diff options
-rw-r--r-- | .pre-commit-config.yaml | 6 | ||||
-rw-r--r-- | src/mlia/backend/proc.py | 26 | ||||
-rw-r--r-- | src/mlia/tools/metadata/corstone.py | 16 | ||||
-rw-r--r-- | tests/test_backend_proc.py | 40 |
4 files changed, 36 insertions, 52 deletions
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 7033a29..08f5f7e 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -81,6 +81,12 @@ repos: - id: blocklint exclude: setup.cfg +- repo: https://github.com/PyCQA/bandit + rev: '1.7.4' + hooks: + - id: bandit + args: ["--skip", "B101"] + - repo: local hooks: - id: mypy diff --git a/src/mlia/backend/proc.py b/src/mlia/backend/proc.py index a4c0be3..911d672 100644 --- a/src/mlia/backend/proc.py +++ b/src/mlia/backend/proc.py @@ -9,6 +9,7 @@ import datetime import logging import shlex import signal +import tempfile import time from pathlib import Path from typing import Any @@ -33,13 +34,6 @@ class CommandFailedException(Exception): class ShellCommand: """Wrapper class for shell commands.""" - def __init__(self, base_log_path: str = "/tmp") -> None: - """Initialise the class. - - base_log_path: it is the base directory where logs will be stored - """ - self.base_log_path = base_log_path - def run( self, cmd: str, @@ -73,18 +67,15 @@ class ShellCommand: out, err = _out, _err if not _out and not _err: - out, err = [ - str(item) - for item in self.get_stdout_stderr_paths(self.base_log_path, cmd) - ] + out, err = [str(item) for item in self.get_stdout_stderr_paths(cmd)] return command(_out=out, _err=err, _tee=_tee, _bg=_bg, _bg_exc=False) @classmethod - def get_stdout_stderr_paths(cls, base_log_path: str, cmd: str) -> Tuple[Path, Path]: + def get_stdout_stderr_paths(cls, cmd: str) -> Tuple[Path, Path]: """Construct and returns the paths of stdout/stderr files.""" timestamp = datetime.datetime.now().timestamp() - base_path = Path(base_log_path) + base_path = Path(tempfile.mkdtemp(prefix="mlia-", suffix=f"{timestamp}")) base = base_path / f"{valid_for_filename(cmd, '_')}_{timestamp}" stdout = base.with_suffix(".out") stderr = base.with_suffix(".err") @@ -108,15 +99,6 @@ def parse_command(command: str, shell: str = "bash") -> List[str]: return [cmd] + args -def get_stdout_stderr_paths( - command: str, base_log_path: str = "/tmp" -) -> Tuple[Path, Path]: - """Construct and returns the paths of stdout/stderr files.""" - cmd, *_ = parse_command(command) - - return ShellCommand.get_stdout_stderr_paths(base_log_path, cmd) - - def execute_command( # pylint: disable=invalid-name command: str, cwd: Path, diff --git a/src/mlia/tools/metadata/corstone.py b/src/mlia/tools/metadata/corstone.py index 6a3c1c8..023369c 100644 --- a/src/mlia/tools/metadata/corstone.py +++ b/src/mlia/tools/metadata/corstone.py @@ -1,9 +1,14 @@ # SPDX-FileCopyrightText: Copyright 2022, Arm Limited and/or its affiliates. # SPDX-License-Identifier: Apache-2.0 -"""Module for Corstone based FVPs.""" +"""Module for Corstone based FVPs. + +The import of subprocess module raises a B404 bandit error. MLIA usage of +subprocess is needed and can be considered safe hence disabling the security +check. +""" import logging import platform -import subprocess +import subprocess # nosec import tarfile from dataclasses import dataclass from pathlib import Path @@ -25,6 +30,7 @@ from mlia.utils.filesystem import get_mlia_resources from mlia.utils.filesystem import temp_directory from mlia.utils.filesystem import working_directory + logger = logging.getLogger(__name__) @@ -296,7 +302,11 @@ class Corstone300Installer: "--i-agree-to-the-contained-eula", ] - subprocess.check_call(fvp_install_cmd) + # The following line raises a B603 error for bandit. In