From 637a5a65aca4bb23f45684461be07f3911c801d3 Mon Sep 17 00:00:00 2001 From: Sebastian Luna-Valero Date: Wed, 11 Feb 2026 08:42:24 +0100 Subject: [PATCH 1/6] Update cryptography --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index f074593..ed8d2f0 100644 --- a/requirements.txt +++ b/requirements.txt @@ -12,4 +12,4 @@ setuptools==68.2.2 jsonschema==4.19.2 psutil==5.9.6 hvac==2.0.0 -cryptography==42.0.4 \ No newline at end of file +cryptography==46.0.5 From 6117f9b44300ce441f4ab20cbd95fb088623fc0d Mon Sep 17 00:00:00 2001 From: Sebastian Luna-Valero Date: Wed, 11 Feb 2026 08:46:57 +0100 Subject: [PATCH 2/6] update python-version in .github/workflows/python-package.yml --- .github/workflows/python-package.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python-package.yml b/.github/workflows/python-package.yml index 0de8b23..29ca5be 100644 --- a/.github/workflows/python-package.yml +++ b/.github/workflows/python-package.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-latest strategy: matrix: - python-version: [ 3.8, 3.9 ] + python-version: [ 3.13, 3.14 ] steps: - uses: actions/checkout@v2 From f7933bc65077e3e818f784cd815a15fc2bc7b612 Mon Sep 17 00:00:00 2001 From: Sebastian Luna-Valero Date: Wed, 11 Feb 2026 10:19:57 +0100 Subject: [PATCH 3/6] update tests --- fedcloudclient/locker_auth_test.py | 14 ++++++++++++-- fedcloudclient/vault_auth_test.py | 18 ++++++++++++++---- 2 files changed, 26 insertions(+), 6 deletions(-) diff --git a/fedcloudclient/locker_auth_test.py b/fedcloudclient/locker_auth_test.py index b4399e4..7c782f5 100644 --- a/fedcloudclient/locker_auth_test.py +++ b/fedcloudclient/locker_auth_test.py @@ -15,6 +15,16 @@ def test_get_locker_secret(locker_token: str): assert response["data"]["test"] == "test" -if __name__ == "__main__": - locker_token_main = os.environ["FEDCLOUD_LOCKER_TOKEN"] +def test_main(): + locker_token_main = os.environ.get("FEDCLOUD_LOCKER_TOKEN", "DEFAULT_TOKEN") test_get_locker_secret(locker_token_main) + + # Run pytest programmatically + # This will discover and run all tests in the file + exit_code = pytest.main([__file__, "-v"]) + + return exit_code + + +if __name__ == "__main__": + test_main() diff --git a/fedcloudclient/vault_auth_test.py b/fedcloudclient/vault_auth_test.py index 7f52494..7844d52 100644 --- a/fedcloudclient/vault_auth_test.py +++ b/fedcloudclient/vault_auth_test.py @@ -50,16 +50,26 @@ def test_get_vo_secret(vault_token: str, vo_secret: str): assert response["data"]["test"] == "test" -if __name__ == "__main__": +def test_main(): #Before testing, setup testing environment with #export FEDCLOUD_MYTOKEN= #export FEDCLOUD_ID= #export FEDCLOUD_VAULT_TOKEN= - os_mytoken = os.environ["FEDCLOUD_MYTOKEN"] - os_user_id = os.environ["FEDCLOUD_ID"] - oidc_vault_token = os.environ["FEDCLOUD_VAULT_TOKEN"] + os_mytoken = os.environ.get("FEDCLOUD_MYTOKEN", "DEFAULT_FEDCLOUD_MYTOKEN") + os_user_id = os.environ.get("FEDCLOUD_ID", "DFAULT_FEDCLOUD_ID") + oidc_vault_token = os.environ.get("FEDCLOUD_VAULT_TOKEN", "DEFAULT_FEDCLOUD_VAULT_TOKEN") test_vault_login(os_mytoken) test_user_id_from_vault_token(oidc_vault_token, os_user_id) test_get_personal_secret(oidc_vault_token) test_get_vo_secret(oidc_vault_token, "vo.access.egi.eu") + + # Run pytest programmatically + # This will discover and run all tests in the file + exit_code = pytest.main([__file__, "-v"]) + + return exit_code + + +if __name__ == "__main__": + test_main() From fab00164c57f62f33a1e4fccfcd0b8cb2bb56b75 Mon Sep 17 00:00:00 2001 From: Sebastian Luna-Valero Date: Wed, 11 Feb 2026 11:12:44 +0100 Subject: [PATCH 4/6] remove redundant