Merge Release from main (#176)

* Chore: fix a github action issue

  * bandit failure because of underlying container, so disabled
  * Fix pip install deprecation warning

* Fix: Remove boto3_type_annotations from requirements due to rpm deps issue

* validate config with schema

* MMENG-3153

Signed-off-by: Harsh Modi <[email protected]>

* update rpm spec to fix rpm build

* CLOUDBLD-3153

Signed-off-by: Harsh Modi <[email protected]>

* remove `ignore_patterns` as a required property

* MMENG-3153

Signed-off-by: Harsh Modi <[email protected]>

* fix schema retrieval

Instead of trying to fetch from relative paths,
package schemas with charon and retrieve from pkg
resources

* MMENG-3153

Signed-off-by: Harsh Modi <[email protected]>

* bump charon version

* MMENG-3153

Signed-off-by: Harsh Modi <[email protected]>

* make tests more robust

* fix test paths to avoid failures when CWD is different
* fix getenv

* MMENG-3141

Signed-off-by: Harsh Modi <[email protected]>

* switch to tox env for running tests

instead of relying on containers

* MMENG-3141

Signed-off-by: Harsh Modi <[email protected]>

* update github actions to use tox

* MMENG-3141

Signed-off-by: Harsh Modi <[email protected]>

* enable mypy type checkers

* MMENG-3141

Signed-off-by: Harsh Modi <[email protected]>

* enable bandit analyzer

* MMENG-3141

Signed-off-by: Harsh Modi <[email protected]>

* disable mypy

it's not ideal currently to enable it. Revisit
this later.

* MMENG-3141

Signed-off-by: Harsh Modi <[email protected]>

* fix pytest issue

current latest pytest==7.2.0 is
having dependency conflicts

Signed-off-by: Harsh Modi <[email protected]>

* initial implementation of singature for artifacts (#169)

* initial implementation of singature for artifacts

* add API doc to generate_sign function

* update README file

* use configuration file to controll artifacts needs sign

* fix some minor problem

* change suffix to exclude instead

* remove unused logger

* fix minor problem

* change charon.yml to a proper extension, change name of suffix confi

* add rpm-sign as method of signature (#170)

* move subprocess command to configuration, make subprocess to run async (#172)

* move subprocess command to configuration, make subprocess to run async

* simplify template rendering of sign command

* Remove unwanted file

* changed semaphore passing in asynic function (#173)

* use shlex to replace split instead (#174)

* add maven sign unit test (#175)

---------

Signed-off-by: Harsh Modi <[email protected]>
Co-authored-by: Gang Li <[email protected]>
Co-authored-by: Harsh Modi <[email protected]>

Author: 3 people

.github/workflows/linters.yaml

@@ -9,80 +9,56 @@ on:
       - release_*
 
 jobs:
-  bandit:
-    name: Bandit analyzer for Python ${{ matrix.os.python }} on
-      ${{ matrix.os.name }}-${{ matrix.os.version }}
+  flake8:
+    name: Flake8 for Python ${{ matrix.python-version }}
     runs-on: ubuntu-latest
 
     strategy:
-      fail-fast: false
       matrix:
-        os:
-          - name: centos
-            version: 7
-            python: 3
-            engine: docker
-
-          - name: fedora
-            version: 34
-            python: 3
-            engine: docker
+        python-version: [ "3.8" ]
 
     steps:
-      - uses: actions/checkout@v1
-
-      - run: ./test.sh
-        env:
-          OS: ${{ matrix.os.name }}
-          OS_VERSION: ${{ matrix.os.version }}
-          PYTHON_VERSION: ${{ matrix.os.python }}
-          ENGINE: ${{ matrix.os.engine }}
-          ACTION: bandit
-
-  flake8:
-    name: Flake8 for Python 3
-    runs-on: ubuntu-latest
-
-    steps:
-      - name: Check out repo
-        uses: actions/checkout@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip setuptools tox
 
-      - name: Run flake8 for Python 3
-        uses: containerbuildsystem/actions/flake8@master
+      - name: Run flake8 on python${{ matrix.python-version }}
+        run: python -m tox -e flake8
 
-  # markdownlint:
-  #   name: Markdownlint
-  #   runs-on: ubuntu-latest
+  markdownlint:
+   name: Markdownlint
+   runs-on: ubuntu-latest
 
-  #   steps:
-  #     - name: Check out repo
-  #       uses: actions/checkout@v2
+   steps:
+     - name: Check out repo
+       uses: actions/checkout@v2
 
-  #     - name: Run markdownlint
-  #       uses: containerbuildsystem/actions/markdownlint@master
+     - name: Run markdownlint
+       uses: containerbuildsystem/actions/markdownlint@master
 
   pylint:
-    name: Pylint analyzer for Python ${{ matrix.os.python }}
+    name: Pylint analyzer for Python ${{ matrix.python-version }}
     runs-on: ubuntu-latest
 
     strategy:
       matrix:
-        os:
-          - name: fedora
-            version: 34
-            python: 3
-            engine: docker
+        python-version: [ "3.8" ]
 
     steps:
-      - uses: actions/checkout@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip setuptools tox
 
