Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
M
MetObsAPI
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Package Registry
Container Registry
Model registry
Operate
Environments
Terraform modules
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
MetObs
MetObsAPI
Commits
37df277b
Verified
Commit
37df277b
authored
2 years ago
by
David Hoese
Browse files
Options
Downloads
Patches
Plain Diff
Fix bandit issues
parent
78357b50
No related branches found
No related tags found
No related merge requests found
Changes
3
Hide whitespace changes
Inline
Side-by-side
Showing
3 changed files
metobsapi/common_config.py
+4
-2
4 additions, 2 deletions
metobsapi/common_config.py
metobsapi/data_api.py
+3
-1
3 additions, 1 deletion
metobsapi/data_api.py
metobsapi/server.py
+10
-6
10 additions, 6 deletions
metobsapi/server.py
with
17 additions
and
9 deletions
metobsapi/common_config.py
+
4
−
2
View file @
37df277b
...
...
@@ -2,7 +2,8 @@ JSONIFY_PRETTYPRINT_REGULAR = False
if
"
SECRET_KEY
"
not
in
globals
():
# we don't do anything with cookies or sessions, set this somewhere secret in the future
SECRET_KEY
=
"
secret!
"
# Security: This is expected to be overwritten either via environment variable or sub-configuration
SECRET_KEY
=
"
secret!
"
# nosec B105
ARCHIVE_ROOT
=
"
/data1/cache
"
ARCHIVE_URL
=
"
http://metobs.ssec.wisc.edu/pub/cache
"
...
...
@@ -11,5 +12,6 @@ ARCHIVE_URL = "http://metobs.ssec.wisc.edu/pub/cache"
INFLUXDB_HOST
=
"
rain01
"
INFLUXDB_PORT
=
8086
INFLUXDB_USER
=
"
root
"
INFLUXDB_PASS
=
"
root
"
# Security: This is expected to be overwritten either via environment variable or sub-configuration
INFLUXDB_PASS
=
"
root
"
# nosec B105
INFLUXDB_DB
=
"
metobs
"
This diff is collapsed.
Click to expand it.
metobsapi/data_api.py
+
3
−
1
View file @
37df277b
import
logging
from
datetime
import
datetime
,
timedelta
from
xml.dom.minidom
import
Document
# Security: Document is only used for creating an XML document, not parsing one
from
xml.dom.minidom
import
Document
# nosec B408
import
numpy
as
np
import
pandas
as
pd
...
...
This diff is collapsed.
Click to expand it.
metobsapi/server.py
+
10
−
6
View file @
37df277b
import
json
as
builtin_json
import
logging
import
os
import
sys
from
datetime
import
datetime
from
enum
import
Enum
from
urllib.error
import
URLError
...
...
@@ -18,10 +19,10 @@ LOG = logging.getLogger(__name__)
app
=
Flask
(
__name__
)
# Load custom configuration file is specified
if
os
.
environ
.
get
(
"
METOBSAPI_SETTINGS
"
)
is
None
:
app
.
config
.
from_object
(
"
metobsapi.common_config
"
)
else
:
app
.
config
.
from_object
(
"
metobsapi.common_config
"
)
if
os
.
environ
.
get
(
"
METOBSAPI_SETTINGS
"
)
is
not
None
:
app
.
config
.
from_pyfile
(
os
.
environ
.
get
(
"
METOBSAPI_SETTINGS
"
))
app
.
config
.
from_prefixed_env
(
prefix
=
"
METOBSAPI
"
)
# Load json handler and add custom enum encoder
...
...
@@ -163,14 +164,16 @@ def get_instrument_status(site, inst=None, fmt=None):
json_subpath
=
os
.
path
.
join
(
site
,
inst
,
"
status.json
"
)
# try to load the JSON file from the archive
if
not
os
.
path
.
exists
(
app
.
config
.
get
(
"
ARCHIVE_ROOT
"
)):
if
not
os
.
path
.
isfile
(
app
.
config
.
get
(
"
ARCHIVE_ROOT
"
))
and
app
.
config
.
get
(
"
ARCHIVE_ROOT
"
)
.
startswith
(
"
http
"
):
LOG
.
warning
(
"
Using URL request for status JSON, not meant for operational use
"
)
# we aren't on a system with the archive available, fall back to URL
# loads directly to the archive
base_url
=
app
.
config
.
get
(
"
ARCHIVE_URL
"
)
json_url
=
os
.
path
.
join
(
base_url
,
json_subpath
)
try
:
json_str
=
urlopen
(
json_url
).
read
()
# Security: We check to ensure this is an HTTP URL as a base URL.
# The server configuration is also the one setting what the root URL is.
json_str
=
urlopen
(
json_url
).
read
()
# nosec B310
except
URLError
:
response
[
"
status_message
"
]
=
"
Could not retrieve configured status: {}
"
.
format
(
json_url
)
json_str
=
None
...
...
@@ -196,4 +199,5 @@ def get_instrument_status(site, inst=None, fmt=None):
if
__name__
==
"
__main__
"
:
app
.
debug
=
True
app
.
run
(
"
0.0.0.0
"
,
threaded
=
True
)
bind_addr
=
"
0.0.0.0
"
if
len
(
sys
.
argv
)
<=
1
else
sys
.
argv
[
0
]
# nosec B104
app
.
run
(
bind_addr
,
threaded
=
True
)
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment