mirror of
https://github.com/pre-commit/pre-commit-hooks.git
synced 2026-07-02 15:39:35 +00:00
[pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
This commit is contained in:
parent
6f0f112e53
commit
bf3835367d
3 changed files with 24 additions and 17 deletions
|
|
@ -2,15 +2,17 @@ from __future__ import annotations
|
||||||
|
|
||||||
import argparse
|
import argparse
|
||||||
import configparser
|
import configparser
|
||||||
|
import json
|
||||||
import os
|
import os
|
||||||
from collections.abc import Sequence
|
from collections.abc import Sequence
|
||||||
from typing import NamedTuple
|
from typing import NamedTuple
|
||||||
import json
|
|
||||||
|
|
||||||
class BadFile(NamedTuple):
|
class BadFile(NamedTuple):
|
||||||
filename: str
|
filename: str
|
||||||
key: str
|
key: str
|
||||||
|
|
||||||
|
|
||||||
def get_aws_cred_files_from_env() -> set[str]:
|
def get_aws_cred_files_from_env() -> set[str]:
|
||||||
"""Extract credential file paths from environment variables."""
|
"""Extract credential file paths from environment variables."""
|
||||||
return {
|
return {
|
||||||
|
|
@ -22,6 +24,7 @@ def get_aws_cred_files_from_env() -> set[str]:
|
||||||
if env_var in os.environ
|
if env_var in os.environ
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
def get_aws_secrets_from_env() -> set[str]:
|
def get_aws_secrets_from_env() -> set[str]:
|
||||||
"""Extract AWS secrets from environment variables."""
|
"""Extract AWS secrets from environment variables."""
|
||||||
keys = set()
|
keys = set()
|
||||||
|
|
@ -32,6 +35,7 @@ def get_aws_secrets_from_env() -> set[str]:
|
||||||
keys.add(os.environ[env_var])
|
keys.add(os.environ[env_var])
|
||||||
return keys
|
return keys
|
||||||
|
|
||||||
|
|
||||||
def get_aws_secrets_from_json_file(json_credentials_file: str) -> set[str]:
|
def get_aws_secrets_from_json_file(json_credentials_file: str) -> set[str]:
|
||||||
"""Extract AWS secrets from JSON configuration files.
|
"""Extract AWS secrets from JSON configuration files.
|
||||||
|
|
||||||
|
|
@ -42,7 +46,7 @@ def get_aws_secrets_from_json_file(json_credentials_file: str) -> set[str]:
|
||||||
if not os.path.exists(aws_credentials_file_path):
|
if not os.path.exists(aws_credentials_file_path):
|
||||||
return set()
|
return set()
|
||||||
|
|
||||||
with open(aws_credentials_file_path, 'r') as f:
|
with open(aws_credentials_file_path) as f:
|
||||||
try:
|
try:
|
||||||
data = json.load(f)
|
data = json.load(f)
|
||||||
except json.JSONDecodeError:
|
except json.JSONDecodeError:
|
||||||
|
|
@ -55,7 +59,7 @@ def get_aws_secrets_from_json_file(json_credentials_file: str) -> set[str]:
|
||||||
'SessionToken',
|
'SessionToken',
|
||||||
'aws_secret_access_key',
|
'aws_secret_access_key',
|
||||||
'aws_security_token',
|
'aws_security_token',
|
||||||
'aws_session_token'
|
'aws_session_token',
|
||||||
):
|
):
|
||||||
if var in data.get('Credentials', {}):
|
if var in data.get('Credentials', {}):
|
||||||
keys.add(data['Credentials'][var])
|
keys.add(data['Credentials'][var])
|
||||||
|
|
@ -156,8 +160,10 @@ def main(argv: Sequence[str] | None = None) -> int:
|
||||||
if os.path.isdir(os.path.expanduser(json_credential_dir)):
|
if os.path.isdir(os.path.expanduser(json_credential_dir)):
|
||||||
for file in os.listdir(os.path.expanduser(json_credential_dir)):
|
for file in os.listdir(os.path.expanduser(json_credential_dir)):
|
||||||
if file.endswith('.json'):
|
if file.endswith('.json'):
|
||||||
(json_credential_files
|
(
|
||||||
.add(os.path.join(json_credential_dir, file)))
|
json_credential_files
|
||||||
|
.add(os.path.join(json_credential_dir, file))
|
||||||
|
)
|
||||||
|
|
||||||
# Add the credentials files configured via environment variables to the set
|
# Add the credentials files configured via environment variables to the set
|
||||||
# of files to to gather AWS secrets from.
|
# of files to to gather AWS secrets from.
|
||||||
|
|
|
||||||
|
|
@ -68,19 +68,20 @@ def test_get_aws_secrets_from_env(env_vars, values):
|
||||||
with patch.dict('os.environ', env_vars, clear=True):
|
with patch.dict('os.environ', env_vars, clear=True):
|
||||||
assert get_aws_secrets_from_env() == values
|
assert get_aws_secrets_from_env() == values
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.parametrize(
|
@pytest.mark.parametrize(
|
||||||
('filename', 'expected_keys'),
|
('filename', 'expected_keys'),
|
||||||
(
|
(
|
||||||
(
|
(
|
||||||
'aws_temp_secrets_file.json',
|
'aws_temp_secrets_file.json',
|
||||||
{
|
{
|
||||||
"tempAccessKeyId",
|
'tempAccessKeyId',
|
||||||
"tempSecretAccessKey",
|
'tempSecretAccessKey',
|
||||||
"tempSessionToken"
|
'tempSessionToken',
|
||||||
},
|
},
|
||||||
),
|
),
|
||||||
('nonsense.txt', set()),
|
('nonsense.txt', set()),
|
||||||
('ok_json.json', set()),
|
('ok_json.json', set()),
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
def test_get_aws_secrets_from_json_file(filename, expected_keys):
|
def test_get_aws_secrets_from_json_file(filename, expected_keys):
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue