gabor-boros / hammurabi Goto Github PK
View Code? Open in Web Editor NEWAn extensible CLI tool responsible for enforcing user-defined rules
Home Page: https://hammurabi.readthedocs.io/
License: Other
An extensible CLI tool responsible for enforcing user-defined rules
Home Page: https://hammurabi.readthedocs.io/
License: Other
Dependabot can't evaluate your Python dependency files.
As a result, Dependabot couldn't check whether any of your dependencies are out-of-date.
The error Dependabot encountered was:
InstallationError("Invalid requirement: 'Warning: The lock file is not up to date with the latest changes in pyproject.toml. You may be getting outdated dependencies. Run update to update them.' (from line 1 of /home/dependabot/dependabot-updater/dependabot_tmp_dir/docs/requirements.txt)")
The [r for r in law.rules if r.made_changes]
and similar repeated more than it should be. Make sure that the code is refactored to resolve this issue.
Add missing TOML file support as it is stated in the README.
Dependabot couldn't authenticate with https://pypi.python.org/simple/.
You can provide authentication details in your Dependabot dashboard by clicking into the account menu (in the top right) and selecting 'Config variables'.
When committing, the law contains all the rules in the passed section if any of them made changes
Is your feature request related to a problem? Please describe.
When debugging, the Law
s, Rule
s, and Precondition
s has no representation.
Instead of [<hammurabi.law.Law object at 0x10e331950>]
I would like to see ['Stack type must be set in service.yml']
or similar (maybe indicating the "resource" type too).
Describe the solution you'd like
Add repr/str to the above mentioned classes to make sure that during a debugging session, the debugging is easier.
Describe alternatives you've considered
N/A
Additional context
N/A
Dependabot can't resolve your Python dependency files.
As a result, Dependabot couldn't update your dependencies.
The error Dependabot encountered was:
Creating virtualenv hammurabi-wvN7TgdZ-py3.8 in /home/dependabot/.cache/pypoetry/virtualenvs
Updating dependencies
Resolving dependencies...
[PackageNotFound]
Package configupdater (1.0.1) not found.
If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.
Is your feature request related to a problem? Please describe.
Currently, users has no idea how to integrate Hammurabi to a CI/CD solution, which makes its usage harder.
Describe the solution you'd like
Add examples for the following CI/CD platforms:
Describe alternatives you've considered
N/A
Additional context
The request for these examples raised during a tech talk.
Describe the bug
Enforce command exits in case the configuration is at a different location.
To Reproduce
Just run enforce
.
Expected behaviour
Enforce behaves the same as before.
Screenshots
N/A
System info
Additional context
Output:
Run enforcement...
Failed to load configuration: The given value is empty
The issue exists somewhere in the configuration loading (load
method).
Dependabot can't evaluate your Python dependency files.
As a result, Dependabot couldn't check whether any of your dependencies are out-of-date.
The error Dependabot encountered was:
InstallationError("Invalid requirement: 'Warning: The lock file is not up to date with the latest changes in pyproject.toml. You may be getting outdated dependencies. Run update to update them.' (from line 1 of /home/dependabot/dependabot-updater/dependabot_tmp_dir/docs/requirements.txt)")
Remove lock file creation and releasing since it is useless
Do not raise lookup error when replace can not find target (the expected end result) for
SectionRenamed
LineReplaced
YAMLKeyRenamed
OptionRenamed
Logic should be:
Is your feature request related to a problem? Please describe.
If an "extra" package is not imported, log it.
Describe the solution you'd like
When something cannot be imported, make sure it is logged at least on debug
or info
level, to make sure the user knows about the fact that some imports are skipped.
Describe alternatives you've considered
N/A
Additional context
Example code:
try:
from hammurabi.notifications.slack import SlackNotification
except ImportError:
pass
This should be written as:
try:
from hammurabi.notifications.slack import SlackNotification
except ImportError:
logging.debug("import of slack notification is skipped")
Add logging to Notification send and send only if there were changes
Function task
has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.
In case of *ValueExists rules it is not clear why we cannot set the key and value in one step. If the Key and Value is set in one step, then what's the difference between the KeyExists
and ValueExists
rules other than the "direction" of the approach?
Is your feature request related to a problem? Please describe.
Hypothesis tests are extremely useful, especially for testing functionalities which can get input from the users like rules or laws. We should make sure that we are using more hypothesis tests for these functionalities.
Describe the solution you'd like
Add hypothesis testing for functionalities like config handling and parsing. This issue includes some thinking about other possible use cases too.
Describe alternatives you've considered
No alternatives were considered since hypothesis works well for us.
Additional context
This issue could be part of #23
Describe the bug
An AttributeError
for name
is thrown for classes inheriting from AbstractRule
when an exception - e.g. a parameter validation fails - occurs in the constructor. At that time we did not get to the point in the method resolution order to set the name parameter - set in AbstractRule
.
To Reproduce
Let's imagine a custom precondition like:
class ExamplePrecondition(Precondition):
def __init__(self, param: str = '', **kwargs):
stacks = self.validate(param, required=True)
super().__init__(None, stacks, **kwargs)
Then the class is initialized without passing proper value for param
:
example = ExamplePrecondition()
In AbstractRule
the validate will try to throw a ValueError
and in the message, it calls str(self)
. The __str__
implementation of e.g. the Precondition
class it tries to access self.name
but at this point, it is not set causing the AttributeError
.
Expected behavior
Either not rely on the name in the __str__
implementations or play with the MRO to avoid this edge case. If possible, the original exception should not be masked or make it visible with a stack trace.
System info
Additional context
The same exception hiding occurs when a required parameter is not set for rules and preconditions. For example, you do not pass the match
parameter to LineExists
.
Is your feature request related to a problem? Please describe.
JSON File support is on the list of required features and missing.
Describe the solution you'd like
Based on the pattern of YAML file rules, make sure we have rules for JSON files too.
Describe alternatives you've considered
N/A
Additional context
Is your feature request related to a problem? Please describe.
There are cases, when the result of the execution must be collected. Getting this information from the log output is impossible.
Describe the solution you'd like
Have a new "resource" called Reporter
, which will be able to report the execution status in a structured format. For now support only JSON reporter, but if needed add more reporters for YAML or other formats.
Describe alternatives you've considered
N/A
Additional context
N/A
Describe the bug
Since reporter_name
config option is incorrect we need to check the source code for the real default value, which is hammurabi_report.json
.
To Reproduce
https://hammurabi.readthedocs.io/en/latest/config.html#hammurabi-configuration -> reporter_name config option is wrong.
Expected behaviour
Instead of False
write hammurabi_report.json
there.
Screenshots
n/a
System info
n/a
Dependabot can't evaluate your Python dependency files.
As a result, Dependabot couldn't check whether any of your dependencies are out-of-date.
The error Dependabot encountered was:
InstallationError("Invalid requirement: 'Warning: The lock file is not up to date with the latest changes in pyproject.toml. You may be getting outdated dependencies. Run update to update them.' (from line 1 of /home/dependabot/dependabot-updater/dependabot_tmp_dir/docs/requirements.txt)")
Function task
has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Function task
has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.
Describe the bug
The hammurabi branch also contains empty commits. In my opinion, it is enough to list the executed rules on the PR page and don't have to clutter the repository with it.
To Reproduce
Not sure if this always happens or only under certain conditions. I can investigate further if you agree to remove them.
Screenshots
Is your feature request related to a problem? Please describe.
Be able to create files based on Jinja templates.
Describe the solution you'd like
There are lot of cases when it is required to create a file from a template like a Jinja template.
Describe alternatives you've considered
N/A
Additional context
N/A
Add unit, integration and hypothesis tests. Hypothesis tests are extremely useful, especially for testing functionalities which can get input from the users like rules or laws. We should make sure that we are using more hypothesis tests for these functionalities.
Dependabot can't resolve your Python dependency files.
As a result, Dependabot couldn't update your dependencies.
The error Dependabot encountered was:
Creating virtualenv hammurabi-zoz6AuYO-py3.9 in /home/dependabot/.cache/pypoetry/virtualenvs
Updating dependencies
Resolving dependencies...
PackageNotFound
Package configupdater (1.1.3) not found.
at /usr/local/.pyenv/versions/3.9.1/lib/python3.9/site-packages/poetry/repositories/pool.py:144 in package
140│ self._packages.append(package)
141│
142│ return package
143│
→ 144│ raise PackageNotFound("Package {} ({}) not found.".format(name, version))
145│
146│ def find_packages(
147│ self, dependency,
148│ ):
If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.
Based on @uvegla's suggestions, make the Rule's and keyword arguments' name more user friendly and less confusing.
Is your feature request related to a problem? Please describe.
Use the simplification of Click - Typer
Describe the solution you'd like
Replace Click by Typer and write integration tests to make sure the CLI is not breaking that much in the future.
Also, remove the unused sub-commands:
get order
get laws
get law
get rules
get rule
describe law
describe rule
Describe alternatives you've considered
N/A
Additional context
Typer is a library for building CLI applications that's based on Python 3.6+ type hints.
Documentation: https://typer.tiangolo.com/
Function task
has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
Dependabot can't resolve your Python dependency files.
As a result, Dependabot couldn't update your dependencies.
The error Dependabot encountered was:
Creating virtualenv hammurabi-9KxFRYF9-py3.8 in /home/dependabot/.cache/pypoetry/virtualenvs
Updating dependencies
Resolving dependencies...
[PackageNotFound]
Package configupdater (1.0.1) not found.
If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.
Is your feature request related to a problem? Please describe.
The PR descriptions are hard to read right now. It would be awesome if we could have a better PR description.
Describe the solution you'd like
I'm proposing the following: Color the fixed rules with green and make them collapsible. In case of failed rules color them red and do not put them into collapsible pane.
Describe alternatives you've considered
N/A
Additional context
Is your feature request related to a problem? Please describe.
The configuration management of the CLI is a crap. It is hard to maintain which config option does what and how they are used from TOML files.
Describe the solution you'd like
Use pydantic
for configuration handling and make sure that configuration is explicit. Also, Pydantic supports reading settings from environment variables and dotenv if needed in the future.
Describe alternatives you've considered
N/A
Additional context
Docs:
Action items
Currently the documentation is good, but not good enough. It has typos and formatting issues.
Make sure the documentation has as few typos and formatting issues as possible. Do 2 rounds of review.
Function task
has a Cognitive Complexity of 11 (exceeds 5 allowed). Consider refactoring.
Is your feature request related to a problem? Please describe.
Precondition base class exists, but no default precondition.
Describe the solution you'd like
Add preconditions like IsFileExists
or IsFileNotExists
.
Describe alternatives you've considered
A clear and concise description of any alternative solutions or features you've considered.
Additional context
Add documentation highlight about avoiding use cases like, since FileNotExists
would only remove the file if exists.
FileNotExists(
name="File exists rule",
path=Path("my.file"),
preconditions=[
IsFileExists(path=Path("my.file"))
]
)
These preconditions should be used like the following. Here, the template will be rendered only if the file not exists.
TemplateRendered(
name="Template rendered rule",
template=Path("templates/my.file"),
destination=Path("my.file"),
preconditions=[
IsFileNotExists(path=Path("my.file"))
]
)
Describe the bug
Introduction of Preconditions
broke getting the execution order printing of CLI.
To Reproduce
Steps to reproduce the behaviour:
hammurabi get order
Expected behaviour
Print the execution order including preconditions
Screenshots
N/A
System info
Additional context
Trace:
click.echo(f" --> {rule.name}")
AttributeError: 'bool' object has no attribute 'name'
Is your feature request related to a problem? Please describe.
There are some cases when we need to use the exact same preconditions for every Rule
in a Law
.
Describe the solution you'd like
Make sure that we can have Preconditions
assigned to Law
s as well. The logic for preconditions should be the same as for Rule
s.
Describe alternatives you've considered
Alternative 1) Have separate file for the "problematic" laws
Alternative 2) Dynamically register Law
s to the Pillar
Although both alternatives could work, it is a lot cleaner to have a separate argument for this behaviour.
Additional context
N/A
Describe the bug
In case a Law did not have a Rule in its chain which changed the code, the PR description will still contain the Law name (if there were changes made by other laws).
To Reproduce
Steps to reproduce the behaviour :
Law
names without failed or passed rules - the other law will have the rule.Expected behavior
Those Law
s are not shown which has no rule which changed the code.
Screenshots
N/A
System info
Additional context
N/A
Dependabot can't resolve your Python dependency files.
As a result, Dependabot couldn't update your dependencies.
The error Dependabot encountered was:
Creating virtualenv hammurabi-ARaMyx04-py3.8 in /home/dependabot/.cache/pypoetry/virtualenvs
Updating dependencies
Resolving dependencies...
[PackageNotFound]
Package configupdater (1.0.1) not found.
If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.
Make sure that all the APIs based on the same logic for the same operations (like rename or making sure something exists). If there must be a difference (because of the file format requires it), highlight that in the docs with a .. warning::
Use preconditions instead of criteria parameters. That way the core will be lot cleaner, and the behaviour of the Rule will be more explicit.
Proposal
LineExists(
name='Add X-Ray import to settings.py',
path=Path("settings.py"),
target=r'^from config import init_settings',
text="import xray,
preconditions=[
HasStack(stacks=["python"]),
IsFileNotContains(path=Path("settings.py"), criteria=rf'^import xray$')
]
),
The two has the same operations on the document which are duplicated and not shared. Make sure that the code is refactored to have the common functionalities at one place.
Is your feature request related to a problem? Please describe.
Readme contains outdated output formats and need a better wording.
Describe the solution you'd like
Rewrite readme and make sure it is more understandable.
Describe alternatives you've considered
N/A
Additional context
N/A
Function task
has a Cognitive Complexity of 8 (exceeds 5 allowed). Consider refactoring.
Is your feature request related to a problem? Please describe.
For those cases when more than 20 Laws are registered on the Pillar and counting 100+ rules, it is hard to see the "big picture" about how the rules are connected and what is the distribution of Rules.
Describe the solution you'd like
Add a flag to hammurabi get order
command to be able to export the execution order and visualize it with Graphviz.
Describe alternatives you've considered
N/A
Additional context
Dependabot can't resolve your Python dependency files.
As a result, Dependabot couldn't update your dependencies.
The error Dependabot encountered was:
Creating virtualenv hammurabi-ASImexZU-py3.8 in /home/dependabot/.cache/pypoetry/virtualenvs
Updating dependencies
Resolving dependencies...
[PackageNotFound]
Package configupdater (1.0.1) not found.
If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.