[stable-2.16] Fix direct S3 link in integration tests (#86464) (#86468)

Also add a sanity test to prevent similar issues in the future. (cherry picked from commit b1bc1e2513)
4 months ago · 49cfc59d3a
parent a0f555420f
commit 49cfc59d3a
3 changed files with 32 additions and 1 deletions
--- a/test/integration/targets/dnf/vars/main.yml
+++ b/test/integration/targets/dnf/vars/main.yml
@ -3,4 +3,4 @@ dnf_log_files:
    - /var/log/dnf.rpm.log
    - /var/log/dnf.librepo.log

-skip_broken_repo_baseurl: "https://ansible-ci-files.s3.amazonaws.com/test/integration/targets/dnf/skip-broken/RPMS/"
+skip_broken_repo_baseurl: "https://ci-files.testing.ansible.com/test/integration/targets/dnf/skip-broken/RPMS/"
--- a/test/sanity/code-smell/no-s3.json
+++ b/test/sanity/code-smell/no-s3.json
@ -0,0 +1,4 @@
+{
+    "text": true,
+    "output": "path-line-column-message"
+}
--- a/test/sanity/code-smell/no-s3.py
+++ b/test/sanity/code-smell/no-s3.py
@ -0,0 +1,27 @@
+"""
+Disallow direct linking to S3 buckets.
+S3 buckets should be accessed through a CloudFront distribution.
+"""
+
+from __future__ import annotations
+
+import re
+import sys
+
+
+def main():
+    """Main entry point."""
+    for path in sys.argv[1:] or sys.stdin.read().splitlines():
+        with open(path, 'rb') as path_fd:
+            for line, b_text in enumerate(path_fd.readlines()):
+                try:
+                    text = b_text.decode()
+                except UnicodeDecodeError:
+                    continue
+
+                if match := re.search(r'(http.*?s3\..*?amazonaws\.com)', text):
+                    print(f'{path}:{line + 1}:{match.start(1) + 1}: use a CloudFront distribution instead of an S3 bucket: {match.group(1)}')
+
+
+if __name__ == '__main__':
+    main()