mirror of
https://bitbucket.org/atlassian/dc-deployments-automation.git
synced 2025-12-13 00:13:09 -06:00
CLIP-1583: Audited url open for permitted schemes and set autoscape to True to mitigate XSS vulnerabilities.
This commit is contained in:
nghazalibeiklar
@@ -16,6 +16,7 @@ def find_all_scenarios():
|
||||
def load_template():
|
||||
jenv = j2.Environment(
|
||||
loader=j2.FileSystemLoader('.'),
|
||||
autoescape=True,
|
||||
lstrip_blocks=True,
|
||||
trim_blocks=True)
|
||||
return jenv.get_template(PIPELINE_TEMPLATE_J2_FILE)
|
||||
|
||||
@@ -24,25 +24,28 @@ def test_version_file_is_latest(host):
|
||||
verfile = host.file('/media/atl/bitbucket/shared/bitbucket.version')
|
||||
assert verfile.exists
|
||||
|
||||
upstream_fd = urllib.request.urlopen("https://marketplace.atlassian.com/rest/2/products/key/bitbucket/versions")
|
||||
upstream_json = json.load(upstream_fd)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
upstream_req = urllib.request.Request("https://marketplace.atlassian.com/rest/2/products/key/bitbucket/versions")
|
||||
with urllib.request.urlopen(upstream_req) as upstream_response:
|
||||
upstream_json = json.load(upstream_response)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
|
||||
assert verfile.content.decode("UTF-8").strip() == upstream.strip()
|
||||
|
||||
def test_latest_is_downloaded(host):
|
||||
upstream_fd = urllib.request.urlopen("https://marketplace.atlassian.com/rest/2/products/key/bitbucket/versions")
|
||||
upstream_json = json.load(upstream_fd)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
upstream_req = urllib.request.Request("https://marketplace.atlassian.com/rest/2/products/key/bitbucket/versions")
|
||||
with urllib.request.urlopen(upstream_req) as upstream_response:
|
||||
upstream_json = json.load(upstream_response)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
|
||||
installer = host.file('/media/atl/downloads/bitbucket.' + upstream + '-x64.bin')
|
||||
assert installer.exists
|
||||
assert installer.user == 'root'
|
||||
|
||||
def test_completed_lockfile(host):
|
||||
upstream_fd = urllib.request.urlopen("https://marketplace.atlassian.com/rest/2/products/key/bitbucket/versions")
|
||||
upstream_json = json.load(upstream_fd)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
upstream_req = urllib.request.Request("https://marketplace.atlassian.com/rest/2/products/key/bitbucket/versions")
|
||||
with urllib.request.urlopen(upstream_req) as upstream_response:
|
||||
upstream_json = json.load(upstream_response)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
|
||||
lockfile = host.file('/media/atl/downloads/bitbucket.' + upstream + '-x64.bin_completed')
|
||||
assert lockfile.exists
|
||||
|
||||
@@ -24,25 +24,28 @@ def test_version_file_is_latest(host):
|
||||
verfile = host.file('/media/atl/confluence/shared-home/confluence.version')
|
||||
assert verfile.exists
|
||||
|
||||
upstream_fd = urllib.request.urlopen("https://marketplace.atlassian.com/rest/2/products/key/confluence/versions")
|
||||
upstream_json = json.load(upstream_fd)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
upstream_req = urllib.request.Request("https://marketplace.atlassian.com/rest/2/products/key/confluence/versions")
|
||||
with urllib.request.urlopen(upstream_req) as upstream_response:
|
||||
upstream_json = json.load(upstream_response)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
|
||||
assert verfile.content.decode("UTF-8").strip() == upstream.strip()
|
||||
|
||||
def test_latest_is_downloaded(host):
|
||||
upstream_fd = urllib.request.urlopen("https://marketplace.atlassian.com/rest/2/products/key/confluence/versions")
|
||||
upstream_json = json.load(upstream_fd)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
upstream_req = urllib.request.Request("https://marketplace.atlassian.com/rest/2/products/key/confluence/versions")
|
||||
with urllib.request.urlopen(upstream_req) as upstream_response:
|
||||
upstream_json = json.load(upstream_response)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
|
||||
installer = host.file('/media/atl/downloads/confluence.'+upstream+'-x64.bin')
|
||||
assert installer.exists
|
||||
assert installer.user == 'root'
|
||||
|
||||
def test_completed_lockfile(host):
|
||||
upstream_fd = urllib.request.urlopen("https://marketplace.atlassian.com/rest/2/products/key/confluence/versions")
|
||||
upstream_json = json.load(upstream_fd)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
upstream_req = urllib.request.Request("https://marketplace.atlassian.com/rest/2/products/key/confluence/versions")
|
||||
with urllib.request.urlopen(upstream_req) as upstream_response:
|
||||
upstream_json = json.load(upstream_response)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
|
||||
lockfile = host.file('/media/atl/downloads/confluence.'+upstream+'-x64.bin_completed')
|
||||
assert lockfile.exists
|
||||
|
||||
@@ -24,25 +24,28 @@ def test_version_file_is_latest(host):
|
||||
verfile = host.file('/media/atl/crowd/shared/crowd.version')
|
||||
assert verfile.exists
|
||||
|
||||
upstream_fd = urllib.request.urlopen("https://marketplace.atlassian.com/rest/2/products/key/crowd/versions")
|
||||
upstream_json = json.load(upstream_fd)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
upstream_req = urllib.request.Request("https://marketplace.atlassian.com/rest/2/products/key/crowd/versions")
|
||||
with urllib.request.urlopen(upstream_req) as upstream_response:
|
||||
upstream_json = json.load(upstream_response)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
|
||||
assert verfile.content.decode("UTF-8").strip() == upstream.strip()
|
||||
|
||||
def test_latest_is_downloaded(host):
|
||||
upstream_fd = urllib.request.urlopen("https://marketplace.atlassian.com/rest/2/products/key/crowd/versions")
|
||||
upstream_json = json.load(upstream_fd)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
upstream_req = urllib.request.Request("https://marketplace.atlassian.com/rest/2/products/key/crowd/versions")
|
||||
with urllib.request.urlopen(upstream_req) as upstream_response:
|
||||
upstream_json = json.load(upstream_response)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
|
||||
installer = host.file('/media/atl/downloads/crowd.' + upstream + '.tar.gz')
|
||||
assert installer.exists
|
||||
assert installer.user == 'root'
|
||||
|
||||
def test_completed_lockfile(host):
|
||||
upstream_fd = urllib.request.urlopen("https://marketplace.atlassian.com/rest/2/products/key/crowd/versions")
|
||||
upstream_json = json.load(upstream_fd)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
upstream_req = urllib.request.Request("https://marketplace.atlassian.com/rest/2/products/key/crowd/versions")
|
||||
with urllib.request.urlopen(upstream_req) as upstream_response:
|
||||
upstream_json = json.load(upstream_response)
|
||||
upstream = upstream_json['_embedded']['versions'][0]['name']
|
||||
|
||||
lockfile = host.file('/media/atl/downloads/crowd.' + upstream + '.tar.gz_completed')
|
||||
assert lockfile.exists
|
||||
|
||||
Reference in New Issue
Block a user