-      - run: ./test.sh
-        env:
-          OS: ${{ matrix.os.name }}
-          OS_VERSION: ${{ matrix.os.version }}
-          PYTHON_VERSION: ${{ matrix.os.python }}
-          ENGINE: ${{ matrix.os.engine }}
-          ACTION: pylint
+      - name: Run pylint on python${{ matrix.python-version }}
+        run: python -m tox -e pylint
 
   shellcheck:
     name: Shellcheck
@@ -94,3 +70,43 @@ jobs:
 
       - name: Run ShellCheck
         uses: containerbuildsystem/actions/shellcheck@master
+
+#  mypy:
+#    name: mypy type checker for Python ${{ matrix.python-version }}
+#    runs-on: ubuntu-latest
+#
+#    strategy:
+#      matrix:
+#        python-version: [ "3.8" ]
+#
+#    steps:
+#      - uses: actions/checkout@v3
+#      - uses: actions/setup-python@v4
+#        with:
+#          python-version: ${{ matrix.python-version }}
+#      - name: Install dependencies
+#        run: |
+#          python -m pip install --upgrade pip setuptools tox
+#
+#      - name: Run mypy on python${{ matrix.python-version }}
+#        run: python -m tox -e mypy
+
+  bandit:
+    name: Bandit analyzer for Python ${{ matrix.python-version }}
+    runs-on: ubuntu-latest
+
+    strategy:
+      matrix:
+        python-version: [ "3.8" ]
+
+    steps:
+      - uses: actions/checkout@v1
+      - uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip setuptools tox
+
+      - name: Run bandit analyzer on python${{ matrix.python-version }}
+        run: python -m tox -e bandit

.github/workflows/unittests.yaml

@@ -10,68 +10,51 @@ on:
 
 jobs:
   test:
-    name: Python ${{ matrix.os.python }} tests on ${{ matrix.os.name }}-${{ matrix.os.version }}
-    runs-on: ubuntu-18.04
+    name: Python ${{ matrix.python-version }} tests
+    runs-on: ubuntu-latest
 
     strategy:
       fail-fast: false
       matrix:
-        os:
-          - name: centos
-            version: 7
-            python: 3
-            engine: docker
-
-          - name: fedora
-            version: 33
-            python: 3
-            engine: docker
-
-          - name: fedora
-            version: 34
-            python: 3
-            engine: docker
+        python-version: ["3.7", "3.8", "3.9"]
 
     steps:
-      - name: Check out repo
-        uses: actions/checkout@v2
+      - uses: actions/checkout@v3
+      - uses: actions/setup-python@v4
+        with:
+          python-version: ${{ matrix.python-version }}
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip setuptools tox
 
-      - name: pytests via test.sh
-        env:
-          OS: ${{ matrix.os.name }}
-          OS_VERSION: ${{ matrix.os.version }}
-          PYTHON_VERSION: ${{ matrix.os.python }}
-          ENGINE: ${{ matrix.os.engine }}
-        run: ./test.sh
+      - name: Run unittests on python${{ matrix.python-version }}
+        run: python -m tox -e test
 
       - name: Upload pytest html report
         uses: actions/upload-artifact@v2
         if: failure()
         with:
-          path: __pytest_reports/atomic-reactor-unit-tests.html
-          name: atomic-reactor-unit-tests_${{ matrix.os.name }}_${{ matrix.os.version }}.python${{ matrix.os.python }}.html
+          path: __pytest_reports/charon-unit-tests.html
+          name: charon-unit-tests_python${{ matrix.os.python }}.html
+
 
       - name: Run coveralls-python
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          COVERALLS_FLAG_NAME: ${{ matrix.os.name }}-${{ matrix.os.version }}-python${{ matrix.os.python }}
+          COVERALLS_FLAG_NAME: python${{ matrix.python-version }}
           COVERALLS_PARALLEL: true
         run: |
-          pip3 install --upgrade pip
-          pip3 install --upgrade setuptools
-          pip3 install --upgrade coveralls
-          /home/runner/.local/bin/coveralls --service=github
+          python -m pip install --upgrade coveralls
+          python -m coveralls --service=github
 
   coveralls-finish:
     name: Finish coveralls-python
     needs: test
-    runs-on: ubuntu-18.04
+    runs-on: ubuntu-latest
     steps:
       - name: Finished
         run: |
-          pip3 install --upgrade pip
-          pip3 install --upgrade setuptools
-          pip3 install --upgrade coveralls
+          pip3 install --upgrade pip setuptools coveralls
           /home/runner/.local/bin/coveralls --finish --service=github
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

README.md

@@ -14,6 +14,10 @@ future. And Ronda service will be hosted in AWS S3.
 
 See [AWS CLi V2 installation](https://docs.aws.amazon.com/cli/latest/userguide/install-cliv2-linux.html#cliv2-linux-install)
 
+### [Optional] rpm-sign or GnuPG CLI tool
+
+Can be configured to use rpm-sign or any command to generate .asc file.
+
 ## Installation
 
 ### From git
@@ -49,7 +53,7 @@ to configure AWS access credentials.
 ### charon-upload: upload a repo to S3
 
 ```bash
-usage: charon upload $tarball --product/-p ${prod} --version/-v ${ver} [--root_path] [--ignore_patterns] [--debug]
+usage: charon upload $tarball --product/-p ${prod} --version/-v ${ver} [--root_path] [--ignore_patterns] [--debug] [--contain_signature] [--key]
 ```
 
 This command will upload the repo in tarball to S3.