A simple PDS Registry Client which authenticates users with PDS single sign-on and signs requests to the serverless OpenSearch (AOSS) hosting the Registry database.
Project description
PDS Registry Client
This is a prototype implementation of a request-signing utility for use with serverless OpenSearch (AOSS). It is (currently) intended to provide a curl-like interface for querying PDS Registry's AOSS instance using a Cognito user identity.
Additional functionality may be built out in the future.
Prerequisites
- Personal user/pass credentials for a Cognito user authorized for Registry AOSS
- Python >=3.9
- Environment variables (contact developer for values)
export REQUEST_SIGNER_AWS_ACCOUNT='' export REQUEST_SIGNER_AWS_REGION='' export REQUEST_SIGNER_CLIENT_ID='' export REQUEST_SIGNER_USER_POOL_ID='' export REQUEST_SIGNER_IDENTITY_POOL_ID='' export REQUEST_SIGNER_AOSS_ENDPOINT='' export REQUEST_SIGNER_COGNITO_USER='' export REQUEST_SIGNER_COGNITO_PASSWORD=''
Developer Quickstart
-
Clone the repository
git clone https://github.com/NASA-PDS/registry-client.git cd registry-client
-
Create a virtual environment
python -m venv venv source ./venv/bin/activate
-
Install the tool to the virtual environment
pip install --editable .[dev]
-
Run the tool directly
registry-client --help
Code of Conduct
All users and developers of the NASA-PDS software are expected to abide by our Code of Conduct. Please read this to ensure you understand the expectations of our community.
Development
To develop this project, use your favorite text editor, or an integrated development environment with Python support, such as PyCharm.
Contributing
For information on how to contribute to NASA-PDS codebases please take a look at our Contributing guidelines.
Installation
Install in editable mode and with extra developer dependencies into your virtual environment of choice:
pip install --editable '.[dev]'
Make a baseline for any secrets (email addresses, passwords, API keys, etc.) in the repository:
detect-secrets scan . \
--all-files \
--disable-plugin AbsolutePathDetectorExperimental \
--exclude-files '\.secrets..*' \
--exclude-files '\.git.*' \
--exclude-files '\.mypy_cache' \
--exclude-files '\.pytest_cache' \
--exclude-files '\.tox' \
--exclude-files '\.venv' \
--exclude-files 'venv' \
--exclude-files 'dist' \
--exclude-files 'build' \
--exclude-files '.*\.egg-info' > .secrets.baseline
Review the secrets to determine which should be allowed and which are false positives:
detect-secrets audit .secrets.baseline
Please remove any secrets that should not be seen by the public. You can then add the baseline file to the commit:
git add .secrets.baseline
Then, configure the pre-commit
hooks:
pre-commit install
pre-commit install -t pre-push
pre-commit install -t prepare-commit-msg
pre-commit install -t commit-msg
These hooks then will check for any future commits that might contain secrets. They also check code formatting, PEP8 compliance, type hints, etc.
👉 Note: A one time setup is required both to support detect-secrets
and in your global Git configuration. See the wiki entry on Secrets to learn how.
Packaging
To isolate and be able to re-produce the environment for this package, you should use a Python Virtual Environment. To do so, run:
python -m venv venv
Then exclusively use venv/bin/python
, venv/bin/pip
, etc.
If you have tox
installed and would like it to create your environment and install dependencies for you run:
tox --devenv <name you'd like for env> -e dev
Dependencies for development are specified as the dev
extras_require
in setup.cfg
; they are installed into the virtual environment as follows:
pip install --editable '.[dev]'
All the source code is in a sub-directory under src
.
You should update the setup.cfg
file with:
- name of your module
- license, default apache, update if needed
- description
- download url, when you release your package on github add the url here
- keywords
- classifiers
- install_requires, add the dependencies of you package
- extras_require, add the development Dependencies of your package
- entry_points, when your package can be called in command line, this helps to deploy command lines entry points pointing to scripts in your package
For the packaging details, see https://packaging.python.org/tutorials/packaging-projects/ as a reference.
Configuration
It is convenient to use ConfigParser package to manage configuration. It allows a default configuration which can be overwritten by the user in a specific file in their environment. See https://pymotw.com/2/ConfigParser/
For example:
candidates = ['my_pds_module.ini', 'my_pds_module.ini.default']
found = parser.read(candidates)
Logs
You should not use print()
vin the purpose of logging information on the execution of your code. Depending on where the code runs these information could be redirected to specific log files.
