Use prometheus-client 0.19.0 with HTTPS/mTLS support; Fixed pip versions

Details: * Used the officially released version 0.19.0 of the prometheus-client package and enabled Python versions 3.6 and 3.7 again. * Fixed pylint issue on Python 3.6 and 3.7 where it complains about the new arguments of start_http_server(). The code checks that they are used only on Python 3.8 or higher, where we have the new version of the prometheus-client package. * Fixed a dependency issue with pip on Python 3.l6 and 3.7 that came in while these Python versions were disabled. * Added Python 3.7/3.8 to normal test envs since that is the boundary where HTTPS support got introduced. Signed-off-by: Andreas Maier <[email protected]>
zhmcclient · Nov 27, 2023 · d601833 · d601833
1 parent da025fd
commit d601833
Show file tree

Hide file tree

Showing 8 changed files with 68 additions and 22 deletions.
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -33,20 +33,63 @@ jobs:
       # This technique documented in:
       #    https://stackoverflow.com/questions/65384420/how-to-make-a-github-action-matrix-element-conditional
       # TODO: Find a way to define this with less escapes.
-      # TODO-PYPI: Revert changes in this file once a new version of prometheus-client (after 2023-11-09) has been released on Pypi
       run: |
         if [[ "${{ github.event_name }}" == "schedule" || "${{ github.head_ref }}" =~ ^release_ ]]; then \
           echo "matrix={ \
             \"os\": [ \"ubuntu-latest\", \"macos-latest\", \"windows-latest\" ], \
-            \"python-version\": [ \"3.8\", \"3.9\", \"3.10\", \"3.11\", \"3.12\" ], \
-            \"package_level\": [ \"minimum\", \"latest\" ] \
+            \"python-version\": [ \"3.6\", \"3.7\", \"3.8\", \"3.9\", \"3.10\", \"3.11\", \"3.12\" ], \
+            \"package_level\": [ \"minimum\", \"latest\" ], \
+            \"exclude\": [ \
+              { \
+                \"os\": \"ubuntu-latest\", \
+                \"python-version\": \"3.6\", \
+                \"package_level\": \"minimum\" \
+              }, \
+              { \
+                \"os\": \"ubuntu-latest\", \
+                \"python-version\": \"3.6\", \
+                \"package_level\": \"latest\" \
+              } \
+            ], \
+            \"include\": [ \
+              { \
+                \"os\": \"ubuntu-20.04\", \
+                \"python-version\": \"3.6\", \
+                \"package_level\": \"minimum\" \
+              }, \
+              { \
+                \"os\": \"ubuntu-20.04\", \
+                \"python-version\": \"3.6\", \
+                \"package_level\": \"latest\" \
+              } \
+            ] \
           }" >> $GITHUB_OUTPUT; \
         else \
           echo "matrix={ \
             \"os\": [ \"ubuntu-latest\" ], \
             \"python-version\": [ \"3.12\" ], \
             \"package_level\": [ \"minimum\", \"latest\" ], \
             \"include\": [ \
+              { \
+                \"os\": \"ubuntu-20.04\", \
+                \"python-version\": \"3.6\", \
+                \"package_level\": \"minimum\" \
+              }, \
+              { \
+                \"os\": \"ubuntu-20.04\", \
+                \"python-version\": \"3.6\", \
+                \"package_level\": \"latest\" \
+              }, \
+              { \
+                \"os\": \"ubuntu-latest\", \
+                \"python-version\": \"3.7\", \
+                \"package_level\": \"minimum\" \
+              }, \
+              { \
+                \"os\": \"ubuntu-latest\", \
+                \"python-version\": \"3.7\", \
+                \"package_level\": \"latest\" \
+              }, \
               { \
                 \"os\": \"ubuntu-latest\", \
                 \"python-version\": \"3.8\", \
@@ -59,7 +102,7 @@ jobs:
               }, \
               { \
                 \"os\": \"macos-latest\", \
-                \"python-version\": \"3.8\", \
+                \"python-version\": \"3.6\", \
                 \"package_level\": \"latest\" \
               }, \
               { \
@@ -74,7 +117,7 @@ jobs:
               }, \
               { \
                 \"os\": \"windows-latest\", \
-                \"python-version\": \"3.8\", \
+                \"python-version\": \"3.6\", \
                 \"package_level\": \"latest\" \
               }, \
               { \

diff --git a/.safety-policy.yml b/.safety-policy.yml
@@ -44,6 +44,8 @@ security:
             reason: Fixed GitPython version 3.1.33 requires Python>=3.7 and is used there
         60841:
             reason: Fixed GitPython version 3.1.35 requires Python>=3.7 and is used there
+        62044:
+            reason: Fixed pip version 23.3 requires Python>=3.7 and is used there
 
     # Continue with exit code 0 when vulnerabilities are found.
     continue-on-vulnerability-error: False
diff --git a/Makefile b/Makefile
@@ -237,9 +237,8 @@ safety: $(done_dir)/safety_$(pymn)_$(PACKAGE_LEVEL).done
 .PHONY: check_reqs
 check_reqs: $(done_dir)/develop_$(pymn)_$(PACKAGE_LEVEL).done minimum-constraints.txt requirements.txt
 	@echo "Makefile: Checking missing dependencies of this package"
-# TODO-PYPI: Re-enable once a new version of prometheus-client (after 2023-11-09) has been released on Pypi
-# pip-missing-reqs $(package_name) --requirements-file=requirements.txt
-# pip-missing-reqs $(package_name) --requirements-file=minimum-constraints.txt
+	pip-missing-reqs $(package_name) --requirements-file=requirements.txt
+	pip-missing-reqs $(package_name) --requirements-file=minimum-constraints.txt
 	@echo "Makefile: Done checking missing dependencies of this package"
 ifeq ($(PLATFORM),Windows_native)
 # Reason for skipping on Windows is https://github.com/r1chardj0n3s/pip-check-reqs/issues/67

diff --git a/docs/changes.rst b/docs/changes.rst
@@ -97,7 +97,8 @@ Released: not yet
   attached to a partition. (issue #346)
 
 * Added support for HTTPS and mutual TLS (mTLS) by adding a new optional section
-  'prometheus' to the HMC credentials file. (issue #347)
+  'prometheus' to the HMC credentials file and using prometheus-client 0.19.0.
+  (issue #347)
 
 * Tolerated when unknown 'resource' types are specified in the metrics.yaml
   file, because one possible reason for that is that a newer metrics.yaml file

diff --git a/minimum-constraints.txt b/minimum-constraints.txt
@@ -25,7 +25,9 @@
 # pip 18.1 supports PEP-508 URLs, so the deprecated dependency_links no longer needs to be used.
 # Pip 20.2 introduced a new resolver whose backtracking had issues that were resolved only in 21.2.2.
 # pip>=21.0 is needed for the cryptography package on Windows on GitHub Actions.
-pip==23.3
+# pip 22.0 removed support for py36
+pip==21.3.1; python_version == '3.6'
+pip==23.3; python_version >= '3.7'
 
 # setuptools 59.7.0 removed support for py36
 setuptools==59.6.0; python_version == '3.6'
@@ -39,9 +41,8 @@ wheel==0.38.1; python_version >= '3.7'
 
 zhmcclient==1.9.1
 
-prometheus-client>=0.17.0; python_version <= '3.7'
-# TODO-PYPI: Re-enable once a new version of prometheus-client (after 2023-11-09) has been released on Pypi
-# prometheus-client>=0.18.x; python_version >= '3.8'
+prometheus-client==0.17.1; python_version <= '3.7'
+prometheus-client==0.19.0; python_version >= '3.8'
 
 urllib3==1.26.18
 jsonschema==3.2.0

diff --git a/requirements.txt b/requirements.txt
@@ -9,11 +9,10 @@
 # zhmcclient @ git+https://github.com/zhmcclient/python-zhmcclient.git@master
 zhmcclient>=1.9.1
 
-# prometheus-client 0.18 has removed support for py36,37
-# TODO-PYPI: Re-enable once a new version of prometheus-client (after 2023-11-09) has been released on Pypi
-# prometheus-client>=0.17.0; python_version <= '3.7'
-# prometheus-client>=0.18.x; python_version >= '3.8'
-prometheus-client@git+https://github.com/prometheus/client_python.git@master
+# prometheus-client 0.18.0 has removed support for py36,37
+# prometheus-client 0.19.0 added support for HTTPS/mTLS, but requires py38
+prometheus-client>=0.17.1; python_version <= '3.7'
+prometheus-client>=0.19.0; python_version >= '3.8'
 
 urllib3>=1.25.18
 jsonschema>=3.2.0

diff --git a/setup.py b/setup.py
@@ -122,16 +122,16 @@ def read_file(a_file):
 
     # Keep these Python versions in sync with:
     # - Section "Supported environments" in docs/intro.rst
-    # TODO-PYPI: Revert changes in this file once a new version of
-    #            prometheus-client (after 2023-11-09) has been released on Pypi
-    python_requires='>=3.8',
+    python_requires='>=3.6',
     classifiers=[
         'Development Status :: 5 - Production/Stable',
         'Environment :: Console',
         'Intended Audience :: Information Technology',
         'License :: OSI Approved :: Apache Software License',
         'Operating System :: OS Independent',
         'Programming Language :: Python :: 3',
+        'Programming Language :: Python :: 3.6',
+        'Programming Language :: Python :: 3.7',
         'Programming Language :: Python :: 3.8',
         'Programming Language :: Python :: 3.9',
         'Programming Language :: Python :: 3.10',

diff --git a/zhmc_prometheus_exporter/zhmc_prometheus_exporter.py b/zhmc_prometheus_exporter/zhmc_prometheus_exporter.py
@@ -1935,13 +1935,14 @@ def main():
 
         if server_cert_file:
             try:
+                # pylint: disable=unexpected-keyword-arg
                 start_http_server(
                     port=port,
                     certfile=server_cert_file,
                     keyfile=server_key_file,
                     client_cafile=ca_cert_file,
                     client_auth_required=(ca_cert_file is not None))
-            # pylint_ disable=broad-exception
+            # pylint: disable=broad-exception
             except Exception as exc:
                 # We catch Exception for now in order to investigate the
                 # issue that with ssl.SSLEOFError being raised occasionally.