Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: fix merge conflict, remove itsdangerous leftovers #2

Merged
merged 26 commits into from
Sep 8, 2023
Merged

chore: fix merge conflict, remove itsdangerous leftovers #2

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
26 commits
Select commit Hold shift + click to select a range
fa6191e
fix(parameters): make cache aware of single vs multiple calls
heitorlessa Jul 25, 2023
e89705b
chore: cleanup, add test for single and nested
heitorlessa Jul 25, 2023
a3d2787
chore(deps): bump pypa/gh-action-pypi-publish from 1.8.8 to 1.8.9 (#2…
dependabot[bot] Aug 10, 2023
9155451
chore(deps-dev): bump the boto-typing group with 1 update (#2944)
dependabot[bot] Aug 10, 2023
50ec825
chore(ci): changelog rebuild (#2945)
github-actions[bot] Aug 11, 2023
3923439
chore(deps-dev): bump aws-cdk from 2.90.0 to 2.91.0 (#2947)
dependabot[bot] Aug 11, 2023
3445000
chore(deps): bump gitpython from 3.1.31 to 3.1.32 in /docs (#2948)
dependabot[bot] Aug 11, 2023
ab43717
chore(deps): bump pypa/gh-action-pypi-publish from 1.8.9 to 1.8.10 (#…
dependabot[bot] Aug 11, 2023
8ba31a3
chore(ci): changelog rebuild (#2952)
github-actions[bot] Aug 14, 2023
91e1cec
feat(event_handler): allow stripping route prefixes using regexes (#2…
royassis Aug 14, 2023
9e4971e
feat(metrics): add Datadog observability provider (#2906)
roger-zhangg Aug 14, 2023
bb621bc
chore(deps-dev): bump xenon from 0.9.0 to 0.9.1 (#2955)
dependabot[bot] Aug 14, 2023
64566ef
chore(deps): bump actions/setup-node from 3.7.0 to 3.8.0 (#2957)
dependabot[bot] Aug 14, 2023
75936e5
chore(deps-dev): bump cfn-lint from 0.79.6 to 0.79.7 (#2956)
dependabot[bot] Aug 15, 2023
ce9f3f6
chore(ci): changelog rebuild (#2958)
github-actions[bot] Aug 15, 2023
a9b6cac
docs(metrics): update Datadog integration diagram (#2954)
aal80 Aug 15, 2023
26d5af5
docs(roadmap): add GovCloud and China region item (#2960)
heitorlessa Aug 15, 2023
8f671c9
fix(parameters): make cache aware of single vs multiple calls
heitorlessa Jul 25, 2023
78bab3f
chore: cleanup, add test for single and nested
heitorlessa Jul 25, 2023
82bf1c3
Merge branch 'develop' into feat/data-masking
heitorlessa Aug 15, 2023
db96b1a
chore(test): remove itsdangerous from perf test
heitorlessa Aug 15, 2023
88c67a5
chore(deps): remove itsdangerous dependencies
heitorlessa Aug 15, 2023
02219f7
chore: disable sockets in encryption sdk tests
heitorlessa Aug 18, 2023
c3995db
refactor(tests): use a test double
heitorlessa Aug 18, 2023
3d3ffec
chore: address make pr errors
heitorlessa Aug 18, 2023
7187a3d
Merge branch 'develop' into feat/data-masking
seshubaws Sep 8, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 5 additions & 2 deletions aws_lambda_powertools/utilities/data_masking/base.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -98,9 +98,12 @@ def _apply_action_to_fields(self, data: Union[dict, str], fields, action, **prov
)

for field in fields:
# prevent overriding loop variable
current_field = field
if not isinstance(field, str):
field = json.dumps(field)
keys = field.split(".")
current_field = json.dumps(field)

keys = current_field.split(".")

curr_dict = my_dict_parsed
for key in keys[:-1]:
Expand Down
14 changes: 14 additions & 0 deletions poetry.lock
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

82 changes: 49 additions & 33 deletions pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,21 +4,31 @@ version = "2.23.1"
description = "Powertools for AWS Lambda (Python) is a developer toolkit to implement Serverless best practices and increase developer velocity."
authors = ["Amazon Web Services"]
include = ["aws_lambda_powertools/py.typed", "THIRD-PARTY-LICENSES"]
classifiers=[
"Development Status :: 5 - Production/Stable",
"Intended Audience :: Developers",
"License :: OSI Approved :: MIT No Attribution License (MIT-0)",
"Natural Language :: English",
"Programming Language :: Python :: 3.7",
"Programming Language :: Python :: 3.8",
"Programming Language :: Python :: 3.9",
"Programming Language :: Python :: 3.10",
"Programming Language :: Python :: 3.11",
classifiers = [
"Development Status :: 5 - Production/Stable",
"Intended Audience :: Developers",
"License :: OSI Approved :: MIT No Attribution License (MIT-0)",
"Natural Language :: English",
"Programming Language :: Python :: 3.7",
"Programming Language :: Python :: 3.8",
"Programming Language :: Python :: 3.9",
"Programming Language :: Python :: 3.10",
"Programming Language :: Python :: 3.11",
]
repository = "https://github.com/aws-powertools/powertools-lambda-python"
documentation = "https://docs.powertools.aws.dev/lambda/python/"
readme = "README.md"
keywords = ["aws_lambda_powertools", "aws", "tracing", "logging", "lambda", "powertools", "feature_flags", "idempotency", "middleware"]
keywords = [
"aws_lambda_powertools",
"aws",
"tracing",
"logging",
"lambda",
"powertools",
"feature_flags",
"idempotency",
"middleware",
]
# MIT-0 is not recognized as an existing license from poetry.
# By using `MIT` as a license value, a `License :: OSI Approved :: MIT License` classifier is added to the classifiers list.
license = "MIT"
Expand All @@ -38,7 +48,7 @@ datadog-lambda = { version = "^4.77.0", optional = true }
aws-encryption-sdk = { version = "^3.1.1", optional = true }

[tool.poetry.dev-dependencies]
coverage = {extras = ["toml"], version = "^7.2"}
coverage = { extras = ["toml"], version = "^7.2" }
pytest = "^7.4.1"
black = "^23.3"
boto3 = "^1.18"
Expand Down Expand Up @@ -75,7 +85,7 @@ filelock = "^3.12.2"
checksumdir = "^1.2.0"
mypy-boto3-appconfigdata = "^1.28.36"
ijson = "^3.2.2"
typed-ast = { version = "^1.5.5", python = "< 3.8"}
typed-ast = { version = "^1.5.5", python = "< 3.8" }
hvac = "^1.1.1"
aws-requests-auth = "^0.4.3"
datadog-lambda = "^4.77.0"
Expand All @@ -89,7 +99,7 @@ tracer = ["aws-xray-sdk"]
all = ["pydantic", "aws-xray-sdk", "fastjsonschema", "aws-encryption-sdk"]
# allow customers to run code locally without emulators (SAM CLI, etc.)
aws-sdk = ["boto3"]
datadog=["datadog-lambda"]
datadog = ["datadog-lambda"]

[tool.poetry.group.dev.dependencies]
cfn-lint = "0.79.9"
Expand All @@ -99,10 +109,16 @@ httpx = ">=0.23.3,<0.25.0"
sentry-sdk = "^1.22.2"
ruff = ">=0.0.272,<0.0.288"
retry2 = "^0.9.5"
pytest-socket = "^0.6.0"

[tool.coverage.run]
source = ["aws_lambda_powertools"]
omit = ["tests/*", "aws_lambda_powertools/exceptions/*", "aws_lambda_powertools/utilities/parser/types.py", "aws_lambda_powertools/utilities/jmespath_utils/envelopes.py"]
omit = [
"tests/*",
"aws_lambda_powertools/exceptions/*",
"aws_lambda_powertools/utilities/parser/types.py",
"aws_lambda_powertools/utilities/jmespath_utils/envelopes.py",
]
branch = true

[tool.coverage.html]
Expand All @@ -112,26 +128,26 @@ title = "Powertools for AWS Lambda (Python) Test Coverage"
[tool.coverage.report]
fail_under = 90
exclude_lines = [
# Have to re-enable the standard pragma
"pragma: no cover",
# Have to re-enable the standard pragma
"pragma: no cover",

# Don't complain about missing debug-only code:
"def __repr__",
"if self.debug",
# Don't complain about missing debug-only code:
"def __repr__",
"if self.debug",

# Don't complain if tests don't hit defensive assertion code:
"raise AssertionError",
"raise NotImplementedError",
# Don't complain if tests don't hit defensive assertion code:
"raise AssertionError",
"raise NotImplementedError",

# Don't complain if non-runnable code isn't run:
"if 0:",
"if __name__ == .__main__.:",
# Don't complain if non-runnable code isn't run:
"if 0:",
"if __name__ == .__main__.:",

# Ignore runtime type checking
"if TYPE_CHECKING:",
# Ignore runtime type checking
"if TYPE_CHECKING:",

# Ignore type function overload
"@overload",
# Ignore type function overload
"@overload",
]

[tool.isort]
Expand Down Expand Up @@ -164,16 +180,16 @@ minversion = "6.0"
addopts = "-ra -vv"
testpaths = "./tests"
markers = [
"perf: marks perf tests to be deselected (deselect with '-m \"not perf\"')",
"perf: marks perf tests to be deselected (deselect with '-m \"not perf\"')",
]

# MAINTENANCE: Remove these lines when drop support to Pydantic v1
filterwarnings=[
filterwarnings = [
"ignore:.*The `parse_obj` method is deprecated*:DeprecationWarning",
"ignore:.*The `parse_raw` method is deprecated*:DeprecationWarning",
"ignore:.*load_str_bytes is deprecated*:DeprecationWarning",
"ignore:.*The `dict` method is deprecated; use `model_dump` instead*:DeprecationWarning",
"ignore:.*Pydantic V1 style `@validator` validators are deprecated*:DeprecationWarning"
"ignore:.*Pydantic V1 style `@validator` validators are deprecated*:DeprecationWarning",
]

[build-system]
Expand Down
23 changes: 23 additions & 0 deletions tests/functional/data_masking/conftest.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
from __future__ import annotations

from typing import Tuple

from pytest_socket import disable_socket


def pytest_runtest_setup():
"""Disable Unix and TCP sockets for Data masking tests"""
disable_socket()


class FakeEncryptionClient:
ENCRYPTION_HEADER = "test"

def encrypt(self, source: bytes | str, **kwargs) -> Tuple[bytes, str]:
if isinstance(source, str):
return source.encode(), self.ENCRYPTION_HEADER

return source, self.ENCRYPTION_HEADER

def decrypt(self, source: bytes, **kwargs) -> Tuple[bytes, str]:
return source, "dummy_decryption_header"
36 changes: 25 additions & 11 deletions tests/functional/data_masking/test_aws_encryption_sdk.py
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,32 @@
from __future__ import annotations

import pytest

from aws_lambda_powertools.utilities.data_masking.base import DataMasking
from aws_lambda_powertools.utilities.data_masking.providers.aws_encryption_sdk import AwsEncryptionSdkProvider
from tests.unit.data_masking.setup import *

AWS_SDK_KEY = "arn:aws:kms:us-west-2:683517028648:key/269301eb-81eb-4067-ac72-98e8e49bf2b3"
from aws_lambda_powertools.utilities.data_masking.providers.aws_encryption_sdk import (
AwsEncryptionSdkProvider,
)
from tests.functional.data_masking.conftest import FakeEncryptionClient
from tests.unit.data_masking.setup import (
aws_encrypted_with_fields,
data_types,
data_types_and_masks,
dict_fields,
dictionaries,
fields_to_mask,
json_blob,
json_dict,
masked_with_fields,
python_dict,
)


@pytest.fixture
def data_masker():
return DataMasking(provider=AwsEncryptionSdkProvider(keys=[AWS_SDK_KEY]))
def data_masker() -> DataMasking:
"""DataMasking using AWS Encryption SDK Provider with a fake client"""
fake_client = FakeEncryptionClient()
provider = AwsEncryptionSdkProvider(keys=["dummy"], client=fake_client)
return DataMasking(provider=provider)


@pytest.mark.parametrize("value, value_masked", data_types_and_masks)
Expand All @@ -36,7 +53,7 @@ def test_mask_with_fields(data_masker):


@pytest.mark.parametrize("value", data_types)
def test_encrypt_decrypt(value, data_masker):
def test_encrypt_decrypt(value, data_masker: DataMasking):
# GIVEN an instantiation of DataMasking with the AWS encryption provider

# WHEN encrypting and then decrypting the encrypted data
Expand All @@ -62,7 +79,4 @@ def test_encrypt_decrypt_with_fields(value, fields, data_masker):
print("json blob!!!!")
assert decrypted_data == value
else:
print("json_blob_fields!!!!")
assert decrypted_data == str(value)
print("decrypted_data:", decrypted_data)
print("aws_encrypted_with_fields:", aws_encrypted_with_fields)
assert decrypted_data == aws_encrypted_with_fields
12 changes: 4 additions & 8 deletions tests/performance/test_data_masking.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,6 @@
import pytest

from aws_lambda_powertools.utilities.data_masking.base import DataMasking
from aws_lambda_powertools.utilities.data_masking.providers.itsdangerous import (
ItsDangerousProvider,
)

DATA_MASKING_PACKAGE = "aws_lambda_powertools.utilities.data_masking"
DATA_MASKING_INIT_SLA: float = 0.002
Expand Down Expand Up @@ -58,16 +55,15 @@ def test_data_masking_init(benchmark):
pytest.fail(f"High level imports should be below {DATA_MASKING_INIT_SLA}s: {stat}")


def encrypt_json_blob():
data_masker = DataMasking(provider=ItsDangerousProvider("mykey"))
encrypted = data_masker.encrypt(json_blob, json_blob_fields)
data_masker.decrypt(encrypted, json_blob_fields)
def mask_json_blob():
data_masker = DataMasking()
data_masker.mask(json_blob, json_blob_fields)


@pytest.mark.perf
@pytest.mark.benchmark(group="core", disable_gc=True, warmup=False)
def test_data_masking_encrypt_with_json_blob(benchmark):
benchmark.pedantic(encrypt_json_blob)
benchmark.pedantic(mask_json_blob)
stat = benchmark.stats.stats.max
if stat > DATA_MASKING_NESTED_ENCRYPT_SLA:
pytest.fail(f"High level imports should be below {DATA_MASKING_NESTED_ENCRYPT_SLA}s: {stat}")