.1
+pytz==2023.3.post1
+types-pytz==2024.2.0.20241003
+types-requests==2.32.0.20241016
diff --git a/src/cnaas_nms/__init__.py b/src/cnaas_nms/__init__.py
@@ -6,7 +6,7 @@ def setup_package():
     from cnaas_nms.api.tests.app_wrapper import TestAppWrapper
 
     app = cnaas_nms.api.app.app
-    app.wsgi_app = TestAppWrapper(app.wsgi_app, None)
+    app.wsgi_app = TestAppWrapper(app.wsgi_app, None)  # type: ignore
     client = app.test_client()
     data = {"action": "refresh"}
     client.put("/api/v1.0/repository/settings", json=data)

diff --git a/src/cnaas_nms/api/app.py b/src/cnaas_nms/api/app.py
@@ -183,7 +183,8 @@ def socketio_on_connect():
     if auth_settings.OIDC_ENABLED:
         try:
             token = oauth_required.get_token_validator("bearer").authenticate_token(token_string)
-            user = get_oauth_token_info(token)[auth_settings.OIDC_USERNAME_ATTRIBUTE]
+            token_info = get_oauth_token_info(token)
+            user = token_info[auth_settings.OIDC_USERNAME_ATTRIBUTE]
         except InvalidTokenError as e:
             logger.debug("InvalidTokenError: " + format(e))
             return False
@@ -229,21 +230,21 @@ def log_request(response):
     elif request.method in ["GET", "POST", "PUT", "DELETE", "PATCH"]:
         try:
             if auth_settings.OIDC_ENABLED:
-                token_string = request.headers.get("Authorization").split(" ")[-1]
+                token_string = str(request.headers.get("Authorization")).split(" ")[-1]
                 token = oauth_required.get_token_validator("bearer").authenticate_token(token_string)
                 token_info = get_oauth_token_info(token)
-                if auth_settings.OIDC_USERNAME_ATTRIBUTE in token_info:
+                if token_info is not None and auth_settings.OIDC_USERNAME_ATTRIBUTE in token_info:
                     user = "User: {} ({}), ".format(
                         get_oauth_token_info(token)[auth_settings.OIDC_USERNAME_ATTRIBUTE],
                         auth_settings.OIDC_USERNAME_ATTRIBUTE,
                     )
-                elif "client_id" in token_info:
+                elif token_info is not None and "client_id" in token_info:
                     user = "User: {} (client_id), ".format(get_oauth_token_info(token)["client_id"])
                 else:
                     logger.warning("Could not get user info from token")
                     raise ValueError
             else:
-                token_string = request.headers.get("Authorization").split(" ")[-1]
+                token_string = str(request.headers.get("Authorization")).split(" ")[-1]
                 user = "User: {}, ".format(decode_token(token_string).get("sub"))
         except Exception:
             user = "User: unknown, "

diff --git a/src/cnaas_nms/api/auth.py b/src/cnaas_nms/api/auth.py
@@ -12,7 +12,7 @@
 from cnaas_nms.app_settings import auth_settings
 from cnaas_nms.tools.log import get_logger
 from cnaas_nms.tools.rbac.rbac import get_permissions_user
-from cnaas_nms.tools.security import get_identity, get_oauth_token_info, login_required, login_required_all_permitted
+from cnaas_nms.tools.security import get_identity, get_oauth_token_info, login_required_all_permitted
 from cnaas_nms.version import __api_version__
 
 logger = get_logger()
@@ -88,7 +88,7 @@ def get(self):
 
         req = PreparedRequest()
         req.prepare_url(url, parameters)
-        resp = redirect(req.url, code=302)
+        resp = redirect(str(req.url), code=302)
         if "refresh_token" in token:
             resp.set_cookie(
                 "REFRESH_TOKEN",
@@ -106,7 +106,7 @@ class RefreshApi(Resource):
     def post(self):
         oauth_client = current_app.extensions["authlib.integrations.flask_client"]
         oauth_client_connext: FlaskOAuth2App = oauth_client.connext
-        token_string = request.headers.get("Authorization").split(" ")[-1]
+        token_string = str(request.headers.get("Authorization")).split(" ")[-1]
         oauth_client_connext.token = token_string
         oauth_client_connext.load_server_metadata()
         url = oauth_client_connext.server_metadata["token_endpoint"]
@@ -141,7 +141,7 @@ def post(self):
 
 
 class IdentityApi(Resource):
-    @login_required
+    @login_required_all_permitted
     def get(self):
         identity = get_identity()
         return identity