diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml new file mode 100644 index 00000000..b0c7d316 --- /dev/null +++ b/.github/workflows/codeql-analysis.yml @@ -0,0 +1,67 @@ +# For most projects, this workflow file will not need changing; you simply need +# to commit it to your repository. +# +# You may wish to alter this file to override the set of languages analyzed, +# or to provide custom queries or build logic. +# +# ******** NOTE ******** +# We have attempted to detect the languages in your repository. Please check +# the `language` matrix defined below to confirm you have the correct set of +# supported CodeQL languages. +# +name: "CodeQL" + +on: + push: + branches: [ master ] + pull_request: + # The branches below must be a subset of the branches above + branches: [ master ] + schedule: + - cron: '32 11 * * 1' + +jobs: + analyze: + name: Analyze + runs-on: ubuntu-latest + + strategy: + fail-fast: false + matrix: + language: [ 'python' ] + # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python' ] + # Learn more: + # https://docs.github.com/en/free-pro-team@latest/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#changing-the-languages-that-are-analyzed + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + # Initializes the CodeQL tools for scanning. + - name: Initialize CodeQL + uses: github/codeql-action/init@v1 + with: + languages: ${{ matrix.language }} + # If you wish to specify custom queries, you can do so here or in a config file. + # By default, queries listed here will override any specified in a config file. + # Prefix the list here with "+" to use these queries and those in the config file. + # queries: ./path/to/local/query, your-org/your-repo/queries@main + + # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). + # If this step fails, then you should remove it and run the build manually (see below) + - name: Autobuild + uses: github/codeql-action/autobuild@v1 + + # ℹī¸ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + + # ✏ī¸ If the Autobuild fails above, remove it and uncomment the following three lines + # and modify them (or add more) to build your code if your project + # uses a compiled language + + #- run: | + # make bootstrap + # make release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v1 \ No newline at end of file diff --git a/.github/workflows/publish-to-pypi.yml b/.github/workflows/publish-cli-to-pypi.yml similarity index 54% rename from .github/workflows/publish-to-pypi.yml rename to .github/workflows/publish-cli-to-pypi.yml index 6cd49350..c8be43ee 100644 --- a/.github/workflows/publish-to-pypi.yml +++ b/.github/workflows/publish-cli-to-pypi.yml @@ -1,15 +1,15 @@ -name: Publish Commander to PyPi +name: Publish CLI to PyPi on: workflow_dispatch: inputs: version: - description: Version to release (Tag from Keeper-Security/keeper-sdk-pyton) + description: Version to release (Tag from Keeper-Security/keeper-sdk-python) required: true jobs: build-n-publish: - name: Build and publish Keeper SDK for Python đŸ“Ļ to PyPI + name: Build and publish Keeper CLI for Python to TestPyPI runs-on: ubuntu-latest timeout-minutes: 25 # To keep builds from running too long @@ -17,35 +17,34 @@ jobs: - name: Checkout source code uses: actions/checkout@v2 - - name: Set up Python 3.10 + - name: Set up Python 3.11 uses: actions/setup-python@v4 with: - python-version: '3.10' + python-version: '3.11' architecture: 'x64' - name: Build the package run: | python -m pip install -U setuptools pip build wheel twine - python -m build --wheel + python -m build --wheel keepercli-package - name: Archive the package uses: actions/upload-artifact@v3 with: - name: KeeperSdkWheel + name: KeeperCLIWheel retention-days: 1 - path: dist/* + path: keepercli-package/dist/* if-no-files-found: error - - name: Publish Commander to test PyPi + - name: Publish keepercli to test PyPi env: TWINE_USERNAME: __token__ TWINE_PASSWORD: ${{ secrets.TEST_PYPI_TOKEN }} run: | - twine upload -r testpypi dist/* - + twine upload -r testpypi keepercli-package/dist/* publish-pypi: - name: Publish Keeper SDK to PyPi + name: Publish Keeper CLI to PyPi runs-on: ubuntu-latest needs: [build-n-publish] environment: prod @@ -53,27 +52,18 @@ jobs: steps: - uses: actions/download-artifact@v3 with: - name: CommanderWheel - path: dist + name: KeeperCLIWheel + path: keepercli-package/dist - - name: Set up Python 3.10 + - name: Set up Python 3.11 uses: actions/setup-python@v4 with: - python-version: '3.10' - architecture: 'x64' - - - name: Retrieve secrets from Keeper - id: ksecrets - uses: Keeper-Security/ksm-action@master - with: - keeper-secret-config: ${{ secrets.KSM_COMMANDER_SECRET_CONFIG }} - secrets: | - gD5LOOhI5QbnSFk8mIg3gg/field/password > PYPI_PASSWORD + python-version: '3.11' - - name: Publish to PyPi + - name: Publish keepercli to PyPi env: TWINE_USERNAME: __token__ - TWINE_PASSWORD: ${{ steps.ksecrets.outputs.PYPI_PASSWORD }} + TWINE_PASSWORD: ${{ secrets.PYPI_PUBLISH_TOKEN }} run: | python -m pip install -U setuptools pip wheel twine - twine upload dist/* + twine upload -r pypi keepercli-package/dist/* \ No newline at end of file diff --git a/.github/workflows/publish-sdk.yml b/.github/workflows/publish-sdk.yml index 88844220..864bb700 100644 --- a/.github/workflows/publish-sdk.yml +++ b/.github/workflows/publish-sdk.yml @@ -30,12 +30,12 @@ jobs: path: keepersdk-package/dist/* if-no-files-found: error - - name: Publish Commander to test PyPi + - name: Publish KeeperSdk to test PyPi env: TWINE_USERNAME: __token__ TWINE_PASSWORD: ${{ secrets.TEST_PYPI_TOKEN }} run: | - twine upload -r testpypi dist/* + twine upload -r testpypi keepersdk-package/dist/* publish-pypi: @@ -47,26 +47,18 @@ jobs: steps: - uses: actions/download-artifact@v3 with: - name: CommanderWheel - path: dist + name: KeeperSdkWheel + path: keepersdk-package/dist - - name: Set up Python 3.10 + - name: Set up Python 3.11 uses: actions/setup-python@v4 with: python-version: '3.11' - - name: Retrieve secrets from Keeper - id: ksecrets - uses: Keeper-Security/ksm-action@master - with: - keeper-secret-config: ${{ secrets.KSM_COMMANDER_SECRET_CONFIG }} - secrets: | - gD5LOOhI5QbnSFk8mIg3gg/field/password > PYPI_PASSWORD - - - name: Publish to PyPi + - name: Publish keepersdk to PyPi env: TWINE_USERNAME: __token__ - TWINE_PASSWORD: ${{ steps.ksecrets.outputs.PYPI_PASSWORD }} + TWINE_PASSWORD: ${{ secrets.PYPI_PUBLISH_TOKEN }} run: | python -m pip install -U setuptools pip wheel twine - twine upload dist/* + twine upload -r pypi keepersdk-package/dist/* \ No newline at end of file diff --git a/.github/workflows/test-with-pytest.yml b/.github/workflows/test-with-pytest.yml new file mode 100644 index 00000000..26835b6f --- /dev/null +++ b/.github/workflows/test-with-pytest.yml @@ -0,0 +1,29 @@ +name: Test with pytest + +on: [pull_request, workflow_dispatch] + +env: + PYTHONUNBUFFERED: 1 + +jobs: + test-with-pytest: + strategy: + matrix: + python-version: ['3.8', '3.12'] + + runs-on: ubuntu-22.04 + + steps: + - name: Checkout branch + uses: actions/checkout@v4 + + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v4 + with: + python-version: ${{ matrix.python-version }} + + - name: Install package with test dependencies + run: pip install pytest keepersdk + + - name: Run unit tests + run: pytest keepersdk-package/unit_tests/ \ No newline at end of file diff --git a/keepercli-package/requirements.txt b/keepercli-package/requirements.txt index 96bd2998..8ff4ffbc 100644 --- a/keepercli-package/requirements.txt +++ b/keepercli-package/requirements.txt @@ -8,4 +8,4 @@ cbor2; sys_platform == "darwin" and python_version>='3.10' pyobjc-framework-LocalAuthentication; sys_platform == "darwin" and python_version>='3.10' winrt-runtime; sys_platform == "win32" winrt-Windows.Foundation; sys_platform == "win32" -winrt-Windows.Security.Credentials.UI; sys_platform == "win32" +winrt-Windows.Security.Credentials.UI; sys_platform == "win32" \ No newline at end of file diff --git a/keepercli-package/src/keepercli/__init__.py b/keepercli-package/src/keepercli/__init__.py index b7c1ec0f..6bd77a3d 100644 --- a/keepercli-package/src/keepercli/__init__.py +++ b/keepercli-package/src/keepercli/__init__.py @@ -9,5 +9,5 @@ # Contact: commander@keepersecurity.com # -__version__ = '17.0.0' +__version__ = '1.0.0-beta01' diff --git a/keepersdk-package/src/keepersdk/__init__.py b/keepersdk-package/src/keepersdk/__init__.py index b3bbb4f3..f5da3aa1 100644 --- a/keepersdk-package/src/keepersdk/__init__.py +++ b/keepersdk-package/src/keepersdk/__init__.py @@ -10,6 +10,6 @@ # from . import background -__version__ = '0.9.10' +__version__ = '0.9.10-beta01' background.init() diff --git a/keepersdk-package/unit_tests/test_ksm_management.py b/keepersdk-package/unit_tests/test_ksm_management.py index 69789595..7bc0d9c8 100644 --- a/keepersdk-package/unit_tests/test_ksm_management.py +++ b/keepersdk-package/unit_tests/test_ksm_management.py @@ -226,7 +226,7 @@ def test_create_app_duplicate_raises(self): self.vault.vault_data.records.return_value = [mock_record] with self.assertRaises(ValueError) as cm: ksm_management.create_secrets_manager_app(self.vault, 'TestApp') - self.assertEqual(str(cm.exception), 'Application with the same name TestApp already exists.') + self.assertEqual(str(cm.exception), 'Application with the same name TestApp already exists. Set force to true to add Application with same name') def test_create_app_duplicate_force_add(self): mock_record = MagicMock(title='TestApp')