Add pre-commit hooks.

.github/workflows/docker-build.yaml

@@ -44,7 +44,7 @@ jobs:
         env:
           # if primary fails, this will use ghcr.io as the primary and public.ecr.aws then.
           TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
-        # this is v0.35.0 
+        # this is v0.35.0
         uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1
         with:
           image-ref: "veridise/audithub-client:${{ env.IMAGE_TAG }}"

.github/workflows/pypi-publish.yaml

@@ -14,26 +14,26 @@ jobs:
     - uses: actions/checkout@v4
       with:
         persist-credentials: false
-        fetch-depth: 0  
-    
+        fetch-depth: 0
+
     - name: Set up Python
       uses: actions/setup-python@v5
       with:
-        python-version: "3.12" 
-    
+        python-version: "3.12"
+
     - name: Install Poetry
       uses: snok/install-poetry@v1
       with:
         version: latest
         virtualenvs-create: true
         virtualenvs-in-project: true
-    
+
     - name: Install dependencies
       run: poetry install --no-interaction --no-root
-    
+
     - name: Build distribution packages
       run: poetry build
-    
+
     - name: Store the distribution packages
       uses: actions/upload-artifact@v4
       with:
@@ -49,7 +49,7 @@ jobs:
     runs-on: ubuntu-latest
     environment:
       name: pypi
-      url: https://pypi.org/p/audithub-client	  
+      url: "https://pypi.org/p/audithub-client"
     permissions:
       id-token: write
 

.pre-commit-config.yaml

@@ -0,0 +1,53 @@
+repos:
+  - repo: local
+    hooks:
+      - id: check-case-conflict
+        name: check-case-conflict
+        entry: poetry run check-case-conflict
+        language: system
+        pass_filenames: false
+      - id: check-yaml
+        name: check-yaml
+        entry: poetry run check-yaml
+        language: system
+        types: [yaml]
+      - id: mixed-line-ending
+        name: mixed-line-ending
+        entry: poetry run mixed-line-ending --fix=auto
+        language: system
+        types: [text]
+      - id: trailing-whitespace
+        name: trailing-whitespace
+        entry: poetry run trailing-whitespace-fixer
+        language: system
+        types: [text]
+      - id: end-of-file-fixer
+        name: end-of-file-fixer
+        entry: poetry run end-of-file-fixer
+        language: system
+        types: [text]
+      - id: requirements-txt-fixer
+        name: requirements-txt-fixer
+        entry: poetry run requirements-txt-fixer
+        language: system
+        files: (^|/)(requirements|constraints)(/.*)?\.txt$
+      - id: black
+        name: black
+        entry: poetry run black --check audithub_client
+        language: system
+        pass_filenames: false
+      - id: isort
+        name: isort
+        entry: poetry run isort --check audithub_client
+        language: system
+        pass_filenames: false
+      - id: ruff
+        name: ruff
+        entry: poetry run ruff check audithub_client
+        language: system
+        pass_filenames: false
+      - id: mypy
+        name: mypy
+        entry: poetry run mypy audithub_client
+        language: system
+        pass_filenames: false

AGENTS.md

@@ -14,4 +14,4 @@ Always ensure the following:
 
 PR Review guidelines:
 1. Cross-reference all API calls made by the CLI with the production API mentioned above.
-2. Flag any places with missing data validation on user inputs.
+2. Flag any places with missing data validation on user inputs.

Developer Instructions.md

@@ -4,7 +4,7 @@ See [README.md](README.md) for installation.
 # Introducing a new API call.
 > **_NOTE:_** we will use `get_task_info` as an example below.
 
-1. Add a new file at `audithub_client/api`, implementing the rpc. Use the convention `api_...` for naming the RPC function. Make the function accept at most two arguments. 
+1. Add a new file at `audithub_client/api`, implementing the rpc. Use the convention `api_...` for naming the RPC function. Make the function accept at most two arguments.
     1. The first should be an AuditHubContext, with the needed information to contact AuditHub successfully.
     2. The second, if required, should be a data class encapsulating all the RPC parameters (both URL and body)
 
@@ -13,7 +13,7 @@ See [README.md](README.md) for installation.
     GetTaskInfoArgs:
         organization_id: int
         task_id: int
-    ``` 
+    ```
     and then implement the API function:
     ```Python
     def api_get_task_info(context: AuditHubContext, input: GetTaskInfoArgs):

