Smoosh lintage

oidc-exchange: noqa on `import id`

oidc-exchange: isort

oidc-exchange: fix herestring style

Smoosh lintage

pre-commit: disable WPS332

This action runs on Python 3.11.

more lintage

Disable WPS326; ignore a WPS504.

ignore WPS462

Produces poor suggestions here.

oidc-exchange: simplify

oidc-exchange: noqa -> pylint disable

oidc-exchange: add-trailing-comma fixes

Author: woodruffw

.pre-commit-config.yaml

@@ -110,6 +110,8 @@ repos:
       WPS110,
       WPS111,
       WPS305,
+      WPS326,
+      WPS332,
       WPS347,
       WPS360,
       WPS421,
@@ -120,6 +122,7 @@ repos:
       WPS440,
       WPS441,
       WPS453,
+      WPS462,
     - --select
     - WPS
     additional_dependencies:

oidc-exchange.py

@@ -1,11 +1,11 @@
 import os
-from pathlib import Path
 import sys
+from pathlib import Path
 from textwrap import dedent
 from typing import NoReturn
 from urllib.parse import urlparse
 
-import id
+import id  # pylint: disable=W0622
 import requests
 
 _GITHUB_STEP_SUMMARY = Path(os.getenv("GITHUB_STEP_SUMMARY"))
@@ -22,7 +22,7 @@
     permissions:
       id-token: write
     ```
-    """
+    """,
 )
 
 
@@ -32,7 +32,8 @@ def die(msg: str) -> NoReturn:
 
     # NOTE: `msg` is Markdown formatted, so we emit only the header line to
     # avoid clogging the console log with a full Markdown formatted document.
-    print(f"::error::OIDC exchange failure: {msg.splitlines()[0]}", file=sys.stderr)
+    header = msg.splitlines()[0]
+    print(f"::error::OIDC exchange failure: {header}", file=sys.stderr)
     sys.exit(1)
 
 
@@ -60,20 +61,20 @@ def assert_successful_audience_call(resp: requests.Response, domain: str):
             # This index does not support OIDC.
             die(
                 "audience retrieval failed: repository at "
-                f"{domain} does not indicate OIDC support"
+                f"{domain} does not indicate OIDC support",
             )
         case other:
             # Unknown: the index may or may not support OIDC, but didn't respond with
             # something we expect. This can happen if the index is broken, in maintenance mode,
             # misconfigured, etc.
             die(
                 "audience retrieval failed: repository at "
-                f"{domain} responded with unexpected {other}"
+                f"{domain} responded with unexpected {other}",
             )
 
 
 repository_url = get_normalized_input("repository-url")
-if not repository_url:
+if not repository_url:  # noqa: WPS504
     # Easy case: no explicit repository URL, which means we're using PyPI and we can just
     # hardcode the exchange endpoint and OIDC audience.
     token_exchange_url = "https://pypi.org/_/oidc/github/mint-token"
@@ -117,8 +118,8 @@ def assert_successful_audience_call(resp: requests.Response, domain: str):
 
                 This strongly suggests a server configuration or downtime issue; wait
                 a few minutes and try again.
-                """
-            )
+                """,
+            ),
         )
 
     reasons = "\n".join(
@@ -132,7 +133,7 @@ def assert_successful_audience_call(resp: requests.Response, domain: str):
 Token request failed: the server refused the request for the following reasons:
 
 {reasons}
-        """
+        """,
     )
 
 mint_token_payload = mint_token_resp.json()
@@ -145,8 +146,8 @@ def assert_successful_audience_call(resp: requests.Response, domain: str):
 
             This strongly suggests a server configuration or downtime issue; wait
             a few minutes and try again.
-            """
-        )
+            """,
+        ),
     )
 
 # Mask the newly minted PyPI token, so that we don't accidentally leak it in logs.