From 7f2fbceb73b1f476e19a6a613f639f81fae76916 Mon Sep 17 00:00:00 2001 From: Peter Ruan Date: Fri, 9 May 2025 23:12:41 -0700 Subject: [PATCH] OCPQE-29628 --- features/step_definitions/cli.rb | 9 +++---- features/step_definitions/pv.rb | 4 +-- features/step_definitions/pvc.rb | 4 +-- features/step_definitions/scc.rb | 2 +- features/step_definitions/storage_class.rb | 26 ++++++++++---------- features/step_definitions/volume_snapshot.rb | 2 +- features/step_definitions/web.rb | 2 +- lib/configuration.rb | 4 +-- lib/openshift/cluster_resource.rb | 2 +- lib/openshift/project_resource.rb | 4 +-- lib/rules_common.rb | 2 +- lib/webauto/webconsole_executor.rb | 2 +- test/lib/launchers/o_c_m_cluster_test.rb | 2 +- tools/launch_instance.rb | 2 +- tools/polarshift.rb | 2 +- tools/stompbus/stompbuscli.rb | 6 ++--- tools/tcms_query.rb | 2 +- 17 files changed, 38 insertions(+), 39 deletions(-) diff --git a/features/step_definitions/cli.rb b/features/step_definitions/cli.rb index a7e5851766..77d258cdb3 100644 --- a/features/step_definitions/cli.rb +++ b/features/step_definitions/cli.rb @@ -66,9 +66,9 @@ When /^I run oc create( as admin)? (?:over|with) #{QUOTED} replacing paths:$/ do |admin, file, table| if file.include? '://' step %Q|I download a file from "#{file}"| - resource_hash = YAML.load(@result[:response]) + resource_hash = YAML.load(@result[:response], aliases: true, permitted_classes: [Symbol, Regexp]) else - resource_hash = YAML.load_file(expand_path(file)) + resource_hash = YAML.safe_load_file(expand_path(file), aliases: true, permitted_classes: [Symbol, Regexp]) end # replace paths from table @@ -91,9 +91,9 @@ When /^I run oc replace( as admin)? (?:over|with) #{QUOTED} replacing paths:$/ do |admin, file, table| if file.include? '://' step %Q|I download a file from "#{file}"| - resource_hash = YAML.load(@result[:response]) + resource_hash = YAML.load(@result[:response], aliases: true, permitted_classes: [Symbol, Regexp]) else - resource_hash = YAML.load_file(expand_path(file)) + resource_hash = YAML.safe_load_file(expand_path(file), aliases: true, permitted_classes: [Symbol, Regexp]) end # replace paths from table @@ -263,4 +263,3 @@ end end end - diff --git a/features/step_definitions/pv.rb b/features/step_definitions/pv.rb index e498e8e31f..fa1188f1db 100644 --- a/features/step_definitions/pv.rb +++ b/features/step_definitions/pv.rb @@ -149,9 +149,9 @@ if location.include? '://' step %Q/I download a file from "#{location}"/ - pv_hash = YAML.load @result[:response] + pv_hash = YAML.load @result[:response], aliases: true, permitted_classes: [Symbol, Regexp] else - pv_hash = YAML.load_file location + pv_hash = YAML.safe_load_file location, aliases: true, permitted_classes: [Symbol, Regexp] end # use random name to avoid interference diff --git a/features/step_definitions/pvc.rb b/features/step_definitions/pvc.rb index b6b289e356..75c8277cd5 100644 --- a/features/step_definitions/pvc.rb +++ b/features/step_definitions/pvc.rb @@ -69,9 +69,9 @@ When /^I create a (manual|dynamic) pvc from #{QUOTED} replacing paths:$/ do |type, file, table| if file.include? '://' step %Q|I download a file from "#{file}"| - resource_hash = YAML.load(@result[:response]) + resource_hash = YAML.load(@result[:response], aliases: true, permitted_classes: [Symbol, Regexp]) else - resource_hash = YAML.load_file(expand_path(file)) + resource_hash = YAML.safe_load_file(expand_path(file), aliases: true, permitted_classes: [Symbol, Regexp]) end # replace paths from table diff --git a/features/step_definitions/scc.rb b/features/step_definitions/scc.rb index ad9768d19c..2613de65ef 100644 --- a/features/step_definitions/scc.rb +++ b/features/step_definitions/scc.rb @@ -13,7 +13,7 @@ raise "no policy template found: #{path}" unless File.exist?