To make that work, start each Python file with:
"""My module."""
import logging
logger = logging.getLogger(__name__)
To log a message:
logger.info("my message")
In your main
routine, include:
logging.basicConfig(level=logging.INFO)
to get a basic logging system configured.
Tooling
The dev
extras_require
included in the template repo installs black
, flake8
(plus some plugins), and mypy
along with default configuration for all of them. You can run all of these (and more!) with:
tox -e lint
Code Style
So that your code is readable, you should comply with the PEP8 style guide. Our code style is automatically enforced in via black and flake8. See the Tooling section for information on invoking the linting pipeline.
❗Important note for template users❗
The included pre-commit configuration file executes flake8
(along with mypy
) across the entire src
folder and not only on changed files. If you're converting a pre-existing code base over to this template that may result in a lot of errors that you aren't ready to deal with.
You can instead execute flake8
only over a diff of the current changes being made by modifying the pre-commit
entry
line:
entry: git diff -u | flake8 --diff
Or you can change the pre-commit
config so flake8
is only called on changed files which match a certain filtering criteria:
- repo: local
hooks:
- id: flake8
name: flake8
entry: flake8
files: ^src/|tests/
language: system
Recommended Libraries
Python offers a large variety of libraries. In PDS scope, for the most current usage we should use:
Library | Usage |
---|---|
configparser | manage and parse configuration files |
argparse | command line argument documentation and parsing |
requests | interact with web APIs |
lxml | read/write XML files |
json | read/write JSON files |
pyyaml | read/write YAML files |
pystache | generate files from templates |
Some of these are built into Python 3; others are open source add-ons you can include in your requirements.txt
.
Tests
This section describes testing for your package.
A complete "build" including test execution, linting (mypy
, black
, flake8
, etc.), and documentation build is executed via:
tox
Unit tests
Your project should have built-in unit tests, functional, validation, acceptance, etc., tests.
For unit testing, check out the unittest module, built into Python 3.
Tests objects should be in packages test
modules or preferably in project 'tests' directory which mirrors the project package structure.
Our unit tests are launched with command:
pytest
If you want your tests to run automatically as you make changes start up pytest
in watch mode with:
ptw
Integration/Behavioral Tests
One should use the behave package
and push the test results to "testrail".
See an example in https://github.com/NASA-PDS/pds-doi-service#behavioral-testing-for-integration--testing
Documentation
Your project should use Sphinx to build its documentation. PDS' documentation template is already configured as part of the default build. You can build your projects docs with:
python setup.py build_sphinx
You can access the build files in the following directory relative to the project root:
build/sphinx/html/
Build
pip install wheel
python setup.py sdist bdist_wheel
Publication
NASA PDS packages can publish automatically using the Roundup Action, which leverages GitHub Actions to perform automated continuous integration and continuous delivery. A default workflow that includes the Roundup is provided in the .github/workflows/unstable-cicd.yaml
file. (Unstable here means an interim release.)
Manual Publication
Create the package:
python setup.py bdist_wheel
Publish it as a Github release.
Publish on PyPI (you need a PyPI account and configure $HOME/.pypirc
):
pip install twine
twine upload dist/*
Or publish on the Test PyPI (you need a Test PyPI account and configure $HOME/.pypirc
):
pip install twine
twine upload --repository testpypi dist/*
CI/CD
The template repository comes with our two "standard" CI/CD workflows, stable-cicd
and unstable-cicd
. The unstable build runs on any push to main
(± ignoring changes to specific files) and the stable build runs on push of a release branch of the form release/<release version>
. Both of these make use of our GitHub actions build step, Roundup. The unstable-cicd
will generate (and constantly update) a SNAPSHOT release. If you haven't done a formal software release you will end up with a v0.0.0-SNAPSHOT
release (see NASA-PDS/roundup-action#56 for specifics).
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distributions
Built Distribution
Hashes for pds.registry_client-0.2.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | 3e591cfafe3c972c72469e447a572ff006c66e5ed073c759a77956b65e8c8256 |
|
MD5 | 6cfa15fea9be4754c99c012719bb5f88 |
|
BLAKE2b-256 | 52590967e92139f46c585a6c3cdb04d531361a652d0515d84358dfbf5d6c67da |