-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat: add git pre-commit hook integration #91
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This is a small library that makes use of `rich` to render markdown in a terminal shell.
…ironments So far, the CI environments that have been implemented allow for output, in the form of review comments, to be posted as rendered markdown. The environments that don't use CI - pre-commit and 'no-CI' so far - display their output in the terminal. Instead of writing separate output for these environments, a conversion utility library is used to render the existing markdown output in the terminal. Additionally, the labels for these environments were shortened to be more readable...in both the output as a link and the Phylum UI in the label dropdown menu.
* Add a local pre-commit config file `.pre-commit-config.yaml` * Add a few basic hooks to ensure functionality and start on QA * Add a local hook for using `phylum` to analyze the poetry lockfile * Rename `poetry_update` workflow to `auto_updates` * Update the `auto_updates` workflow * Enable auto updates of the pre-commit hooks to the latest tags * Ensure commits by `phylum-bot` are signed * Rename the workflow and branch names
Phylum OSS Supply Chain Risk Analysis - SUCCESSThe Phylum risk analysis is complete and did not identify any issues. |
kylewillmon
approved these changes
Aug 3, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Overview
The
phylum-ci
script entry point already had most of the code for apre-commit
environment. This PR updated that code to account for some edge cases.The
.pre-commit-hooks.yaml
file was added, with a single hook configuration defined for use in consuming repositories. This is a Python hook and works without any additional system-level dependencies. If thephylum
CLI binary is installed locally, it will be used. Otherwise, the hook will install it.There was an attempt to add a second hook which would make use of the
phylumio/phylum-ci
docker image. This proved too difficult to implement without overhauling the way the image is used in regards to entrypoints. The only real loss is for users who may not want to have thephylum
CLI installed locally and prefer a self-contained Docker environment instead.Up until now, the CI environments that have been implemented allow for output, in the form of review comments, to be posted as rendered markdown. The environments that don't use CI...
pre-commit
andno-CI
so far...display their output in the terminal. Instead of writing separate output for these environments, a conversion utility library (connect-markdown-renderer
) is used to render the existing markdown output in the terminal. Additionally, the labels for these environments were shortened to be more readable...in both the output as a link and the Phylum UI in the label dropdown menu.A local git pre-commit hook configuration was added to this repository. This will help to dog-food the integration and understand the
pre-commit
environment more generally. Like allpre-commit
configurations, this is opt-in for individual developers. More hooks may be added when #14 is tackled.Other actions taken:
poetry_update
workflow toauto_updates
auto_updates
workflowphylum-bot
are signedpre-commit
documentationCloses #35
Checklist
closes #<issueNum>
in description above)?Have you created sufficient tests?phylum-ci
releaseScreenshots
Using the hooks in the
phylum-ci
repo:Running the local hooks against all the files in the repo:
What a failure looks like: