diff --git a/src/confcom/HISTORY.rst b/src/confcom/HISTORY.rst index f670398fde8..ec4f47d434b 100644 --- a/src/confcom/HISTORY.rst +++ b/src/confcom/HISTORY.rst @@ -3,6 +3,10 @@ Release History =============== +1.4.3 +++++++ +* Fix installing OPA on Windows and in strict networking environments + 1.4.2 ++++++ * Update policy model to use pydantic and explicitly declare collections where order doesn't affect function. These fields will serialize in alphabetical order and comparisons will ignore order. diff --git a/src/confcom/azext_confcom/lib/opa.py b/src/confcom/azext_confcom/lib/opa.py index a83e3920876..59ab032f99f 100644 --- a/src/confcom/azext_confcom/lib/opa.py +++ b/src/confcom/azext_confcom/lib/opa.py @@ -16,18 +16,25 @@ from azext_confcom.lib.binaries import get_binaries_dir _opa_path = os.path.abspath(os.path.join(get_binaries_dir(), "opa")) -_expected_sha256 = "fe8e191d44fec33db2a3d0ca788b9f83f866d980c5371063620c3c6822792877" +_opa_url = { + "Linux": "https://github.com/open-policy-agent/opa/releases/download/v1.10.1/opa_linux_amd64", + "Windows": "https://github.com/open-policy-agent/opa/releases/download/v1.10.1/opa_windows_amd64.exe", +} +_expected_sha256 = { + "Linux": "fe8e191d44fec33db2a3d0ca788b9f83f866d980c5371063620c3c6822792877", + "Windows": "4c932053350eabca47681208924046fbf3ad9de922d6853fb12cddf59aef15ce", +} def opa_get(): - opa_fetch_resp = requests.get( - f"https://openpolicyagent.org/downloads/v1.10.1/opa_{platform.system().lower()}_amd64", - verify=True, - ) + if not all(platform.system() in mapping for mapping in [_opa_url, _expected_sha256]): + raise RuntimeError(f"OPA is not supported on platform: {platform.system()}") + + opa_fetch_resp = requests.get(_opa_url[platform.system()], verify=True) opa_fetch_resp.raise_for_status() - assert hashlib.sha256(opa_fetch_resp.content).hexdigest() == _expected_sha256 + assert hashlib.sha256(opa_fetch_resp.content).hexdigest() == _expected_sha256[platform.system()] with open(_opa_path, "wb") as f: f.write(opa_fetch_resp.content) diff --git a/src/confcom/azext_confcom/tests/conftest.py b/src/confcom/azext_confcom/tests/conftest.py index 3d71f5ce58a..0aa74c43f22 100644 --- a/src/confcom/azext_confcom/tests/conftest.py +++ b/src/confcom/azext_confcom/tests/conftest.py @@ -14,6 +14,7 @@ import shutil from pathlib import Path +import zipfile # This fixture ensures tests are run against final built wheels of the extension @@ -57,9 +58,9 @@ def run_on_wheel(request): if (extension_dir / "build").exists(): shutil.rmtree((extension_dir / "build").as_posix(), ignore_errors=True) - if not any(build_dir.glob(f"{extension_name}*.whl")): + if not any(build_dir.glob(f"*{extension_name}*.whl")): subprocess.run( - ["azdev", "extension", "build", extension.replace("azext_", ""), "--dist-dir", build_dir.as_posix()], + ["azdev", "extension", "build", extension_name, "--dist-dir", build_dir.as_posix()], check=True, ) @@ -68,7 +69,15 @@ def run_on_wheel(request): # Add the wheel to the path and reload extension modules so the # tests pick up the wheel code over the unbuilt code - sys.path.insert(0, build_dir.glob("*.whl").__next__().as_posix()) + wheel_path = next(build_dir.glob("*.whl")) + + expanded_dir = build_dir / f"{wheel_path.stem}_expanded" + if not expanded_dir.exists(): + expanded_dir.mkdir(exist_ok=True) + with zipfile.ZipFile(wheel_path, "r") as z: + z.extractall(expanded_dir) + + sys.path.insert(0, expanded_dir.resolve().as_posix()) for module in list(sys.modules.values()): if extension in module.__name__ and module not in modules_to_test: del sys.modules[module.__name__] diff --git a/src/confcom/setup.py b/src/confcom/setup.py index a2fc01aef63..8ce595a609d 100644 --- a/src/confcom/setup.py +++ b/src/confcom/setup.py @@ -20,7 +20,7 @@ logger.warn("Wheel is not available, disabling bdist_wheel hook") -VERSION = "1.4.2" +VERSION = "1.4.3" # The full list of classifiers is available at # https://pypi.python.org/pypi?%3Aaction=list_classifiers