add tests

Signed-off-by: Bennati, Stefano <stefano.bennati@here.com>

Author: bennati

tests/data/secure-setup/setup-emptyrequires.py

@@ -0,0 +1,41 @@
+"""
+Copyright 2018 Matthew Aynalem
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+"""
+from distutils.core import setup
+
+from setuptools import find_packages
+
+setup(
+    name="packer.py",
+    version="0.3.0",
+    author="Matthew Aynalem",
+    author_email="maynalem@gmail.com",
+    packages=["packerpy"],
+    url="https://github.com/mayn/packer.py",
+    license="Apache License 2.0",
+    description="packer.py - python library to run hashicorp packer CLI commands",
+    keywords="hashicorp packer",
+    long_description=open("README.rst").read(),
+    install_requires=[],
+    classifiers=[
+        "License :: OSI Approved :: Apache Software License",
+        "Programming Language :: Python :: 2",
+        "Programming Language :: Python :: 2.7",
+        "Programming Language :: Python :: 3",
+        "Programming Language :: Python :: 3.4",
+        "Programming Language :: Python :: 3.5",
+        "Programming Language :: Python :: 3.6",
+    ],
+)

tests/data/secure-setup/setup-norequires.py

@@ -0,0 +1,40 @@
+"""
+Copyright 2018 Matthew Aynalem
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+"""
+from distutils.core import setup
+
+from setuptools import find_packages
+
+setup(
+    name="packer.py",
+    version="0.3.0",
+    author="Matthew Aynalem",
+    author_email="maynalem@gmail.com",
+    packages=["packerpy"],
+    url="https://github.com/mayn/packer.py",
+    license="Apache License 2.0",
+    description="packer.py - python library to run hashicorp packer CLI commands",
+    keywords="hashicorp packer",
+    long_description=open("README.rst").read(),
+    classifiers=[
+        "License :: OSI Approved :: Apache Software License",
+        "Programming Language :: Python :: 2",
+        "Programming Language :: Python :: 2.7",
+        "Programming Language :: Python :: 3",
+        "Programming Language :: Python :: 3.4",
+        "Programming Language :: Python :: 3.5",
+        "Programming Language :: Python :: 3.6",
+    ],
+)

tests/data/secure-setup/setup-requires.py

@@ -0,0 +1,41 @@
+"""
+Copyright 2018 Matthew Aynalem
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+   http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+"""
+from distutils.core import setup
+
+from setuptools import find_packages
+
+setup(
+    name="packer.py",
+    version="0.3.0",
+    author="Matthew Aynalem",
+    author_email="maynalem@gmail.com",
+    packages=["packerpy"],
+    url="https://github.com/mayn/packer.py",
+    license="Apache License 2.0",
+    description="packer.py - python library to run hashicorp packer CLI commands",
+    keywords="hashicorp packer",
+    long_description=open("README.rst").read(),
+    install_requires=["requirement1", "requirement2"],
+    classifiers=[
+        "License :: OSI Approved :: Apache Software License",
+        "Programming Language :: Python :: 2",
+        "Programming Language :: Python :: 2.7",
+        "Programming Language :: Python :: 3",
+        "Programming Language :: Python :: 3.4",
+        "Programming Language :: Python :: 3.5",
+        "Programming Language :: Python :: 3.6",
+    ],
+)

tests/test_resolution.py

@@ -21,6 +21,7 @@
 from python_inspector.error import NoVersionsFound
 from python_inspector.resolution import PythonInputProvider
 from python_inspector.resolution import get_requirements_from_dependencies
+from python_inspector.resolution import get_requirements_from_python_manifest
 from python_inspector.resolution import is_valid_version
 from python_inspector.resolution import parse_reqs_from_setup_py_insecurely
 from python_inspector.utils_pypi import PYPI_PUBLIC_REPO
@@ -241,6 +242,47 @@ def test_get_requirements_from_dependencies_with_editable_requirements():
     assert requirements == []
 
 
+def test_get_requirements_from_python_manifest_securely():
+    sdist_location = "tests/data/secure-setup"
+    setup_py_emptyrequires = "setup-emptyrequires.py"
+    setup_py_norequires = "setup-norequires.py"
+    setup_py_requires = "setup-requires.py"
+    analyze_setup_py_insecurely = False
+    try:
+        ret = list(
+            get_requirements_from_python_manifest(
+                sdist_location,
+                sdist_location + "/" + setup_py_norequires,
+                [sdist_location + "/" + setup_py_norequires],
+                analyze_setup_py_insecurely,
+            )
+        )
+        assert ret == []
+    except Exception:
+        pytest.fail("Failure parsing setup.py where requirements are not provided.")
+    try:
+        ret = list(
+            get_requirements_from_python_manifest(
+                sdist_location,
+                sdist_location + "/" + setup_py_emptyrequires,
+                [sdist_location + "/" + setup_py_emptyrequires],
+                analyze_setup_py_insecurely,
+            )
+        )
+        assert ret == []
+    except Exception:
+        pytest.fail("Failure getting empty requirements securely from setup.py.")
+    with pytest.raises(Exception):
+        ret = list(
+            get_requirements_from_python_manifest(
+                sdist_location,
+                sdist_location + "/" + setup_py_requires,
+                [sdist_location + "/" + setup_py_requires],
+                analyze_setup_py_insecurely,
+            ).next()
+        )
+
+
 def test_setup_py_parsing_insecure():
     setup_py_file = setup_test_env.get_test_loc("insecure-setup/setup.py")
     reqs = [str(req) for req in list(parse_reqs_from_setup_py_insecurely(setup_py=setup_py_file))]