refactor(examples): fix issues reported by SonarCloud and Scorecard (#5315)

leandrodamascena · web-flow · commit 174f26f22eeb · 2024-10-07T09:35:45.000+01:00
* Fixing problems with Sonar + Scorecard

* Fixing gh action
diff --git a/.github/workflows/layer_rename.yml b/.github/workflows/layer_rename.yml
@@ -16,27 +16,29 @@ on:
         options:
           - beta
           - prod
-        default: Gamma
+        default: beta
         required: true
       version:
         description: Layer version to duplicate
-        type: number
+        type: string
         required: true
   workflow_call:
     inputs:
       environment:
         description: Deployment environment
         type: string
-        default: Gamma
         required: true
       version:
         description: Layer version to duplicate
-        type: number
+        type: string
         required: true
 
 name: Layer Rename
 run-name: Layer Rename - ${{ inputs.environment }}
 
+permissions:
+  contents: read
+
 jobs:
   download:
     runs-on: ubuntu-latest
@@ -136,7 +138,7 @@ jobs:
       - name: Verify Layer Signature
         run: |
           SHA=$(jq -r '.Content.CodeSha256' ${{ matrix.layer }}_x86_64.json)
-          test $(openssl dgst -sha256 -binary ${{ matrix.layer }}_x86_64.zip | openssl enc -base64) == $SHA && echo "SHA OK: ${SHA}" || exit 1 
+          test $(openssl dgst -sha256 -binary ${{ matrix.layer }}_x86_64.zip | openssl enc -base64) == $SHA && echo "SHA OK: ${SHA}" || exit 1
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2
         with:
@@ -158,4 +160,4 @@ jobs:
               --statement-id 'PublicLayer' \
               --action lambda:GetLayerVersion \
               --principal '*' \
-              --version-number 
+              --version-number
diff --git a/docs/core/event_handler/api_gateway.md b/docs/core/event_handler/api_gateway.md
@@ -198,7 +198,7 @@ Each dynamic route you set must be part of your function signature. This allows
 
 === "dynamic_routes.py"
 
-    ```python hl_lines="14 16"
+    ```python hl_lines="16 18"
     --8<-- "examples/event_handler_rest/src/dynamic_routes.py"
     ```
 
@@ -640,7 +640,7 @@ matches one of the allowed values.
 
 === "setting_cors.py"
 
-    ```python hl_lines="5 11-12 34"
+    ```python hl_lines="7 14-15 38"
     --8<-- "examples/event_handler_rest/src/setting_cors.py"
     ```
 
@@ -652,7 +652,7 @@ matches one of the allowed values.
 
 === "setting_cors_extra_origins.py"
 
-    ```python hl_lines="5 11-12 34"
+    ```python hl_lines="7 14 15 38"
     --8<-- "examples/event_handler_rest/src/setting_cors_extra_origins.py"
     ```
 
@@ -943,7 +943,7 @@ You can compress with gzip and base64 encode your responses via `compress` param
 
 === "compressing_responses_using_route.py"
 
-    ```python hl_lines="17 27"
+    ```python hl_lines="19 29"
      --8<-- "examples/event_handler_rest/src/compressing_responses_using_route.py"
     ```
 
@@ -1154,7 +1154,7 @@ Let's assume you have `split_route.py` as your Lambda function entrypoint and ro
     !!! info
         This means all methods, including [middleware](#middleware) will work as usual.
 
-    ```python hl_lines="5 13 16 25 28"
+    ```python hl_lines="7 10 15 18 27 30"
     --8<-- "examples/event_handler_rest/src/split_route_module.py"
     ```
 
@@ -1186,7 +1186,7 @@ When necessary, you can set a prefix when including a router object. This means
 
 === "split_route_prefix_module.py"
 
-    ```python hl_lines="13 25"
+    ```python hl_lines="14 26"
     --8<-- "examples/event_handler_rest/src/split_route_prefix_module.py"
     ```
 
diff --git a/docs/utilities/middleware_factory.md b/docs/utilities/middleware_factory.md
@@ -30,7 +30,7 @@ You can create your own middleware using `lambda_handler_decorator`. The decorat
 ### Middleware with before logic
 
 === "getting_started_middleware_before_logic_function.py"
-    ```python hl_lines="5 26 27 36 37 39 44 45"
+    ```python hl_lines="5 26 27 35 36 38 41 42"
     --8<-- "examples/middleware_factory/src/getting_started_middleware_before_logic_function.py"
     ```
 
@@ -58,7 +58,7 @@ You can create your own middleware using `lambda_handler_decorator`. The decorat
 You can also have your own keyword arguments after the mandatory arguments.
 