Dockerfile

@@ -48,4 +48,4 @@ RUN . /venv/bin/activate && pip install *.whl && rm *.whl *.tar.gz
 
 USER $USER
 
-ENTRYPOINT ["ah"]
+ENTRYPOINT ["ah"]

Makefile

@@ -11,35 +11,35 @@ check: black isort ruff mypy
 
 .PHONY:black
 black:
-	black --check $(MODULE)
+	poetry run black --check $(MODULE)
 
 .PHONY:black-fix
 black-fix:
-	black $(MODULE)
+	poetry run black $(MODULE)
 
 .PHONY:isort
 isort:
-	isort --check $(MODULE)
+	poetry run isort --check $(MODULE)
 
 .PHONY:isort-fix
 isort-fix:
-	isort $(MODULE)
+	poetry run isort $(MODULE)
 
 .PHONY:mypy
 mypy:
-	mypy $(MODULE)
+	poetry run mypy $(MODULE)
 
 .PHONY:ruff
 ruff:
-	ruff check $(MODULE)
+	poetry run ruff check $(MODULE)
 
 .PHONY:ruff-fix
 ruff-fix:
-	ruff check --fix $(MODULE)
+	poetry run ruff check --fix $(MODULE)
 
 .PHONY: mypy-types
 mypy-types:
-	mypy --install-types --non-interactive
+	poetry run mypy --install-types --non-interactive
 
 .PHONY: fix
 fix: isort-fix black-fix ruff-fix
@@ -69,10 +69,10 @@ release: image-versioned image push-versioned push
 	@echo "Release $(shell poetry version -s) done"
 
 .PHONY: tag
-tag: 
+tag:
 	git tag v$(shell poetry version -s)
 
 
 .PHONY: push-tag
-push-tag: 
-	git push --tags
+push-tag:
+	git push --tags

README.md

@@ -1,9 +1,14 @@
 This is the AuditHub client, a Python module that allows programmatic access to Veridise AuditHub via its REST API.
 
 # Installing
+- To install the CLI as a package, use a package manager such as `pip install audithub-client`
+
+# Developing
 - Allocate and activate a venv, e.g., `python -m venv .venv && source .venv/bin/activate`
 - Make sure you have `poetry` installed. If it cannot be found globally, you can install it in the local venv with `pip install poetry`
 - Run `poetry install`
+- If you are developing on top of this repository, install the git hooks with `poetry run pre-commit install`
+- If you are developing on top of this repository, you can run the hooks manually across the repository with `poetry run pre-commit run --all-files`
 
 # Configuring
 All commands support configuration via command line arguments. Additionally, some arguments can also be specified as environment variables.
@@ -15,19 +20,19 @@ The required arguments for any API call are the following (the name inside the p
   - `dev`: https://keycloak.dev.veridise.tools/auth/realms/veridise/.well-known/openid-configuration
   - `production`: https://sso.veridise.com/auth/realms/veridise/.well-known/openid-configuration
 - `--oidc-client-id` (`AUDITHUB_OIDC_CLIENT_ID`): The OIDC client id (to be supplied by Veridise upon request)
-- `--oidc-client-secret` (`AUDITHUB_OIDC_CLIENT_SECRET`): The OIDC client secret (to be supplied by Veridise upon request). 
+- `--oidc-client-secret` (`AUDITHUB_OIDC_CLIENT_SECRET`): The OIDC client secret (to be supplied by Veridise upon request).
 
 Note: use `ah --help` to see the global arguments, applicable to all commands.
-Note: any logging output produced by the `ah` script is directed to stderr, so that output 
+Note: any logging output produced by the `ah` script is directed to stderr, so that output
 
 **Important**: please note that the `client_id` and `client_secret` pair should be considered sensitive information, as anyone with access to these can trigger AuditHub actions that account towards the usage limits of the organization that was issued these credentials.
 
-We suggest to set these arguments in the environment for ease of use. 
-One approach is to use [direnv](https://direnv.net), for which we provide two sample files: `envrc-sample-dev` and `envrc-sample-production`. 
+We suggest to set these arguments in the environment for ease of use.
+One approach is to use [direnv](https://direnv.net), for which we provide two sample files: `envrc-sample-dev` and `envrc-sample-production`.
 If you would like to use this utility, copy one of the samples corresponding to your target environment as `.envrc`, edit `.envrc` to fill in your credentials, and you can then use the below command line utilities.
 
 # Command line usage
-We offer a global `ah` script, that offers commands that make API calls. 
+We offer a global `ah` script, that offers commands that make API calls.
 Use `ah --help` to list all supported commands, as well as the global options that apply to all commands.
 To get help for a specific command, use `ah command --help`. For example: `ah get-task-info --help`.
 
@@ -48,7 +53,7 @@ This should output information about your user profile in AuditHub, and can help
 
 
 # API Usage
-If you would like to use this module as a library, utilized by your own Python code, you can import the corresponding function from the API call you are interested in. 
+If you would like to use this module as a library, utilized by your own Python code, you can import the corresponding function from the API call you are interested in.
 e.g., to invoke the `get_my_profile` function programmatically, you can do the following:
 ```python
 from audithub_client.api.get_my_profile import api_get_my_profile
@@ -57,16 +62,16 @@ from os import getenv
 
 # Fill in the corresponding values below
 rpc_context = AuditHubContext(
-    base_url=getenv("AUDITHUB_BASE_URL"), 
-    oidc_configuration_url=getenv("AUDITHUB_OIDC_CONFIGURATION_URL"), 
-    oidc_client_id=getenv("AUDITHUB_OIDC_CLIENT_ID"), 
+    base_url=getenv("AUDITHUB_BASE_URL"),
+    oidc_configuration_url=getenv("AUDITHUB_OIDC_CONFIGURATION_URL"),
+    oidc_client_id=getenv("AUDITHUB_OIDC_CLIENT_ID"),
     oidc_client_secret=getenv("AUDITHUB_OIDC_CLIENT_SECRET")
 )
 print(api_get_my_profile(rpc_context))
 ```
 
 # Script reference
-For a current script reference, please use `ah --help`. 
+For a current script reference, please use `ah --help`.
 Some interesting commands are the following:
   - `create-version-via-local-archive`  Create a new version for a project by uploading a local .zip archive, or creating one on the fly from a local folder.
   - `create-version-via-url`            Create a new version for a project by asking AuditHub to either download an archive or clone a Git repository.
@@ -120,4 +125,4 @@ Use `make image-versioned` to build an image tagger with both `latest` and the c
 Finally, use `make push` to push latest and `make push-versioned` to push the image tagger with the current version.
 
 As a side note, for `docker build --platform=linux/amd64,linux/arm64 ...` to work, the machine's container runtime needs to support multi-platform builds. Specifically for Docker, this requires switching from the "classic" image store to the containerd image store as outlined [here](https://docs.docker.com/build/building/multi-platform/).
-For Docker Desktop, you can set the "Use containerd for pulling and storing images" option in the user interface as described [here](https://docs.docker.com/desktop/features/containerd/). 
+For Docker Desktop, you can set the "Use containerd for pulling and storing images" option in the user interface as described [here](https://docs.docker.com/desktop/features/containerd/).

audithub_client/library/invocation_common.py

@@ -6,10 +6,10 @@
 
 app = App(
     help="""\
-This is the Veridise AuditHub CLI client, that allows access to AuditHub via its REST API. 
-When you have Veridise AuditHub credentials, you can use this tool to, 
+This is the Veridise AuditHub CLI client, that allows access to AuditHub via its REST API.
+When you have Veridise AuditHub credentials, you can use this tool to,
 e.g., create new versions for projects, launch Veridise tools, monitor their progress, and obtain the results.
-This tool can be used in CI/CD pipelines to assist in verifying new versions of projects. 
+This tool can be used in CI/CD pipelines to assist in verifying new versions of projects.
 """,
 )
 

audithub_client/library/json_dump.py

@@ -7,11 +7,9 @@
 
 OutputType = Annotated[
     Literal["raw", "json", "json-pretty", "pprint", "list", "table", "none"],
-    Parameter(
-        help="""\
+    Parameter(help="""\
 The output format. Options are: 'raw': Python print(), 'json': single-line JSON, 'json-pretty': multi-line JSON, 'pprint': Python pprint(), 'list': list element per line, 'table': tabular view, 'none': omit output completely.
-"""
-    ),
+"""),
 ]