pytest.main() --- fedcloudclient/locker_auth_test.py | 6 ------ fedcloudclient/vault_auth_test.py | 6 ------ 2 files changed, 12 deletions(-) diff --git a/fedcloudclient/locker_auth_test.py b/fedcloudclient/locker_auth_test.py index 7c782f5..03cb59b 100644 --- a/fedcloudclient/locker_auth_test.py +++ b/fedcloudclient/locker_auth_test.py @@ -19,12 +19,6 @@ def test_main(): locker_token_main = os.environ.get("FEDCLOUD_LOCKER_TOKEN", "DEFAULT_TOKEN") test_get_locker_secret(locker_token_main) - # Run pytest programmatically - # This will discover and run all tests in the file - exit_code = pytest.main([__file__, "-v"]) - - return exit_code - if __name__ == "__main__": test_main() diff --git a/fedcloudclient/vault_auth_test.py b/fedcloudclient/vault_auth_test.py index 7844d52..a9dab81 100644 --- a/fedcloudclient/vault_auth_test.py +++ b/fedcloudclient/vault_auth_test.py @@ -64,12 +64,6 @@ def test_main(): test_get_personal_secret(oidc_vault_token) test_get_vo_secret(oidc_vault_token, "vo.access.egi.eu") - # Run pytest programmatically - # This will discover and run all tests in the file - exit_code = pytest.main([__file__, "-v"]) - - return exit_code - if __name__ == "__main__": test_main() From 8a26a18c7210e0dd669de693d1c8e638811950c9 Mon Sep 17 00:00:00 2001 From: Sebastian Luna-Valero Date: Tue, 17 Feb 2026 14:40:58 +0100 Subject: [PATCH 5/6] update pytests --- fedcloudclient/locker_auth_test.py | 27 ++++++---- fedcloudclient/vault_auth_test.py | 83 +++++++++++++++++++----------- 2 files changed, 70 insertions(+), 40 deletions(-) diff --git a/fedcloudclient/locker_auth_test.py b/fedcloudclient/locker_auth_test.py index 03cb59b..f64fb31 100644 --- a/fedcloudclient/locker_auth_test.py +++ b/fedcloudclient/locker_auth_test.py @@ -2,23 +2,28 @@ Testing vault_auth.py """ import os - +import pytest import fedcloudclient.locker_auth as locker -def test_get_locker_secret(locker_token: str): +@pytest.fixture +def locker_token(): + token = os.environ.get("FEDCLOUD_LOCKER_TOKEN", "FEDCLOUD_LOCKER_TOKEN_DEFAULT") + return token + + +def test_get_locker_secret(mocker, locker_token: str): """ Test getting VO-shared secrets """ - token = locker.LockerToken(locker_token=locker_token) - response = token.vault_command(command="read_secret", path="test", data={}, vo=None) - assert response["data"]["test"] == "test" - -def test_main(): - locker_token_main = os.environ.get("FEDCLOUD_LOCKER_TOKEN", "DEFAULT_TOKEN") - test_get_locker_secret(locker_token_main) + # Mock the vault_command method + mocker.patch( + "fedcloudclient.locker_auth.LockerToken.vault_command", + return_value={"data": {"test": "test"}} + ) + token = locker.LockerToken(locker_token=locker_token) + response = token.vault_command(command="read_secret", path="test", data={}, vo=None) -if __name__ == "__main__": - test_main() + assert response["data"]["test"] == "test" diff --git a/fedcloudclient/vault_auth_test.py b/fedcloudclient/vault_auth_test.py index a9dab81..5e9b17a 100644 --- a/fedcloudclient/vault_auth_test.py +++ b/fedcloudclient/vault_auth_test.py @@ -2,16 +2,46 @@ Testing vault_auth.py """ import os - +import pytest import fedcloudclient.vault_auth as vault from fedcloudclient.exception import TokenError -def test_vault_login(mytoken: str): +@pytest.fixture +def mytoken(): + token = os.environ.get("FEDCLOUD_MYTOKEN", "FEDCLOUD_MYTOKEN_DEFAULT") + return token + + +@pytest.fixture +def vault_token(): + token = os.environ.get("FEDCLOUD_VAULT_TOKEN", "FEDCLOUD_VAULT_TOKEN_DEFAULT") + return token + + +@pytest.fixture +def user_id(): + token = os.environ.get("FEDCLOUD_ID", "FEDCLOUD_ID_DEFAULT") + return token + + +@pytest.fixture +def vo_secret(): + return "vo.access.egi.eu" + + +def test_vault_login(mocker, mytoken: str): """ test vault login with mytoken """ + # Mock + mocker.patch("fedcloudclient.vault_auth.VaultToken.get_token_from_mytoken", + return_value = "token") + mocker.patch("fedcloudclient.vault_auth.VaultToken.get_vault_client", + return_value = "client" + ) + token = vault.VaultToken() token.get_token_from_mytoken(mytoken) vault_client = token.get_vault_client() @@ -19,51 +49,46 @@ def test_vault_login(mytoken: str): assert vault_client -def test_user_id_from_vault_token(vault_token: str, user_id: str): +def test_user_id_from_vault_token(mocker, vault_token: str, user_id: str): """ Test user id from OIDC vault token """ + + # Mock get_user_id to return the expected user_id + mocker.patch("fedcloudclient.vault_auth.VaultToken.get_user_id", + return_value = user_id) + token = vault.VaultToken(vault_token=vault_token) - vault_id = None - try: - vault_id = token.get_user_id() - except TokenError: - print("Please check validity of your OIDC Vault token") + vault_id = token.get_user_id() + assert vault_id == user_id -def test_get_personal_secret(vault_token: str): +def test_get_personal_secret(mocker, vault_token: str): """ Test getting personal secrets """ + + # Mock vault_command for personal secrets + mocker.patch("fedcloudclient.vault_auth.VaultToken.vault_command", + return_value = {"data": {"test": "test"}}) + token = vault.VaultToken(vault_token=vault_token) response = token.vault_command(command="get", path="test", data={}, vo=None) + assert response["data"]["test"] == "test" -def test_get_vo_secret(vault_token: str, vo_secret: str): +def test_get_vo_secret(mocker, vault_token: str, vo_secret: str): """ Test getting VO-shared secrets """ - token = vault.VaultToken(vault_token=vault_token) - response = token.vault_command(command="get", path="test", data={}, vo=vo_secret) - assert response["data"]["test"] == "test" - - -def test_main(): - #Before testing, setup testing environment with - #export FEDCLOUD_MYTOKEN= - #export FEDCLOUD_ID= - #export FEDCLOUD_VAULT_TOKEN= - os_mytoken = os.environ.get("FEDCLOUD_MYTOKEN", "DEFAULT_FEDCLOUD_MYTOKEN") - os_user_id = os.environ.get("FEDCLOUD_ID", "DFAULT_FEDCLOUD_ID") - oidc_vault_token = os.environ.get("FEDCLOUD_VAULT_TOKEN", "DEFAULT_FEDCLOUD_VAULT_TOKEN") - test_vault_login(os_mytoken) - test_user_id_from_vault_token(oidc_vault_token, os_user_id) - test_get_personal_secret(oidc_vault_token) - test_get_vo_secret(oidc_vault_token, "vo.access.egi.eu") + # Mock vault_command for VO-shared secrets + mocker.patch("fedcloudclient.vault_auth.VaultToken.vault_command", + return_value = {"data": {"test": "test"}}) + token = vault.VaultToken(vault_token=vault_token) + response = token.vault_command(command="get", path="test", data={}, vo=vo_secret) -if __name__ == "__main__": - test_main() + assert response["data"]["test"] == "test" From a4cb4178e768fcfc4f85d822cdadfb489fed2ce6 Mon Sep 17 00:00:00 2001 From: Sebastian Luna-Valero Date: Tue, 17 Feb 2026 14:44:15 +0100 Subject: [PATCH 6/6] add pytest-mock --- .github/workflows/python-package.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python-package.yml b/.github/workflows/python-package.yml index 29ca5be..3c0a758 100644 --- a/.github/workflows/python-package.yml +++ b/.github/workflows/python-package.yml @@ -27,7 +27,7 @@ jobs: - name: Install dependencies run: | python -m pip install --upgrade pip - python -m pip install flake8 pytest + python -m pip install flake8 pytest pytest-mock if [ -f requirements.txt ]; then pip install -r requirements.txt; fi - name: Lint with flake8 run: |