 === "getting_started_middleware_with_params_function.py"
-    ```python hl_lines="6 30 31 41 56 57"
+    ```python hl_lines="6 30 31 41 53 54"
     --8<-- "examples/middleware_factory/src/getting_started_middleware_with_params_function.py"
     ```
 
diff --git a/examples/event_handler_rest/src/compressing_responses_using_route.py b/examples/event_handler_rest/src/compressing_responses_using_route.py
@@ -1,3 +1,5 @@
+from urllib.parse import quote
+
 import requests
 
 from aws_lambda_powertools import Logger, Tracer
@@ -27,6 +29,7 @@ def get_todos():
 @app.get("/todos/<todo_id>", compress=True)
 @tracer.capture_method
 def get_todo_by_id(todo_id: str):  # same example using Response class
+    todo_id = quote(todo_id, safe="")
     todos: requests.Response = requests.get(f"https://jsonplaceholder.typicode.com/todos/{todo_id}")
     todos.raise_for_status()
 
diff --git a/examples/event_handler_rest/src/dynamic_routes.py b/examples/event_handler_rest/src/dynamic_routes.py
@@ -1,3 +1,5 @@
+from urllib.parse import quote
+
 import requests
 from requests import Response
 
@@ -14,6 +16,7 @@
 @app.get("/todos/<todo_id>")
 @tracer.capture_method
 def get_todo_by_id(todo_id: str):  # value come as str
+    todo_id = quote(todo_id, safe="")
     todos: Response = requests.get(f"https://jsonplaceholder.typicode.com/todos/{todo_id}")
     todos.raise_for_status()
 
diff --git a/examples/event_handler_rest/src/setting_cors.py b/examples/event_handler_rest/src/setting_cors.py
@@ -1,3 +1,5 @@
+from urllib.parse import quote
+
 import requests
 from requests import Response
 
@@ -26,6 +28,7 @@ def get_todos():
 @app.get("/todos/<todo_id>")
 @tracer.capture_method
 def get_todo_by_id(todo_id: str):  # value come as str
+    todo_id = quote(todo_id, safe="")
     todos: Response = requests.get(f"https://jsonplaceholder.typicode.com/todos/{todo_id}")
     todos.raise_for_status()
 
diff --git a/examples/event_handler_rest/src/setting_cors_extra_origins.py b/examples/event_handler_rest/src/setting_cors_extra_origins.py
@@ -1,3 +1,5 @@
+from urllib.parse import quote
+
 import requests
 from requests import Response
 
@@ -26,6 +28,7 @@ def get_todos():
 @app.get("/todos/<todo_id>")
 @tracer.capture_method
 def get_todo_by_id(todo_id: str):  # value come as str
+    todo_id = quote(todo_id, safe="")
     todos: Response = requests.get(f"https://jsonplaceholder.typicode.com/todos/{todo_id}")
     todos.raise_for_status()
 
diff --git a/examples/event_handler_rest/src/split_route_module.py b/examples/event_handler_rest/src/split_route_module.py
@@ -1,3 +1,5 @@
+from urllib.parse import quote
+
 import requests
 from requests import Response
 
@@ -27,6 +29,7 @@ def get_todos():
 def get_todo_by_id(todo_id: str):  # value come as str
     api_key = router.current_event.headers["X-Api-Key"]
 
+    todo_id = quote(todo_id, safe="")
     todos: Response = requests.get(f"{endpoint}/{todo_id}", headers={"X-Api-Key": api_key})
     todos.raise_for_status()
 
diff --git a/examples/event_handler_rest/src/split_route_prefix_module.py b/examples/event_handler_rest/src/split_route_prefix_module.py
@@ -1,3 +1,5 @@
+from urllib.parse import quote
+
 import requests
 from requests import Response
 
@@ -27,6 +29,7 @@ def get_todos():
 def get_todo_by_id(todo_id: str):  # value come as str
     api_key = router.current_event.headers["X-Api-Key"]
 
+    todo_id = quote(todo_id, safe="")
     todos: Response = requests.get(f"{endpoint}/{todo_id}", headers={"X-Api-Key": api_key})
     todos.raise_for_status()
 
diff --git a/examples/middleware_factory/src/combining_powertools_utilities_function.py b/examples/middleware_factory/src/combining_powertools_utilities_function.py
@@ -1,5 +1,6 @@
 import json
 from typing import Callable
+from urllib.parse import quote
 
 import boto3
 import combining_powertools_utilities_schema as schemas
@@ -103,19 +104,20 @@ def get_comments():
 
         return {"comments": comments.json()[:10]}
     except Exception as exc:
-        raise InternalServerError(str(exc))
+        raise InternalServerError(str(exc)) from exc
 
 
 @app.get("/comments/<comment_id>")
 @tracer.capture_method
 def get_comments_by_id(comment_id: str):
     try:
+        comment_id = quote(comment_id, safe="")
         comments: requests.Response = requests.get(f"https://jsonplaceholder.typicode.com/comments/{comment_id}")
         comments.raise_for_status()
 
         return {"comments": comments.json()}
     except Exception as exc:
-        raise InternalServerError(str(exc))
+        raise InternalServerError(str(exc)) from exc
 
 
 @middleware_custom
diff --git a/examples/middleware_factory/src/getting_started_middleware_before_logic_function.py b/examples/middleware_factory/src/getting_started_middleware_before_logic_function.py
@@ -35,9 +35,7 @@ def middleware_before(
     if "status_id" not in detail:
         event["detail"]["status_id"] = "pending"
 
-    response = handler(event, context)
-
-    return response
+    return handler(event, context)
 
 
 @middleware_before
diff --git a/examples/middleware_factory/src/getting_started_middleware_with_params_function.py b/examples/middleware_factory/src/getting_started_middleware_with_params_function.py
@@ -42,9 +42,7 @@ def obfuscate_sensitive_data(
         if guest_data.get(guest_field):
             event["detail"]["guest"][guest_field] = obfuscate_data(str(guest_data.get(guest_field)))
 
-    response = handler(event, context)
-
-    return response
+    return handler(event, context)
 
 
 def obfuscate_data(value: str) -> bytes:
