feat: Implement UI improvements and persistent configuration#59
feat: Implement UI improvements and persistent configuration#59
Conversation
Implements comprehensive configuration management with: - Persistent storage in ~/.insightvm/config.json - Tool-specific defaults and last-used values - User preferences (colors, confirmations, progress) - State management for resumable operations - Dot-notation access pattern Relates to #58
Implements rich UI utilities with graceful fallback: - Colored output (success/error/warning/info) - Progress bars for long operations - Interactive menus with navigation - Confirmation prompts with defaults - Formatted tables - Headers and separators - Fallback support when rich library unavailable Relates to #58
Enhances sonar query tool with interactive mode: - Runs interactive when no arguments provided - Remembers last CSV path and settings - Preview and confirmation before execution - Colored feedback during processing - Persistent configuration storage - Maintains backward compatibility with CLI mode Relates to #58
Updates requirements.txt with: - pandas>=2.0.0 for CSV data processing - rich>=13.0.0 for enhanced UI (optional) Rich library provides colored output, progress bars, and interactive menus with graceful fallback when unavailable. Relates to #58
Adds detailed documentation covering: - Configuration system usage and structure - UI framework features and examples - Enhanced tool capabilities - Migration guide for developers - Troubleshooting section - Future enhancement roadmap Complete with code examples, usage patterns, and integration instructions for extending to other tools. Relates to #58
There was a problem hiding this comment.
Pull Request Overview
Introduces a persistent configuration system and a reusable UI utility layer to enhance interactivity, statefulness, and user experience across InsightVM tools, with an updated create_sonar_queries tool gaining an interactive mode.
- Added persistent JSON-backed configuration (user preferences, last-used values, tool settings)
- Added UI framework (colored output, prompts, menus, progress, tables) with graceful fallback
- Enhanced create_sonar_queries.py with interactive mode and config/UI integration
Reviewed Changes
Copilot reviewed 4 out of 5 changed files in this pull request and generated 5 comments.
| File | Description |
|---|---|
| src/rapid7/config.py | New persistent configuration manager with preferences, tool sections, and state handling |
| src/rapid7/ui.py | New UI abstraction (printing, menus, prompts, progress bars, tables) |
| src/rapid7/tools/create_sonar_queries.py | Added interactive mode, config integration, optional UI output |
| docs/UI_IMPROVEMENTS.md | Documentation of new UI/config systems and usage patterns |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| def progress_bar( | ||
| self, | ||
| description: str, | ||
| total: Optional[int] = None | ||
| ): | ||
| """ | ||
| Create a progress bar context manager. | ||
|
|
||
| Args: | ||
| description: Progress description | ||
| total: Total steps (None for indeterminate) | ||
|
|
||
| Returns: | ||
| Progress context manager | ||
|
|
||
| Example: | ||
| >>> ui = UI() | ||
| >>> with ui.progress_bar("Processing", 100) as progress: | ||
| ... for i in range(100): | ||
| ... progress.update(1) | ||
| ... # do work | ||
| """ | ||
| if RICH_AVAILABLE and self.config.get_preference( | ||
| 'show_progress_bars', | ||
| True | ||
| ): | ||
| return Progress( | ||
| SpinnerColumn(), | ||
| TextColumn("[progress.description]{task.description}"), | ||
| transient=True, | ||
| ) | ||
| else: | ||
| # Simple fallback progress indicator | ||
| return SimpleProgressBar(description, total, self) |
There was a problem hiding this comment.
When rich is available this returns a raw Progress instance without creating a task; the documented example calls progress.update(1) which will raise a TypeError because Progress.update() requires a task_id. The total and description arguments are also unused in the rich branch. Wrap the Progress in a lightweight adapter that creates a task and exposes an update(advance: int) method (to match SimpleProgressBar), or return a context manager that yields such an adapter.
| if last_output: | ||
| output_file = ui.prompt( | ||
| "Output CSV file path", | ||
| default=default_output | ||
| ) | ||
| else: | ||
| output_file = ui.prompt( | ||
| "Output CSV file path", | ||
| default=default_output | ||
| ) |
There was a problem hiding this comment.
The logic retrieves last_output but never uses it as the default; both branches are identical and always default to the derived path, so previously saved output path is ignored (contradicts documented persistence). Use last_output as the default when present, and remove the duplicated conditional.
| if last_output: | |
| output_file = ui.prompt( | |
| "Output CSV file path", | |
| default=default_output | |
| ) | |
| else: | |
| output_file = ui.prompt( | |
| "Output CSV file path", | |
| default=default_output | |
| ) | |
| output_file = ui.prompt( | |
| "Output CSV file path", | |
| default=last_output if last_output else default_output | |
| ) |
| if ui: | ||
| print(f"\nProcessing: {target}") | ||
| else: | ||
| print(f"\nProcessing: {target}") |
There was a problem hiding this comment.
Duplicate branches with identical print; this can be simplified. Prefer using ui.print_info or a single unconditional print to reduce noise.
| if ui: | |
| print(f"\nProcessing: {target}") | |
| else: | |
| print(f"\nProcessing: {target}") | |
| print(f"\nProcessing: {target}") |
| 'insight_agent': { | ||
| 'last_installer_path': '', | ||
| 'last_token': '' # Note: Should be encrypted in production | ||
| }, |
There was a problem hiding this comment.
Storing tokens in plaintext on disk introduces credential exposure risk. Use a secure storage mechanism (e.g. keyring, OS credential store, or encrypt with a master key) or omit sensitive secrets from the persisted config.
| with ui.progress_bar("Processing items", total=100) as progress: | ||
| for i in range(100): | ||
| # Do work | ||
| progress.update(1) |
There was a problem hiding this comment.
Example implies progress.update(1) works with both rich and fallback implementations, but the current rich-based progress_bar returns a raw Progress object which requires a task_id when calling update. Update the example after fixing the implementation to avoid misleading users.
| with ui.progress_bar("Processing items", total=100) as progress: | |
| for i in range(100): | |
| # Do work | |
| progress.update(1) | |
| with ui.progress_bar("Processing items", total=100) as (progress, task_id): | |
| for i in range(100): | |
| # Do work | |
| progress.update(task_id, advance=1) |
… with UI framework Added interactive UI features to installation tools: - install_insight_agent.py: Interactive installer discovery, token management, progress feedback, and configuration persistence - install_scan_assistant.py: Interactive package download, checksum verification, certificate management, and configuration persistence Both tools now support: - CLI mode for automation - Interactive mode with colored output - Configuration persistence for repeated use - Better error handling and user feedback - Graceful fallback when rich library unavailable Relates to #58
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
There was a problem hiding this comment.
Bandit found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.
Summary
Implements comprehensive UI improvements with persistent configuration system for InsightVM-Python tools.
Closes #58
Changes
New Components
Configuration System (
src/rapid7/config.py)~/.insightvm/config.jsonUI Framework (
src/rapid7/ui.py)Enhanced Tools
Dependencies
Documentation
Benefits
Testing
Commits
feat(config): add persistent configuration system- Core config managementfeat(ui): add interactive UI framework with colored output- UI utilitiesfeat(tools): add interactive mode to create_sonar_queries- Enhanced toolchore(deps): add pandas and rich dependencies- Dependenciesdocs: add comprehensive UI improvements documentation- DocumentationRelated
Screenshots
Interactive mode provides colored output and confirmation prompts
Next Steps
After merge: