Merge "Python 3.12: do not use ssl.wrap_socket"

Merge "Update python versions, drop py3.8"
Merge "If endpoint ends with 1 client removes it"
2025-01-09 23:09:40 +00:00 · 2025-01-09 23:09:38 +00:00 · 2025-01-09 23:05:34 +00:00 · 2024-12-21 01:35:09 +00:00 · 2024-12-06 14:15:22 +00:00 · 2024-12-06 13:28:17 +00:00
5 changed files with 29 additions and 21 deletions
--- a/setup.cfg
+++ b/setup.cfg
@@ -6,7 +6,7 @@ description_file =
 author = OpenStack
 author_email = openstack-discuss@lists.openstack.org
 home_page =  https://docs.openstack.org/python-watcherclient/latest/
-python_requires = >=3.8
+python_requires = >=3.9
 classifier =
    Environment :: OpenStack
    Intended Audience :: Information Technology
@@ -15,10 +15,10 @@ classifier =
    Operating System :: POSIX :: Linux
    Programming Language :: Python
    Programming Language :: Python :: 3
-    Programming Language :: Python :: 3.8
    Programming Language :: Python :: 3.9
    Programming Language :: Python :: 3.10
    Programming Language :: Python :: 3.11
+    Programming Language :: Python :: 3.12

 [files]
 packages =
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -6,4 +6,3 @@ python-subunit>=1.0.0 # Apache-2.0/BSD
 stestr>=2.0.0 # Apache-2.0
 testscenarios>=0.4 # Apache-2.0/BSD
 testtools>=2.2.0 # MIT
-tempest>=17.1.0 # Apache-2.0
--- a/watcherclient/common/httpclient.py
+++ b/watcherclient/common/httpclient.py
@@ -14,13 +14,13 @@
 #    under the License.

 import copy
-from distutils import version
 import functools
 import hashlib
 import http.client
 import io
 import logging
 import os
+import re
 import socket
 import ssl
 import textwrap
@@ -62,7 +62,7 @@ SUPPORTED_ENDPOINT_SCHEME = ('http', 'https')

 def _trim_endpoint_api_version(url):
    """Trim API version and trailing slash from endpoint."""
-    return url.rstrip('/').rstrip(API_VERSION)
+    return re.sub(f'{API_VERSION}$', '', url.rstrip('/'))


 def _extract_error_json(body):
@@ -123,16 +123,19 @@ class VersionNegotiationMixin(object):
                % {'req': self.os_infra_optim_api_version,
                   'min': min_ver, 'max': max_ver}))

-        negotiated_ver = str(
-            min(version.StrictVersion(self.os_infra_optim_api_version),
-                version.StrictVersion(max_ver)))
+        negotiated_ver = api_versioning.APIVersion(
+            self.os_infra_optim_api_version)
+        min_ver = api_versioning.APIVersion(min_ver)
+        max_ver = api_versioning.APIVersion(max_ver)
+        if negotiated_ver > max_ver:
+            negotiated_ver = max_ver
        if negotiated_ver < min_ver:
            negotiated_ver = min_ver
        # server handles microversions, but doesn't support
        # the requested version, so try a negotiated version
        self.api_version_select_state = 'negotiated'
-        self.os_infra_optim_api_version = negotiated_ver
-        LOG.debug('Negotiated API version is %s', negotiated_ver)
+        self.os_infra_optim_api_version = negotiated_ver.get_string()
+        LOG.debug('Negotiated API version is %s', negotiated_ver.get_string())

        return negotiated_ver

@@ -434,11 +437,6 @@ class VerifiedHTTPSConnection(http.client.HTTPSConnection):
        """Connect to a host on a given (SSL) port.

        If ca_file is pointing somewhere, use it to check Server Certificate.
-
-        Redefined/copied and extended from httplib.py:1105 (Python 2.6.x).
-        This is needed to pass cert_reqs=ssl.CERT_REQUIRED as parameter to
-        ssl.wrap_socket(), which forces SSL to check server certificate against
-        our client certificate.
        """
        sock = socket.create_connection((self.host, self.port), self.timeout)

@@ -446,17 +444,21 @@ class VerifiedHTTPSConnection(http.client.HTTPSConnection):
            self.sock = sock
            self._tunnel()

+        context = ssl.SSLContext(ssl.PROTOCOL_TLS_CLIENT)
+
        if self.insecure is True:
-            kwargs = {'cert_reqs': ssl.CERT_NONE}
+            context.check_hostname = False
+            context.verify_mode = ssl.CERT_NONE
        else:
-            kwargs = {'cert_reqs': ssl.CERT_REQUIRED, 'ca_certs': self.ca_file}
+            context.load_verify_locations(self.ca_file)

        if self.cert_file:
-            kwargs['certfile'] = self.cert_file
            if self.key_file:
-                kwargs['keyfile'] = self.key_file
+                context.load_cert_chain(self.cert_file, self.key_file)
+            else:
+                context.load_cert_chain(self.cert_file)

-        self.sock = ssl.wrap_socket(sock, **kwargs)
+        self.sock = context.wrap_socket(sock)

    @staticmethod
    def get_system_ca_file():
--- a/watcherclient/shell.py
+++ b/watcherclient/shell.py
@@ -203,7 +203,9 @@ class WatcherShell(app.App):
            LOG.info("END return value: %s", ret_val)


-def main(argv=sys.argv[1:]):
+def main(argv=None):
+    if argv is None:
+        argv = sys.argv[1:]
    watcher_app = WatcherShell()
    return watcher_app.run(argv)

--- a/watcherclient/tests/unit/test_client.py
+++ b/watcherclient/tests/unit/test_client.py
@@ -358,3 +358,8 @@ class ClientTest(utils.BaseTestCase):
        client = httpclient.HTTPClient(endpoint)
        conn_url = client._make_connection_url(url)
        self.assertEqual(expected_url, conn_url)
+
+    def test_port_ends_with_one(self):
+        endpoint = "http://localhost:8081/"
+        http_client = httpclient.HTTPClient(endpoint)
+        self.assertEqual(endpoint, http_client._make_connection_url(""))
Author	SHA1	Message	Date
Zuul	edbc62c502	Merge "Python 3.12: do not use ssl.wrap_socket"	2025-01-09 23:09:40 +00:00
Zuul	cde38f53af	Merge "Update python versions, drop py3.8"	2025-01-09 23:09:38 +00:00
Zuul	2bd17ffadb	Merge "If endpoint ends with 1 client removes it"	2025-01-09 23:05:34 +00:00
Zuul	d801e89157	Merge "Drop unused tempest from test requirements"	2024-12-21 01:35:09 +00:00
Zuul	2af23e860d	Merge "Make watcherclient/shell.py reproducible"	2024-12-06 14:15:22 +00:00
Zuul	4317c283cc	Merge "Get rid of distutils"	2024-12-06 13:28:17 +00:00
Mitya Eremeev	5359e7b4ec	If endpoint ends with 1 client removes it e.g. Watcher endpoint is "127.0.0.1:8081", Watcher client sends http request to "127.0.0.1:808" Closes-Bug: #2052779 Change-Id: I78631c8a13ff73a236f3bfadd7f4258b254b6113	2024-12-05 20:23:07 +03:00
Martin Kopec	536ed330e8	Update python versions, drop py3.8 The current testing runtime [1] states testing from py3.9 to 3.12. The patch updates setup.cfg to reflect the correct python versions. The patch also drops python 3.8 support following [2]. [1] https://governance.openstack.org/tc/reference/runtimes/2025.1.html [2] https://lists.openstack.org/archives/list/openstack-discuss@lists.openstack.org/thread/FOWV4UQZTH4DPDA67QDEROAESYU5Z3LE/ Change-Id: Id3d9a1cce51f064931a5b3310f301e09118f65b3	2024-11-01 14:29:47 +01:00
Takashi Kajinami	a2e4e22ce8	Drop unused tempest from test requirements None of the tests implemented in this repository depend on tempest. Change-Id: Ie06e1f3e3990ba5d167f5331cb12b845ab809e6b	2024-10-12 00:07:02 +09:00
Takashi Kajinami	be7ee7347a	Get rid of distutils ... because it was already removed from Python 3.12 . Change-Id: Ie809a48ce49d3fd6139c55109c9ed92b852ad41e	2024-10-02 23:24:03 +09:00
Cyril Roelandt	79fe6b8fee	Python 3.12: do not use ssl.wrap_socket The ssl.wrap_socket method has been removed in 3.12. SSLContext.wrap_socket should now be used. Change-Id: I6e4f6848c07f7f9c1937ebde433a85ccfde7ba6a	2024-07-03 17:19:02 +02:00
Thomas Goirand	834ab29878	Make watcherclient/shell.py reproducible Hi, Whilst working on the Reproducible Builds effort [0] we noticed that python-watcherclient could not be built reproducibly. This is because the documentation generates automatic documentation for the "main()" entrypoint method's arguments, one of which is "sys.argv". During document generation this results in documentation examples like: def main(argv=['-b', 'html', 'doc/source', '«ABSOLUTE_BUILD_DIR»/debian/python-watcherclient-doc/usr/.../html']): … etc. Patch attached that sets "None" instead but retains the existing fallback logic. [0] https://reproducible-builds.org/ Please note that this was reported in the Debian tracker: https://bugs.debian.org/960607 and that the fix was applied to the Debian package. Change-Id: I502bb2d11d90ce4c46c14904a8c048ea824f11d5	2021-12-28 19:33:55 +01:00