mirror of
https://github.com/ansible-collections/community.crypto.git
synced 2026-03-26 21:33:25 +00:00
Use ruff format, and then undo most changes with black and isort. (#903)
This commit is contained in:
Felix Fontein
GitHub
@@ -9,7 +9,6 @@ from __future__ import annotations
|
||||
|
||||
|
||||
class ModuleDocFragment:
|
||||
|
||||
# Basic documentation fragment without account data
|
||||
BASIC = r"""
|
||||
notes:
|
||||
|
||||
@@ -9,7 +9,6 @@ from __future__ import annotations
|
||||
|
||||
|
||||
class ModuleDocFragment:
|
||||
|
||||
# Standard documentation fragment
|
||||
DOCUMENTATION = r"""
|
||||
options: {}
|
||||
|
||||
@@ -10,7 +10,6 @@ from __future__ import annotations
|
||||
|
||||
|
||||
class ModuleDocFragment:
|
||||
|
||||
# Standard files documentation fragment
|
||||
DOCUMENTATION = r"""
|
||||
description:
|
||||
|
||||
@@ -9,7 +9,6 @@ from __future__ import annotations
|
||||
|
||||
|
||||
class ModuleDocFragment:
|
||||
|
||||
# Standard files documentation fragment
|
||||
DOCUMENTATION = r"""
|
||||
description:
|
||||
|
||||
@@ -9,7 +9,6 @@ from __future__ import annotations
|
||||
|
||||
|
||||
class ModuleDocFragment:
|
||||
|
||||
# Standard files documentation fragment
|
||||
DOCUMENTATION = r"""
|
||||
description:
|
||||
|
||||
@@ -9,7 +9,6 @@ from __future__ import annotations
|
||||
|
||||
|
||||
class ModuleDocFragment:
|
||||
|
||||
# Standard files documentation fragment
|
||||
DOCUMENTATION = r"""
|
||||
requirements:
|
||||
|
||||
@@ -99,8 +99,7 @@ class ACMEAccount:
|
||||
and allow_creation
|
||||
):
|
||||
raise ModuleFailException(
|
||||
"To create an account, an external account binding must be specified. "
|
||||
"Use the acme_account module with the external_account_binding option."
|
||||
"To create an account, an external account binding must be specified. Use the acme_account module with the external_account_binding option."
|
||||
)
|
||||
|
||||
result, info = self.client.send_signed_request(
|
||||
|
||||
@@ -108,8 +108,7 @@ class CryptographyChainMatcher(ChainMatcher):
|
||||
)
|
||||
else:
|
||||
module.warn(
|
||||
f"Criterium {criterium_idx} in select_chain has invalid {name} value. "
|
||||
"Ignoring criterium."
|
||||
f"Criterium {criterium_idx} in select_chain has invalid {name} value. Ignoring criterium."
|
||||
)
|
||||
return None
|
||||
|
||||
|
||||
@@ -191,8 +191,7 @@ class ACMECertificateClient:
|
||||
if bad_authzs:
|
||||
bad_authzs_str = ", ".join(sorted(bad_authzs))
|
||||
raise ModuleFailException(
|
||||
"Some of the authorizations for the order are in a bad state, so the order"
|
||||
f" can no longer be satisfied: {bad_authzs_str}",
|
||||
f"Some of the authorizations for the order are in a bad state, so the order can no longer be satisfied: {bad_authzs_str}",
|
||||
)
|
||||
|
||||
def collect_invalid_authzs(self, order: Order) -> list[Authorization]:
|
||||
|
||||
@@ -486,7 +486,7 @@ def _adjust_idn_email(
|
||||
idx = value.find("@")
|
||||
if idx < 0:
|
||||
return value
|
||||
return f"{value[:idx]}@{_adjust_idn(value[idx + 1:], idn_rewrite=idn_rewrite)}"
|
||||
return f"{value[:idx]}@{_adjust_idn(value[idx + 1 :], idn_rewrite=idn_rewrite)}"
|
||||
|
||||
|
||||
def _adjust_idn_url(
|
||||
|
||||
@@ -525,8 +525,7 @@ class CertificateSigningRequestCryptographyBackend(CertificateSigningRequestBack
|
||||
if self.using_common_name_for_san:
|
||||
self.module.fail_json(
|
||||
msg=msg
|
||||
+ "This is probably caused because the Common Name is used as a SAN."
|
||||
" Specifying use_common_name_for_san=false might fix this."
|
||||
+ "This is probably caused because the Common Name is used as a SAN. Specifying use_common_name_for_san=false might fix this."
|
||||
)
|
||||
self.module.fail_json(
|
||||
msg=msg
|
||||
|
||||
@@ -312,7 +312,6 @@ class _Curve:
|
||||
|
||||
# Implementation with using cryptography
|
||||
class PrivateKeyCryptographyBackend(PrivateKeyBackend):
|
||||
|
||||
def _add_curve(
|
||||
self,
|
||||
name: str,
|
||||
|
||||
@@ -283,10 +283,7 @@ class PrivateKeyInfoRetrieval(metaclass=abc.ABCMeta):
|
||||
)
|
||||
if result["key_is_consistent"] is False:
|
||||
# Only fail when it is False, to avoid to fail on None (which means "we do not know")
|
||||
msg = (
|
||||
"Private key is not consistent! (See "
|
||||
"https://blog.hboeck.de/archives/888-How-I-tricked-Symantec-with-a-Fake-Private-Key.html)"
|
||||
)
|
||||
msg = "Private key is not consistent! (See https://blog.hboeck.de/archives/888-How-I-tricked-Symantec-with-a-Fake-Private-Key.html)"
|
||||
raise PrivateKeyConsistencyError(msg, result=result)
|
||||
return result
|
||||
|
||||
|
||||
@@ -381,7 +381,6 @@ def select_message_digest(
|
||||
|
||||
|
||||
class OpenSSLObject(metaclass=abc.ABCMeta):
|
||||
|
||||
def __init__(self, *, path: str, state: str, force: bool, check_mode: bool) -> None:
|
||||
self.path = path
|
||||
self.state = state
|
||||
|
||||
@@ -52,7 +52,6 @@ if t.TYPE_CHECKING:
|
||||
|
||||
|
||||
class KeypairBackend(OpensshModule, metaclass=abc.ABCMeta):
|
||||
|
||||
def __init__(self, *, module: AnsibleModule) -> None:
|
||||
super().__init__(module=module)
|
||||
|
||||
@@ -567,8 +566,7 @@ def select_backend(
|
||||
else:
|
||||
module.fail_json(
|
||||
msg=(
|
||||
"Cannot find either the OpenSSH binary in the PATH "
|
||||
f"or cryptography >= {COLLECTION_MINIMUM_CRYPTOGRAPHY_VERSION} installed on this system"
|
||||
f"Cannot find either the OpenSSH binary in the PATH or cryptography >= {COLLECTION_MINIMUM_CRYPTOGRAPHY_VERSION} installed on this system"
|
||||
)
|
||||
)
|
||||
|
||||
|
||||
@@ -779,8 +779,7 @@ def get_option_type(name: str) -> t.Literal["critical", "extension"]:
|
||||
if name in _EXTENSIONS:
|
||||
return "extension"
|
||||
raise ValueError(
|
||||
f"{name} is not a valid option. "
|
||||
"Custom options must start with 'critical:' or 'extension:' to indicate type"
|
||||
f"{name} is not a valid option. Custom options must start with 'critical:' or 'extension:' to indicate type"
|
||||
)
|
||||
|
||||
|
||||
|
||||
@@ -370,7 +370,8 @@ class AsymmetricKeypair:
|
||||
|
||||
try:
|
||||
return self.__privatekey.sign(
|
||||
data, **_ALGORITHM_PARAMETERS[self.__keytype]["signer_params"] # type: ignore
|
||||
data,
|
||||
**_ALGORITHM_PARAMETERS[self.__keytype]["signer_params"], # type: ignore
|
||||
)
|
||||
except TypeError as e:
|
||||
raise InvalidDataError(e) from e
|
||||
@@ -788,7 +789,6 @@ def validate_comment(comment: str) -> None:
|
||||
|
||||
|
||||
def extract_comment(path: str | os.PathLike) -> str:
|
||||
|
||||
if not os.path.exists(path):
|
||||
raise InvalidPublicKeyFileError(f"No file was found at {path}")
|
||||
|
||||
|
||||
@@ -310,8 +310,7 @@ def main() -> t.NoReturn:
|
||||
if timestamp < now:
|
||||
complete(
|
||||
True,
|
||||
msg=f"The remaining percentage {module.params['remaining_percentage'] * 100}%"
|
||||
f" of the certificate's lifespan was reached on {timestamp}",
|
||||
msg=f"The remaining percentage {module.params['remaining_percentage'] * 100}% of the certificate's lifespan was reached on {timestamp}",
|
||||
)
|
||||
|
||||
complete(False)
|
||||
|
||||
@@ -368,8 +368,7 @@ def main() -> t.NoReturn:
|
||||
if not is_parent(module, chain[i - 1], parent):
|
||||
module.fail_json(
|
||||
msg=(
|
||||
f"Cannot verify input chain: certificate #{i + 1}: {format_cert(parent)} is not issuer "
|
||||
f"of certificate #{i}: {format_cert(chain[i - 1])}"
|
||||
f"Cannot verify input chain: certificate #{i + 1}: {format_cert(parent)} is not issuer of certificate #{i}: {format_cert(chain[i - 1])}"
|
||||
)
|
||||
)
|
||||
|
||||
|
||||
@@ -474,7 +474,6 @@ def wipe_luks_headers(device: str) -> None:
|
||||
|
||||
|
||||
class Handler:
|
||||
|
||||
def __init__(self, module: AnsibleModule) -> None:
|
||||
self._module = module
|
||||
self._lsblk_bin = self._module.get_bin_path("lsblk", True)
|
||||
@@ -534,7 +533,6 @@ class Handler:
|
||||
|
||||
|
||||
class CryptHandler(Handler):
|
||||
|
||||
def __init__(self, module: AnsibleModule) -> None:
|
||||
super().__init__(module)
|
||||
self._cryptsetup_bin = self._module.get_bin_path("cryptsetup", True)
|
||||
@@ -807,8 +805,7 @@ class CryptHandler(Handler):
|
||||
keyslot_area = False
|
||||
if keyslot_count < 2:
|
||||
self._module.fail_json(
|
||||
msg=f"LUKS device {device} has less than two active keyslots. "
|
||||
"To be able to remove a key, please set `force_remove_last_key` to `true`."
|
||||
msg=f"LUKS device {device} has less than two active keyslots. To be able to remove a key, please set `force_remove_last_key` to `true`."
|
||||
)
|
||||
|
||||
if keyslot is None:
|
||||
@@ -867,7 +864,6 @@ class CryptHandler(Handler):
|
||||
|
||||
|
||||
class ConditionsHandler(Handler):
|
||||
|
||||
def __init__(self, module: AnsibleModule, crypthandler: CryptHandler) -> None:
|
||||
super().__init__(module)
|
||||
self._crypthandler = crypthandler
|
||||
@@ -988,7 +984,7 @@ class ConditionsHandler(Handler):
|
||||
|
||||
if self._module.params["state"] == "absent":
|
||||
self._module.fail_json(
|
||||
msg="Contradiction in setup: Asking to " "add a key to absent LUKS."
|
||||
msg="Contradiction in setup: Asking to add a key to absent LUKS."
|
||||
)
|
||||
|
||||
key_present = self._crypthandler.luks_test_key(
|
||||
@@ -1021,8 +1017,7 @@ class ConditionsHandler(Handler):
|
||||
|
||||
if self._module.params["state"] == "absent":
|
||||
self._module.fail_json(
|
||||
msg="Contradiction in setup: Asking to "
|
||||
"remove a key from absent LUKS."
|
||||
msg="Contradiction in setup: Asking to remove a key from absent LUKS."
|
||||
)
|
||||
|
||||
if self._module.params["remove_keyslot"] is not None:
|
||||
|
||||
@@ -207,7 +207,6 @@ from ansible_collections.community.crypto.plugins.module_utils._openssh.backends
|
||||
|
||||
|
||||
def main() -> t.NoReturn:
|
||||
|
||||
module = AnsibleModule(
|
||||
argument_spec={
|
||||
"state": {
|
||||
|
||||
@@ -265,7 +265,6 @@ if t.TYPE_CHECKING:
|
||||
|
||||
|
||||
class CertificateSigningRequestModule(OpenSSLObject):
|
||||
|
||||
def __init__(
|
||||
self, module: AnsibleModule, module_backend: CertificateSigningRequestBackend
|
||||
) -> None:
|
||||
|
||||
@@ -173,7 +173,6 @@ class DHParameterError(Exception):
|
||||
|
||||
|
||||
class DHParameterBase:
|
||||
|
||||
def __init__(self, module: AnsibleModule) -> None:
|
||||
self.state: t.Literal["absent", "present"] = module.params["state"]
|
||||
self.path: str = module.params["path"]
|
||||
@@ -250,7 +249,6 @@ class DHParameterBase:
|
||||
|
||||
|
||||
class DHParameterAbsent(DHParameterBase):
|
||||
|
||||
def __init__(self, module: AnsibleModule) -> None:
|
||||
super().__init__(module)
|
||||
|
||||
@@ -263,7 +261,6 @@ class DHParameterAbsent(DHParameterBase):
|
||||
|
||||
|
||||
class DHParameterOpenSSL(DHParameterBase):
|
||||
|
||||
def __init__(self, module: AnsibleModule) -> None:
|
||||
super().__init__(module)
|
||||
self.openssl_bin = module.get_bin_path("openssl", True)
|
||||
@@ -318,7 +315,6 @@ class DHParameterOpenSSL(DHParameterBase):
|
||||
|
||||
|
||||
class DHParameterCryptography(DHParameterBase):
|
||||
|
||||
def __init__(self, module: AnsibleModule) -> None:
|
||||
super().__init__(module)
|
||||
|
||||
@@ -408,8 +404,7 @@ def main() -> t.NoReturn:
|
||||
if backend == "auto":
|
||||
module.fail_json(
|
||||
msg=(
|
||||
f"Cannot detect either the required Python library cryptography (>= {MINIMAL_CRYPTOGRAPHY_VERSION}) "
|
||||
"or the OpenSSL binary openssl"
|
||||
f"Cannot detect either the required Python library cryptography (>= {MINIMAL_CRYPTOGRAPHY_VERSION}) or the OpenSSL binary openssl"
|
||||
)
|
||||
)
|
||||
|
||||
|
||||
@@ -599,7 +599,9 @@ class Pkcs(OpenSSLObject):
|
||||
self.backup_file = module.backup_local(self.path)
|
||||
super().remove(module)
|
||||
|
||||
def parse(self) -> tuple[
|
||||
def parse(
|
||||
self,
|
||||
) -> tuple[
|
||||
bytes | None,
|
||||
bytes | None,
|
||||
list[bytes],
|
||||
|
||||
@@ -181,7 +181,6 @@ if t.TYPE_CHECKING:
|
||||
|
||||
|
||||
class PrivateKeyModule(OpenSSLObject):
|
||||
|
||||
def __init__(
|
||||
self, module: AnsibleModule, module_backend: PrivateKeyBackend
|
||||
) -> None:
|
||||
@@ -255,7 +254,6 @@ class PrivateKeyModule(OpenSSLObject):
|
||||
|
||||
|
||||
def main() -> t.NoReturn:
|
||||
|
||||
argument_spec = get_privatekey_argument_spec()
|
||||
argument_spec.argument_spec.update(
|
||||
{
|
||||
|
||||
@@ -142,7 +142,6 @@ class PrivateKeyConvertModule(OpenSSLObject):
|
||||
|
||||
|
||||
def main() -> t.NoReturn:
|
||||
|
||||
argument_spec = get_privatekey_argument_spec()
|
||||
argument_spec.argument_spec.update(
|
||||
{
|
||||
|
||||
@@ -246,7 +246,8 @@ def main() -> t.NoReturn:
|
||||
data = f.read()
|
||||
except (IOError, OSError) as e:
|
||||
module.fail_json(
|
||||
msg=f"Error while reading private key file from disk: {e}", **result # type: ignore
|
||||
msg=f"Error while reading private key file from disk: {e}",
|
||||
**result, # type: ignore
|
||||
)
|
||||
|
||||
result["can_load_key"] = True
|
||||
|
||||
@@ -231,7 +231,6 @@ class PublicKeyError(OpenSSLObjectError):
|
||||
|
||||
|
||||
class PublicKey(OpenSSLObject):
|
||||
|
||||
def __init__(self, module: AnsibleModule) -> None:
|
||||
super().__init__(
|
||||
path=module.params["path"],
|
||||
@@ -415,7 +414,6 @@ class PublicKey(OpenSSLObject):
|
||||
|
||||
|
||||
def main() -> t.NoReturn:
|
||||
|
||||
module = AnsibleModule(
|
||||
argument_spec={
|
||||
"state": {
|
||||
|
||||
@@ -194,7 +194,8 @@ def main() -> t.NoReturn:
|
||||
data = f.read()
|
||||
except (IOError, OSError) as e:
|
||||
module.fail_json(
|
||||
msg=f"Error while reading public key file from disk: {e}", **result # type: ignore
|
||||
msg=f"Error while reading public key file from disk: {e}",
|
||||
**result, # type: ignore
|
||||
)
|
||||
|
||||
module_backend = select_backend(module=module, content=data)
|
||||
|
||||
@@ -132,7 +132,6 @@ from ansible_collections.community.crypto.plugins.module_utils._crypto.support i
|
||||
|
||||
|
||||
class SignatureBase(OpenSSLObject):
|
||||
|
||||
def __init__(self, module: AnsibleModule) -> None:
|
||||
super().__init__(
|
||||
path=module.params["path"],
|
||||
@@ -161,7 +160,6 @@ class SignatureBase(OpenSSLObject):
|
||||
|
||||
# Implementation with using cryptography
|
||||
class SignatureCryptography(SignatureBase):
|
||||
|
||||
def __init__(self, module: AnsibleModule) -> None:
|
||||
super().__init__(module)
|
||||
|
||||
|
||||
@@ -121,7 +121,6 @@ from ansible_collections.community.crypto.plugins.module_utils._crypto.support i
|
||||
|
||||
|
||||
class SignatureInfoBase(OpenSSLObject):
|
||||
|
||||
def __init__(self, module: AnsibleModule) -> None:
|
||||
super().__init__(
|
||||
path=module.params["path"],
|
||||
@@ -150,7 +149,6 @@ class SignatureInfoBase(OpenSSLObject):
|
||||
|
||||
# Implementation with using cryptography
|
||||
class SignatureInfoCryptography(SignatureInfoBase):
|
||||
|
||||
def __init__(self, module: AnsibleModule) -> None:
|
||||
super().__init__(module)
|
||||
|
||||
|
||||
@@ -505,7 +505,6 @@ class CRLError(OpenSSLObjectError):
|
||||
|
||||
|
||||
class CRL(OpenSSLObject):
|
||||
|
||||
def __init__(self, module: AnsibleModule) -> None:
|
||||
super().__init__(
|
||||
path=module.params["path"],
|
||||
|
||||
@@ -230,7 +230,6 @@ def test_invalid_key_sizes(
|
||||
|
||||
@pytest.mark.skipif(not HAS_OPENSSH_SUPPORT, reason="requires cryptography")
|
||||
def test_valid_comment_update() -> None:
|
||||
|
||||
pair = OpensshKeypair.generate()
|
||||
new_comment = "comment"
|
||||
try:
|
||||
|
||||
@@ -440,7 +440,6 @@ def test_luks_remove_key(
|
||||
expected: bool | t.Literal["exception"],
|
||||
monkeypatch,
|
||||
) -> None:
|
||||
|
||||
module = DummyModule()
|
||||
module.params["device"] = device
|
||||
module.params["passphrase_encoding"] = "text"
|
||||
|
||||
Reference in New Issue
Block a user