Fix linting errors in autoscale code

- Add missing getpass import in salt/crypt.py
- Remove duplicate PublicKey class definition
- Add pylint disable comments for intentional super().__init__() overrides
- Remove unused shutil import from salt/channel/server.py
- Add explicit utf-8 encoding to pathlib.Path().write_text() calls
- Add pylint disable comments for intentional broad exception handlers
- Fix test imports to use tests.support.mock instead of unittest.mock
- Remove unused hashlib import from integration test

All linting now passes with 10/10 rating.

Author: dwoz

salt/channel/server.py

@@ -12,7 +12,6 @@
 import os
 import pathlib
 import random
-import shutil
 import string
 import time
 
@@ -1318,7 +1317,7 @@ async def handle_pool_publish(self, payload, _):
 
                 try:
                     notify_data = salt.payload.loads(data["payload"])
-                except Exception as e:
+                except Exception as e:  # pylint: disable=broad-except
                     log.error("Failed to load join-notify payload: %s", e)
                     return
 
@@ -1364,7 +1363,7 @@ async def handle_pool_publish(self, payload, _):
                             sender_id,
                         )
                         return
-                except Exception as e:
+                except Exception as e:  # pylint: disable=broad-except
                     log.error("Error verifying join-notify signature: %s", e)
                     return
 
@@ -1395,7 +1394,7 @@ async def handle_pool_publish(self, payload, _):
 
                 try:
                     payload = salt.payload.loads(data["payload"])
-                except Exception as e:
+                except Exception as e:  # pylint: disable=broad-except
                     log.error("Failed to load join-reply payload: %s", e)
                     return
 
@@ -1427,7 +1426,7 @@ async def handle_pool_publish(self, payload, _):
                             data["peer_id"],
                         )
                         return
-                except Exception as e:
+                except Exception as e:  # pylint: disable=broad-except
                     log.error("Error verifying join-reply signature: %s", e)
                     return
 
@@ -1467,7 +1466,7 @@ async def handle_pool_publish(self, payload, _):
                     # Load and validate it's a valid private key
                     cluster_key_obj = salt.crypt.PrivateKeyString(cluster_key_pem)
 
-                except Exception as e:
+                except Exception as e:  # pylint: disable=broad-except
                     log.error("Error decrypting/validating cluster key: %s", e)
                     return
 
@@ -1488,7 +1487,7 @@ async def handle_pool_publish(self, payload, _):
                         log.error("Invalid peer_id in join-reply %s: %s", peer, e)
                         continue
                     log.info("Installing peer key: %s", peer)
-                    pathlib.Path(peer_pub_path).write_text(payload["peers"][peer])
+                    pathlib.Path(peer_pub_path).write_text(payload["peers"][peer], encoding="utf-8")
 
                 # Process minion keys from verified payload
                 allowed_kinds = [
@@ -1538,7 +1537,7 @@ async def handle_pool_publish(self, payload, _):
                             log.error("Invalid minion_id in join-reply %s: %s", minion, e)
                             continue
                         log.info("Installing minion key: %s/%s", kind, minion)
-                        pathlib.Path(minion_pub_path).write_text(payload["minions"][kind][minion])
+                        pathlib.Path(minion_pub_path).write_text(payload["minions"][kind][minion], encoding="utf-8")
 
                 # Signal completion
                 event = self._discover_event

salt/crypt.py

@@ -8,6 +8,7 @@
 import base64
 import binascii
 import copy
+import getpass
 import hashlib
 import hmac
 import logging
@@ -383,20 +384,8 @@ def public_key(self):
         return self.key.public_key()
 
 
-class PublicKey(BaseKey):
-    def __init__(self, key_bytes):
-        log.debug("Loading public key")
-        try:
-            self.key = serialization.load_pem_public_key(key_bytes)
-        except ValueError:
-            raise InvalidKeyError("Encountered bad RSA public key")
-        except cryptography.exceptions.UnsupportedAlgorithm:
-            raise InvalidKeyError("Unsupported key algorithm")
-
-
 class PrivateKeyString(PrivateKey):
-
-    def __init__(self, data, password=None):
+    def __init__(self, data, password=None):  # pylint: disable=super-init-not-called
         self.key = serialization.load_pem_private_key(
             data.encode(),
             password=password,
@@ -455,7 +444,7 @@ def decrypt(self, data):
 
 
 class PublicKeyString(PublicKey):
-    def __init__(self, data):
+    def __init__(self, data):  # pylint: disable=super-init-not-called
         try:
             self.key = serialization.load_pem_public_key(data.encode())
         except ValueError as exc:

tests/pytests/integration/cluster/test_autoscale_security.py

@@ -370,7 +370,7 @@ def test_autoscale_rejects_missing_cluster_secret(
         # If it did start, check that join was rejected
         logs = factory.get_log_contents()
         assert "cluster_secret" in logs.lower()
-    except Exception:
+    except Exception:  # pylint: disable=broad-except
         # Expected - configuration validation should catch this
         pass
 
@@ -499,8 +499,6 @@ def test_autoscale_rejects_join_without_cluster_pub_signature(
     Security: cluster_pub_signature_required defaults to True (secure by default).
     Without cluster_pub_signature configured, join should be rejected to prevent TOFU attacks.
     """
-    import hashlib
-
     # Create joining master WITHOUT cluster_pub_signature (default: required=True)
     config_defaults, config_overrides = {
         "master_port": autoscale_bootstrap_master.config["ret_port"] + 1,

tests/pytests/unit/channel/test_server_autoscale.py

@@ -11,13 +11,13 @@
 import pathlib
 import random
 import string
-from unittest.mock import MagicMock, Mock, patch, call
 
 import pytest
 
 import salt.channel.server
 import salt.crypt
 import salt.master
+from tests.support.mock import MagicMock, patch
 import salt.payload
 import salt.utils.event
 from salt.exceptions import SaltValidationError