Skip to content

Commit 0fe12c6

Browse files
pombredannepombredanne
committed
Re-organize Python and docker setup
* Use setup.cfg rather than setup.py * Use new [dev] extra for development utilities * Use requirements.txt as constraints for pinning deps. Drop using requirements-dev.txt * Update pyproject.toml for tools including pytest, black and isort * Update Makefile and Dockerfile accordingly * Bump version to signal this is a beta * Update dockerignore and other confif files * Bump dependencies Signed-off-by: Philippe Ombredanne <[email protected]>
1 parent 66df267 commit 0fe12c6

File tree

11 files changed

+300
-139
lines changed

11 files changed

+300
-139
lines changed

.dockerignore

Lines changed: 22 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -1,27 +1,35 @@
1+
# Ignore the Docker files themselves to avoid that all layers are invalidated if the Dockerfiles are changed during development.
2+
.dockerignore
3+
Dockerfile
4+
docker.env
5+
docker-compose.yml
6+
7+
8+
# Ignore Git directory and files and github directory.
19
**/.git
210
**/.gitignore
11+
**/.gitattributes
12+
**/.gitmodules
313
**/.github
14+
15+
16+
# Ignore IDE artifacts and various common tools .dot files
417
**/.vscode
518
**/.idea
6-
**/coverage
7-
**/.aws
819
**/.ssh
920
**/.DS_Store
10-
**/.aof
11-
**/venv
12-
**/env
13-
**/bin
21+
22+
23+
# Ignore etc, docs and build dirs
1424
**/docs
1525
**/dist
26+
**/build
1627
**/etc
17-
**/lib
18-
**/var
19-
**/*.egg-info
20-
.dockerignore
2128
.readthedocs.yaml
22-
docker.env
2329
CHANGELOG.rst
24-
Dockerfile
2530
README.rst
26-
docker-compose.yml
27-
pyvenv.cfg
31+
32+
33+
# Ignore virtualenv and local Python build files
34+
**/venv
35+
**/*.egg-info

Dockerfile

Lines changed: 1 addition & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,6 @@
88

99
FROM python:3.9
1010

11-
1211
WORKDIR /app
1312

1413
# Python settings: Force unbuffered stdout and stderr (i.e. they are flushed to terminal immediately)
@@ -20,6 +19,6 @@ RUN mkdir -p /var/vulnerablecode/static
2019

2120
# Keep the dependencies installation before the COPY of the app/ for proper caching
2221
COPY setup.cfg setup.py requirements.txt pyproject.toml /app/
23-
RUN pip install .
22+
RUN pip install . -c requirements.txt
2423

2524
COPY . /app

Makefile

Lines changed: 3 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,6 @@ VENV=venv
2727
MANAGE=${VENV}/bin/python manage.py
2828
ACTIVATE?=. ${VENV}/bin/activate;
2929
VIRTUALENV_PYZ=etc/thirdparty/virtualenv.pyz
30-
BLACK_ARGS=-l 100 --exclude="migrations|data|venv" .
3130
# Do not depend on Python to generate the SECRET_KEY
3231
GET_SECRET_KEY=`base64 /dev/urandom | head -c50`
3332
# Customize with `$ make envfile ENV_FILE=/etc/vulnerablecode/.env`
@@ -49,11 +48,11 @@ virtualenv:
4948

5049
conf: virtualenv
5150
@echo "-> Install dependencies"
52-
@${ACTIVATE} pip install -e .
51+
@${ACTIVATE} pip install -e . -c requirements.txt
5352

5453
dev: virtualenv
5554
@echo "-> Configure and install development dependencies"
56-
@${ACTIVATE} pip install -e . -r requirements.txt -r requirements-dev.txt
55+
@${ACTIVATE} pip install -e .[dev] -c requirements.txt
5756

5857
envfile:
5958
@echo "-> Create the .env file and generate a secret key"
@@ -67,7 +66,7 @@ isort:
6766

6867
black:
6968
@echo "-> Apply black code formatter"
70-
${VENV}/bin/black ${BLACK_ARGS}
69+
${VENV}/bin/black .
7170

7271
doc8:
7372
@echo "-> Run doc8 validation"

README.rst

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,6 @@
1+
===============
12
VulnerableCode
2-
==============
3+
===============
34

45
|Build Status| |License| |Python 3.8+| |stability-wip| |Gitter chat|
56

pyproject.toml

Lines changed: 52 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -1,16 +1,26 @@
11
[build-system]
2-
requires = ["setuptools >= 50", "wheel"]
2+
requires = ["setuptools", "wheel"]
33
build-backend = "setuptools.build_meta"
44

55

66
[tool.pytest.ini_options]
7+
DJANGO_SETTINGS_MODULE = "vulnerablecode.settings"
8+
9+
markers = [
10+
"webtest",
11+
]
712

813
norecursedirs = [
914
".git",
1015
"dist",
1116
"build",
1217
"_build",
18+
"local",
19+
"ci",
1320
"docs",
21+
"man",
22+
"share",
23+
"samples",
1424
".cache",
1525
".settings",
1626
"thirdparty",
@@ -21,24 +31,57 @@ norecursedirs = [
2131
"src/*/data",
2232
"tests/*/data"
2333
]
24-
34+
2535
python_files = "*.py"
2636

27-
python_classes="Test"
28-
python_functions="test"
37+
python_classes = "Test"
38+
python_functions = "test"
2939

3040
addopts = [
3141
"-rfExXw",
3242
"--strict-markers",
33-
"--doctest-modules"
43+
"--doctest-modules",
44+
# Ignore the following doctests until these files are migrated to
45+
# import-improve structure
46+
"--ignore=vulnerabilities/importers/alpine_linux.py",
47+
"--ignore=vulnerabilities/importers/apache_httpd.py",
48+
"--ignore=vulnerabilities/importers/apache_kafka.py",
49+
"--ignore=vulnerabilities/importers/apache_tomcat.py",
50+
"--ignore=vulnerabilities/importers/archlinux.py",
51+
"--ignore=vulnerabilities/importers/debian.py",
52+
"--ignore=vulnerabilities/importers/elixir_security.py",
53+
"--ignore=vulnerabilities/importers/gentoo.py",
54+
"--ignore=vulnerabilities/importers/github.py",
55+
"--ignore=vulnerabilities/importers/istio.py",
56+
"--ignore=vulnerabilities/importers/kaybee.py",
57+
"--ignore=vulnerabilities/importers/npm.py",
58+
"--ignore=vulnerabilities/importers/nvd.py",
59+
"--ignore=vulnerabilities/importers/openssl.py",
60+
"--ignore=vulnerabilities/importers/postgresql.py",
61+
"--ignore=vulnerabilities/importers/project_kb_msr2019.py",
62+
"--ignore=vulnerabilities/importers/redhat.py",
63+
"--ignore=vulnerabilities/importers/retiredotnet.py",
64+
"--ignore=vulnerabilities/importers/ruby.py",
65+
"--ignore=vulnerabilities/importers/rust.py",
66+
"--ignore=vulnerabilities/importers/safety_db.py",
67+
"--ignore=vulnerabilities/importers/suse_backports.py",
68+
"--ignore=vulnerabilities/importers/suse_scores.py",
69+
"--ignore=vulnerabilities/importers/ubuntu_usn.py",
70+
"--ignore=vulnerabilities/importers/mozilla.py",
71+
"--ignore=vulnerabilities/importers/mattermost.py",
72+
"--ignore=vulnerabilities/importers/xen.py",
73+
"--ignore=vulnerabilities/management/commands/create_cpe_to_purl_map.py",
74+
"--ignore=vulnerabilities/lib_oval.py",
3475
]
3576

77+
[tool.black]
78+
line-length = 100
79+
include = '\.pyi?$'
80+
skip_gitignore = true
81+
extend-exclude = "migrations|data|venv"
82+
3683
[tool.isort]
3784
profile = "black"
3885
line_length = 100
3986
force_single_line = true
4087
skip_gitignore = true
41-
42-
43-
44-

pytest.ini

Lines changed: 0 additions & 37 deletions
This file was deleted.

requirements-dev.txt

Lines changed: 0 additions & 7 deletions
This file was deleted.

