From b7c4c85d0ebdcf5f059f9bdc7622828be9b7e201 Mon Sep 17 00:00:00 2001 From: sangeet-joy_xero Date: Tue, 8 Oct 2024 11:43:01 +0530 Subject: [PATCH 01/10] updated packages, added audit ci step, added prism script --- .github/workflows/build-test-lint.yml | 25 +++++++++++++++++++++++++ requirements.txt | 3 ++- tests/utils/start-prism.sh | 9 +++++++++ 3 files changed, 36 insertions(+), 1 deletion(-) create mode 100755 tests/utils/start-prism.sh diff --git a/.github/workflows/build-test-lint.yml b/.github/workflows/build-test-lint.yml index fdef6146..733a34d1 100644 --- a/.github/workflows/build-test-lint.yml +++ b/.github/workflows/build-test-lint.yml @@ -26,10 +26,35 @@ jobs: source venv/bin/activate pip install --upgrade pip pip install black + pip install pip-audit sudo pip install flake8 pip install -r requirements.txt -r requirements/dev.txt working-directory: xero-python + - name: Run audit on requirements.txt + run: | + pip-audit -r requirements.txt -o json > audit-result.json + if [ -s audit-result.json ]; then + echo "Vulnerabilities found!" + cat audit-result.json + exit 1 + else + echo "No vulnerabilities found" + fi + working-directory: xero-python + + - name: Run audit on dev.txt + run: | + pip-audit -r requirements/dev.txt -o json > audit-result.json + if [ -s audit-result.json ]; then + echo "Vulnerabilities found!" + cat audit-result.json + exit 1 + else + echo "No vulnerabilities found" + fi + working-directory: xero-python + - name: Run Flake8 run: flake8 xero_python working-directory: xero-python diff --git a/requirements.txt b/requirements.txt index 11231fa7..7be89c5b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,5 @@ # make sure content of this file can be parsed by setup.load_requirements python-dateutil>=2.7 -urllib3 +urllib3>=2.2.3 certifi +setuptools>=75.1.0 diff --git a/tests/utils/start-prism.sh b/tests/utils/start-prism.sh new file mode 100755 index 00000000..92b55f1d --- /dev/null +++ b/tests/utils/start-prism.sh @@ -0,0 +1,9 @@ +prism mock https://raw.githubusercontent.com/XeroAPI/Xero-OpenAPI/refs/heads/master/xero_accounting.yaml --host 127.0.0.1 --port 4010 & +prism mock https://raw.githubusercontent.com/XeroAPI/Xero-OpenAPI/refs/heads/master/xero-app-store.yaml --host 127.0.0.1 --port 4011 & +prism mock https://raw.githubusercontent.com/XeroAPI/Xero-OpenAPI/refs/heads/master/xero_assets.yaml --host 127.0.0.1 --port 4012 & +prism mock https://raw.githubusercontent.com/XeroAPI/Xero-OpenAPI/refs/heads/master/xero_bankfeeds.yaml --host 127.0.0.1 --port 4013 & +prism mock https://raw.githubusercontent.com/XeroAPI/Xero-OpenAPI/refs/heads/master/xero-finance.yaml --host 127.0.0.1 --port 4014 & +prism mock https://raw.githubusercontent.com/XeroAPI/Xero-OpenAPI/refs/heads/master/xero-payroll-uk.yaml --host 127.0.0.1 --port 4015 & +prism mock https://raw.githubusercontent.com/XeroAPI/Xero-OpenAPI/refs/heads/master/xero-payroll-nz.yaml --host 127.0.0.1 --port 4016 & +prism mock https://raw.githubusercontent.com/XeroAPI/Xero-OpenAPI/refs/heads/master/xero-payroll-au.yaml --host 127.0.0.1 --port 4017 & +prism mock https://raw.githubusercontent.com/XeroAPI/Xero-OpenAPI/refs/heads/master/xero-projects.yaml --host 127.0.0.1 --port 4018 From a7604ecb75b43c598f67a9bb6668f0ee39684144 Mon Sep 17 00:00:00 2001 From: sangeet-joy_xero Date: Tue, 8 Oct 2024 11:45:50 +0530 Subject: [PATCH 02/10] ci: fix build ci step --- .github/workflows/build-test-lint.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-test-lint.yml b/.github/workflows/build-test-lint.yml index 733a34d1..3198981a 100644 --- a/.github/workflows/build-test-lint.yml +++ b/.github/workflows/build-test-lint.yml @@ -26,13 +26,14 @@ jobs: source venv/bin/activate pip install --upgrade pip pip install black - pip install pip-audit sudo pip install flake8 pip install -r requirements.txt -r requirements/dev.txt working-directory: xero-python - name: Run audit on requirements.txt run: | + pip install pip-audit + pip install -r requirements.txt pip-audit -r requirements.txt -o json > audit-result.json if [ -s audit-result.json ]; then echo "Vulnerabilities found!" @@ -45,6 +46,8 @@ jobs: - name: Run audit on dev.txt run: | + pip install pip-audit + pip install -r requirements/dev.txt pip-audit -r requirements/dev.txt -o json > audit-result.json if [ -s audit-result.json ]; then echo "Vulnerabilities found!" From a2bdc749dfdbf8bbe14fefefc030e71c19ec8cd5 Mon Sep 17 00:00:00 2001 From: sangeet-joy_xero Date: Tue, 8 Oct 2024 12:14:08 +0530 Subject: [PATCH 03/10] added alpha version for testing --- setup.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/setup.py b/setup.py index c85f5e42..3b1330f7 100644 --- a/setup.py +++ b/setup.py @@ -48,5 +48,5 @@ def read_file(filename): keywords="xero python sdk API oAuth", name="xero_python", packages=find_packages(include=["xero_python", "xero_python.*"]), - version="6.3.0", + version="6.3.0-alpha.5", ) From 1cfdd02888d5e112d3f945d9c4b9e5f28d432238 Mon Sep 17 00:00:00 2001 From: sangeet-joy_xero Date: Tue, 8 Oct 2024 13:35:35 +0530 Subject: [PATCH 04/10] added vulnerable package to text test the pipeline --- .github/workflows/build-test-lint.yml | 20 ++++---------------- requirements.txt | 1 + 2 files changed, 5 insertions(+), 16 deletions(-) diff --git a/.github/workflows/build-test-lint.yml b/.github/workflows/build-test-lint.yml index 3198981a..dc1b1301 100644 --- a/.github/workflows/build-test-lint.yml +++ b/.github/workflows/build-test-lint.yml @@ -34,28 +34,16 @@ jobs: run: | pip install pip-audit pip install -r requirements.txt - pip-audit -r requirements.txt -o json > audit-result.json - if [ -s audit-result.json ]; then - echo "Vulnerabilities found!" - cat audit-result.json - exit 1 - else - echo "No vulnerabilities found" - fi + echo "running audit...." + pip-audit -r requirements.txt working-directory: xero-python - name: Run audit on dev.txt run: | pip install pip-audit pip install -r requirements/dev.txt - pip-audit -r requirements/dev.txt -o json > audit-result.json - if [ -s audit-result.json ]; then - echo "Vulnerabilities found!" - cat audit-result.json - exit 1 - else - echo "No vulnerabilities found" - fi + echo "running audit...." + pip-audit -r requirements/dev.txt working-directory: xero-python - name: Run Flake8 diff --git a/requirements.txt b/requirements.txt index 7be89c5b..ba1a7c4f 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,3 +3,4 @@ python-dateutil>=2.7 urllib3>=2.2.3 certifi setuptools>=75.1.0 +django==2.2.9 From 15dc01ebb5ed383373dfbb01504f47eae07bdd54 Mon Sep 17 00:00:00 2001 From: sangeet-joy_xero Date: Tue, 8 Oct 2024 13:38:33 +0530 Subject: [PATCH 05/10] refactored the audit steps --- .github/workflows/build-test-lint.yml | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build-test-lint.yml b/.github/workflows/build-test-lint.yml index dc1b1301..8b211d54 100644 --- a/.github/workflows/build-test-lint.yml +++ b/.github/workflows/build-test-lint.yml @@ -27,25 +27,26 @@ jobs: pip install --upgrade pip pip install black sudo pip install flake8 + pip install pip-audit pip install -r requirements.txt -r requirements/dev.txt working-directory: xero-python - name: Run audit on requirements.txt run: | - pip install pip-audit - pip install -r requirements.txt - echo "running audit...." + echo "running audit on requirements.txt...." pip-audit -r requirements.txt - working-directory: xero-python - - - name: Run audit on dev.txt - run: | - pip install pip-audit - pip install -r requirements/dev.txt - echo "running audit...." + echo "running audit on dev.txt...." pip-audit -r requirements/dev.txt working-directory: xero-python + # - name: Run audit on dev.txt + # run: | + # pip install pip-audit + # pip install -r requirements/dev.txt + # echo "running audit...." + # pip-audit -r requirements/dev.txt + # working-directory: xero-python + - name: Run Flake8 run: flake8 xero_python working-directory: xero-python From a05d1502774f9caa52ed80fb8339dd3af8576bcf Mon Sep 17 00:00:00 2001 From: sangeet-joy_xero Date: Tue, 8 Oct 2024 13:46:29 +0530 Subject: [PATCH 06/10] added sudo to pip audit --- .github/workflows/build-test-lint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-test-lint.yml b/.github/workflows/build-test-lint.yml index 8b211d54..f6479763 100644 --- a/.github/workflows/build-test-lint.yml +++ b/.github/workflows/build-test-lint.yml @@ -27,7 +27,7 @@ jobs: pip install --upgrade pip pip install black sudo pip install flake8 - pip install pip-audit + sudo pip install pip-audit pip install -r requirements.txt -r requirements/dev.txt working-directory: xero-python From 2810f3f588251150e249eec72fa81fd8b510b56e Mon Sep 17 00:00:00 2001 From: sangeet-joy_xero Date: Tue, 8 Oct 2024 14:07:38 +0530 Subject: [PATCH 07/10] Added read me file --- .github/workflows/build-test-lint.yml | 11 +++-------- README.md | 13 +++++++++++++ requirements.txt | 1 - setup.py | 2 +- 4 files changed, 17 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build-test-lint.yml b/.github/workflows/build-test-lint.yml index f6479763..39b14097 100644 --- a/.github/workflows/build-test-lint.yml +++ b/.github/workflows/build-test-lint.yml @@ -33,19 +33,14 @@ jobs: - name: Run audit on requirements.txt run: | + echo "running audit on requirements.txt...." pip-audit -r requirements.txt + echo "running audit on dev.txt...." pip-audit -r requirements/dev.txt - working-directory: xero-python - # - name: Run audit on dev.txt - # run: | - # pip install pip-audit - # pip install -r requirements/dev.txt - # echo "running audit...." - # pip-audit -r requirements/dev.txt - # working-directory: xero-python + working-directory: xero-python - name: Run Flake8 run: flake8 xero_python diff --git a/README.md b/README.md index bc6bbf51..2bfd07da 100644 --- a/README.md +++ b/README.md @@ -18,6 +18,7 @@ The xero-python SDK makes it easy for developers to access Xero's APIs in their - [Helper Methods](#helper-methods) - [Usage Examples](#usage-examples) - [SDK conventions](#sdk-conventions) +- [Running Test(s) in Local](#running-tests-in-local) - [Participating in Xero’s developer community](#participating-in-xeros-developer-community) - [Contributing](#contributing) @@ -540,6 +541,18 @@ created_invoice_attachments_by_file_name = accounting_api.create_invoice_attachm --- ## SDK conventions + +--- +## Running Test(s) in Local +For Running Test cases PRISM Mock Server needs to be started in the local machine. +Steps to Run Test(s) +* Install PRISM from npm using the command: **npm install -g @stoplight/prism-cli** +* Verify Installation: **prism --version** +* Navigate to **tests--> utils--> ** folder in the terminal +* Execute the script **./start-prism.sh** +* This will start the PRISM Server in Local +* Run **pytest** to run the dotnet test cases. + ### Querying & Filtering Describe the support for query options and filtering diff --git a/requirements.txt b/requirements.txt index ba1a7c4f..7be89c5b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,4 +3,3 @@ python-dateutil>=2.7 urllib3>=2.2.3 certifi setuptools>=75.1.0 -django==2.2.9 diff --git a/setup.py b/setup.py index 3b1330f7..c85f5e42 100644 --- a/setup.py +++ b/setup.py @@ -48,5 +48,5 @@ def read_file(filename): keywords="xero python sdk API oAuth", name="xero_python", packages=find_packages(include=["xero_python", "xero_python.*"]), - version="6.3.0-alpha.5", + version="6.3.0", ) From f58785a6f9aef2fa58c858f73545b91290652344 Mon Sep 17 00:00:00 2001 From: sangeet-joy_xero Date: Tue, 8 Oct 2024 14:08:32 +0530 Subject: [PATCH 08/10] renamed a step --- .github/workflows/build-test-lint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-test-lint.yml b/.github/workflows/build-test-lint.yml index 39b14097..dae1346d 100644 --- a/.github/workflows/build-test-lint.yml +++ b/.github/workflows/build-test-lint.yml @@ -31,7 +31,7 @@ jobs: pip install -r requirements.txt -r requirements/dev.txt working-directory: xero-python - - name: Run audit on requirements.txt + - name: Run audit run: | echo "running audit on requirements.txt...." From 2e4687487e692fe83a03ae474897da89aa1556d0 Mon Sep 17 00:00:00 2001 From: sangeet-joy_xero Date: Tue, 8 Oct 2024 17:01:30 +0530 Subject: [PATCH 09/10] incorporated the review comments --- .github/workflows/build-test-lint.yml | 9 +-------- 1 file changed, 1 insertion(+), 8 deletions(-) diff --git a/.github/workflows/build-test-lint.yml b/.github/workflows/build-test-lint.yml index dae1346d..13e62558 100644 --- a/.github/workflows/build-test-lint.yml +++ b/.github/workflows/build-test-lint.yml @@ -32,14 +32,7 @@ jobs: working-directory: xero-python - name: Run audit - run: | - - echo "running audit on requirements.txt...." - pip-audit -r requirements.txt - - echo "running audit on dev.txt...." - pip-audit -r requirements/dev.txt - + run: pip-audit -r requirements.txt -r requirements/dev.txt working-directory: xero-python - name: Run Flake8 From 23377eb4a656433e7944280ccf1ec18b3b192012 Mon Sep 17 00:00:00 2001 From: sangeet-joy_xero Date: Tue, 8 Oct 2024 17:11:13 +0530 Subject: [PATCH 10/10] renamed the step --- .github/workflows/build-test-lint.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/build-test-lint.yml b/.github/workflows/build-test-lint.yml index 13e62558..b2cdbcf3 100644 --- a/.github/workflows/build-test-lint.yml +++ b/.github/workflows/build-test-lint.yml @@ -31,7 +31,7 @@ jobs: pip install -r requirements.txt -r requirements/dev.txt working-directory: xero-python - - name: Run audit + - name: Check vulnerable packages run: pip-audit -r requirements.txt -r requirements/dev.txt working-directory: xero-python