Merge pull request #801 from uc-cdis/chore/hooks

chore(hooks): blacken, fix EOF lines, enable pre-commit hooks with se…

.github/workflows/wool.yml

@@ -15,4 +15,3 @@ jobs:
     - uses: uc-cdis/wool@master
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-

.pre-commit-config.yaml

@@ -0,0 +1,16 @@
+repos:
+-   repo: git@github.com:Yelp/detect-secrets
+    rev: v0.13.1
+    hooks:
+    -   id: detect-secrets
+        args: ['--baseline', '.secrets.baseline']
+-   repo: https://github.com/pre-commit/pre-commit-hooks
+    rev: v2.5.0
+    hooks:
+    -   id: end-of-file-fixer
+    -   id: no-commit-to-branch
+        args: [--branch, develop, --branch, master, --pattern, release/.*]
+-   repo: https://github.com/psf/black
+    rev: 19.10b0
+    hooks:
+    -   id: black

.secrets.baseline

@@ -0,0 +1,233 @@
+{
+  "exclude": {
+    "files": null,
+    "lines": null
+  },
+  "generated_at": "2020-07-20T16:22:58Z",
+  "plugins_used": [
+    {
+      "name": "AWSKeyDetector"
+    },
+    {
+      "name": "ArtifactoryDetector"
+    },
+    {
+      "base64_limit": 4.5,
+      "name": "Base64HighEntropyString"
+    },
+    {
+      "name": "BasicAuthDetector"
+    },
+    {
+      "name": "CloudantDetector"
+    },
+    {
+      "hex_limit": 3,
+      "name": "HexHighEntropyString"
+    },
+    {
+      "name": "IbmCloudIamDetector"
+    },
+    {
+      "name": "IbmCosHmacDetector"
+    },
+    {
+      "name": "JwtTokenDetector"
+    },
+    {
+      "keyword_exclude": null,
+      "name": "KeywordDetector"
+    },
+    {
+      "name": "MailchimpDetector"
+    },
+    {
+      "name": "PrivateKeyDetector"
+    },
+    {
+      "name": "SlackDetector"
+    },
+    {
+      "name": "SoftlayerDetector"
+    },
+    {
+      "name": "StripeDetector"
+    },
+    {
+      "name": "TwilioKeyDetector"
+    }
+  ],
+  "results": {
+    "bin/fence-create": [
+      {
+        "hashed_secret": "07cb451426a70236a0047e0f390f2bd1d79fd6d3",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 503,
+        "type": "Secret Keyword"
+      }
+    ],
+    "fence/blueprints/storage_creds/google.py": [
+      {
+        "hashed_secret": "1348b145fa1a555461c1b790a2f66614781091e9",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 139,
+        "type": "Private Key"
+      }
+    ],
+    "fence/blueprints/storage_creds/other.py": [
+      {
+        "hashed_secret": "98c144f5ecbb4dbe575147a39698b6be1a5649dd",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 66,
+        "type": "Base64 High Entropy String"
+      }
+    ],
+    "fence/config-default.yaml": [
+      {
+        "hashed_secret": "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 31,
+        "type": "Basic Auth Credentials"
+      },
+      {
+        "hashed_secret": "5d07e1b80e448a213b392049888111e1779a52db",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 508,
+        "type": "Secret Keyword"
+      }
+    ],
+    "fence/local_settings.example.py": [
+      {
+        "hashed_secret": "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 6,
+        "type": "Basic Auth Credentials"
+      },
+      {
+        "hashed_secret": "5d07e1b80e448a213b392049888111e1779a52db",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 63,
+        "type": "Secret Keyword"
+      }
+    ],
+    "fence/resources/google/utils.py": [
+      {
+        "hashed_secret": "1348b145fa1a555461c1b790a2f66614781091e9",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 277,
+        "type": "Private Key"
+      }
+    ],
+    "fence/utils.py": [
+      {
+        "hashed_secret": "8318df9ecda039deac9868adf1944a29a95c7114",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 103,
+        "type": "Secret Keyword"
+      }
+    ],
+    "openapis/swagger.yaml": [
+      {
+        "hashed_secret": "1348b145fa1a555461c1b790a2f66614781091e9",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 1861,
+        "type": "Private Key"
+      },
+      {
+        "hashed_secret": "bb8e48bd1e73662027a0f0b876b695d4c18f5ed4",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 1861,
+        "type": "Secret Keyword"
+      },
+      {
+        "hashed_secret": "7861ab65194de92776ab9cd06d4d7e7e1ec2c36d",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 1941,
+        "type": "Secret Keyword"
+      },
+      {
+        "hashed_secret": "d6b66ddd9ea7dbe760114bfe9a97352a5e139134",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 1963,
+        "type": "JSON Web Token"
+      },
+      {
+        "hashed_secret": "98c144f5ecbb4dbe575147a39698b6be1a5649dd",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 1975,
+        "type": "Base64 High Entropy String"
+      }
+    ],
+    "tests/conftest.py": [
+      {
+        "hashed_secret": "1348b145fa1a555461c1b790a2f66614781091e9",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 1037,
+        "type": "Private Key"
+      },
+      {
+        "hashed_secret": "227dea087477346785aefd575f91dd13ab86c108",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 1060,
+        "type": "Base64 High Entropy String"
+      }
+    ],
+    "tests/credentials/google/test_credentials.py": [
+      {
+        "hashed_secret": "22afbfecd4124e2eb0e2a79fafdf62b207a8f8c7",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 579,
+        "type": "Secret Keyword"
+      }
+    ],
+    "tests/keys/2018-05-01T21:29:02Z/jwt_private_key.pem": [
+      {
+        "hashed_secret": "1348b145fa1a555461c1b790a2f66614781091e9",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 1,
+        "type": "Private Key"
+      }
+    ],
+    "tests/login/test_fence_login.py": [
+      {
+        "hashed_secret": "d300421e208bfd0d432294de15169fd9b8975def",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 40,
+        "type": "Secret Keyword"
+      }
+    ],
+    "tests/test-fence-config.yaml": [
+      {
+        "hashed_secret": "afc848c316af1a89d49826c5ae9d00ed769415f3",
+        "is_secret": false,
+        "is_verified": false,
+        "line_number": 31,
+        "type": "Basic Auth Credentials"
+      }
+    ]
+  },
+  "version": "0.13.1",
+  "word_list": {
+    "file": null,
+    "hash": null
+  }
+}

bin/fence-create

@@ -99,9 +99,7 @@ def parse_arguments():
         "--policies", help="which ABAC policies are granted to this client", nargs="*"
     )
     client_create.add_argument(
-        "--allowed-scopes",
-        help="which scopes are allowed for this client",
-        nargs="+"
+        "--allowed-scopes", help="which scopes are allowed for this client", nargs="+"
     )
 
     client_modify = subparsers.add_parser("client-modify")
@@ -160,12 +158,18 @@ def parse_arguments():
         default=None,
     )
     dbgap_sync.add_argument(
-        "--folder", required=False, help="destination where dbGaP whitelist files are saved", default=None,
+        "--folder",
+        required=False,
+        help="destination where dbGaP whitelist files are saved",
+        default=None,
     )
 
     dbgap_download = subparsers.add_parser("dbgap-download-access-files")
     dbgap_download.add_argument(
-        "--folder", required=False, help="destination where dbGaP whitelist files are saved", default=None,
+        "--folder",
+        required=False,
+        help="destination where dbGaP whitelist files are saved",
+        default=None,
     )
 
     bucket_link_to_project = subparsers.add_parser("link-bucket-to-project")
@@ -395,7 +399,7 @@ def main():
             confidential=confidential,
             arborist=arborist,
             policies=args.policies,
-            allowed_scopes=args.allowed_scopes
+            allowed_scopes=args.allowed_scopes,
         )
     elif args.action == "client-modify":
         modify_client_action(
@@ -434,10 +438,7 @@ def main():
         )
     elif args.action == "dbgap-download-access-files":
         download_dbgap_files(
-            dbGaP,
-            STORAGE_CREDENTIALS,
-            DB,
-            folder=args.folder,
+            dbGaP, STORAGE_CREDENTIALS, DB, folder=args.folder,
         )
     elif args.action == "google-manage-keys":
         remove_expired_google_service_account_keys(DB)

docs/db_diagram/fence_db.vdiagram

@@ -7779,4 +7779,3 @@
 	</Scene>
 	<version value="80702"/>
 </properties>
-

docs/dbgap_info.md

@@ -66,4 +66,4 @@ So the user access granted in a situation with `phs000123.c999` (assuming there
 
 ## Version Updates
 
-A study can be updated and at that time the patients and consent groups may change and the version number `v1` would get bumped up. At the moment, Fence does not handle these versions, so authorization is effectively either study level, or study+consent level.
+A study can be updated and at that time the patients and consent groups may change and the version number `v1` would get bumped up. At the moment, Fence does not handle these versions, so authorization is effectively either study level, or study+consent level.

docs/fence-create-deprecated.md

@@ -38,4 +38,4 @@ users:
     # clients:
     #   - {...}
 ```
-This is a deprecated user.yaml format. But it can still be used to create components for testing.
+This is a deprecated user.yaml format. But it can still be used to create components for testing.

docs/usersync.md

@@ -195,4 +195,3 @@ The [gen3users CLI](https://github.com/uc-cdis/gen3users) includes a user.yaml v
 pip install gen3users
 gen3users validate user.yaml
 ```
-

openapis/README.md

@@ -10,4 +10,4 @@ swagger-codegen generate -i swagger.yaml -l swagger
 Additionally, you can use the [online swagger editor](https://editor.swagger.io/) to preview result from
 `swagger.yaml`.
 
-See the swagger documentation for information on how to generate "pretty" documentation pages from the swagger JSON and YAML files.
+See the swagger documentation for information on how to generate "pretty" documentation pages from the swagger JSON and YAML files.

pull_request_template.md

@@ -18,4 +18,3 @@ Please make sure to follow the [DEV guidelines](https://gen3.org/resources/devel
 
 
 ### Deployment changes
-