Switch CASDA to QueryWithLogin #2386
Conversation
Codecov Report
@@ Coverage Diff @@
## main #2386 +/- ##
==========================================
- Coverage 62.87% 62.83% -0.05%
==========================================
Files 133 133
Lines 17246 17264 +18
==========================================
+ Hits 10844 10848 +4
- Misses 6402 6416 +14
📣 Codecov can now indicate which changes are the most critical in Pull Requests. Learn more |
| 'and CASDA_PASSWD environment variables)') | ||
| def test_stage_data(self): | ||
| 'and CASDA_PASSWD environment variables or password in keyring)') | ||
| def test_stage_data(self, cached_credentials): |
There was a problem hiding this comment.
I've shown two approaches to credentials for the remote tests. However there is no keyring backend on the CI server, so I am thinking of removing this approach based around the keyring.
There was a problem hiding this comment.
If there is any "test" user that we could use, I'm happy to set up github tokens that the CI will have access to. But that definitely seems to be something beyond this PR, so any approach that works for now sounds good on my end (e.g. you have real login credentials and say that these tests pass, I'm happy with it).
There was a problem hiding this comment.
I've run these tests with real credentials and they pass. These remote tests now require the keyring so they can't be run on the github CI environment.
| return self._complete_job(job_url, verbose) | ||
|
|
||
| def cutout(self, table, *, coordinates=None, radius=None, height=None, | ||
| def cutout(self, table, *, coordinates=None, radius=1*u.arcmin, height=None, |
There was a problem hiding this comment.
I think this was accidentally pulled in with one of the merge commits, please rebase to get rid of those and any unrelated changes.
There was a problem hiding this comment.
The commit was intentional - just cleaning up a minor aspect that was missed in the last PR
| 'and CASDA_PASSWD environment variables)') | ||
| def test_stage_data(self): | ||
| 'and CASDA_PASSWD environment variables or password in keyring)') | ||
| def test_stage_data(self, cached_credentials): |
There was a problem hiding this comment.
If there is any "test" user that we could use, I'm happy to set up github tokens that the CI will have access to. But that definitely seems to be something beyond this PR, so any approach that works for now sounds good on my end (e.g. you have real login credentials and say that these tests pass, I'm happy with it).
astroquery/casda/core.py
Outdated
| self._authenticated = False | ||
|
|
||
| def _login(self, *, username=None, store_password=False, | ||
| reenter_password=False, password=None): |
There was a problem hiding this comment.
I'm a bit torn here as we're not at all consistent in the library as a whole, but having the password in the signature seems a bit of a counter-effective of security. I think I best like how the alma module is set up in this regard. What do you all think, am I just overly cautious?
There was a problem hiding this comment.
I added the password param to allow testing of the login as there is no keyring backend in the CI environment. I couldn't see anyone else testing the login path. I agree the password param should not be used by other users, so perhaps either a "For testing use only" note in the method's docstring, or hiding it in a **kwargs would be better?
There was a problem hiding this comment.
👎 to explicit password argument in API. Might as well set up the backend to handle anonymous login without a password, or enable a more secure way (encrypted token) for the CI. Or just not test this at all in the CI and set up something private server-side to test this securely.
There was a problem hiding this comment.
Backend changes are out of scope for this piece of work unfortunately. I've removed the password parameter and the tests for the login code. For the other test code which requires login I have added a utility to simulate the login result.
There was a problem hiding this comment.
A consequence of removing the tests relying on the password parameter is that I can't achieve the code coverage target, so the CodeCov checks will fail unfortunately. The untested code occurs after the call to the keyring which would fail as there is no keyring backend in the GitHub CI environment.
There was a problem hiding this comment.
yeah, no worries about the coverage test, those are not run with remote-data anyway, so always show a much smaller percentage as the reality.
I'll open a follow-up issue to get a backend installed in the VM, it shouldn't be too hard (though populating it may not be trivial).
astroquery/casda/tests/test_casda.py
Outdated
| with pytest.raises(LoginError) as excinfo: | ||
| Casda.login() | ||
|
|
||
| assert "If you do not pass a username to login()," in str(excinfo.value) |
There was a problem hiding this comment.
| with pytest.raises(LoginError) as excinfo: | |
| Casda.login() | |
| assert "If you do not pass a username to login()," in str(excinfo.value) | |
| with pytest.raises(LoginError, match=r"If you do not pass a username to login\(\),") as excinfo: | |
| Casda.login() |
There was a problem hiding this comment.
I've made this change for all exception tests
|
I'm sorry for merging the conflicting PR before this one, I missed noticing that it will cause issues. However, I'll go ahead and rebase this before merge to get a clear, linear history instead of the 3 merges. |
bsipocz
force-pushed
the
CASDA-Use-QueryWithLogin
branch
from
ed57149 to
95b41d1
Compare
|
(It looks like the email address you did these commits are not recognized by github, thus the weird avatar listing on them. In the git history, they all look good, with you as the author. I guess your avatar would also come up if you were to add that other email address to your GH account (you can have multiple ones associated)). |
Thanks for letting me know. I've corrected it locally now but will also update my GH account. |
bsipocz
left a comment
bsipocz
left a comment
There was a problem hiding this comment.
The remaining follow-up item requires to get keyring work on CI, so I would not hold this up any longer.
|
When running the tests with I'll look into installing a keyring backend to CI, but that should not hold this one up. |
|
Thank you @jd-au! |
|
Once the keyring backend is installed I'll be able to use the Thanks @bsipocz |
4 participants
This replaces the custom login in CASDA with use of QueryWithLogin.