requirements.txt

Lines changed: 115 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -1,21 +1,115 @@
1-
Django>=3.2.4
2-
psycopg2>=2.8.6
3-
requests>=2.25.1
4-
aiohttp>=3.7.4.post0
5-
djangorestframework>=3.12.4
6-
django-filter>=2.4.0
7-
django-widget-tweaks>=1.4.8
8-
packageurl-python>=0.9.4
9-
binaryornot>=0.4.4
10-
GitPython>=3.1.17
11-
univers>=30.3.1
12-
saneyaml>=0.5.2
13-
beautifulsoup4>=4.9.3
14-
python-dateutil>=2.8.1
15-
toml>=0.10.2
16-
lxml>=4.6.4
17-
gunicorn>=20.1.0
18-
django-environ>=0.8.0
19-
defusedxml>=0.7.1
20-
license-expression>=21.6.14
21-
Markdown>=3.3.0
1+
aiohttp==3.8.1
2+
aiosignal==1.2.0
3+
alabaster==0.7.12
4+
asgiref==3.5.0
5+
asttokens==2.0.5
6+
async-timeout==4.0.2
7+
attrs==21.4.0
8+
Babel==2.9.1
9+
backcall==0.2.0
10+
bcrypt==3.2.0
11+
beautifulsoup4==4.10.0
12+
binaryornot==0.4.4
13+
black==22.3.0
14+
boolean.py==3.8
15+
certifi==2021.10.8
16+
cffi==1.15.0
17+
chardet==4.0.0
18+
charset-normalizer==2.0.12
19+
click==8.1.2
20+
cryptography==36.0.2
21+
decorator==5.1.1
22+
defusedxml==0.7.1
23+
distro==1.7.0
24+
Django==4.0.3
25+
django-environ==0.8.1
26+
django-filter==21.1
27+
django-widget-tweaks==1.4.12
28+
djangorestframework==3.13.1
29+
doc8==0.11.1
30+
docker==5.0.3
31+
docker-compose==1.29.2
32+
dockerpty==0.4.1
33+
docopt==0.6.2
34+
docutils==0.17.1
35+
executing==0.8.3
36+
freezegun==1.2.1
37+
frozenlist==1.3.0
38+
gitdb==4.0.9
39+
GitPython==3.1.27
40+
gunicorn==20.1.0
41+
idna==3.3
42+
imagesize==1.3.0
43+
importlib-metadata==4.11.3
44+
iniconfig==1.1.1
45+
ipython==8.0.1
46+
isort==5.10.1
47+
jedi==0.18.1
48+
Jinja2==3.1.1
49+
jsonschema==3.2.0
50+
license-expression==21.6.14
51+
lxml==4.8.0
52+
Markdown==3.3.4
53+
MarkupSafe==2.1.1
54+
matplotlib-inline==0.1.3
55+
multidict==6.0.2
56+
mypy-extensions==0.4.3
57+
packageurl-python==0.9.9
58+
packaging==21.3
59+
paramiko==2.10.3
60+
parso==0.8.3
61+
pathspec==0.9.0
62+
pbr==5.8.1
63+
pexpect==4.8.0
64+
pickleshare==0.7.5
65+
platformdirs==2.5.1
66+
pluggy==1.0.0
67+
pprintpp==0.4.0
68+
prompt-toolkit==3.0.29
69+
psycopg2==2.9.3
70+
ptyprocess==0.7.0
71+
pure-eval==0.2.2
72+
py==1.11.0
73+
pycodestyle==2.8.0
74+
pycparser==2.21
75+
Pygments==2.11.2
76+
PyNaCl==1.5.0
77+
pyparsing==3.0.7
78+
pyrsistent==0.18.1
79+
pytest==7.1.1
80+
pytest-django==4.5.2
81+
python-dateutil==2.8.2
82+
python-dotenv==0.20.0
83+
pytz==2022.1
84+
PyYAML==5.4.1
85+
requests==2.27.1
86+
restructuredtext-lint==1.4.0
87+
saneyaml==0.5.2
88+
semantic-version==2.9.0
89+
six==1.16.0
90+
smmap==5.0.0
91+
snowballstemmer==2.2.0
92+
soupsieve==2.3.2
93+
Sphinx==4.5.0
94+
sphinx-rtd-theme==1.0.0
95+
sphinxcontrib-applehelp==1.0.2
96+
sphinxcontrib-devhelp==1.0.2
97+
sphinxcontrib-django2==1.5
98+
sphinxcontrib-htmlhelp==2.0.0
99+
sphinxcontrib-jsmath==1.0.1
100+
sphinxcontrib-qthelp==1.0.3
101+
sphinxcontrib-serializinghtml==1.1.5
102+
sqlparse==0.4.2
103+
stack-data==0.2.0
104+
stevedore==3.5.0
105+
texttable==1.6.4
106+
toml==0.10.2
107+
tomli==2.0.1
108+
traitlets==5.1.1
109+
typing_extensions==4.1.1
110+
univers==30.4.0
111+
urllib3==1.26.9
112+
wcwidth==0.2.5
113+
websocket-client==0.59.0
114+
yarl==1.7.2
115+
zipp==3.8.0

0 commit comments

Comments
 (0)