this + # specific case, the input is pretty much static and cannot be + # changed byt the user hence disabling the security check for + # this instance + subprocess.check_call(fvp_install_cmd) # nosec except subprocess.CalledProcessError as err: raise Exception( "Error occurred during Corstone-300 installation" diff --git a/tests/test_backend_proc.py b/tests/test_backend_proc.py index f47c244..99e0bd5 100644 --- a/tests/test_backend_proc.py +++ b/tests/test_backend_proc.py @@ -22,26 +22,13 @@ from mlia.backend.proc import terminate_command class TestShellCommand: """Sample class for collecting tests.""" - def test_shellcommand_default_value(self) -> None: - """Test the instantiation of the class ShellCommand with no parameter.""" - shell_command = ShellCommand() - assert shell_command.base_log_path == "/tmp" - - @pytest.mark.parametrize( - "base_log_path,expected", [("/test", "/test"), ("/asd", "/asd")] - ) - def test_shellcommand_with_param(self, base_log_path: str, expected: str) -> None: - """Test init ShellCommand with different parameters.""" - shell_command = ShellCommand(base_log_path) - assert shell_command.base_log_path == expected - def test_run_ls(self, monkeypatch: Any) -> None: """Test a simple ls command.""" mock_command = mock.MagicMock() monkeypatch.setattr(Command, "bake", mock_command) mock_get_stdout_stderr_paths = mock.MagicMock() - mock_get_stdout_stderr_paths.return_value = ("/tmp/std.out", "/tmp/std.err") + mock_get_stdout_stderr_paths.return_value = ("/path/std.out", "/path/std.err") monkeypatch.setattr( ShellCommand, "get_stdout_stderr_paths", mock_get_stdout_stderr_paths ) @@ -50,7 +37,11 @@ class TestShellCommand: shell_command.run("ls", "-l") assert mock_command.mock_calls[0] == mock.call(("-l",)) assert mock_command.mock_calls[1] == mock.call()( - _bg=True, _err="/tmp/std.err", _out="/tmp/std.out", _tee=True, _bg_exc=False + _bg=True, + _err="/path/std.err", + _out="/path/std.out", + _tee=True, + _bg_exc=False, ) def test_run_command_not_found(self) -> None: @@ -59,23 +50,15 @@ class TestShellCommand: with pytest.raises(CommandNotFound): shell_command.run("lsl", "-l") - def test_get_stdout_stderr_paths_valid_path(self) -> None: + def test_get_stdout_stderr_paths(self) -> None: """Test the method to get files to store stdout and stderr.""" - valid_path = "/tmp" - shell_command = ShellCommand(valid_path) - out, err = shell_command.get_stdout_stderr_paths(valid_path, "cmd") + shell_command = ShellCommand() + out, err = shell_command.get_stdout_stderr_paths("cmd") assert out.exists() and out.is_file() assert err.exists() and err.is_file() assert "cmd" in out.name assert "cmd" in err.name - def test_get_stdout_stderr_paths_not_invalid_path(self) -> None: - """Test the method to get output files with an invalid path.""" - invalid_path = "/invalid/foo/bar" - shell_command = ShellCommand(invalid_path) - with pytest.raises(FileNotFoundError): - shell_command.get_stdout_stderr_paths(invalid_path, "cmd") - @mock.patch("builtins.print") def test_print_command_stdout_alive(mock_print: Any) -> None: @@ -198,6 +181,9 @@ class TestRunAndWait: def test_parse_command() -> None: """Test parse_command function.""" assert parse_command("1.sh") == ["bash", "1.sh"] - assert parse_command("1.sh", shell="sh") == ["sh", "1.sh"] + # The following line raises a B604 bandit error. In our case we specify + # what shell to use instead of using the default one. It is a safe use + # we are ignoring this instance. + assert parse_command("1.sh", shell="sh") == ["sh", "1.sh"] # nosec assert parse_command("command") == ["command"] assert parse_command("command 123 --param=1") == ["command", "123", "--param=1"] |