From 25e31d777c1624dc595d563fe1059f8d2346bd21 Mon Sep 17 00:00:00 2001 From: Ethan Wu Date: Sun, 19 Sep 2021 14:59:27 -0700 Subject: [PATCH 1/8] ci: update/pin versions Update python for lint job to 3.9 and use ubuntu-20.04 instead of ubuntu-latest. --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 72058d2..bb48de4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -6,10 +6,10 @@ on: jobs: lint: - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 strategy: matrix: - python-version: [3.8] + python-version: [3.9] steps: - uses: actions/checkout@v2 @@ -29,7 +29,7 @@ jobs: run: poetry run pre-commit run --all-files test: - runs-on: ubuntu-latest + runs-on: ubuntu-20.04 strategy: matrix: python-version: [3.6, 3.7, 3.8, 3.9] From ca87f10e007717994293977e13835ef6d7f20227 Mon Sep 17 00:00:00 2001 From: Ethan Wu Date: Sun, 19 Sep 2021 15:51:00 -0700 Subject: [PATCH 2/8] ci: set up automated publish to PyPI --- .github/workflows/ci.yml | 39 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 39 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index bb48de4..ccde25c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,6 +2,8 @@ name: CI on: push: branches: [master] + tags: + - v* pull_request: jobs: @@ -58,3 +60,40 @@ jobs: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} run: | codecov --token="$CODECOV_TOKEN" + + publish: + runs-on: ubuntu-20.04 + if: startsWith(github.ref, 'refs/tags/v') + needs: + - lint + - test + strategy: + matrix: + python-version: [3.9] # must be a single version + steps: + - uses: actions/checkout@v2 + + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v1 + with: + python-version: ${{ matrix.python-version }} + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + python -m pip install --upgrade poetry + poetry --version + + - name: Check tag is correct + env: + REF: ${{ github.ref }} + run: | + [ $(poetry version -s) = ${REF##refs/tags/v} ] + + - name: Build artifacts + run: poetry build + + - name: Publish + env: + POETRY_PYPI_TOKEN_PYPI: ${{ secrets.PYPI_TOKEN }} + run: poetry publish From aa91c6b7c55cfba71b7ad5b061bcb596e8090d25 Mon Sep 17 00:00:00 2001 From: Ethan Wu Date: Sun, 19 Sep 2021 16:53:48 -0700 Subject: [PATCH 3/8] ci: stop using matrix for single-version jobs For jobs which only run on a single python version (everything except test), do not use the matrix so the version is not in the job name. This way the python version can be updated without needing to change the required status checks list on the GitHub branch protection rule. --- .github/workflows/ci.yml | 14 ++++---------- 1 file changed, 4 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ccde25c..2b5ec18 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -9,16 +9,13 @@ on: jobs: lint: runs-on: ubuntu-20.04 - strategy: - matrix: - python-version: [3.9] steps: - uses: actions/checkout@v2 - - name: Set up Python ${{ matrix.python-version }} + - name: Set up Python uses: actions/setup-python@v1 with: - python-version: ${{ matrix.python-version }} + python-version: 3.9 - name: Install dependencies run: | @@ -67,16 +64,13 @@ jobs: needs: - lint - test - strategy: - matrix: - python-version: [3.9] # must be a single version steps: - uses: actions/checkout@v2 - - name: Set up Python ${{ matrix.python-version }} + - name: Set up Python uses: actions/setup-python@v1 with: - python-version: ${{ matrix.python-version }} + python-version: 3.9 - name: Install dependencies run: | From 38423774d674217755551218b94eeb3fe3ffb03b Mon Sep 17 00:00:00 2001 From: Ethan Wu Date: Sun, 19 Sep 2021 20:35:42 -0700 Subject: [PATCH 4/8] ci: use native GITHUB_REF var Co-authored-by: Philip --- .github/workflows/ci.yml | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2b5ec18..78cf77d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -79,10 +79,8 @@ jobs: poetry --version - name: Check tag is correct - env: - REF: ${{ github.ref }} run: | - [ $(poetry version -s) = ${REF##refs/tags/v} ] + [ $(poetry version -s) = ${GITHUB_REF##refs/tags/v} ] - name: Build artifacts run: poetry build From ebfa7c4903c47edadb93b0e82a02a5224340e981 Mon Sep 17 00:00:00 2001 From: Ethan Wu Date: Sun, 19 Sep 2021 23:48:52 -0700 Subject: [PATCH 5/8] fix(test): use match kwarg to check warning messages Use `pytest.warns` `match` to assert that a warning with the correct message was emitted, instead of obtaining a list of warnings emitted matching a type and asserting on that. This should result in better DX since warnings which match the type but not the message are unaffected by the context manager, and bubble up to pytest instead of causing a (relatively opaque) test failure. The change has the downside of no longer being able to assert that the warning is only emitted once. This is because in Python 3.6 and 3.7, warnings that are normally ignored but raised during a `warns` context manager block still end up in the record, despite being ignored for the purposes of checking whether or not the context