From 6901034aec837cdf49b30f6ce019aeaa60533c12 Mon Sep 17 00:00:00 2001 From: Matthew Watkins Date: Tue, 21 Nov 2023 14:28:23 +0000 Subject: [PATCH] Chore: Further linting fixes Signed-off-by: Matthew Watkins --- .github/workflows/ci.yml | 28 +-- .github/workflows/release.yaml | 167 +++++++++++++++++ .github/workflows/release.yml | 48 ++--- .github/workflows/test-build-push.yml | 133 +++++++------- .thoth.yaml | 5 +- CONTRIBUTING.md | 14 +- Pipfile | 1 + Pipfile.lock | 251 +++++++++++++++++++++++++- README.md | 2 + docker-compose.yml | 3 +- scripts/pipaudit.sh | 43 +++++ 11 files changed, 589 insertions(+), 106 deletions(-) create mode 100644 .github/workflows/release.yaml create mode 100755 scripts/pipaudit.sh diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7ba644f..d77de95 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,27 +1,29 @@ +--- name: CI +# yamllint disable-line rule:truthy on: push: - branches: [ main ] + branches: [main] pull_request: - branches: [ main ] + branches: [main] jobs: ci: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 + - uses: actions/checkout@v2 - - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@v2 - with: - python-version: "3.8" + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v2 + with: + python-version: '3.8' - - name: Install dependencies - run: | - python -m pip install --upgrade pip - pip install tox + - name: "Install dependencies" + run: | + python -m pip install --upgrade pip + pip install tox - - name: Run auto-tests - run: tox + - name: Run auto-tests + run: tox diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..af4478f --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,167 @@ +--- +name: 'πŸπŸ“¦ Production build and release' + +# GitHub/PyPI trusted publisher documentation: +# https://packaging.python.org/en/latest/guides/publishing-package-distribution-releases-using-github-actions-ci-cd-workflows/ + +# yamllint disable-line rule:truthy +on: + # workflow_dispatch: + push: + # Only invoked on release tag pushes + tags: + - v*.*.* + +env: + python-version: '3.10' + +### BUILD ### + +jobs: + build: + name: '🐍 Build packages' + runs-on: ubuntu-latest + permissions: + # IMPORTANT: mandatory for Sigstore + id-token: write + steps: + ### BUILDING ### + + - name: 'Checkout repository' + uses: actions/checkout@v4 + + - name: 'Setup PDM for build commands' + uses: pdm-project/setup-pdm@v3 + with: + version: 2.10.0 + + - name: 'Setup Python 3.10' + uses: actions/setup-python@v4.7.0 + with: + python-version: ${{ env.python-version }} + + - name: 'Update version from tags for production release' + run: | + echo "Github versioning: ${{ github.ref_name }}" + scripts/release-versioning.sh + + - name: 'Build with PDM backend' + run: | + pdm build + + ### SIGNING ### + + - name: 'Sign packages with Sigstore' + uses: sigstore/gh-action-sigstore-python@v1.2.3 + with: + inputs: >- + ./dist/*.tar.gz + ./dist/*.whl + + - name: Store the distribution packages + uses: actions/upload-artifact@v3 + with: + name: ${{ github.ref_name }} + path: dist/ + + ### PUBLISH GITHUB ### + + github: + name: 'πŸ“¦ Publish to GitHub' + # Only publish on tag pushes + if: startsWith(github.ref, 'refs/tags/') + needs: + - build + runs-on: ubuntu-latest + permissions: + # IMPORTANT: mandatory to publish artefacts + contents: write + steps: + - name: '⬇ Download build artefacts' + uses: actions/download-artifact@v3 + with: + name: ${{ github.ref_name }} + path: dist/ + + - name: 'πŸ“¦ Publish release to GitHub' + uses: ModeSevenIndustrialSolutions/action-automatic-releases@latest + with: + # Valid inputs are: + # repo_token, automatic_release_tag, draft, prerelease, title, files + repo_token: ${{ secrets.GITHUB_TOKEN }} + prerelease: false + automatic_release_tag: ${{ github.ref_name }} + title: ${{ github.ref_name }} + files: | + dist/*.tar.gz + dist/*.whl + + ### PUBLISH PYPI TEST ### + + testpypi: + name: 'πŸ“¦ Publish to PyPi Test' + # Only publish on tag pushes + if: startsWith(github.ref, 'refs/tags/') + needs: + - build + runs-on: ubuntu-latest + environment: + name: testpypi + permissions: + # IMPORTANT: mandatory for trusted publishing + id-token: write + steps: + - name: '⬇ Download build artefacts' + uses: actions/download-artifact@v3 + with: + name: ${{ github.ref_name }} + path: dist/ + + - name: 'Remove files unsupported by PyPi' + run: | + if [ -f dist/buildvars.txt ]; then + rm dist/buildvars.txt + fi + rm dist/*.crt dist/*.sig* + + - name: Publish distribution to Test PyPI + uses: pypa/gh-action-pypi-publish@release/v1 + with: + repository-url: https://test.pypi.org/legacy/ + verbose: true + + ### PUBLISH PYPI ### + + pypi: + name: 'πŸ“¦ Publish to PyPi' + # Only publish on tag pushes + if: startsWith(github.ref, 'refs/tags/') + needs: + - testpypi + runs-on: ubuntu-latest + environment: + name: pypi + permissions: + # IMPORTANT: mandatory for trusted publishing + id-token: write + steps: + - name: '⬇ Download build artefacts' + uses: actions/download-artifact@v3 + with: + name: ${{ github.ref_name }} + path: dist/ + + - name: 'Remove files unsupported by PyPi' + run: | + if [ -f dist/buildvars.txt ]; then + rm dist/buildvars.txt + fi + rm dist/*.crt dist/*.sig* + + - name: 'Setup PDM for build commands' + uses: pdm-project/setup-pdm@v3 + + - name: 'Publish release to PyPI' + uses: pypa/gh-action-pypi-publish@release/v1 + with: + verbose: true diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c69dbb9..16d2c27 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,34 +1,36 @@ -# This workflow will upload a Python package using Twine when a tagged commit is merged. +--- +# This workflow will upload a Python package +# using Twine when a tagged commit is merged. -name: Publish on PyPI +name: "Publish on PyPI" +# yamllint disable-line rule:truthy on: push: tags: - - v* + - v* jobs: deploy: - runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2 - - - name: Set up Python - uses: actions/setup-python@v2 - with: - python-version: '3.x' - - - name: Install dependencies - run: | - python -m pip install --upgrade pip - pip install setuptools wheel twine - - - name: Build and publish - env: - TWINE_USERNAME: __token__ - TWINE_PASSWORD: ${{ secrets.OSC_PHYSRISK_API_PYPI_TOKEN }} - run: | - python setup.py sdist bdist_wheel - twine upload dist/* + - uses: actions/checkout@v2 + + - name: Set up Python + uses: actions/setup-python@v2 + with: + python-version: '3.x' + + - name: "Install dependencies" + run: | + python -m pip install --upgrade pip + pip install setuptools wheel twine + + - name: "Build and publish" + env: + TWINE_USERNAME: __token__ + TWINE_PASSWORD: ${{ secrets.OSC_PHYSRISK_API_PYPI_TOKEN }} + run: | + python setup.py sdist bdist_wheel + twine upload dist/* diff --git a/.github/workflows/test-build-push.yml b/.github/workflows/test-build-push.yml index 67a5441..49b0f2a 100644 --- a/.github/workflows/test-build-push.yml +++ b/.github/workflows/test-build-push.yml @@ -1,85 +1,90 @@ -# Workflow to build Docker image, based on openshift.yml (excluding OpenShift deployment) +--- +# Workflow to build Docker image +# Based on openshift.yml (excluding OpenShift deployment) -name: Run tests, build and push image +name: "Run tests, build and push image" env: - APP_NAME: "physrisk-api" - IMAGE_REGISTRY: "quay.io/os-climate" - IMAGE_TAGS: "" + APP_NAME: 'physrisk-api' + IMAGE_REGISTRY: 'quay.io/os-climate' + IMAGE_TAGS: '' +# yamllint disable-line rule:truthy on: # https://docs.github.com/en/actions/reference/events-that-trigger-workflows push +# yamllint disable rule:line-length + jobs: build: - name: Build and push to Quay + name: "Build and push to Quay" runs-on: ubuntu-latest steps: - - name: Check for required secrets - uses: actions/github-script@v4 - with: - script: | - const secrets = { - OSC_PHYSRISK_API_QUAY_USER: `${{ secrets.OSC_PHYSRISK_API_QUAY_USER }}`, - OSC_PHYSRISK_API_QUAY_TOKEN: `${{ secrets.OSC_PHYSRISK_API_QUAY_TOKEN }}`, - }; + - name: "Check for required secrets" + uses: actions/github-script@v4 + with: + script: | + const secrets = { + OSC_PHYSRISK_API_QUAY_USER: `${{ secrets.OSC_PHYSRISK_API_QUAY_USER }}`, + OSC_PHYSRISK_API_QUAY_TOKEN: `${{ secrets.OSC_PHYSRISK_API_QUAY_TOKEN }}`, + }; - const missingSecrets = Object.entries(secrets).filter(([ name, value ]) => { - if (value.length === 0) { - core.error(`Secret "${name}" is not set`); - return true; - } - core.info(`βœ”οΈ Secret "${name}" is set`); - return false; - }); + const missingSecrets = Object.entries(secrets).filter(([ name, value ]) => { + if (value.length === 0) { + core.error(`Secret "${name}" is not set`); + return true; + } + core.info(`βœ”οΈ Secret "${name}" is set`); + return false; + }); - if (missingSecrets.length > 0) { - core.setFailed(`❌ At least one required secret is not set in the repository. \n` + - "You can add it using:\n" + - "GitHub UI: https://docs.github.com/en/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-a-repository \n" + - "GitHub CLI: https://cli.github.com/manual/gh_secret_set \n" + - "Also, refer to https://github.com/redhat-actions/oc-login#getting-started-with-the-action-or-see-example"); - } - else { - core.info(`βœ… All the required secrets are set`); - } + if (missingSecrets.length > 0) { + core.setFailed(`❌ At least one required secret is not set in the repository. \n` + + "You can add it using:\n" + + "GitHub UI: https://docs.github.com/en/actions/reference/encrypted-secrets#creating-encrypted-secrets-for-a-repository \n" + + "GitHub CLI: https://cli.github.com/manual/gh_secret_set \n" + + "Also, refer to https://github.com/redhat-actions/oc-login#getting-started-with-the-action-or-see-example"); + } + else { + core.info(`βœ… All the required secrets are set`); + } - - name: Check out repository - uses: actions/checkout@v2 + - name: "Check out repository" + uses: actions/checkout@v2 - - name: Determine app name - if: env.APP_NAME == '' - run: | - echo "APP_NAME=$(basename $PWD)" | tee -a $GITHUB_ENV + - name: "Determine app name" + if: env.APP_NAME == '' + run: | + echo "APP_NAME=$(basename $PWD)" | tee -a $GITHUB_ENV - - name: Determine image tags - if: env.IMAGE_TAGS == '' - run: | - echo "IMAGE_TAGS=latest ${GITHUB_SHA::12}" | tee -a $GITHUB_ENV + - name: "Determine image tags" + if: env.IMAGE_TAGS == '' + run: | + echo "IMAGE_TAGS=latest ${GITHUB_SHA::12}" | tee -a $GITHUB_ENV - # https://github.com/redhat-actions/buildah-build#readme - - name: Build from Dockerfile - id: build-image - uses: redhat-actions/buildah-build@v2 - with: - image: ${{ env.APP_NAME }} - tags: ${{ env.IMAGE_TAGS }} + # https://github.com/redhat-actions/buildah-build#readme + - name: "Build from Dockerfile" + id: build-image + uses: redhat-actions/buildah-build@v2 + with: + image: ${{ env.APP_NAME }} + tags: ${{ env.IMAGE_TAGS }} - # If you don't have a Dockerfile/Containerfile, refer to https://github.com/redhat-actions/buildah-build#scratch-build-inputs - # Or, perform a source-to-image build using https://github.com/redhat-actions/s2i-build - # Otherwise, point this to your Dockerfile/Containerfile relative to the repository root. - dockerfiles: | - ./Dockerfile + # If you don't have a Dockerfile/Containerfile, refer to https://github.com/redhat-actions/buildah-build#scratch-build-inputs + # Or, perform a source-to-image build using https://github.com/redhat-actions/s2i-build + # Otherwise, point this to your Dockerfile/Containerfile relative to the repository root. + dockerfiles: | + ./Dockerfile - # https://github.com/redhat-actions/push-to-registry#readme - - name: Push to registry - id: push-image - uses: redhat-actions/push-to-registry@v2 - with: - image: ${{ steps.build-image.outputs.image }} - tags: ${{ steps.build-image.outputs.tags }} - registry: ${{ env.IMAGE_REGISTRY }} - username: ${{ secrets.OSC_PHYSRISK_API_QUAY_USER }} - password: ${{ secrets.OSC_PHYSRISK_API_QUAY_TOKEN }} + # https://github.com/redhat-actions/push-to-registry#readme + - name: "Push to registry" + id: push-image + uses: redhat-actions/push-to-registry@v2 + with: + image: ${{ steps.build-image.outputs.image }} + tags: ${{ steps.build-image.outputs.tags }} + registry: ${{ env.IMAGE_REGISTRY }} + username: ${{ secrets.OSC_PHYSRISK_API_QUAY_USER }} + password: ${{ secrets.OSC_PHYSRISK_API_QUAY_TOKEN }} diff --git a/.thoth.yaml b/.thoth.yaml index 6cc2b48..f09e549 100644 --- a/.thoth.yaml +++ b/.thoth.yaml @@ -1,3 +1,4 @@ +--- host: khemenu.thoth-station.ninja tls_verify: false requirements_format: pipenv @@ -6,8 +7,8 @@ runtime_environments: - name: default operating_system: name: ubi - version: "8" - python_version: "3.8" + version: '8' + python_version: '3.8' recommendation_type: latest managers: diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 3c71f9c..7fc018f 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -1,7 +1,9 @@ # Contributing to phsyrisk-api ## Getting started + To get set up, clone and enter the repo. + ``` git clone git@github.com:os-climate/physrisk-api.git cd physrisk-api @@ -9,6 +11,7 @@ cd physrisk-api We recommend using [pipenv](https://pipenv.pypa.io/en/latest/) for a consistent working environment. + ``` pip install pipenv pipenv install @@ -20,8 +23,9 @@ When adding a package for use in new or improved functionality, testing or development, `pipenv install -d `. ## Development + Patches may be contributed via pull requests to -https://github.com/os-climate/physrisk-api. +. All changes must pass the automated test suite, along with various static checks. @@ -30,6 +34,7 @@ checks. [isort](https://pycqa.github.io/isort/) import ordering are enforced and enabling automatic formatting via [pre-commit](https://pre-commit.com/) is recommended: + ``` pre-commit install ``` @@ -37,6 +42,7 @@ pre-commit install To ensure compliance with static check tools, developers may wish to run black and isort against modified files. E.g., + ``` # auto-sort imports isort . @@ -45,6 +51,7 @@ black . ``` Code can then be tested using tox. + ``` # run static checks and unit tests tox @@ -57,13 +64,16 @@ tox -e cov ``` To run the application locally, run either of the following commands; + ``` docker-compose up # or podman-compose up ``` -One may then make requests of https://0.0.0.0:8080. + +One may then make requests of . ## Releasing + Currently, this service is released automatically to quay.io and manually deployed onto OpenShift. diff --git a/Pipfile b/Pipfile index ec205ba..7165f62 100644 --- a/Pipfile +++ b/Pipfile @@ -11,6 +11,7 @@ physrisk-lib = ">=0.19.0" flask-jwt-extended = "*" [dev-packages] +pdm = "*" pytest = "*" tox = "*" black = "*" diff --git a/Pipfile.lock b/Pipfile.lock index 7a17034..389fc8a 100644 --- a/Pipfile.lock +++ b/Pipfile.lock @@ -1,7 +1,7 @@ { "_meta": { "hash": { - "sha256": "8efba14e0ca7a7c7af790c720c027d748d19dbeff115443510e66488246760b1" + "sha256": "7001e86c9468221af6ac5a4a2d6b7b17bcaceb9f6905d131f90bde2b6b18279a" }, "pipfile-spec": 6, "requires": { @@ -1242,6 +1242,25 @@ "markers": "python_version >= '3.8'", "version": "==23.11.0" }, + "blinker": { + "hashes": [ + "sha256:c3f865d4d54db7abc53758a01601cf343fe55b84c1de4e3fa910e420b438d5b9", + "sha256:e6820ff6fa4e4d1d8e2747c2283749c3f547e4fee112b98555cdcdae32996182" + ], + "markers": "python_version >= '3.8'", + "version": "==1.7.0" + }, + "cachecontrol": { + "extras": [ + "filecache" + ], + "hashes": [ + "sha256:95dedbec849f46dda3137866dc28b9d133fc9af55f5b805ab1291833e4457aa4", + "sha256:f012366b79d2243a6118309ce73151bf52a38d4a5dac8ea57f09bd29087e506b" + ], + "markers": "python_version >= '3.7'", + "version": "==0.13.1" + }, "cachetools": { "hashes": [ "sha256:086ee420196f7b2ab9ca2db2520aca326318b68fe5ba8bc4d49cca91add450f2", @@ -1250,6 +1269,14 @@ "markers": "python_version >= '3.7'", "version": "==5.3.2" }, + "certifi": { + "hashes": [ + "sha256:9b469f3a900bf28dc19b8cfbf8019bf47f7fdd1a65a1d4ffb98fc14166beb4d1", + "sha256:e036ab49d5b79556f99cfc2d9320b34cfbe5be05c5871b51de9329f0603b0474" + ], + "markers": "python_version >= '3.6'", + "version": "==2023.11.17" + }, "cfgv": { "hashes": [ "sha256:b7265b1f29fd3316bfcd2b330d63d024f2bfd8bcb8b0272f8e19a504856c48f9", @@ -1266,6 +1293,14 @@ "markers": "python_version >= '3.7'", "version": "==5.2.0" }, + "charset-normalizer": { + "hashes": [ + "sha256:2857e29ff0d34db842cd7ca3230549d1a697f96ee6d3fb071cfa6c7393832597", + "sha256:6881edbebdb17b39b4eaaa821b438bf6eddffb4468cf344f09f89def34a8b1df" + ], + "markers": "python_version >= '3'", + "version": "==2.0.12" + }, "click": { "hashes": [ "sha256:ae74fb96c20a0277a1d615f1e4d73c8414f5a98db8b799a7931d1582f3390c28", @@ -1305,6 +1340,14 @@ "markers": "python_version >= '3.8'", "version": "==3.13.1" }, + "findpython": { + "hashes": [ + "sha256:087148ac5935f9be458f36a05f3fa479efdf2c629f5d386c73ea481cfecff15e", + "sha256:18b14d115678da18ae92ee22d7001cc30915ea531053f77010ee05a39680f438" + ], + "markers": "python_version >= '3.7'", + "version": "==0.4.0" + }, "flake8": { "hashes": [ "sha256:d5b3857f07c030bdb5bf41c7f53799571d75c4491748a3adcd47de929e34cd23", @@ -1322,6 +1365,22 @@ "markers": "python_version >= '3.8'", "version": "==2.5.32" }, + "idna": { + "hashes": [ + "sha256:814f528e8dead7d329833b91c5faa87d60bf71824cd12a7530b5526063d02cb4", + "sha256:90b77e79eaa3eba6de819a0c442c0b4ceefc341a7a2ab77d7562bf49f425c5c2" + ], + "markers": "python_version >= '3'", + "version": "==3.4" + }, + "importlib-metadata": { + "hashes": [ + "sha256:3ebb78df84a805d7698245025b975d9d67053cd94c79245ba4b3eb694abe68bb", + "sha256:dbace7892d8c0c4ac1ad096662232f831d4e64f4c4545bd53016a3e9d4654743" + ], + "markers": "python_version < '3.10'", + "version": "==6.8.0" + }, "iniconfig": { "hashes": [ "sha256:2d91e135bf72d31a410b17c16da610a82cb55f6b0477d1a902134b24a455b8b3", @@ -1330,6 +1389,14 @@ "markers": "python_version >= '3.7'", "version": "==2.0.0" }, + "installer": { + "hashes": [ + "sha256:05d1933f0a5ba7d8d6296bb6d5018e7c94fa473ceb10cf198a92ccea19c27b53", + "sha256:a26d3e3116289bb08216e0d0f7d925fcef0b0194eedfa0c944bcaaa106c4b631" + ], + "markers": "python_version >= '3.7'", + "version": "==0.7.0" + }, "isort": { "hashes": [ "sha256:8bef7dde241278824a6d83f44a544709b065191b95b6e50894bdc722fcba0504", @@ -1339,6 +1406,14 @@ "markers": "python_full_version >= '3.8.0'", "version": "==5.12.0" }, + "markdown-it-py": { + "hashes": [ + "sha256:355216845c60bd96232cd8d8c40e8f9765cc86f46880e43a8fd22dc1a1a8cab1", + "sha256:e3f60a94fa066dc52ec76661e37c851cb232d92f9886b15cb560aaada2df8feb" + ], + "markers": "python_version >= '3.8'", + "version": "==3.0.0" + }, "mccabe": { "hashes": [ "sha256:348e0240c33b60bbdf4e523192ef919f28cb2c3d7d5c7794f74009290f236325", @@ -1347,6 +1422,76 @@ "markers": "python_version >= '3.6'", "version": "==0.7.0" }, + "mdurl": { + "hashes": [ + "sha256:84008a41e51615a49fc9966191ff91509e3c40b939176e643fd50a5c2196b8f8", + "sha256:bb413d29f5eea38f31dd4754dd7377d4465116fb207585f97bf925588687c1ba" + ], + "markers": "python_version >= '3.7'", + "version": "==0.1.2" + }, + "msgpack": { + "hashes": [ + "sha256:04ad6069c86e531682f9e1e71b71c1c3937d6014a7c3e9edd2aa81ad58842862", + "sha256:0bfdd914e55e0d2c9e1526de210f6fe8ffe9705f2b1dfcc4aecc92a4cb4b533d", + "sha256:1dc93e8e4653bdb5910aed79f11e165c85732067614f180f70534f056da97db3", + "sha256:1e2d69948e4132813b8d1131f29f9101bc2c915f26089a6d632001a5c1349672", + "sha256:235a31ec7db685f5c82233bddf9858748b89b8119bf4538d514536c485c15fe0", + "sha256:27dcd6f46a21c18fa5e5deed92a43d4554e3df8d8ca5a47bf0615d6a5f39dbc9", + "sha256:28efb066cde83c479dfe5a48141a53bc7e5f13f785b92ddde336c716663039ee", + "sha256:3476fae43db72bd11f29a5147ae2f3cb22e2f1a91d575ef130d2bf49afd21c46", + "sha256:36e17c4592231a7dbd2ed09027823ab295d2791b3b1efb2aee874b10548b7524", + "sha256:384d779f0d6f1b110eae74cb0659d9aa6ff35aaf547b3955abf2ab4c901c4819", + "sha256:38949d30b11ae5f95c3c91917ee7a6b239f5ec276f271f28638dec9156f82cfc", + "sha256:3967e4ad1aa9da62fd53e346ed17d7b2e922cba5ab93bdd46febcac39be636fc", + "sha256:3e7bf4442b310ff154b7bb9d81eb2c016b7d597e364f97d72b1acc3817a0fdc1", + "sha256:3f0c8c6dfa6605ab8ff0611995ee30d4f9fcff89966cf562733b4008a3d60d82", + "sha256:484ae3240666ad34cfa31eea7b8c6cd2f1fdaae21d73ce2974211df099a95d81", + "sha256:4a7b4f35de6a304b5533c238bee86b670b75b03d31b7797929caa7a624b5dda6", + "sha256:4cb14ce54d9b857be9591ac364cb08dc2d6a5c4318c1182cb1d02274029d590d", + "sha256:4e71bc4416de195d6e9b4ee93ad3f2f6b2ce11d042b4d7a7ee00bbe0358bd0c2", + "sha256:52700dc63a4676669b341ba33520f4d6e43d3ca58d422e22ba66d1736b0a6e4c", + "sha256:572efc93db7a4d27e404501975ca6d2d9775705c2d922390d878fcf768d92c87", + "sha256:576eb384292b139821c41995523654ad82d1916da6a60cff129c715a6223ea84", + "sha256:5b0bf0effb196ed76b7ad883848143427a73c355ae8e569fa538365064188b8e", + "sha256:5b6ccc0c85916998d788b295765ea0e9cb9aac7e4a8ed71d12e7d8ac31c23c95", + "sha256:5ed82f5a7af3697b1c4786053736f24a0efd0a1b8a130d4c7bfee4b9ded0f08f", + "sha256:6d4c80667de2e36970ebf74f42d1088cc9ee7ef5f4e8c35eee1b40eafd33ca5b", + "sha256:730076207cb816138cf1af7f7237b208340a2c5e749707457d70705715c93b93", + "sha256:7687e22a31e976a0e7fc99c2f4d11ca45eff652a81eb8c8085e9609298916dcf", + "sha256:822ea70dc4018c7e6223f13affd1c5c30c0f5c12ac1f96cd8e9949acddb48a61", + "sha256:84b0daf226913133f899ea9b30618722d45feffa67e4fe867b0b5ae83a34060c", + "sha256:85765fdf4b27eb5086f05ac0491090fc76f4f2b28e09d9350c31aac25a5aaff8", + "sha256:8dd178c4c80706546702c59529ffc005681bd6dc2ea234c450661b205445a34d", + "sha256:8f5b234f567cf76ee489502ceb7165c2a5cecec081db2b37e35332b537f8157c", + "sha256:98bbd754a422a0b123c66a4c341de0474cad4a5c10c164ceed6ea090f3563db4", + "sha256:993584fc821c58d5993521bfdcd31a4adf025c7d745bbd4d12ccfecf695af5ba", + "sha256:a40821a89dc373d6427e2b44b572efc36a2778d3f543299e2f24eb1a5de65415", + "sha256:b291f0ee7961a597cbbcc77709374087fa2a9afe7bdb6a40dbbd9b127e79afee", + "sha256:b573a43ef7c368ba4ea06050a957c2a7550f729c31f11dd616d2ac4aba99888d", + "sha256:b610ff0f24e9f11c9ae653c67ff8cc03c075131401b3e5ef4b82570d1728f8a9", + "sha256:bdf38ba2d393c7911ae989c3bbba510ebbcdf4ecbdbfec36272abe350c454075", + "sha256:bfef2bb6ef068827bbd021017a107194956918ab43ce4d6dc945ffa13efbc25f", + "sha256:cab3db8bab4b7e635c1c97270d7a4b2a90c070b33cbc00c99ef3f9be03d3e1f7", + "sha256:cb70766519500281815dfd7a87d3a178acf7ce95390544b8c90587d76b227681", + "sha256:cca1b62fe70d761a282496b96a5e51c44c213e410a964bdffe0928e611368329", + "sha256:ccf9a39706b604d884d2cb1e27fe973bc55f2890c52f38df742bc1d79ab9f5e1", + "sha256:dc43f1ec66eb8440567186ae2f8c447d91e0372d793dfe8c222aec857b81a8cf", + "sha256:dd632777ff3beaaf629f1ab4396caf7ba0bdd075d948a69460d13d44357aca4c", + "sha256:e45ae4927759289c30ccba8d9fdce62bb414977ba158286b5ddaf8df2cddb5c5", + "sha256:e50ebce52f41370707f1e21a59514e3375e3edd6e1832f5e5235237db933c98b", + "sha256:ebbbba226f0a108a7366bf4b59bf0f30a12fd5e75100c630267d94d7f0ad20e5", + "sha256:ec79ff6159dffcc30853b2ad612ed572af86c92b5168aa3fc01a67b0fa40665e", + "sha256:f0936e08e0003f66bfd97e74ee530427707297b0d0361247e9b4f59ab78ddc8b", + "sha256:f26a07a6e877c76a88e3cecac8531908d980d3d5067ff69213653649ec0f60ad", + "sha256:f64e376cd20d3f030190e8c32e1c64582eba56ac6dc7d5b0b49a9d44021b52fd", + "sha256:f6ffbc252eb0d229aeb2f9ad051200668fc3a9aaa8994e49f0cb2ffe2b7867e7", + "sha256:f9a7c509542db4eceed3dcf21ee5267ab565a83555c9b88a8109dcecc4709002", + "sha256:ff1d0899f104f3921d94579a5638847f783c9b04f2d5f229392ca77fba5b82fc" + ], + "markers": "python_version >= '3.8'", + "version": "==1.0.7" + }, "mypy-extensions": { "hashes": [ "sha256:4392f6c0eb8a5668a69e23d168ffa70f0be9ccfd32b5cc2d26a34ae5b844552d", @@ -1379,6 +1524,15 @@ "markers": "python_version >= '3.7'", "version": "==0.11.2" }, + "pdm": { + "hashes": [ + "sha256:46dafc8a4fe268c46479876e52c6967f7a9aa385e1e574e64248670a37b358ff", + "sha256:9caad0bc4a2ee8de02e39c673a142b47c170091908a584ed2024854be08cdf13" + ], + "index": "pypi", + "markers": "python_version >= '3.7'", + "version": "==2.10.3" + }, "platformdirs": { "hashes": [ "sha256:cf8ee52a3afdb965072dcc652433e0c7e3e40cf5ea1477cd4b3b1d2eb75495b3", @@ -1420,6 +1574,14 @@ "markers": "python_version >= '3.8'", "version": "==3.1.0" }, + "pygments": { + "hashes": [ + "sha256:1b37f1b1e1bff2af52ecaf28cc601e2ef7077000b227a0675da25aef85784bc4", + "sha256:e45a0e74bf9c530f564ca81b8952343be986a29f6afe7f5ad95c5f06b7bdf5e8" + ], + "markers": "python_version >= '3.7'", + "version": "==2.17.1" + }, "pyproject-api": { "hashes": [ "sha256:1817dc018adc0d1ff9ca1ed8c60e1623d5aaca40814b953af14a9cf9a5cae538", @@ -1428,6 +1590,14 @@ "markers": "python_version >= '3.8'", "version": "==1.6.1" }, + "pyproject-hooks": { + "hashes": [ + "sha256:283c11acd6b928d2f6a7c73fa0d01cb2bdc5f07c57a2eeb6e83d5e56b97976f8", + "sha256:f271b298b97f5955d53fb12b72c1fb1948c22c1a6b70b315c54cedaca0264ef5" + ], + "markers": "python_version >= '3.7'", + "version": "==1.0.0" + }, "pytest": { "hashes": [ "sha256:0d009c083ea859a71b76adf7c1d502e4bc170b80a8ef002da5806527b9591fac", @@ -1437,6 +1607,14 @@ "markers": "python_version >= '3.7'", "version": "==7.4.3" }, + "python-dotenv": { + "hashes": [ + "sha256:32b2bdc1873fd3a3c346da1c6db83d0053c3c62f28f1f38516070c4c8971b1d3", + "sha256:a5de49a31e953b45ff2d2fd434bbc2670e8db5273606c1e737cc6b93eff3655f" + ], + "markers": "python_version >= '3.5'", + "version": "==0.19.2" + }, "pyyaml": { "hashes": [ "sha256:04ac92ad1925b2cff1db0cfebffb6ffc43457495c9b3c39d3fcae417d7125dc5", @@ -1493,6 +1671,37 @@ "markers": "python_version >= '3.6'", "version": "==6.0.1" }, + "requests": { + "hashes": [ + "sha256:68d7c56fd5a8999887728ef304a6d12edc7be74f1cfa47714fc8b414525c9a61", + "sha256:f22fa1e554c9ddfd16e6e41ac79759e17be9e492b3587efa038054674760e72d" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", + "version": "==2.27.1" + }, + "requests-toolbelt": { + "hashes": [ + "sha256:7681a0a3d047012b5bdc0ee37d7f8f07ebe76ab08caeccfc3921ce23c88d5bc6", + "sha256:cccfdd665f0a24fcf4726e690f65639d272bb0637b9b92dfd91a5568ccf6bd06" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'", + "version": "==1.0.0" + }, + "resolvelib": { + "hashes": [ + "sha256:04ce76cbd63fded2078ce224785da6ecd42b9564b1390793f64ddecbe997b309", + "sha256:d2da45d1a8dfee81bdd591647783e340ef3bcb104b54c383f70d422ef5cc7dbf" + ], + "version": "==1.0.1" + }, + "rich": { + "hashes": [ + "sha256:5cb5123b5cf9ee70584244246816e9114227e0b98ad9176eede6ad54bf5403fa", + "sha256:6da14c108c4866ee9520bbffa71f6fe3962e193b7da68720583850cd4548e235" + ], + "markers": "python_full_version >= '3.7.0'", + "version": "==13.7.0" + }, "setuptools": { "hashes": [ "sha256:6875bbd06382d857b1b90cd07cee6a2df701a164f241095706b5192bc56c5c62", @@ -1501,6 +1710,14 @@ "markers": "python_version >= '3.8'", "version": "==69.0.1" }, + "shellingham": { + "hashes": [ + "sha256:7ecfff8f2fd72616f7481040475a65b2bf8af90a56c89140852d1120324e8686", + "sha256:8dbca0739d487e5bd35ab3ca4b36e11c4078f3a234bfce294b0a0291363404de" + ], + "markers": "python_version >= '3.7'", + "version": "==1.5.4" + }, "tomli": { "hashes": [ "sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc", @@ -1509,6 +1726,14 @@ "markers": "python_version < '3.11'", "version": "==2.0.1" }, + "tomlkit": { + "hashes": [ + "sha256:75baf5012d06501f07bee5bf8e801b9f343e7aac5a92581f20f80ce632e6b5a4", + "sha256:b0a645a9156dc7cb5d3a1f0d4bab66db287fcb8e0430bdd4664a095ea16414ba" + ], + "markers": "python_version >= '3.7'", + "version": "==0.12.3" + }, "tox": { "hashes": [ "sha256:5039f68276461fae6a9452a3b2c7295798f00a0e92edcd9a3b78ba1a73577951", @@ -1526,6 +1751,22 @@ "markers": "python_version >= '3.8'", "version": "==4.8.0" }, + "unearth": { + "hashes": [ + "sha256:4caad941b60f51e50fdc109866234d407910aef77f1233aa1b6b5d168c7427ee", + "sha256:a5a5c51ca44965cbe3618116bd592bb0bbe3705af5fe14e5792660d904aad7c8" + ], + "markers": "python_version >= '3.7'", + "version": "==0.12.1" + }, + "urllib3": { + "hashes": [ + "sha256:34b97092d7e0a3a8cf7cd10e386f401b3737364026c45e622aa02903dffe0f07", + "sha256:f8ecc1bba5667413457c529ab955bf8c67b45db799d159066261719e328580a0" + ], + "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3, 3.4, 3.5'", + "version": "==1.26.18" + }, "virtualenv": { "hashes": [ "sha256:02ece4f56fbf939dbbc33c0715159951d6bf14aaf5457b092e4548e1382455af", @@ -1533,6 +1774,14 @@ ], "markers": "python_version >= '3.7'", "version": "==20.24.6" + }, + "zipp": { + "hashes": [ + "sha256:0e923e726174922dce09c53c59ad483ff7bbb8e572e00c7f7c46b88556409f31", + "sha256:84e64a1c28cf7e91ed2078bb8cc8c259cb19b76942096c8d7b84947690cabaf0" + ], + "markers": "python_version >= '3.8'", + "version": "==3.17.0" } } } diff --git a/README.md b/README.md index 1ea31ba..7743710 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,5 @@ # physrisk-api + API service for the OS-Climate physical risk tool ![Build Status](https://github.com/os-climate/physrisk-api/actions/workflows/ci.yml/badge.svg?branch=main) @@ -6,5 +7,6 @@ API service for the OS-Climate physical risk tool - [Source](https://github.com/os-climate/physrisk-api) ## License + This program is free software: you can redistribute it and/or modify it under the terms of the Apache 2.0 License as published by Apache. diff --git a/docker-compose.yml b/docker-compose.yml index ed5b906..42ffe7c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,3 +1,4 @@ +--- version: '2' services: @@ -12,6 +13,6 @@ services: build: ./nginx container_name: nginx ports: - - "8443:8443" + - '8443:8443' depends_on: - web diff --git a/scripts/pipaudit.sh b/scripts/pipaudit.sh new file mode 100755 index 0000000..9b20784 --- /dev/null +++ b/scripts/pipaudit.sh @@ -0,0 +1,43 @@ +#!/bin/bash + +# set -x + +status_code="0" + +#Β Process commmand-line arguments +if [ $# -eq 0 ]; then + TARGET=$(pwd) +elif [ $# -eq 1 ]; then + TARGET="$1" +fi + +cleanup_tmp() { + # Only clean the temp directory if it was used + if [ -f /tmp/"${TAPLO_BIN}" ] || [ -f /tmp/"${TAPLO_GZIP}" ]; then + echo "Cleaning up..." + rm /tmp/"${TAPLO_BIN}"* + fi +} + +run_pipaudit() { + pip-audit . +} + +install_pipaudit() { + pip install --upgrade pip-audit || true + AUDIT_BIN=$(which pip-audit) + if [ ! -x "${AUDIT_BIN}" ]; then + echo "Install failed: pip-audit tool could not be installed [pip-audit]" + status_code="1" + else + # To avoid execution when sourcing this script for testing + [ "$0" = "${BASH_SOURCE[0]}" ] && run_pipaudit "$@" + fi +} + + + +install_pipaudit + +cleanup_tmp +exit $status_code