Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: add git pre-commit hook integration #91

Merged
merged 10 commits into from
Aug 3, 2022
Merged

feat: add git pre-commit hook integration #91

merged 10 commits into from
Aug 3, 2022

Conversation

maxrake
Copy link
Contributor

@maxrake maxrake commented Aug 2, 2022

Overview

The phylum-ci script entry point already had most of the code for a pre-commit environment. This PR updated that code to account for some edge cases.

The .pre-commit-hooks.yaml file was added, with a single hook configuration defined for use in consuming repositories. This is a Python hook and works without any additional system-level dependencies. If the phylum CLI binary is installed locally, it will be used. Otherwise, the hook will install it.

There was an attempt to add a second hook which would make use of the phylumio/phylum-ci docker image. This proved too difficult to implement without overhauling the way the image is used in regards to entrypoints. The only real loss is for users who may not want to have the phylum CLI installed locally and prefer a self-contained Docker environment instead.

Up until now, the CI environments that have been implemented allow for output, in the form of review comments, to be posted as rendered markdown. The environments that don't use CI...pre-commit and no-CI so far...display their output in the terminal. Instead of writing separate output for these environments, a conversion utility library (connect-markdown-renderer) is used to render the existing markdown output in the terminal. Additionally, the labels for these environments were shortened to be more readable...in both the output as a link and the Phylum UI in the label dropdown menu.

A local git pre-commit hook configuration was added to this repository. This will help to dog-food the integration and understand the pre-commit environment more generally. Like all pre-commit configurations, this is opt-in for individual developers. More hooks may be added when #14 is tackled.

Other actions taken:

  • Rename poetry_update workflow to auto_updates
  • Update the auto_updates workflow
    • Enable auto updates of the pre-commit hooks to the latest tags
      • Use immutable hashes instead of tag names
    • Ensure commits by phylum-bot are signed
    • Rename the workflow and branch names
  • Add git pre-commit documentation

Closes #35

Checklist

  • Does this PR have an associated issue (i.e., closes #<issueNum> in description above)?
  • Have you ensured that you have met the expected acceptance criteria?
  • Have you created sufficient tests?
    • No automated tests yet
    • Local testing was performed to verify these changes
  • Have you updated all affected documentation?
  • Update the registry of pre-commit hooks to include this project
    • Do this after this feature has been merged and included in a phylum-ci release

Screenshots

Using the hooks in the phylum-ci repo:

image


Running the local hooks against all the files in the repo:

image


What a failure looks like:

image

maxrake added 10 commits July 28, 2022 15:05
This is a small library that makes use of `rich` to render markdown in a terminal shell.
…ironments

So far, the CI environments that have been implemented allow for output, in the form of review comments, to be posted as rendered markdown. The environments that don't use CI - pre-commit and 'no-CI' so far - display their output in the terminal. Instead of writing separate output for these environments, a conversion utility library is used to render the existing markdown output in the terminal. Additionally, the labels for these environments were shortened to be more readable...in both the output as a link and the Phylum UI in the label dropdown menu.
* Add a local pre-commit config file `.pre-commit-config.yaml`
  * Add a few basic hooks to ensure functionality and start on QA
  * Add a local hook for using `phylum` to analyze the poetry lockfile
* Rename `poetry_update` workflow to `auto_updates`
* Update the `auto_updates` workflow
  * Enable auto updates of the pre-commit hooks to the latest tags
  * Ensure commits by `phylum-bot` are signed
  * Rename the workflow and branch names
@maxrake maxrake requested a review from kylewillmon August 2, 2022 18:44
@maxrake maxrake requested a review from a team as a code owner August 2, 2022 18:44
@maxrake maxrake self-assigned this Aug 2, 2022
@github-actions
Copy link

github-actions bot commented Aug 2, 2022

Phylum OSS Supply Chain Risk Analysis - SUCCESS

The Phylum risk analysis is complete and did not identify any issues.

View this project in the Phylum UI

@maxrake maxrake merged commit 99c5726 into main Aug 3, 2022
@maxrake maxrake deleted the pre_committed branch August 3, 2022 18:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Add support for Python pre-commit hook integration
2 participants