(path) ## figure out policy name for clean-up - policy_name = YAML.load_file(path)["metadata"]["name"] + policy_name = YAML.safe_load_file(path, aliases: true, permitted_classes: [Symbol, Regexp])["metadata"]["name"] raise "no policy name in template" unless policy_name @result = admin.cli_exec(:create, f: path) diff --git a/features/step_definitions/storage_class.rb b/features/step_definitions/storage_class.rb index df994473a4..f31c9eac82 100755 --- a/features/step_definitions/storage_class.rb +++ b/features/step_definitions/storage_class.rb @@ -8,9 +8,9 @@ if location.include? '://' step %Q/I download a file from "#{location}"/ - sc_hash = YAML.load @result[:response] + sc_hash = YAML.load @result[:response], aliases: true, permitted_classes: [Symbol, Regexp] else - sc_hash = YAML.load_file location + sc_hash = YAML.safe_load_file location, aliases: true, permitted_classes: [Symbol, Regexp] end # use random name to avoid interference @@ -235,11 +235,11 @@ ensure_admin_tagged project_name = project.name - platform = infrastructure('cluster').platform.downcase + platform = infrastructure('cluster').platform.downcase case platform when 'aws' provisioner = 'aws-ebs' - when 'gcp' + when 'gcp' provisioner = 'gce-pd' when 'azure' provisioner = 'azure-disk' @@ -252,9 +252,9 @@ skip_this_scenario end - # load file + # load file file = "#{BushSlicer::HOME}/testdata/storage/misc/in-tree-storageClass-template.yaml" - sc_hash = YAML.load_file file + sc_hash = YAML.safe_load_file file, aliases: true, permitted_classes: [Symbol, Regexp] # replace paths from table sc_hash["parameters"] ||= {} @@ -263,22 +263,22 @@ end # After CSI Migration the default volumeType change to 'gp3', but most aws local zones nodes don't support gp3 type volume - if platform == "aws" + if platform == "aws" sc_hash["parameters"]["type"] = "gp2" end # if no volumeBindingMode exists in tc, we need to pass vSphere=Immediate, others=WaitForFirstConsumer if !sc_hash.dig("volumeBindingMode") - if platform == "vsphere" - sc_hash["volumeBindingMode"] = "Immediate" - else + if platform == "vsphere" + sc_hash["volumeBindingMode"] = "Immediate" + else sc_hash["volumeBindingMode"] = "WaitForFirstConsumer" end end - # replace the provisioner value according to platform wise + # replace the provisioner value according to platform wise sc_hash["provisioner"] = "kubernetes.io/#{provisioner}" - + logger.info("Creating StorageClass:\n#{sc_hash.to_yaml}") @result = BushSlicer::StorageClass.create(by: admin, spec: sc_hash) @@ -292,7 +292,7 @@ else logger.error(@result[:response]) raise "failed to clone StorageClass from: #{src_sc}" - end + end end Given(/^default storage class exists$/) do diff --git a/features/step_definitions/volume_snapshot.rb b/features/step_definitions/volume_snapshot.rb index c2d3e7c166..d3f747d71f 100755 --- a/features/step_definitions/volume_snapshot.rb +++ b/features/step_definitions/volume_snapshot.rb @@ -28,7 +28,7 @@ raise "No volumesnapshot template for #{iaas_type} platform" end - resource_hash = YAML.load_file file + resource_hash = YAML.safe_load_file file, aliases: true, permitted_classes: [Symbol, Regexp] # replace paths from table table.raw.each do |path, value| eval "resource_hash#{path} = value" diff --git a/features/step_definitions/web.rb b/features/step_definitions/web.rb index 571398bfd3..cbaa5a30d7 100644 --- a/features/step_definitions/web.rb +++ b/features/step_definitions/web.rb @@ -71,7 +71,7 @@ ] browser_opts.any? do |file| if File.exist? file - init_params.merge! YAML.load_file(file) + init_params.merge! YAML.safe_load_file(file, aliases: true, permitted_classes: [Symbol, Regexp]) end end if conf[:browser] diff --git a/lib/configuration.rb b/lib/configuration.rb index ef7ddedb80..c83501bcb3 100644 --- a/lib/configuration.rb +++ b/lib/configuration.rb @@ -25,7 +25,7 @@ def initialize(opts = {}) end def load_file(config_file) - config = YAML.load_file(config_file) + config = YAML.safe_load_file(config_file, aliases: true, permitted_classes: [Symbol, Regexp]) end ## return full raw configuration @@ -37,7 +37,7 @@ def raw # merge config from environment if present if ENV["BUSHSLICER_CONFIG"] && !ENV["BUSHSLICER_CONFIG"].strip.empty? - raw_configs << YAML.load(ENV["BUSHSLICER_CONFIG"]) + raw_configs << YAML.safe_load(ENV["BUSHSLICER_CONFIG"], aliases: true, permitted_classes: [Symbol, Regexp]) end # merge all config files diff --git a/lib/openshift/cluster_resource.rb b/lib/openshift/cluster_resource.rb index 70b41542a6..1ae37ace5c 100644 --- a/lib/openshift/cluster_resource.rb +++ b/lib/openshift/cluster_resource.rb @@ -33,7 +33,7 @@ def default_user(user=nil, optional: false) def self.create(by:, spec:, **opts) if spec.kind_of? String # assume a file path (TODO: be more intelligent) - spec = YAML.load_file(spec) + spec = YAML.safe_load_file(spec, aliases: true, permitted_classes: [Symbol, Regexp]) end name = spec["metadata"]["name"] || raise("no name specified for resource") init_opts = {name: name, env: by.env} diff --git a/lib/openshift/project_resource.rb b/lib/openshift/project_resource.rb index 0707d68e60..5c3178fe0e 100644 --- a/lib/openshift/project_resource.rb +++ b/lib/openshift/project_resource.rb @@ -41,9 +41,9 @@ def self.create(by:, project:, spec:, **opts) # assume a file path (TODO: be more intelligent) case spec when %r{https?://} - spec = YAML.load(Http.get(url: spec, raise_on_error: true)[:response]) + spec = YAML.load(Http.get(url: spec, raise_on_error: true)[:response], aliases: true, permitted_classes: [Symbol, Regexp]) else - spec = YAML.load_file(spec) + spec = YAML.safe_load_file(spec, aliases: true, permitted_classes: [Symbol, Regexp]) end end name = spec["metadata"]["name"] diff --git a/lib/rules_common.rb b/lib/rules_common.rb index 99b1e2bc7e..b2d51db763 100644 --- a/lib/rules_common.rb +++ b/lib/rules_common.rb @@ -7,7 +7,7 @@ def self.load(*sources) return sources.flatten.reduce({}) { |rules, source| if source.kind_of? Hash elsif File.file? source - source = YAML.load_file source + source = YAML.safe_load_file source, aliases: true, permitted_classes: [Symbol, Regexp] elsif File.directory? source files = [] if source.end_with? "/" diff --git a/lib/webauto/webconsole_executor.rb b/lib/webauto/webconsole_executor.rb index a8004ce6c8..850b20c3b3 100644 --- a/lib/webauto/webconsole_executor.rb +++ b/lib/webauto/webconsole_executor.rb @@ -62,7 +62,7 @@ def executor(user) if File.exist? browser_opts_overrides_file logger.debug "recreating web console browser for user #{user.name}" \ "using overrides from '#{browser_opts_overrides_file}'" - browser_opts_overrides = YAML.load_file browser_opts_overrides_file + browser_opts_overrides = YAML.safe_load_file browser_opts_overrides_file, aliases: true, permitted_classes: [Symbol, Regexp] browser_opts.merge! browser_opts_overrides e.finalize e = @executors[user.name] = Web4Cucumber.new(**browser_opts) diff --git a/test/lib/launchers/o_c_m_cluster_test.rb b/test/lib/launchers/o_c_m_cluster_test.rb index 41852f6246..4f56817c29 100644 --- a/test/lib/launchers/o_c_m_cluster_test.rb +++ b/test/lib/launchers/o_c_m_cluster_test.rb @@ -183,7 +183,7 @@ def test_creating_osd ocm = BushSlicer::OCMCluster.new(options) ocm.create_osd("osd4-001") ocpinfo_file = File.join(BushSlicer::Host.localhost.workdir, 'install-dir', 'OCPINFO.yml') - ocpinfo = YAML.load_file(ocpinfo_file) + ocpinfo = YAML.safe_load_file(ocpinfo_file, aliases: true, permitted_classes: [Symbol, Regexp]) assert_equal('osd4-001.w95o.s1.foo.com', ocpinfo['ocp_domain']) assert_equal('https://console-openshift-console.apps.osd4-001.w95o.s1.foo.com', ocpinfo['ocp_console_url']) assert_equal('https://api.osd4-001.w95o.s1.foo.com:6443', ocpinfo['ocp_api_url']) diff --git a/tools/launch_instance.rb b/tools/launch_instance.rb index 7c44ce1cf2..ba7e8860f6 100755 --- a/tools/launch_instance.rb +++ b/tools/launch_instance.rb @@ -62,7 +62,7 @@ def run "the template launcher" c.action do |args, options| say 'terminating..' - terminate(YAML.load_file args[0]) + terminate(YAML.safe_load_file args[0], aliases: true, permitted_classes: [Symbol, Regexp]) end end diff --git a/tools/polarshift.rb b/tools/polarshift.rb index b8ebf8c11e..3932ea5de6 100755 --- a/tools/polarshift.rb +++ b/tools/polarshift.rb @@ -205,7 +205,7 @@ def run test_run_id = args.first if options.testcase_file - new_status = YAML.load_file(File.expand_path(options.testcase_file)) + new_status = YAML.safe_load_file(File.expand_path(options.testcase_file), aliases: true, permitted_classes: [Symbol, Regexp]) else new_status = options.status new_status ||= 'Waiting' diff --git a/tools/stompbus/stompbuscli.rb b/tools/stompbus/stompbuscli.rb index 9c7ba1288f..1c61128e96 100755 --- a/tools/stompbus/stompbuscli.rb +++ b/tools/stompbus/stompbuscli.rb @@ -55,7 +55,7 @@ def run setup_global_opts(options) if options.file - msg = YAML.load_file options.file + msg = YAML.safe_load_file options.file, aliases: true, permitted_classes: [Symbol, Regexp] msg[:body] = msg[:body].to_json unless String === msg[:body] elsif options.message msg = { body: options.message } @@ -66,9 +66,9 @@ def run end if options.header - msg[:header] = YAML.load options.header + msg[:header] = YAML.safe_load options.header, aliases: true, permitted_classes: [Symbol, Regexp] elsif ENV["STOMP_HEADER"] && !ENV["STOMP_HEADER"].strip.empty? - msg[:header] = YAML.load ENV["STOMP_HEADER"] + msg[:header] = YAML.safe_load ENV["STOMP_HEADER"], aliases: true, permitted_classes: [Symbol, Regexp] else msg[:header] = {} end diff --git a/tools/tcms_query.rb b/tools/tcms_query.rb index 7f8b4a3359..3ad9c42779 100755 --- a/tools/tcms_query.rb +++ b/tools/tcms_query.rb @@ -190,7 +190,7 @@ def report_query_result(options) table.head = ['case_id', 'summary', 'ruby script', 'auto_by'] query_file = options.query - params = YAML.load_file(query_file) + params = YAML.safe_load_file(query_file, aliases: true, permitted_classes: [Symbol, Regexp]) params_hash = BushSlicer::Collections.hash_symkeys(params['filters']) # translate tag names into ids