manager's assertion succeeded or not. Thus, suppressed warnings will still fail our test if we assert on the length of the record, even though they are otherwise completely ignored (only on these Python versions). This is probably a pytest bug, however I have not yet had the time to see if it is reported or writing up a report. --- tests/challenge/test_config.py | 10 +++------- tests/project/test_assets.py | 10 ++-------- 2 files changed, 5 insertions(+), 15 deletions(-) diff --git a/tests/challenge/test_config.py b/tests/challenge/test_config.py index 72f9e0b..c6588f8 100644 --- a/tests/challenge/test_config.py +++ b/tests/challenge/test_config.py @@ -110,15 +110,11 @@ def test_nonexistent_flag_file(configloader, test_datadir) -> None: def test_warn_multiline_flag(configloader, test_datadir) -> None: - with pytest.warns(RuntimeWarning) as record: + with pytest.warns( + RuntimeWarning, match=r"^Flag contains multiple lines; is this intended\?$" + ): cfg, errors = configloader.check_config(test_datadir / "challenge.yml") assert errors is None - assert len(record) == 1 - assert isinstance(record[0].message, Warning) - assert ( - str(record[0].message.args[0]) - == "Flag contains multiple lines; is this intended?" - ) def test_default_category(configloader, test_datadir) -> None: diff --git a/tests/project/test_assets.py b/tests/project/test_assets.py index 546a574..8f7fd14 100644 --- a/tests/project/test_assets.py +++ b/tests/project/test_assets.py @@ -303,11 +303,8 @@ def test_extra_file(self, datadir: Path, am_fn: assets.AssetManager) -> None: file1 = ctx._root / "files" / "file1" with file1.open("w") as fd: fd.write("abcd") - with pytest.warns(RuntimeWarning) as record: + with pytest.warns(RuntimeWarning, match=r"^Unexpected item found in cache: "): ctx.sync(check=True) - assert len(record) == 1 - assert isinstance(record[0].message, Warning) - assert "Unexpected item found in cache: " in str(record[0].message.args[0]) assert not file1.exists() def test_extra_dir(self, datadir: Path, am_fn: assets.AssetManager) -> None: @@ -315,11 +312,8 @@ def test_extra_dir(self, datadir: Path, am_fn: assets.AssetManager) -> None: ctx = asset_manager.create_context("challenge") dir1 = ctx._root / "files" / "dir1" dir1.mkdir() - with pytest.warns(RuntimeWarning) as record: + with pytest.warns(RuntimeWarning, match=r"^Unexpected item found in cache: "): ctx.sync(check=True) - assert len(record) == 1 - assert isinstance(record[0].message, Warning) - assert "Unexpected item found in cache: " in str(record[0].message.args[0]) assert not dir1.exists() def test_broken_link(self, datadir: Path, am_fn: assets.AssetManager) -> None: From d3d655a59a350042d65476793db84e761de04829 Mon Sep 17 00:00:00 2001 From: Ethan Wu Date: Mon, 20 Sep 2021 00:05:25 -0700 Subject: [PATCH 6/8] chore: release v0.1.4 Closes #166 --- pyproject.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/pyproject.toml b/pyproject.toml index 4e835dd..311542b 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -1,6 +1,6 @@ [tool.poetry] name = "rcds" -version = "0.1.3" +version = "0.1.4" description = "An automated CTF challenge deployment tool" readme = "README.rst" authors = ["redpwn "] From 9641dc0127463d1623bc6e67a08bf2ca009d6ba8 Mon Sep 17 00:00:00 2001 From: Jordan Bertasso <36979824+jordanbertasso@users.noreply.github.com> Date: Thu, 30 Sep 2021 20:14:12 +1000 Subject: [PATCH 7/8] docs: fix typo in challenge.rst --- docs/challenge.rst | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/docs/challenge.rst b/docs/challenge.rst index b0e0378..7226865 100644 --- a/docs/challenge.rst +++ b/docs/challenge.rst @@ -50,9 +50,9 @@ challenge does not exist. Deployment ---------- -In rCDS, you define first define all of the :ref:`containers -` that your challenge needs to run, and then declare how -you want them :ref:`exposed ` to the world. +In rCDS, you first define all of the :ref:`containers ` +that your challenge needs to run, and then declare how you want them +:ref:`exposed ` to the world. ``deployed`` --- whether or not this challenge's containers should be deployed. Defaults to ``true``. From dce8322c55b7a8e6cdd3493fa0008cb6fdfe8f61 Mon Sep 17 00:00:00 2001 From: Tom Plant <21111317+pl4nty@users.noreply.github.com> Date: Sat, 30 Jul 2022 21:51:14 +1000 Subject: [PATCH 8/8] fix(k8s): update ingress API to support k8s >v1.21 Update from v1beta1 to v1, as v1beta1 is removed in v1.22 onwards per https://kubernetes.io/docs/reference/using-api/deprecation-guide/#ingress-v122 --- rcds/backends/k8s/manifests.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rcds/backends/k8s/manifests.py b/rcds/backends/k8s/manifests.py index 8c8bce8..3074917 100644 --- a/rcds/backends/k8s/manifests.py +++ b/rcds/backends/k8s/manifests.py @@ -11,7 +11,7 @@ KIND_TO_API_VERISON = { "Deployment": "apps/v1", "Service": "v1", - "Ingress": "networking.k8s.io/v1beta1", + "Ingress": "networking.k8s.io/v1", "NetworkPolicy": "networking.k8s.io/v1", }