Refactor header checks, setup, and CI testing

Updated `add_header_multiline.py` and `setup.py` for string standardization and better dependency management. Switched CI testing to use pytest instead of nosetests, and included `pytest-xdist` in dev requirements for parallel test execution.
dvershinin · Aug 17, 2024 · 67cecfe · 67cecfe
1 parent b20bed7
commit 67cecfe
Show file tree

Hide file tree

Showing 4 changed files with 70 additions and 52 deletions.
diff --git a/.github/workflows/pythonpackage.yml b/.github/workflows/pythonpackage.yml
@@ -25,8 +25,8 @@ jobs:
         flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics
         # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide
         flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics
-    - name: Test with nosetests
+    - name: Test with pytest
       run: |
-        nosetests --with-coverage --cover-package gixy -v
+        pytest -v -n auto
       env:
         GITHUB_API_TOKEN: ${{ secrets.GITHUB_TOKEN }}
diff --git a/gixy/plugins/add_header_multiline.py b/gixy/plugins/add_header_multiline.py
@@ -4,48 +4,53 @@
 
 class add_header_multiline(Plugin):
     """
-    Insecure example:
-add_header Content-Security-Policy "
-    default-src: 'none';
-    img-src data: https://mc.yandex.ru https://yastatic.net *.yandex.net https://mc.yandex.${tld} https://mc.yandex.ru;
-    font-src data: https://yastatic.net;";
+        Insecure example:
+    add_header Content-Security-Policy "
+        default-src: 'none';
+        img-src data: https://mc.yandex.ru https://yastatic.net *.yandex.net https://mc.yandex.${tld} https://mc.yandex.ru;
+        font-src data: https://yastatic.net;";
     """
-    summary = 'Found a multi-line header.'
+
+    summary = "Found a multi-line header."
     severity = gixy.severity.LOW
-    description = ('Multi-line headers are deprecated (see RFC 7230). '
-                   'Some clients never supports them (e.g. IE/Edge).')
-    help_url = 'https://github.com/dvershinin/gixy/blob/master/docs/en/plugins/addheadermultiline.md'
-    directives = ['add_header', 'more_set_headers']
+    description = (
+        "Multi-line headers are deprecated (see RFC 7230). "
+        "Some clients never supports them (e.g. IE/Edge)."
+    )
+    help_url = "https://github.com/dvershinin/gixy/blob/master/docs/en/plugins/addheadermultiline.md"
+    directives = ["add_header", "more_set_headers"]
 
     def audit(self, directive):
         header_values = get_header_values(directive)
         for value in header_values:
-            if '\n\x20' in value or '\n\t' in value:
+            if "\n\x20" in value or "\n\t" in value:
                 self.add_issue(directive=directive)
                 break
-            if '\n' in value:
-                reason = 'A newline character is found in the directive "{directive}". The resulting header will be ' \
-                         'incomplete. Ensure the value is fit on a single line'.format(directive=directive.name)
+            if "\n" in value:
+                reason = (
+                    'A newline character is found in the directive "{directive}". The resulting header will be '
+                    "incomplete. Ensure the value is fit on a single line".format(
+                        directive=directive.name
+                    )
+                )
                 self.add_issue(
-                    severity=gixy.severity.HIGH,
-                    directive=directive,
-                    reason=reason
+                    severity=gixy.severity.HIGH, directive=directive, reason=reason
                 )
                 break
 
 
 def get_header_values(directive):
-    if directive.name == 'add_header':
+    if directive.name == "add_header":
         return [directive.args[1]]
 
     # See headers more documentation: https://github.com/openresty/headers-more-nginx-module#description
     result = []
     skip_next = False
     for arg in directive.args:
-        if arg in ['-s', '-t']:
-            # Skip next value, because it's not a header
+        if arg in ["-s", "-t"]:
+            # Skip the next value because it's not a header
             skip_next = True
-        elif arg.startswith('-'):
+        elif arg.startswith("-"):
             # Skip any options
             pass
         elif skip_next:

diff --git a/requirements.dev.txt b/requirements.dev.txt
@@ -2,3 +2,4 @@ pytest>=7.0.0
 coverage>=4.3
 flake8>=3.2
 tox>=2.7.0
+pytest-xdist
diff --git a/setup.py b/setup.py
@@ -1,17 +1,33 @@
 import re
 from setuptools import setup, find_packages
+
 # FileNotFoundError is not there in Python 2, define it:
 try:
     FileNotFoundError
 except NameError:
     FileNotFoundError = IOError
 
-with open('gixy/__init__.py', 'r') as fd:
-    version = re.search(r'^version\s*=\s*[\'"]([^\'"]*)[\'"]',
-                        fd.read(), re.MULTILINE).group(1)
+with open("gixy/__init__.py", "r") as fd:
+    version = re.search(
+        r'^version\s*=\s*[\'"]([^\'"]*)[\'"]', fd.read(), re.MULTILINE
+    ).group(1)
 
 if not version:
-    raise RuntimeError('Cannot find version information')
+    raise RuntimeError("Cannot find version information")
+
+install_requires = [
+    "pyparsing>=1.5.5,<=2.4.7",
+    'cached-property>=1.2.0;python_version<"3.8"',
+    'argparse>=1.4.0;python_version<"3.2"',
+    "six>=1.1.0",
+    "Jinja2>=2.8",
+    "ConfigArgParse>=0.11.0",
+]
+
+tests_requires = [
+    "pytest>=7.0.0",
+    "pytest-xdist",
+]
 
 # README.md is not present in Docker image setup
 long_description = None
@@ -22,42 +38,38 @@
     pass
 
 setup(
-    name='gixy-ng',
+    name="gixy-ng",
     version=version,
-    description='NGINX configuration [sec]analyzer',
+    description="NGINX configuration [sec]analyzer",
     long_description=long_description,
     long_description_content_type="text/markdown",
-    keywords='nginx security lint static-analysis',
-    author='Yandex IS Team, GetPageSpeed LLC',
-    author_email='[email protected], [email protected]',
-    url='https://github.com/dvershinin/gixy',
-    install_requires=[
-        'pyparsing>=1.5.5,<=2.4.7',
-        'cached-property>=1.2.0;python_version<"3.8"',
-        'argparse>=1.4.0;python_version<"3.2"',
-        'six>=1.1.0',
-        'Jinja2>=2.8',
-        'ConfigArgParse>=0.11.0'
-    ],
+    keywords="nginx security lint static-analysis",
+    author="Yandex IS Team, GetPageSpeed LLC",
+    author_email="[email protected], [email protected]",
+    url="https://github.com/dvershinin/gixy",
+    install_requires=install_requires,
+    extras_require={
+        "tests": install_requires + tests_requires,
+    },
     entry_points={
-        'console_scripts': ['gixy=gixy.cli.main:main'],
+        "console_scripts": ["gixy=gixy.cli.main:main"],
     },
-    packages=find_packages(exclude=['tests', 'tests.*']),
+    packages=find_packages(exclude=["tests", "tests.*"]),
     classifiers=[
-        'Development Status :: 3 - Alpha',
-        'Environment :: Console',
-        'Intended Audience :: System Administrators',
-        'Intended Audience :: Developers',
-        'Topic :: Security',
-        'Topic :: Software Development :: Quality Assurance',
-        'Topic :: Software Development :: Testing',
+        "Development Status :: 3 - Alpha",
+        "Environment :: Console",
+        "Intended Audience :: System Administrators",
+        "Intended Audience :: Developers",
+        "Topic :: Security",
+        "Topic :: Software Development :: Quality Assurance",
+        "Topic :: Software Development :: Testing",
         "Programming Language :: Python :: 3.6",
         "Programming Language :: Python :: 3.7",
         "Programming Language :: Python :: 3.8",
         "Programming Language :: Python :: 3.9",
         "Programming Language :: Python :: 3.10",
         "Programming Language :: Python :: 3.11",
-        "Programming Language :: Python :: 3.12"
+        "Programming Language :: Python :: 3.12",
     ],
-    include_package_data=True
+    include_package_data=True,
 )