Eric/cus 9 - Socket CLI v2

.github/PULL_REQUEST_TEMPLATE.md

@@ -0,0 +1,5 @@
+Click on the "Preview" tab and select appropriate PR template:
+
+[New Feature](?expand=1&template=feature.md)
+[Bug Fix](?expand=1&template=bug-fix.md)
+[Improvement](?expand=1&template=improvement.md)

.github/PULL_REQUEST_TEMPLATE/bug-fix.md

@@ -0,0 +1,19 @@
+<!--Description: Briefly describe the bug and its impact. If there's a related Linear ticket or Sentry issue, link it here. ⬇️ -->
+
+## Root Cause
+<!-- Concise explanation of what caused the bug ⬇️ -->
+
+
+
+## Fix
+<!-- Explain how your changes address the bug ⬇️ -->
+
+## Public Changelog
+<!-- Write a changelog message between comment tags if this should be included in the public product changelog, Leave blank otherwise. -->
+
+<!-- changelog ⬇️-->
+N/A
+<!-- /changelog ⬆️ -->
+
+
+<!-- TEMPLATE TYPE DON'T REMOVE: python-cli-template-bug-fix -->

.github/PULL_REQUEST_TEMPLATE/feature.md

@@ -0,0 +1,16 @@
+<!-- Description: Briefly describe the new feature you're introducing ⬇️ -->
+
+
+## Why?
+<!-- Explain the motivation behind this feature and its expected benefits ⬇️ -->
+
+
+
+## Public Changelog
+<!-- Write a changelog message between comment tags if this should be included in the public product changelog. -->
+
+<!-- changelog ⬇️-->
+N/A
+<!-- /changelog ⬆️ -->
+
+<!-- TEMPLATE TYPE DON'T REMOVE: python-cli-template-feature -->

.github/PULL_REQUEST_TEMPLATE/improvement.md

@@ -0,0 +1,10 @@
+<!-- Description: Briefly describe the code improvement you're making. This could include things like lint fixes, adding monitoring dashboards, optimizing scripts, refactoring, etc. ⬇️ -->
+
+## Public Changelog
+<!-- Write a changelog message between comment tags if this should be included in the public product changelog. -->
+
+<!-- changelog ