From 3c876c118336861df5238e65c6b36b583d5bb61d Mon Sep 17 00:00:00 2001 From: Sean Kelly Date: Wed, 15 Sep 2021 18:12:56 -0500 Subject: [PATCH] NASA-PDS/devops#10 --- .pre-commit-config.yaml | 13 +++ Dockerfile | 44 +++++++-- LICENSE.md | 194 ++++++++++++++++++++++++++++++++++++++ LICENSE.txt | 202 ---------------------------------------- NOTICE.txt | 2 +- README.md | 126 ++++++++++++++----------- SECURITY.md | 23 +++++ docker-compose.yml | 30 ++++++ features/environment.py | 6 +- requirements.txt | 43 --------- requirements_dev.txt | 6 -- setup.cfg | 15 ++- 12 files changed, 381 insertions(+), 323 deletions(-) create mode 100644 LICENSE.md delete mode 100644 LICENSE.txt create mode 100644 SECURITY.md delete mode 100644 requirements.txt delete mode 100644 requirements_dev.txt diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index f6568a9a..40a22fa0 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -21,6 +21,19 @@ repos: hooks: - id: mypy files: ^src/|tests/ + # 😔 These `additional_dependencies` mirror those in the `dev` extra of `setup.cfg` and are needed + # to run `mypy` under `tox`. This violates "DRY" but we don't have a better way of doing this—yet. + additional_dependencies: [ + lxml-stubs, + pandas-stubs, + types-flask, + types-jsonschema, + types-pkg_resources, + types-python-dateutil, + types-requests, + types-six, + types-waitress + ] - repo: https://github.com/python/black rev: 21.7b0 diff --git a/Dockerfile b/Dockerfile index 96521b20..d9de1781 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,16 +1,42 @@ -FROM python:3.7-slim +# Copyright © 2021, California Institute of Technology ("Caltech"). +# U.S. Government sponsorship acknowledged. +# +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# • Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# • Redistributions must reproduce the above copyright notice, this list of +# conditions and the following disclaimer in the documentation and/or other +# materials provided with the distribution. +# • Neither the name of Caltech nor its operating division, the Jet Propulsion +# Laboratory, nor the names of its contributors may be used to endorse or +# promote products derived from this software without specific prior written +# permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. -RUN mkdir -p /usr/src/app -WORKDIR /usr/src/app - -COPY requirements.txt /usr/src/app/ +FROM python:3.9-slim -RUN pip3 install --no-cache-dir -r requirements.txt +RUN mkdir --parents /usr/src/app +WORKDIR /usr/src/app -COPY ./pds_doi_service /usr/src/app/pds_doi_service +COPY setup.py setup.cfg versioneer.py /usr/src/app/ +COPY src/ /usr/src/app/src/ +RUN pip3 install --no-cache-dir /usr/src/app EXPOSE 8080 - ENTRYPOINT ["python3"] - CMD ["-m", "pds_doi_service.api"] diff --git a/LICENSE.md b/LICENSE.md new file mode 100644 index 00000000..b62a9b5f --- /dev/null +++ b/LICENSE.md @@ -0,0 +1,194 @@ +Apache License +============== + +_Version 2.0, January 2004_ +_<>_ + +### Terms and Conditions for use, reproduction, and distribution + +#### 1. Definitions + +“License” shall mean the terms and conditions for use, reproduction, and +distribution as defined by Sections 1 through 9 of this document. + +“Licensor” shall mean the copyright owner or entity authorized by the copyright +owner that is granting the License. + +“Legal Entity” shall mean the union of the acting entity and all other entities +that control, are controlled by, or are under common control with that entity. +For the purposes of this definition, “control” means **(i)** the power, direct or +indirect, to cause the direction or management of such entity, whether by +contract or otherwise, or **(ii)** ownership of fifty percent (50%) or more of the +outstanding shares, or **(iii)** beneficial ownership of such entity. + +“You” (or “Your”) shall mean an individual or Legal Entity exercising +permissions granted by this License. + +“Source” form shall mean the preferred form for making modifications, including +but not limited to software source code, documentation source, and configuration +files. + +“Object” form shall mean any form resulting from mechanical transformation or +translation of a Source form, including but not limited to compiled object code, +generated documentation, and conversions to other media types. + +“Work” shall mean the work of authorship, whether in Source or Object form, made +available under the License, as indicated by a copyright notice that is included +in or attached to the work (an example is provided in the Appendix below). + +“Derivative Works” shall mean any work, whether in Source or Object form, that +is based on (or derived from) the Work and for which the editorial revisions, +annotations, elaborations, or other modifications represent, as a whole, an +original work of authorship. For the purposes of this License, Derivative Works +shall not include works that remain separable from, or merely link (or bind by +name) to the interfaces of, the Work and Derivative Works thereof. + +“Contribution” shall mean any work of authorship, including the original version +of the Work and any modifications or additions to that Work or Derivative Works +thereof, that is intentionally submitted to Licensor for inclusion in the Work +by the copyright owner or by an individual or Legal Entity authorized to submit +on behalf of the copyright owner. For the purposes of this definition, +“submitted” means any form of electronic, verbal, or written communication sent +to the Licensor or its representatives, including but not limited to +communication on electronic mailing lists, source code control systems, and +issue tracking systems that are managed by, or on behalf of, the Licensor for +the purpose of discussing and improving the Work, but excluding communication +that is conspicuously marked or otherwise designated in writing by the copyright +owner as “Not a Contribution.” + +“Contributor” shall mean Licensor and any individual or Legal Entity on behalf +of whom a Contribution has been received by Licensor and subsequently +incorporated within the Work. + +#### 2. Grant of Copyright License + +Subject to the terms and conditions of this License, each Contributor hereby +grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, +irrevocable copyright license to reproduce, prepare Derivative Works of, +publicly display, publicly perform, sublicense, and distribute the Work and such +Derivative Works in Source or Object form. + +#### 3. Grant of Patent License + +Subject to the terms and conditions of this License, each Contributor hereby +grants to You a perpetual, worldwide, non-exclusive, no-charge, royalty-free, +irrevocable (except as stated in this section) patent license to make, have +made, use, offer to sell, sell, import, and otherwise transfer the Work, where +such license applies only to those patent claims licensable by such Contributor +that are necessarily infringed by their Contribution(s) alone or by combination +of their Contribution(s) with the Work to which such Contribution(s) was +submitted. If You institute patent litigation against any entity (including a +cross-claim or counterclaim in a lawsuit) alleging that the Work or a +Contribution incorporated within the Work constitutes direct or contributory +patent infringement, then any patent licenses granted to You under this License +for that Work shall terminate as of the date such litigation is filed. + +#### 4. Redistribution + +You may reproduce and distribute copies of the Work or Derivative Works thereof +in any medium, with or without modifications, and in Source or Object form, +provided that You meet the following conditions: + +* **(a)** You must give any other recipients of the Work or Derivative Works a copy of +this License; and +* **(b)** You must cause any modified files to carry prominent notices stating that You +changed the files; and +* **(c)** You must retain, in the Source form of any Derivative Works that You distribute, +all copyright, patent, trademark, and attribution notices from the Source form +of the Work, excluding those notices that do not pertain to any part of the +Derivative Works; and +* **(d)** If the Work includes a “NOTICE” text file as part of its distribution, then any +Derivative Works that You distribute must include a readable copy of the +attribution notices contained within such NOTICE file, excluding those notices +that do not pertain to any part of the Derivative Works, in at least one of the +following places: within a NOTICE text file distributed as part of the +Derivative Works; within the Source form or documentation, if provided along +with the Derivative Works; or, within a display generated by the Derivative +Works, if and wherever such third-party notices normally appear. The contents of +the NOTICE file are for informational purposes only and do not modify the +License. You may add Your own attribution notices within Derivative Works that +You distribute, alongside or as an addendum to the NOTICE text from the Work, +provided that such additional attribution notices cannot be construed as +modifying the License. + +You may add Your own copyright statement to Your modifications and may provide +additional or different license terms and conditions for use, reproduction, or +distribution of Your modifications, or for any such Derivative Works as a whole, +provided Your use, reproduction, and distribution of the Work otherwise complies +with the conditions stated in this License. + +#### 5. Submission of Contributions + +Unless You explicitly state otherwise, any Contribution intentionally submitted +for inclusion in the Work by You to the Licensor shall be under the terms and +conditions of this License, without any additional terms or conditions. +Notwithstanding the above, nothing herein shall supersede or modify the terms of +any separate license agreement you may have executed with Licensor regarding +such Contributions. + +#### 6. Trademarks + +This License does not grant permission to use the trade names, trademarks, +service marks, or product names of the Licensor, except as required for +reasonable and customary use in describing the origin of the Work and +reproducing the content of the NOTICE file. + +#### 7. Disclaimer of Warranty + +Unless required by applicable law or agreed to in writing, Licensor provides the +Work (and each Contributor provides its Contributions) on an “AS IS” BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, +including, without limitation, any warranties or conditions of TITLE, +NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are +solely responsible for determining the appropriateness of using or +redistributing the Work and assume any risks associated with Your exercise of +permissions under this License. + +#### 8. Limitation of Liability + +In no event and under no legal theory, whether in tort (including negligence), +contract, or otherwise, unless required by applicable law (such as deliberate +and grossly negligent acts) or agreed to in writing, shall any Contributor be +liable to You for damages, including any direct, indirect, special, incidental, +or consequential damages of any character arising as a result of this License or +out of the use or inability to use the Work (including but not limited to +damages for loss of goodwill, work stoppage, computer failure or malfunction, or +any and all other commercial damages or losses), even if such Contributor has +been advised of the possibility of such damages. + +#### 9. Accepting Warranty or Additional Liability + +While redistributing the Work or Derivative Works thereof, You may choose to +offer, and charge a fee for, acceptance of support, warranty, indemnity, or +other liability obligations and/or rights consistent with this License. However, +in accepting such obligations, You may act only on Your own behalf and on Your +sole responsibility, not on behalf of any other Contributor, and only if You +agree to indemnify, defend, and hold each Contributor harmless for any liability +incurred by, or claims asserted against, such Contributor by reason of your +accepting any such warranty or additional liability. + +_END OF TERMS AND CONDITIONS_ + +### APPENDIX: How to apply the Apache License to your work + +To apply the Apache License to your work, attach the following boilerplate +notice, with the fields enclosed by brackets `[]` replaced with your own +identifying information. (Don't include the brackets!) The text should be +enclosed in the appropriate comment syntax for the file format. We also +recommend that a file or class name and description of purpose be included on +the same “printed page” as the copyright notice for easier identification within +third-party archives. + + Copyright [yyyy] [name of copyright owner] + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/LICENSE.txt b/LICENSE.txt deleted file mode 100644 index 816fe7be..00000000 --- a/LICENSE.txt +++ /dev/null @@ -1,202 +0,0 @@ - - Apache License - Version 2.0, January 2004 - http://www.apache.org/licenses/ - - TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION - - 1. Definitions. - - "License" shall mean the terms and conditions for use, reproduction, - and distribution as defined by Sections 1 through 9 of this document. - - "Licensor" shall mean the copyright owner or entity authorized by - the copyright owner that is granting the License. - - "Legal Entity" shall mean the union of the acting entity and all - other entities that control, are controlled by, or are under common - control with that entity. For the purposes of this definition, - "control" means (i) the power, direct or indirect, to cause the - direction or management of such entity, whether by contract or - otherwise, or (ii) ownership of fifty percent (50%) or more of the - outstanding shares, or (iii) beneficial ownership of such entity. - - "You" (or "Your") shall mean an individual or Legal Entity - exercising permissions granted by this License. - - "Source" form shall mean the preferred form for making modifications, - including but not limited to software source code, documentation - source, and configuration files. - - "Object" form shall mean any form resulting from mechanical - transformation or translation of a Source form, including but - not limited to compiled object code, generated documentation, - and conversions to other media types. - - "Work" shall mean the work of authorship, whether in Source or - Object form, made available under the License, as indicated by a - copyright notice that is included in or attached to the work - (an example is provided in the Appendix below). - - "Derivative Works" shall mean any work, whether in Source or Object - form, that is based on (or derived from) the Work and for which the - editorial revisions, annotations, elaborations, or other modifications - represent, as a whole, an original work of authorship. For the purposes - of this License, Derivative Works shall not include works that remain - separable from, or merely link (or bind by name) to the interfaces of, - the Work and Derivative Works thereof. - - "Contribution" shall mean any work of authorship, including - the original version of the Work and any modifications or additions - to that Work or Derivative Works thereof, that is intentionally - submitted to Licensor for inclusion in the Work by the copyright owner - or by an individual or Legal Entity authorized to submit on behalf of - the copyright owner. For the purposes of this definition, "submitted" - means any form of electronic, verbal, or written communication sent - to the Licensor or its representatives, including but not limited to - communication on electronic mailing lists, source code control systems, - and issue tracking systems that are managed by, or on behalf of, the - Licensor for the purpose of discussing and improving the Work, but - excluding communication that is conspicuously marked or otherwise - designated in writing by the copyright owner as "Not a Contribution." - - "Contributor" shall mean Licensor and any individual or Legal Entity - on behalf of whom a Contribution has been received by Licensor and - subsequently incorporated within the Work. - - 2. Grant of Copyright License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - copyright license to reproduce, prepare Derivative Works of, - publicly display, publicly perform, sublicense, and distribute the - Work and such Derivative Works in Source or Object form. - - 3. Grant of Patent License. Subject to the terms and conditions of - this License, each Contributor hereby grants to You a perpetual, - worldwide, non-exclusive, no-charge, royalty-free, irrevocable - (except as stated in this section) patent license to make, have made, - use, offer to sell, sell, import, and otherwise transfer the Work, - where such license applies only to those patent claims licensable - by such Contributor that are necessarily infringed by their - Contribution(s) alone or by combination of their Contribution(s) - with the Work to which such Contribution(s) was submitted. If You - institute patent litigation against any entity (including a - cross-claim or counterclaim in a lawsuit) alleging that the Work - or a Contribution incorporated within the Work constitutes direct - or contributory patent infringement, then any patent licenses - granted to You under this License for that Work shall terminate - as of the date such litigation is filed. - - 4. Redistribution. You may reproduce and distribute copies of the - Work or Derivative Works thereof in any medium, with or without - modifications, and in Source or Object form, provided that You - meet the following conditions: - - (a) You must give any other recipients of the Work or - Derivative Works a copy of this License; and - - (b) You must cause any modified files to carry prominent notices - stating that You changed the files; and - - (c) You must retain, in the Source form of any Derivative Works - that You distribute, all copyright, patent, trademark, and - attribution notices from the Source form of the Work, - excluding those notices that do not pertain to any part of - the Derivative Works; and - - (d) If the Work includes a "NOTICE" text file as part of its - distribution, then any Derivative Works that You distribute must - include a readable copy of the attribution notices contained - within such NOTICE file, excluding those notices that do not - pertain to any part of the Derivative Works, in at least one - of the following places: within a NOTICE text file distributed - as part of the Derivative Works; within the Source form or - documentation, if provided along with the Derivative Works; or, - within a display generated by the Derivative Works, if and - wherever such third-party notices normally appear. The contents - of the NOTICE file are for informational purposes only and - do not modify the License. You may add Your own attribution - notices within Derivative Works that You distribute, alongside - or as an addendum to the NOTICE text from the Work, provided - that such additional attribution notices cannot be construed - as modifying the License. - - You may add Your own copyright statement to Your modifications and - may provide additional or different license terms and conditions - for use, reproduction, or distribution of Your modifications, or - for any such Derivative Works as a whole, provided Your use, - reproduction, and distribution of the Work otherwise complies with - the conditions stated in this License. - - 5. Submission of Contributions. Unless You explicitly state otherwise, - any Contribution intentionally submitted for inclusion in the Work - by You to the Licensor shall be under the terms and conditions of - this License, without any additional terms or conditions. - Notwithstanding the above, nothing herein shall supersede or modify - the terms of any separate license agreement you may have executed - with Licensor regarding such Contributions. - - 6. Trademarks. This License does not grant permission to use the trade - names, trademarks, service marks, or product names of the Licensor, - except as required for reasonable and customary use in describing the - origin of the Work and reproducing the content of the NOTICE file. - - 7. Disclaimer of Warranty. Unless required by applicable law or - agreed to in writing, Licensor provides the Work (and each - Contributor provides its Contributions) on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or - implied, including, without limitation, any warranties or conditions - of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A - PARTICULAR PURPOSE. You are solely responsible for determining the - appropriateness of using or redistributing the Work and assume any - risks associated with Your exercise of permissions under this License. - - 8. Limitation of Liability. In no event and under no legal theory, - whether in tort (including negligence), contract, or otherwise, - unless required by applicable law (such as deliberate and grossly - negligent acts) or agreed to in writing, shall any Contributor be - liable to You for damages, including any direct, indirect, special, - incidental, or consequential damages of any character arising as a - result of this License or out of the use or inability to use the - Work (including but not limited to damages for loss of goodwill, - work stoppage, computer failure or malfunction, or any and all - other commercial damages or losses), even if such Contributor - has been advised of the possibility of such damages. - - 9. Accepting Warranty or Additional Liability. While redistributing - the Work or Derivative Works thereof, You may choose to offer, - and charge a fee for, acceptance of support, warranty, indemnity, - or other liability obligations and/or rights consistent with this - License. However, in accepting such obligations, You may act only - on Your own behalf and on Your sole responsibility, not on behalf - of any other Contributor, and only if You agree to indemnify, - defend, and hold each Contributor harmless for any liability - incurred by, or claims asserted against, such Contributor by reason - of your accepting any such warranty or additional liability. - - END OF TERMS AND CONDITIONS - - APPENDIX: How to apply the Apache License to your work. - - To apply the Apache License to your work, attach the following - boilerplate notice, with the fields enclosed by brackets "[]" - replaced with your own identifying information. (Don't include - the brackets!) The text should be enclosed in the appropriate - comment syntax for the file format. We also recommend that a - file or class name and description of purpose be included on the - same "printed page" as the copyright notice for easier - identification within third-party archives. - - Copyright 2019 California Institute of Technology - - Licensed under the Apache License, Version 2.0 (the "License"); - you may not use this file except in compliance with the License. - You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - - Unless required by applicable law or agreed to in writing, software - distributed under the License is distributed on an "AS IS" BASIS, - WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. - See the License for the specific language governing permissions and - limitations under the License. diff --git a/NOTICE.txt b/NOTICE.txt index 778d59ed..7d2963d2 100644 --- a/NOTICE.txt +++ b/NOTICE.txt @@ -1,6 +1,6 @@ PDS DOI SERVICE -Copyright 2020–2021, California Institute of Technology ("Caltech"). +Copyright 2020–2021, California Institute of Technology ("Caltech"). U.S. Government sponsorship acknowledged. All rights reserved. diff --git a/README.md b/README.md index 9be5c08e..9981d18f 100644 --- a/README.md +++ b/README.md @@ -1,45 +1,38 @@ # NASA PDS DOI Service -The PDS DOI Service provides tools for PDS operators to mint [DOI](https://www.doi.org/)s. +The Planetary Data System (PDS) Digital Object Identifier (DOI) Service provides tools for PDS operators to mint [DOI](https://www.doi.org/)s. + ## Prerequisites -- Python 3.7 or above +- Python 3.9 or above - a login to OSTI server + ## User Documentation - https://nasa-pds.github.io/pds-doi-service/ +Please visit the documentation at: https://nasa-pds.github.io/pds-doi-service/ + ## Developers -Get the code and work on a branch +Get the code and work on a branch: git clone ... git checkout -b "#" +Install a Python virtual environment, say in a `venv` directory: -Install virtual env - - pip install virtualenv - python -m venv venv + python3 -m venv venv source venv/bin/activate +Install the package and its dependencies for development into the virtual environment: -Deploy dependencies: - - pip install -r requirements.txt - pip install -r requirements_dev.txt - -or - - pip install -e . - + pip install --editable '.[dev]' -Update your local configuration to access the OSTI test server +Update your local configuration to access the OSTI test server. -Create a file in the base directory of the project named `pds_doi_service.ini`, -the following may be used as a template +Create a file in the base directory of the project named `pds_doi_service.ini`; the following may be used as a template [OSTI] user = @@ -80,44 +73,61 @@ the following may be used as a template ## Launch API server - $ pip install pds-doi-service - $ pds-doi-api +To run the DOI API server, try: + +```console +$ pip install pds-doi-service +$ pds-doi-api +``` The started service documentation is available on http://localhost:8080/PDS_APIs/pds_doi_api/0.1/ui/ -## Running with Docker -To run the server on a Docker container, please execute the following from the root directory: +## Running with Docker -```bash -# building the image -docker build -t pds-doi-service . +To run the server on a Docker container, please execute the following from the package directory: -# starting up a container -docker run -p 8080:8080 pds-doi-service +```console +$ # building the image +$ docker image build --tag pds-doi-service . +$ # starting up a container +$ docker container run --publish 8080:8080 pds-doi-service ``` -However, note that when launching the container via `docker run`, all configuration values are -derived from the default INI file bundled with the repo. To override the configuration, it -is recommended to launch the service via docker-compose: +However, note that when launching the container via `docker container run`, all configuration values are derived from the default INI file bundled with the repo. To override the configuration, it is recommended to launch the service via docker-compose: -```bash -docker-compose up +```console +$ docker compose up ``` -This will launch the DOI Service container using the top-level `docker-compose.yml` file, which -specifies that environment variables be imported from `doi_service.env`. Modify `doi_service.env` -to define any configuration values to override when the service is launched. +This will launch the DOI Service container using the top-level `docker-compose.yml` file, which specifies that environment variables be imported from `doi_service.env`. Modify `doi_service.env` to define any configuration values to override when the service is launched. + ## Test -### Unit tests (for developers) : +Testing details are detailed in this section. + + +### Unit tests (for developers) + +Unit, functional, linting, and documentation build tests are all collected and run under supported Python environments using [tox](https://tox.readthedocs.io/), which is installed automatically into your Python virtual environment when you run `pip install --editable .[dev]`. To launch the full set of tests, simply run: + + tox + +You can also run individual parts of the tests: + +```console +$ tox py39 # Run unit, functional, and integration tests under Python 3.9 +$ tox docs # Build the documentation to see if that works +$ tox lint # Run flake8, mypy, and black code reformatting +``` + +You can also run `pytest`, `sphinx-build`, `mypy`, etc., if that's more your speed. - python setup.py test ### Behavioral testing (for Integration & Testing) -Then you can run the behavioral tests: +Behavioral tests are also pre-installed in the Python virtual environment when you run `pip install --editable .[dev]`. Launch those by running: behave @@ -128,14 +138,17 @@ You can also run them for a nicer reporting: behave -f allure_behave.formatter:AllureFormatter -o ./allure ./features allure service allure -#### To report to testrail +👉 **Note:** This assumes you have [Allure Test Reporting](http://allure.qatools.ru/) framework installed. + + +#### Testrail Reporting -Test reports can be pushed to testrail: https://cae-testrail.jpl.nasa.gov/testrail/ +Test reports can be pushed to [Testrail](https://cae-testrail.jpl.nasa.gov/testrail/) Project: Planetary Data System (PDS) Test suite: pds-doi-service -Set you environment: +Set your environment: export TESTRAIL_USER= export TESTRAIL_KEY= @@ -146,23 +159,30 @@ Run the tests: See the results in https://cae-testrail.jpl.nasa.gov/testrail/index.php?/projects/overview/168 -## Documentation management +👉 **Note:** This assumes you have access to the [Jet Propulsion Laboratory's Testrail installation](https://opencae.jpl.nasa.gov/portal/#/tool-detail/site__18_5_3_83a025f_1554392171681_999533_17603_cover). -### Design : + +## Documentation Management + +Documentation about the documenation is described in this section. + + +### Design See in this repository: -https://github.com/NASA-PDS/pds-doi-service/tree/main/docs + https://github.com/NASA-PDS/pds-doi-service/tree/main/docs + +or the `docs` directory in the source package. + + +### User Documentation -### User documentation +User documentation is managed with Sphinx, which is also installed in your Python virtual environment when you run `pip install --editable .[dev]`. You can use `tox` as described above to make the docs, or by hand at any time by running: -Managed with sphinx + sphinx-build -ab html docs/source docs/build - brew install sphinx-doc - pip install -r requirements_dev.txt - cd docs - sphinx-build -b html source build -a ## Build & Release -The build and release process is managed in github actions. +The build and release process is managed by [GitHub Actions](https://github.com/features/actions) and the [Roundup](https://github.com/NASA-PDS/roundup-action). diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 00000000..4aa8db89 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,23 @@ +# 👮‍♀️ Security Policy + +This document describes the security policy of PDS DOI Service. + + +## 📀 Supported Versions + +The following table describes which versions of the PDS4 Validation Tool are supported and which are not. + +| Version | Supported | +|:--------|:----------:| +| 0.3.1 | ✅ | +| 21.2.0 | ✅ | +| 1.1.1 | ✅ | +| 1.1.0 | ✅ | +| 1.0.0 | ✅ | +| 0.0.3 | ✅ | +| 0.0.2 | ✅ | + + +## 🚨 Reporting a Vulnerability + +To report a vulnerability, [please submit an issue on our tracker](https://github.com/NASA-PDS/pds-doi-service/issues/new?template=vulnerability-issue.md). diff --git a/docker-compose.yml b/docker-compose.yml index f3f26122..276456e5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,3 +1,33 @@ +# Copyright © 2021, California Institute of Technology ("Caltech"). +# U.S. Government sponsorship acknowledged. +# +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are met: +# +# • Redistributions of source code must retain the above copyright notice, +# this list of conditions and the following disclaimer. +# • Redistributions must reproduce the above copyright notice, this list of +# conditions and the following disclaimer in the documentation and/or other +# materials provided with the distribution. +# • Neither the name of Caltech nor its operating division, the Jet Propulsion +# Laboratory, nor the names of its contributors may be used to endorse or +# promote products derived from this software without specific prior written +# permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" +# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE +# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE +# ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE +# LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR +# CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +# SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +# CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +# POSSIBILITY OF SUCH DAMAGE. + version: "3.7" services: diff --git a/features/environment.py b/features/environment.py index 78094431..c55bae9e 100644 --- a/features/environment.py +++ b/features/environment.py @@ -9,6 +9,7 @@ logging.basicConfig(level=logging.DEBUG) logger = logging.getLogger(__name__) + def download_file(url): local_filename = url.split('/')[-1] tmp_dir = 'tests' @@ -35,8 +36,3 @@ def before_all(context): current_branch = Repository('.').head.shorthand testrail_reporter = TestrailReporter(current_branch) context.config.reporters.append(testrail_reporter) - - -#def after_scenario(context): -# if hasattr(context, 'random_lid'): -# del context.random_lid diff --git a/requirements.txt b/requirements.txt deleted file mode 100644 index 44d05352..00000000 --- a/requirements.txt +++ /dev/null @@ -1,43 +0,0 @@ -appdirs>=1.4 -beautifulsoup4==4.8.2 -bs4==0.0.1 -certifi==2020.4.5.1 -chardet==3.0.4 -connexion[swagger-ui] == 2.7.0 -dataclasses==0.7; python_version <= '3.6' -distlib==0.3.1 -filelock==3.0.12 -Flask==1.1.2 -flask-cors==3.0.9 -idna==2.9 -importlib-metadata==1.5.0 -importlib-resources==3.0.0 -jinja2==3.0.1 -jsonschema==3.0.0 -lxml>=4.5 -nltk==3.5 -numpy>=1.18 -openapi-schema-validator==0.1.4 -openpyxl==3.0 -pandas>=1.0 -pystache>=0.5 -python-dateutil>=2.8 -pytz==2020.1 -requests>=2.23 -six>=1.14 -soupsieve>=2.0 -urllib3>=1.25 -waitress==2.0.0 -Werkzeug==0.16.0 -wheel -xlrd>=1.2 -xmlschema==1.5.1 -xmltodict>=0.12 -zipp>=3.1 -# for dev, to be removed when better way is made, in a hurry now:wq -flask_testing==0.8.0 -sphinx-rtd-theme==0.5.0 -sphinx-argparse==0.2.5 -behave==1.2.6 -allure-behave==2.8.13 -behave-testrail-reporter==0.4.0 diff --git a/requirements_dev.txt b/requirements_dev.txt deleted file mode 100644 index f7cd7536..00000000 --- a/requirements_dev.txt +++ /dev/null @@ -1,6 +0,0 @@ -flask_testing==0.8.0 -sphinx-rtd-theme==0.5.0 -sphinx-argparse==0.2.5 -behave==1.2.6 -allure-behave==2.8.13 -behave-testrail-reporter==0.4.0 diff --git a/setup.cfg b/setup.cfg index 86cf24f6..45e71cd4 100644 --- a/setup.cfg +++ b/setup.cfg @@ -91,17 +91,24 @@ dev = behave==1.2.6 allure-behave==2.8.13 behave-testrail-reporter==0.4.0 + pygit2 versioneer - types-python-dateutil - types-pkg_resources lxml-stubs pandas-stubs + types-flask + types-jsonschema + types-pkg_resources + types-python-dateutil types-requests types-six - types-jsonschema - types-flask types-waitress +# 👉 Note: The ``-stubs`` and ``types-`` dependencies above ↑ in the ``dev`` +# extra must be duplicated in ``.pre-commit-config.yaml`` in order for ``tox`` +# to successfully run ``mypy`` to successfully do the static type linting. +# You can run ``mypy`` standalone just fine. This repetition is unfortunate +# but we don't have a way around it right now 😔 + [options.entry_points] console_scripts =