Initial migration work (#1)

* definition update, redundant library removal, renaming setup.py, minor test tweaks from pytest recommendations * first draft of test workflow * bumping pyyaml * pinning python version * splitting test into its own step * Update .github/workflows/test.yml Co-authored-by: roshini-saravanakumar <114094961+roshini-saravanakumar@users.noreply.github.com> * url update * classifiers * addressing comments * more renaming * pipeline changes, resetting version * additional gitignore directories --------- Co-authored-by: roshini-saravanakumar <114094961+roshini-saravanakumar@users.noreply.github.com>
TheClimateCorporation · May 9, 2024 · dd0c32d · dd0c32d
1 parent 57f4564
commit dd0c32d
Show file tree

Hide file tree

Showing 41 changed files with 106,574 additions and 75,989 deletions.
diff --git a/.coveragerc b/.coveragerc
@@ -1,6 +1,6 @@
 [run]
-source = parliament
-omit = parliament/cli.py
+source = parliamentarian
+omit = parliamentarian/cli.py
 
 [report]
 fail_under = 75
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -8,24 +8,26 @@ on:
     types: [created]
 
 jobs:
-  deploy:
-
+  pypi-publish:
+    name: upload release to PyPI
     runs-on: ubuntu-latest
-
+    environment: release
+    permissions:
+      # IMPORTANT: this permission is mandatory for trusted publishing
+      id-token: write
     steps:
-    - uses: actions/checkout@v2
-    - name: Set up Python
-      uses: actions/setup-python@v1
-      with:
-        python-version: '3.x'
-    - name: Install dependencies
-      run: |
-        python -m pip install --upgrade pip
-        pip install setuptools wheel twine
-    - name: Build and publish
-      env:
-        TWINE_USERNAME: ${{ secrets.PYPI_USERNAME }}
-        TWINE_PASSWORD: ${{ secrets.PYPI_PASSWORD }}
-      run: |
-        python setup.py sdist bdist_wheel
-        twine upload dist/*
+      - uses: actions/checkout@v2
+      - name: Set up Python
+        uses: actions/setup-python@v1
+        with:
+          python-version: '3.x'
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install setuptools wheel twine
+      - name: Build
+        run: |
+          python setup.py sdist bdist_wheel
+      # retrieve your distributions here
+      - name: Publish package distribution to PyPI
+        uses: pypa/gh-action-pypi-publish@release/v1
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -0,0 +1,21 @@
+on:
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  test:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v2
+    - name: Set up Python
+      uses: actions/setup-python@v1
+      with:
+        python-version: '3.11'
+    - name: Install dependencies
+      run: |
+        python -m pip install --upgrade pip
+        make setup
+    - name: Run test
+      run: |
+        make test
diff --git a/.gitignore b/.gitignore
@@ -8,8 +8,10 @@ venv/
 .coverage
 htmlcov/
 dist/
+build/
+docs/
 .env/
-parliament/private_auditors
+parliamentarian/private_auditors
 tmp/*
 .idea/*
 .vscode
diff --git a/bin/parliament b/bin/parliament
@@ -6,5 +6,5 @@ from pathlib import Path
 path = Path(os.path.abspath(__file__))
 sys.path.append(str(path.parent.parent))
 
-from parliament.cli import main
+from parliamentarian.cli import main
 main()
diff --git a/parliament/__init__.py → parliamentarian/__init__.py b/parliament/__init__.py → parliamentarian/__init__.py
@@ -1,7 +1,7 @@
 """
 This library is a linter for AWS IAM policies.
 """
-__version__ = "1.6.2"
+__version__ = "1.0.0"
 
 import fnmatch
 import functools

diff --git a/parliament/cli.py → parliamentarian/cli.py b/parliament/cli.py → parliamentarian/cli.py
@@ -10,14 +10,14 @@
 from os.path import join
 from pathlib import Path
 
-from parliament import (
+from parliamentarian import (
     analyze_policy_string,
     enhance_finding,
     override_config,
     config,
     __version__,
 )
-from parliament.misc import make_list
+from parliamentarian.misc import make_list
 
 logger = logging.getLogger(__name__)
 

diff --git a/parliament/community_auditors/__init__.py → ...amentarian/community_auditors/__init__.py b/parliament/community_auditors/__init__.py → ...amentarian/community_auditors/__init__.py
diff --git a/...nity_auditors/advanced_policy_elements.py → ...nity_auditors/advanced_policy_elements.py b/...nity_auditors/advanced_policy_elements.py → ...nity_auditors/advanced_policy_elements.py
@@ -12,7 +12,7 @@
 
 import jsoncfg
 
-from parliament import Policy
+from parliamentarian import Policy
 
 
 def get_stmts(policy: Policy) -> Iterable:

diff --git a/...t/community_auditors/config_override.yaml → ...n/community_auditors/config_override.yaml b/...t/community_auditors/config_override.yaml → ...n/community_auditors/config_override.yaml
diff --git a/...ommunity_auditors/credentials_exposure.py → ...ommunity_auditors/credentials_exposure.py b/...ommunity_auditors/credentials_exposure.py → ...ommunity_auditors/credentials_exposure.py
diff --git a/...munity_auditors/permissions_management.py → ...munity_auditors/permissions_management.py b/...munity_auditors/permissions_management.py → ...munity_auditors/permissions_management.py
diff --git a/...ommunity_auditors/privilege_escalation.py → ...ommunity_auditors/privilege_escalation.py b/...ommunity_auditors/privilege_escalation.py → ...ommunity_auditors/privilege_escalation.py
diff --git a/...nt/community_auditors/sensitive_access.py → ...an/community_auditors/sensitive_access.py b/...nt/community_auditors/sensitive_access.py → ...an/community_auditors/sensitive_access.py
@@ -1,6 +1,6 @@
 from collections import defaultdict
 
-from parliament import is_arn_match, expand_action
+from parliamentarian import is_arn_match, expand_action
 
 
 def _expand_action(operation):

diff --git a/.../single_value_condition_too_permissive.py → .../single_value_condition_too_permissive.py b/.../single_value_condition_too_permissive.py → .../single_value_condition_too_permissive.py
@@ -4,8 +4,8 @@
 https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_single-vs-multi-valued-condition-keys.html
 """
 import re
-from parliament import Policy
-from parliament.misc import make_list
+from parliamentarian import Policy
+from parliamentarian.misc import make_list
 
 
 def audit(policy: Policy) -> None:

diff --git a/...rs/tests/test_advanced_policy_elements.py → ...rs/tests/test_advanced_policy_elements.py b/...rs/tests/test_advanced_policy_elements.py → ...rs/tests/test_advanced_policy_elements.py
@@ -1,4 +1,4 @@
-from parliament import analyze_policy_string
+from parliamentarian import analyze_policy_string
 
 S3_STAR_FINDINGS = {"PERMISSIONS_MANAGEMENT_ACTIONS", "RESOURCE_MISMATCH"}
 

diff --git a/...ditors/tests/test_credentials_exposure.py → ...ditors/tests/test_credentials_exposure.py b/...ditors/tests/test_credentials_exposure.py → ...ditors/tests/test_credentials_exposure.py
@@ -1,4 +1,4 @@
-from parliament import analyze_policy_string
+from parliamentarian import analyze_policy_string
 
 
 class TestCredentialsManagement:

diff --git a/...tors/tests/test_permissions_management.py → ...tors/tests/test_permissions_management.py b/...tors/tests/test_permissions_management.py → ...tors/tests/test_permissions_management.py
@@ -1,4 +1,4 @@
-from parliament import analyze_policy_string
+from parliamentarian import analyze_policy_string
 
 
 class TestPermissionsManagement:

diff --git a/...ditors/tests/test_privilege_escalation.py → ...ditors/tests/test_privilege_escalation.py b/...ditors/tests/test_privilege_escalation.py → ...ditors/tests/test_privilege_escalation.py
@@ -1,4 +1,4 @@
-from parliament import analyze_policy_string
+from parliamentarian import analyze_policy_string
 
 
 class TestPrivilegeEscalation:

diff --git a/...y_auditors/tests/test_sensitive_access.py → ...y_auditors/tests/test_sensitive_access.py b/...y_auditors/tests/test_sensitive_access.py → ...y_auditors/tests/test_sensitive_access.py
@@ -1,4 +1,4 @@
-from parliament import analyze_policy_string
+from parliamentarian import analyze_policy_string
 
 
 class TestSensitiveAccess:

diff --git a/..._single_value_condition_too_permissive.py → ..._single_value_condition_too_permissive.py b/..._single_value_condition_too_permissive.py → ..._single_value_condition_too_permissive.py
@@ -1,4 +1,4 @@
-from parliament import analyze_policy_string
+from parliamentarian import analyze_policy_string
 
 
 class TestSensitiveAccess:

diff --git a/parliament/config.yaml → parliamentarian/config.yaml b/parliament/config.yaml → parliamentarian/config.yaml
diff --git a/parliament/finding.py → parliamentarian/finding.py b/parliament/finding.py → parliamentarian/finding.py