Skip to content

Commit

Permalink
networkio.py,*: Fix get_github_version()
Browse files Browse the repository at this point in the history 
get_github_version() checked for the latest release
chronologically, not the latest release lexically,
meaning that if a new patch revision for an earlier
minor release is released after the latest minor release,
it'll be thought to be the latest release. Thus we might
end up missing important fixes.  This would obviously be bad.

Signed-off-by: David Weinehall <david.weinehall@gmail.com>
  • Loading branch information
@taotriad
taotriad committed Apr 16, 2024
1 parent 9613a01 commit 45b17a2
Show file tree
Hide file tree
Showing 10 changed files with 466 additions and 63 deletions.
396 changes: 396 additions & 0 deletions CHANGELOG/CHANGELOG-0.8.md
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,399 @@
* [v0.8.3](#v083)
* [Downloads](#downloads-for-v083)
* [Source Code](#source-code-for-v083)
* [Distro Packages](#distro-packages-for-v083)
* [General Release Notes](#general-release-notes-for-v083)
* [Urgent Upgrade Notes](#urgent-upgrade-notes-for-v083)
* [Changes by Component](#changes-by-component-in-v083)
* [Changes to _cmt_](#changes-to-cmt-in-v083)
* [Changes to _cmtadm_](#changes-to-cmtadm-in-v083)
* [Changes to _cmtinv_](#changes-to-cmtinv-in-v083)
* [Changes to _cmu_](#changes-to-cmu-in-v083)
* [Changes to other files](#changes-to-other-files-in-v083)
* [Fixed Issues](#fixed-issues-in-v083)
* [Known Regressions](#known-regressions-in-v083)
* [Dependencies](#dependencies-for-v083)
* [Test Results](#test-results-for-v083)
* [Bandit](#bandit-results-for-v083)
* [Coverage](#coverage-results-for-v083)
* [Flake8](#flake8-results-for-v083)
* [Pylint](#pylint-results-for-v083)
* [Regexploit](#regexploit-results-for-v083)
* [Ruff](#ruff-results-for-v083)
* [Semgrep](#semgrep-results-for-v083)
* [validate_playbooks](#validate_playbooks-results-for-v083)
* [validate_yaml](#validate_yaml-results-for-v083)
* [YAMLlint](#yamllint-results-for-v083)

# v0.8.3

## Downloads for v0.8.3

### Source Code for v0.8.3

CMT v0.8.3 does not include source code tarballs. It is just a git tag.
We aim for CMT v0.9.0 to be the first release with source code tarballs.

<!--
| Filename | sha512 hash |
| -------- | ----------- |
| [fixme](https://fixme) | `fixme` |
-->

### Distro packages for v0.8.3

CMT v0.8.3 does not include distro packages. It is just a git tag.
We aim for CMT v0.9.0 to be the first release with distro packages.

<!--
| Filename | sha512 hash |
| -------- | ----------- |
| [fixme](https://fixme) (Debian 11+ amd64 / Ubuntu 22.04+) | `fixme` |
| [fixme](https://fixme) (RHEL 9+ amd64) | `fixme` |
| [fixme](https://fixme) (SLES/openSUSE 15.4+ amd64) | `fixme` |
-->

## General Release Notes for v0.8.3

This is a tagged release of __Cluster Management Toolkit for Kubernetes__ (CMT).
It provides support for setting up Kubernetes clusters either using templates (recommended)
or step by step.

It also provides tools for managing the underlying hosts (and, optionally, hosts
that are not part of the cluster) using Ansible.

Finally it contains a Curses-based user interface (`cmu`) that provides an overview
of the cluster objects and their relations; for instance the user interface provides
links from the Pod view directly to its controller, config maps, logs, namespace,
secrets, etc.

## Urgent Upgrade Notes for v0.8.3

This release fixes the check for new github-releases of Kubernetes and other components.

## Changes by Component in v0.8.3

### Changes to _cmt_ in v0.8.3

* The github-release check is now correct.

### Changes to _cmtadm_ in v0.8.3

* The github-release check is now correct.

### Changes to _cmtinv_ in v0.8.3

No changes.

### Changes to _cmu_ in v0.8.3

No changes.

### Changes to other files in v0.8.3

* `sources/helm.yaml` + `views/__VersionData.yaml`: show version information for Helm (if installed).

## Fixed Issues in v0.8.3

The check for new github-releases of Kubernetes and other components.

## Known Regressions in v0.8.3

Pylint fails to test the executables; this is an issue in Pylint though, not in CMT.

## Known Issues in v0.8.3

* The UI flickers until data has been populated; it can also flicker in certain other scenarios.
* The version data view in the UI does not refresh the version data.
The version data can be refreshed using `cmtadm cv`.
* Installing to the system path is currently not supported.

## Dependencies for v0.8.3

### Python

| PIP Name | Minimum Version | Note |
| -------------- | --------------- | --------------------------------------- |
| ansible-runner | 2.1.3 | openSUSE/SLES/RHEL, unsupported distros |
| cryptography | | openSUSE, unsupported distros |
| natsort | 8.0.2 | openSUSE/SLES/RHEL, unsupported distros |
| paramiko | | openSUSE/SLES/RHEL, unsupported distros |
| PyYAML | 6.0 | Unsupported distros |
| ujson | 5.4.0 | openSUSE/SLES/RHEL, unsupported distros |
| urllib3 | 1.26.18 | openSUSE/SLES, unsupported distros |
| validators | 0.22.0 | openSUSE/SLES/RHEL, unsupported distros |

### Distro Packages

| Package Name | Distro |
| ---------------------- | ------------------ |
| ansible | Debian/Ubuntu/SUSE |
| python3-ansible-runner | Debian/Ubuntu |
| python3-cryptographya | Debian/RHEL/Ubuntu |
| python3-natsort | Debian/Ubuntu |
| python3-paramiko | Debian/Ubuntu |
| python3-pip | Debian/Ubuntu |
| python3-pyyaml | RHEL |
| python3-ujson | Debian/Ubuntu |
| python3-urllib3 | Debian/Ubuntu/RHEL |
| python3-validators | Debian/Ubuntu |
| python3-yaml | Debian/Ubuntu |
| sshpass | All |

### Manual Installation or Unknown Distro Packages

| Software | Distro |
| -------- | ------------------- |
| ansible | Unsupported distros |
| sshpass | Unsupported distros |

## Test Results for v0.8.3

Before release the code quality has been checked with _pylint_, _flake8_, _mypy_, and _ruff_.
The code has been checked for security issues using _bandit_, _regexploit_, and _semgrep_.
The _Ansible_ playbooks have been checked using _ansible-lint_.
YAML-files have been checked using _yamllint_ and validated against predefined schemas.
Unit-test coverage has been measured using _python3-coverage_.

The results of these tests are as follows:

### Bandit Results for v0.8.3

Commandline: `bandit -c .bandit`.
Execute with `make bandit`.

Output:

```
Test results:
No issues identified.
Code scanned:
Total lines of code: 71473
Total lines skipped (#nosec): 15
Run metrics:
Total issues (by severity):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Total issues (by confidence):
Undefined: 0.0
Low: 0.0
Medium: 0.0
High: 0.0
Files skipped (0):
```

### Coverage Results for v0.8.3

Commandline: `python3-coverage run --branch --append <file> && python3-coverage report --sort cover --precision 1`.

Execute with:

```
make coverage
make coverage-ansible
make coverage-cluster
```

Output:

```
Name Stmts Miss Branch BrPart Cover
--------------------------------------------------------------
listgetters_async.py 119 100 58 0 10.7%
listgetters.py 1169 961 634 17 15.0%
curses_helper.py 2393 1832 1118 68 19.2%
checks.py 609 457 226 28 19.6%
networkio.py 288 218 149 6 21.1%
itemgetters.py 443 323 254 0 23.8%
logparser.py 1898 1282 1055 30 27.9%
generators.py 740 494 390 5 30.2%
infogetters.py 420 288 208 2 33.4%
kubernetes_helper.py 1433 852 748 103 33.7%
fieldgetters.py 80 39 46 11 41.3%
datagetters.py 274 148 142 11 42.5%
formatters.py 767 324 408 29 54.6%
ansible_helper.py 796 199 488 27 73.8%
cmtlib.py 604 106 346 28 80.2%
cmtio.py 423 35 240 17 91.0%
reexecutor.py 72 2 34 3 95.3%
ansithemeprint.py 211 1 80 3 98.6%
cmtvalidators.py 324 1 200 1 99.6%
commandparser.py 411 0 254 1 99.8%
about.py 19 0 0 0 100.0%
cmtio_yaml.py 34 0 6 0 100.0%
cmtpaths.py 80 0 0 0 100.0%
cmttypes.py 468 0 178 0 100.0%
cni_data.py 38 0 8 0 100.0%
helptexts.py 23 0 0 0 100.0%
kubernetes_resources.py 4 0 0 0 100.0%
objgetters.py 55 0 12 0 100.0%
pvtypes.py 2 0 0 0 100.0%
recommended_permissions.py 11 0 0 0 100.0%
--------------------------------------------------------------
TOTAL 14208 7662 7282 390 42.8%
```


### Flake8 Results for v0.8.3

Commandline: `flake8 --max-line-length 100 --ignore F841,W503 --statistics`.
Execute with `make flake8`.

Output:

No output.

### mypy Results for v0.8.3

Commandline: `mypy --ignore-missing --disallow-untyped-calls --disallow-untyped-defs --disallow-incomplete-defs --check-untyped-defs --disallow-untyped-decorators`.
Execute with `make mypy-markdown`.

| Source file | Score |
| ----------------------- | ------------------------------------------------------- |
| cmt | Success: no issues found in 1 source file |
| cmtadm | Success: no issues found in 1 source file |
| cmt-install | Success: no issues found in 1 source file |
| cmtinv | Success: no issues found in 1 source file |
| cmu | __Found 545 errors in 2 files (checked 1 source file)__ |
| about.py | Success: no issues found in 1 source file |
| ansible_helper.py | Success: no issues found in 1 source file |
| ansithemeprint.py | Success: no issues found in 1 source file |
| checks.py | Success: no issues found in 1 source file |
| cmtio.py | Success: no issues found in 1 source file |
| cmtio_yaml.py | Success: no issues found in 1 source file |
| cmtlib.py | Success: no issues found in 1 source file |
| cmtpaths.py | Success: no issues found in 1 source file |
| cmttypes.py | Success: no issues found in 1 source file |
| cmtvalidators.py | Success: no issues found in 1 source file |
| cni_data.py | Success: no issues found in 1 source file |
| commandparser.py | Success: no issues found in 1 source file |
| curses_helper.py | Success: no issues found in 1 source file |
| datagetters.py | Success: no issues found in 1 source file |
| fieldgetters.py | Success: no issues found in 1 source file |
| formatters.py | Success: no issues found in 1 source file |
| generators.py | Success: no issues found in 1 source file |
| helptexts.py | Success: no issues found in 1 source file |
| infogetters.py | Success: no issues found in 1 source file |
| itemgetters.py | Success: no issues found in 1 source file |
| kubernetes_helper.py | Success: no issues found in 1 source file |
| kubernetes_resources.py | Success: no issues found in 1 source file |
| listgetters.py | Success: no issues found in 1 source file |
| listgetters_async.py | Success: no issues found in 1 source file |
| logparser.py | __Found 103 errors in 1 file (checked 1 source file)__ |
| networkio.py | Success: no issues found in 1 source file |
| objgetters.py | Success: no issues found in 1 source file |
| pvtypes.py | Success: no issues found in 1 source file |
| reexecutor.py | Success: no issues found in 1 source file |

### Pylint Results for v0.8.3

**N/A**. Pylint seems to be broken in Debian at the moment and crashes during testing.

### Regexploit Results for v0.8.3

Commandline: `regexploit`.
Execute with `make regexploit`.

Output:

```
Running regexploit to check for ReDoS attacks
Checking executables
Processed 44 regexes
Checking libraries
Processed 117 regexes
```

### Ruff Results for v0.8.3

Commandline: `ruff`.
Execute with `make ruff`.

Output:

No output.

### Semgrep Results for v0.8.3

Commandline: `semgrep scan --exclude-rule "generic.secrets.security.detected-generic-secret.detected-generic-secret.semgrep-legacy.30980" --timeout=0 --no-git-ignore`.
Execute with `make semgrep`.

Output:

```
┌──── ○○○ ────┐
│ Semgrep CLI │
└─────────────┘
Scanning 911 files with:
✔ Semgrep OSS
✔ Basic security coverage for first-party code vulnerabilities.
✔ Semgrep Code (SAST)
✔ Find and fix vulnerabilities in the code you write with advanced scanning and expert security rules.
✘ Semgrep Supply Chain (SCA)
✘ Find and fix the reachable vulnerabilities in your OSS dependencies.
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━╸ 100% 0:00:37
┌──────────────┐
│ Scan Summary │
└──────────────┘
Some files were skipped or only partially analyzed.
Partially scanned: 2 files only partially analyzed due to parsing or internal Semgrep errors
Scan skipped: 73 files matching .semgrepignore patterns
For a full list of skipped files, run semgrep with the --verbose flag.
Ran 483 rules on 838 files: 0 findings.
⏫ A new version of Semgrep is available. See https://semgrep.dev/docs/upgrading
✨ If Semgrep missed a finding, please send us feedback to let us know!
See https://semgrep.dev/docs/reporting-false-negatives/
```

### validate_playbooks Results for v0.8.3

Commandline: `ansible-lint`.
Execute with: `make validate_playbooks`.

`Passed: 0 failure(s), 0 warning(s) on 55 files. Last profile that met the validation criteria was 'production'.`

### validate_yaml Results for v0.8.3

Commandline: `tests/validate_yaml`.
Execute with: `make validate_yaml`.

Output:

```
Summary:
fail: 0
skip: 1
success: 641
total: 642
```

### YAMLlint Results for v0.8.3

Commandline: `yamllint`.
Execute with `make yamllint`.

Output:

No output.

---

* [v0.8.2](#v082)
* [Downloads](#downloads-for-v082)
* [Source Code](#source-code-for-v082)
Expand Down
Loading

0 comments on commit 45b17a2

Please sign in to comment.