diff options
author | Fabien Boucher <fboucher@redhat.com> | 2019-11-26 18:09:23 +0100 |
---|---|---|
committer | Fabien Boucher <fboucher@redhat.com> | 2020-02-17 10:03:32 +0100 |
commit | 0a614b1a9fae71c50bac9826c03ee1dbf09aa29a (patch) | |
tree | 914be18701c6c39b13ef806df98fa1a18d80a482 /tests/unit/test_pagure_driver.py | |
parent | 2106a726919b4915e3f7ed55a423fe228d67a761 (diff) | |
download | zuul-0a614b1a9fae71c50bac9826c03ee1dbf09aa29a.tar.gz |
Pagure: remove connectors burden and simplify code
This patch removes the use of the connector system. Indeed I've
figured out that user API token can be set with the needed
rights: pull_request_merge, pull_request_flag, pull_request_comment.
In fact, the default Pagure configuration (to be set by Pagure
operators) does not allow those right. Then it is just a matter
of configuration.
Recently pagure.io and src.fedoraproject.org operators have allowed
those rights for user API token.
Thus, I think, the connectors system (to get project scoped API token)
was a complex workaround to fix a configuration issue. I don't see
any reason for a Pagure operator to not allow those rights in the
user API token. Then, with this change, it is assumed that this
driver will be used with a Pagure instance that allow those ACL
rights.
In addition, this patch add an optional mechanism to allow webhook
payload according to the source of the events. This relies on a
white list of IP addresses from which an event will be accepted.
This option should only be used for testing or debugging purpose.
This change has several benefit:
- Less API call to Pagure
- Simplify driver code base
Change-Id: Ic38a6774dc4cb9798840a2c874e2d6e9ce16a067
Diffstat (limited to 'tests/unit/test_pagure_driver.py')
-rw-r--r-- | tests/unit/test_pagure_driver.py | 69 |
1 files changed, 37 insertions, 32 deletions
diff --git a/tests/unit/test_pagure_driver.py b/tests/unit/test_pagure_driver.py index 4b7aa524a..b0ac9ed30 100644 --- a/tests/unit/test_pagure_driver.py +++ b/tests/unit/test_pagure_driver.py @@ -992,7 +992,6 @@ class TestPagureWebhook(ZuulTestCase): def setUp(self): super(TestPagureWebhook, self).setUp() - # Start the web server self.web = self.useFixture( ZuulWebFixture(self.gearman_server.port, @@ -1010,9 +1009,6 @@ class TestPagureWebhook(ZuulTestCase): self.fake_pagure.setZuulWebPort(port) - def tearDown(self): - super(TestPagureWebhook, self).tearDown() - @simple_layout('layouts/basic-pagure.yaml', driver='pagure') def test_webhook(self): @@ -1020,6 +1016,13 @@ class TestPagureWebhook(ZuulTestCase): 'org/project', 'master', 'A') self.fake_pagure.emitEvent(A.getPullRequestOpenedEvent(), use_zuulweb=True, + project='org/project', + wrong_token=True) + self.waitUntilSettled() + self.assertEqual(len(self.history), 0) + + self.fake_pagure.emitEvent(A.getPullRequestOpenedEvent(), + use_zuulweb=True, project='org/project') self.waitUntilSettled() @@ -1029,38 +1032,40 @@ class TestPagureWebhook(ZuulTestCase): self.getJobFromHistory('project-test2').result) -class TestPagureProjectConnector(ZuulTestCase): - config_file = 'zuul-pagure-driver.conf' +class TestPagureWebhookWhitelist(ZuulTestCase): + config_file = 'zuul-pagure-driver-whitelist.conf' - @simple_layout('layouts/basic-pagure.yaml', driver='pagure') - def test_connectors(self): + def setUp(self): + super(TestPagureWebhookWhitelist, self).setUp() + # Start the web server + self.web = self.useFixture( + ZuulWebFixture(self.gearman_server.port, + self.config, self.test_root)) + + host = '127.0.0.1' + # Wait until web server is started + while True: + port = self.web.port + try: + with socket.create_connection((host, port)): + break + except ConnectionRefusedError: + pass + + self.fake_pagure.setZuulWebPort(port) - project_api_token_exp_date = self.fake_pagure.connectors[ - 'org/project']['api_client'].token_exp_date + @simple_layout('layouts/basic-pagure.yaml', driver='pagure') + def test_webhook_whitelist(self): A = self.fake_pagure.openFakePullRequest( 'org/project', 'master', 'A') - self.fake_pagure.emitEvent(A.getPullRequestOpenedEvent()) - self.waitUntilSettled() - - self.assertEqual( - project_api_token_exp_date, - self.fake_pagure.connectors[ - 'org/project']['api_client'].token_exp_date) - - # Now force a POST error with EINVALIDTOK code and check - # The connector has been refreshed - self.fake_pagure.connectors[ - 'org/project']['api_client'].return_post_error = { - 'error': 'Invalid or expired token', - 'error_code': 'EINVALIDTOK' - } - - self.fake_pagure.emitEvent(A.getPullRequestUpdatedEvent()) + self.fake_pagure.emitEvent(A.getPullRequestOpenedEvent(), + use_zuulweb=True, + project='org/project', + wrong_token=True) self.waitUntilSettled() - # Expiry date changed meaning the token has been refreshed - self.assertNotEqual( - project_api_token_exp_date, - self.fake_pagure.connectors[ - 'org/project']['api_client'].token_exp_date) + self.assertEqual('SUCCESS', + self.getJobFromHistory('project-test1').result) + self.assertEqual('SUCCESS', + self.getJobFromHistory('project-test2').result) |