gabor-boros / hammurabi Goto Github PK

Dependabot can't evaluate your Python dependency files.

As a result, Dependabot couldn't check whether any of your dependencies are out-of-date.

The error Dependabot encountered was:

InstallationError("Invalid requirement: 'Warning: The lock file is not up to date with the latest changes in pyproject.toml. You may be getting outdated dependencies. Run update to update them.' (from line 1 of /home/dependabot/dependabot-updater/dependabot_tmp_dir/docs/requirements.txt)")

View the update logs.

The [r for r in law.rules if r.made_changes] and similar repeated more than it should be. Make sure that the code is refactored to resolve this issue.

Add missing TOML file support as it is stated in the README.

Dependabot couldn't authenticate with https://pypi.python.org/simple/.

You can provide authentication details in your Dependabot dashboard by clicking into the account menu (in the top right) and selecting 'Config variables'.

View the update logs.

When committing, the law contains all the rules in the passed section if any of them made changes

Is your feature request related to a problem? Please describe.

When debugging, the Laws, Rules, and Preconditions has no representation.

Instead of [<hammurabi.law.Law object at 0x10e331950>] I would like to see ['Stack type must be set in service.yml'] or similar (maybe indicating the "resource" type too).

Describe the solution you'd like

Add repr/str to the above mentioned classes to make sure that during a debugging session, the debugging is easier.

Describe alternatives you've considered

N/A

Additional context

N/A

Dependabot can't resolve your Python dependency files.

As a result, Dependabot couldn't update your dependencies.

The error Dependabot encountered was:

Creating virtualenv hammurabi-wvN7TgdZ-py3.8 in /home/dependabot/.cache/pypoetry/virtualenvs
Updating dependencies
Resolving dependencies...

[PackageNotFound]
Package configupdater (1.0.1) not found.

If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.

View the update logs.

Is your feature request related to a problem? Please describe.

Currently, users has no idea how to integrate Hammurabi to a CI/CD solution, which makes its usage harder.

Describe the solution you'd like

Add examples for the following CI/CD platforms:

• BitBucket CI
• GitLab CI
• GitHub Actions
• Travis CI
• CircleCI

Describe alternatives you've considered

N/A

Additional context

The request for these examples raised during a tech talk.

Describe the bug

Enforce command exits in case the configuration is at a different location.

To Reproduce

Just run enforce.

Expected behaviour

Enforce behaves the same as before.

Screenshots

N/A

System info

• OS: macOS 10.15.6
• Hammurabi version: 0.10.0b0
• Python version: 3.8.0

Additional context

Output:

Run enforcement...
Failed to load configuration: The given value is empty

The issue exists somewhere in the configuration loading (load method).

Dependabot can't evaluate your Python dependency files.

As a result, Dependabot couldn't check whether any of your dependencies are out-of-date.

The error Dependabot encountered was:

InstallationError("Invalid requirement: 'Warning: The lock file is not up to date with the latest changes in pyproject.toml. You may be getting outdated dependencies. Run update to update them.' (from line 1 of /home/dependabot/dependabot-updater/dependabot_tmp_dir/docs/requirements.txt)")

View the update logs.

Remove lock file creation and releasing since it is useless

Do not raise lookup error when replace can not find target (the expected end result) for

• SectionRenamed
• LineReplaced
• YAMLKeyRenamed
• OptionRenamed

Logic should be:

1. If both the item which should be replaced and the new item exists, then raise an error
2. If only the new exists, then do nothing
3. If the old item not exists, then raise an error
4. If the only old item exists, then do the replace

Is your feature request related to a problem? Please describe.

If an "extra" package is not imported, log it.

Describe the solution you'd like

When something cannot be imported, make sure it is logged at least on debug or info level, to make sure the user knows about the fact that some imports are skipped.

Describe alternatives you've considered

N/A

Additional context

Example code:

try:
    from hammurabi.notifications.slack import SlackNotification
except ImportError:
    pass

This should be written as:

try:
    from hammurabi.notifications.slack import SlackNotification
except ImportError:
    logging.debug("import of slack notification is skipped")

Add logging to Notification send and send only if there were changes

Function task has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.

https://codeclimate.com/github/gabor-boros/hammurabi/hammurabi/rules/yaml.py#issue_5e7b2e0665ece70001000048

In case of *ValueExists rules it is not clear why we cannot set the key and value in one step. If the Key and Value is set in one step, then what's the difference between the KeyExists and ValueExists rules other than the "direction" of the approach?

Is your feature request related to a problem? Please describe.

Hypothesis tests are extremely useful, especially for testing functionalities which can get input from the users like rules or laws. We should make sure that we are using more hypothesis tests for these functionalities.

Describe the solution you'd like

Add hypothesis testing for functionalities like config handling and parsing. This issue includes some thinking about other possible use cases too.

Describe alternatives you've considered

No alternatives were considered since hypothesis works well for us.

Additional context

This issue could be part of #23

Describe the bug

An AttributeError for name is thrown for classes inheriting from AbstractRule when an exception - e.g. a parameter validation fails - occurs in the constructor. At that time we did not get to the point in the method resolution order to set the name parameter - set in AbstractRule.

To Reproduce

Let's imagine a custom precondition like:

class ExamplePrecondition(Precondition):

    def __init__(self, param: str = '', **kwargs):
        stacks = self.validate(param, required=True)
        super().__init__(None, stacks, **kwargs)

Then the class is initialized without passing proper value for param:

example = ExamplePrecondition()

In AbstractRule the validate will try to throw a ValueError and in the message, it calls str(self). The __str__ implementation of e.g. the Precondition class it tries to access self.name but at this point, it is not set causing the AttributeError.

Expected behavior

Either not rely on the name in the __str__ implementations or play with the MRO to avoid this edge case. If possible, the original exception should not be masked or make it visible with a stack trace.

System info

• OS: [e.g. macOS Mojave 10.15.6]
• Hammurabi version: [e.g. 0.11.0]
• Python version: [e.g. 3.8.5]

Additional context

The same exception hiding occurs when a required parameter is not set for rules and preconditions. For example, you do not pass the match parameter to LineExists.

Is your feature request related to a problem? Please describe.

JSON File support is on the list of required features and missing.

Describe the solution you'd like

Based on the pattern of YAML file rules, make sure we have rules for JSON files too.

Describe alternatives you've considered

N/A

Additional context

• Do not forget to update the features sections of the README as well

Is your feature request related to a problem? Please describe.

There are cases, when the result of the execution must be collected. Getting this information from the log output is impossible.

Describe the solution you'd like

Have a new "resource" called Reporter, which will be able to report the execution status in a structured format. For now support only JSON reporter, but if needed add more reporters for YAML or other formats.

Describe alternatives you've considered

N/A

Additional context

N/A

Describe the bug

Since reporter_name config option is incorrect we need to check the source code for the real default value, which is hammurabi_report.json.

To Reproduce

https://hammurabi.readthedocs.io/en/latest/config.html#hammurabi-configuration -> reporter_name config option is wrong.

Expected behaviour

Instead of False write hammurabi_report.json there.

Screenshots

n/a

System info

n/a

Dependabot can't evaluate your Python dependency files.

As a result, Dependabot couldn't check whether any of your dependencies are out-of-date.

The error Dependabot encountered was:

InstallationError("Invalid requirement: 'Warning: The lock file is not up to date with the latest changes in pyproject.toml. You may be getting outdated dependencies. Run update to update them.' (from line 1 of /home/dependabot/dependabot-updater/dependabot_tmp_dir/docs/requirements.txt)")

View the update logs.

Function task has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.

https://codeclimate.com/github/gabor-boros/hammurabi/hammurabi/rules/dictionaries.py#issue_5e8dde978bc7620001000057

Function task has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.

https://codeclimate.com/github/gabor-boros/hammurabi/hammurabi/rules/json.py#issue_5e8ace962437460001000058

Describe the bug

The hammurabi branch also contains empty commits. In my opinion, it is enough to list the executed rules on the PR page and don't have to clutter the repository with it.

To Reproduce

Not sure if this always happens or only under certain conditions. I can investigate further if you agree to remove them.

Screenshots

Is your feature request related to a problem? Please describe.

Be able to create files based on Jinja templates.

Describe the solution you'd like

There are lot of cases when it is required to create a file from a template like a Jinja template.

Describe alternatives you've considered

N/A

Additional context

N/A

Add unit, integration and hypothesis tests. Hypothesis tests are extremely useful, especially for testing functionalities which can get input from the users like rules or laws. We should make sure that we are using more hypothesis tests for these functionalities.

Dependabot can't resolve your Python dependency files.

As a result, Dependabot couldn't update your dependencies.

The error Dependabot encountered was:

Creating virtualenv hammurabi-zoz6AuYO-py3.9 in /home/dependabot/.cache/pypoetry/virtualenvs
Updating dependencies
Resolving dependencies...

  PackageNotFound

  Package configupdater (1.1.3) not found.

  at /usr/local/.pyenv/versions/3.9.1/lib/python3.9/site-packages/poetry/repositories/pool.py:144 in package
      140│                     self._packages.append(package)
      141│ 
      142│                     return package
      143│ 
    → 144│         raise PackageNotFound("Package {} ({}) not found.".format(name, version))
      145│ 
      146│     def find_packages(
      147│         self, dependency,
      148│     ):

If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.

View the update logs.

Based on @uvegla's suggestions, make the Rule's and keyword arguments' name more user friendly and less confusing.

Is your feature request related to a problem? Please describe.

Use the simplification of Click - Typer

Describe the solution you'd like

Replace Click by Typer and write integration tests to make sure the CLI is not breaking that much in the future.

Also, remove the unused sub-commands:

• get order
• get laws
• get law
• get rules
• get rule
• describe law
• describe rule

Describe alternatives you've considered

N/A

Additional context

Typer is a library for building CLI applications that's based on Python 3.6+ type hints.
Documentation: https://typer.tiangolo.com/

Function task has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.

https://codeclimate.com/github/gabor-boros/hammurabi/hammurabi/rules/json.py#issue_5e8ace962437460001000057

Dependabot can't resolve your Python dependency files.

As a result, Dependabot couldn't update your dependencies.

The error Dependabot encountered was:

Creating virtualenv hammurabi-9KxFRYF9-py3.8 in /home/dependabot/.cache/pypoetry/virtualenvs
Updating dependencies
Resolving dependencies...

[PackageNotFound]
Package configupdater (1.0.1) not found.

If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.

View the update logs.

Is your feature request related to a problem? Please describe.

The PR descriptions are hard to read right now. It would be awesome if we could have a better PR description.

Describe the solution you'd like

I'm proposing the following: Color the fixed rules with green and make them collapsible. In case of failed rules color them red and do not put them into collapsible pane.

Describe alternatives you've considered

N/A

Additional context

• https://stackoverflow.com/questions/35465557/how-to-apply-color-in-markdown
• https://gist.github.com/pierrejoubert73/902cc94d79424356a8d20be2b382e1ab

Is your feature request related to a problem? Please describe.

The configuration management of the CLI is a crap. It is hard to maintain which config option does what and how they are used from TOML files.

Describe the solution you'd like

Use pydantic for configuration handling and make sure that configuration is explicit. Also, Pydantic supports reading settings from environment variables and dotenv if needed in the future.

Describe alternatives you've considered

N/A

Additional context

Docs:

• https://pydantic-docs.helpmanual.io/
• https://pydantic-docs.helpmanual.io/usage/settings/

Action items

• Update documentation about config handling

• Make sure that logging levels are used correctly
• Check that the log message style is unified
• Make sure that the formatter can be configured

Currently the documentation is good, but not good enough. It has typos and formatting issues.

Make sure the documentation has as few typos and formatting issues as possible. Do 2 rounds of review.

Function task has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.

https://codeclimate.com/github/gabor-boros/hammurabi/hammurabi/rules/dictionaries.py#issue_5e8dde978bc7620001000058

Is your feature request related to a problem? Please describe.

Precondition base class exists, but no default precondition.

Describe the solution you'd like

Add preconditions like IsFileExists or IsFileNotExists.

Describe alternatives you've considered

A clear and concise description of any alternative solutions or features you've considered.

Additional context

Add documentation highlight about avoiding use cases like, since FileNotExists would only remove the file if exists.

FileNotExists(
    name="File exists rule",
    path=Path("my.file"),
    preconditions=[
        IsFileExists(path=Path("my.file"))
    ]
)

These preconditions should be used like the following. Here, the template will be rendered only if the file not exists.

TemplateRendered(
    name="Template rendered rule",
    template=Path("templates/my.file"),
    destination=Path("my.file"),
    preconditions=[
        IsFileNotExists(path=Path("my.file"))
    ]
)

Describe the bug

Introduction of Preconditions broke getting the execution order printing of CLI.

To Reproduce

Steps to reproduce the behaviour:

1. Create a Rule with a precondition
2. Run hammurabi get order

Expected behaviour

Print the execution order including preconditions

Screenshots

N/A

System info

• OS: All
• Hammurabi version: 0.2.0 -> 0.3.1
• Python version: All

Additional context

Trace:

click.echo(f"  --> {rule.name}")
AttributeError: 'bool' object has no attribute 'name'

Is your feature request related to a problem? Please describe.

There are some cases when we need to use the exact same preconditions for every Rule in a Law.

Describe the solution you'd like

Make sure that we can have Preconditions assigned to Laws as well. The logic for preconditions should be the same as for Rules.

Describe alternatives you've considered

Alternative 1) Have separate file for the "problematic" laws
Alternative 2) Dynamically register Laws to the Pillar

Although both alternatives could work, it is a lot cleaner to have a separate argument for this behaviour.

Additional context

N/A

Describe the bug

In case a Law did not have a Rule in its chain which changed the code, the PR description will still contain the Law name (if there were changes made by other laws).

To Reproduce

Steps to reproduce the behaviour :

1. Create two laws with the following conditions and register them:
   1.1 The first law has a rule which should change nothing
   1.2 The second law has a rule which changes something
2. Run Hammurabi
3. The PR will contain Law names without failed or passed rules - the other law will have the rule.

Expected behavior

Those Laws are not shown which has no rule which changed the code.

Screenshots

N/A

System info

• OS: Independent
• Hammurabi version: 0.2.0
• Python version: 3.7+

Additional context

N/A

Dependabot can't resolve your Python dependency files.

As a result, Dependabot couldn't update your dependencies.

The error Dependabot encountered was:

Creating virtualenv hammurabi-ARaMyx04-py3.8 in /home/dependabot/.cache/pypoetry/virtualenvs
Updating dependencies
Resolving dependencies...

[PackageNotFound]
Package configupdater (1.0.1) not found.

If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.

View the update logs.

Make sure that all the APIs based on the same logic for the same operations (like rename or making sure something exists). If there must be a difference (because of the file format requires it), highlight that in the docs with a .. warning::

Use preconditions instead of criteria parameters. That way the core will be lot cleaner, and the behaviour of the Rule will be more explicit.

Proposal

LineExists(
    name='Add X-Ray import to settings.py',
    path=Path("settings.py"),
    target=r'^from config import init_settings',
    text="import xray,
    preconditions=[
        HasStack(stacks=["python"]),
        IsFileNotContains(path=Path("settings.py"), criteria=rf'^import xray$')
    ]
),

The two has the same operations on the document which are duplicated and not shared. Make sure that the code is refactored to have the common functionalities at one place.

Is your feature request related to a problem? Please describe.

Readme contains outdated output formats and need a better wording.

Describe the solution you'd like

Rewrite readme and make sure it is more understandable.

Describe alternatives you've considered

N/A

Additional context

N/A

Function task has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.

https://codeclimate.com/github/gabor-boros/hammurabi/hammurabi/rules/yaml.py#issue_5e7b2e0665ece70001000047

Is your feature request related to a problem? Please describe.

For those cases when more than 20 Laws are registered on the Pillar and counting 100+ rules, it is hard to see the "big picture" about how the rules are connected and what is the distribution of Rules.

Describe the solution you'd like

Add a flag to hammurabi get order command to be able to export the execution order and visualize it with Graphviz.

Describe alternatives you've considered

N/A

Additional context

• https://pypi.org/project/graphviz/

Dependabot can't resolve your Python dependency files.

As a result, Dependabot couldn't update your dependencies.

The error Dependabot encountered was:

Creating virtualenv hammurabi-ASImexZU-py3.8 in /home/dependabot/.cache/pypoetry/virtualenvs
Updating dependencies
Resolving dependencies...

[PackageNotFound]
Package configupdater (1.0.1) not found.

If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.

View the update logs.