openstack/oslo.serialization
Code Issues Proposed changes

Introduce a base yaml parser for all openstack components

Browse Source 
A lot of openstack components like:
- solum
- tosca-parser
- heat
- murano
- etc...

reimplement theirs own yaml parser for loading and dumping.

These implementations sometimes forgot to use a safe loader
or safe dumper, our implementation use safe by default.

You can deactive safe by passing the argument is_safe to false when
you call oslo_serialization.yamlutils.load or oslo_serialization.yamlutils.dump.

Change-Id: I63e85a2b4fc999e6acac12ae51c2ab8c64bddbc6
Co-Authored-By: Natal Ngétal <hobbestigrou@erakis.eu>
This commit is contained in:
Hervé Beraud 2018-11-16 11:27:11 +01:00
parent d67f88623b
commit 35dae9c288
3 changed files with 172 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

85
oslo_serialization/tests/test_yamlutils.py Normal file
View File

@ -0,0 +1,85 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
import os
import tempfile
import textwrap
import uuid
from oslotest import base
from oslo_serialization import yamlutils as yaml
class BehaviorTestCase(base.BaseTestCase):
def test_loading(self):
payload = textwrap.dedent('''
- foo: bar
- list:
- [one, two]
- {check: yaml, in: test}
''')
expected = [
{'foo': 'bar'},
{'list': None},
['one', 'two'],
{'check': 'yaml', 'in': 'test'}
]
loaded = yaml.load(payload)
self.assertEqual(loaded, expected)
def test_loading_with_unsafe(self):
payload = textwrap.dedent('''
!!python/object/apply:os.system ['echo "hello"']
''')
loaded = yaml.load(payload, is_safe=False)
expected = 0
self.assertEqual(loaded, expected)
def test_dumps(self):
payload = [
{'foo': 'bar'},
{'list': None},
['one', 'two'],
{'check': 'yaml', 'in': 'test'}
]
dumped = yaml.dumps(payload)
expected = textwrap.dedent('''\
- {foo: bar}
- {list: null}
- [one, two]
- {check: yaml, in: test}
''')
self.assertEqual(dumped, expected)
def test_dump(self):
payload = [
{'foo': 'bar'},
{'list': None},
['one', 'two'],
{'check': 'yaml', 'in': 'test'}
]
tmpfile = os.path.join(tempfile.gettempdir(), str(uuid.uuid4()))
with open(tmpfile, 'w+') as fp:
yaml.dump(payload, fp)
with open(tmpfile, 'r') as fp:
file_content = fp.read()
expected = textwrap.dedent('''\
- foo: bar
- list: null
- - one
- two
- check: yaml
in: test
''')
self.assertEqual(file_content, expected)

86
oslo_serialization/yamlutils.py Normal file
View File

@ -0,0 +1,86 @@
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
"""YAML related utilities.
The main goal of this module is to standardize yaml management inside
openstack. This module reduce technical debt by avoiding re-implementations
of yaml manager in all the openstack projects.
Use this module inside openstack projects to handle yaml securely and properly.
"""
import yaml
def load(stream, is_safe=True):
"""Converts a YAML document to a Python object.
:param stream: the YAML document to convert into a Python object. Accepts
a byte string, a Unicode string, an open binary file object,
or an open text file object.
:param is_safe: Turn off safe loading. True by default and only load
standard YAML. This option can be turned off by
passing ``is_safe=False`` if you need to load not only
standard YAML tags or if you need to construct an
arbitrary python object.
Stream specifications:
* An empty stream contains no documents.
* Documents are separated with ``---``.
* Documents may optionally end with ``...``.
* A single document may or may not be marked with ``---``.
Parses the given stream and returns a Python object constructed
from the first document in the stream. If there are no documents
in the stream, it returns None.
"""
yaml_loader = yaml.Loader
if is_safe:
if hasattr(yaml, 'CSafeLoader'):
yaml_loader = yaml.CSafeLoader
else:
yaml_loader = yaml.SafeLoader
return yaml.load(stream, yaml_loader) # nosec B506
def dumps(obj, is_safe=True):
"""Converts a Python object to a YAML document.
:param obj: python object to convert into YAML representation.
:param is_safe: Turn off safe dumping.
Serializes the given Python object to a string and returns that string.
"""
yaml_dumper = yaml.Dumper
if is_safe:
if hasattr(yaml, 'CSafeDumper'):
yaml_dumper = yaml.CSafeDumper
else:
yaml_dumper = yaml.SafeDumper
return yaml.dump(obj, Dumper=yaml_dumper)
def dump(obj, fp, is_safe=True):
"""Converts a Python object as a YAML document to ``fp``.
:param obj: python object to convert into YAML representation.
:param fp: a ``.write()``-supporting file-like object
:param is_safe: Turn off safe dumping.
"""
yaml_dumper = yaml.Dumper
if is_safe:
if hasattr(yaml, 'CSafeDumper'):
yaml_dumper = yaml.CSafeDumper
else:
yaml_dumper = yaml.SafeDumper
return yaml.dump(obj, fp, default_flow_style=False, Dumper=yaml_dumper)

1
requirements.txt
View File

@ -12,3 +12,4 @@ six>=1.10.0 # MIT
msgpack>=0.5.2 # Apache-2.0
oslo.utils>=3.33.0 # Apache-2.0
pytz>=2013.6 # MIT
PyYAML>=3.12 # MIT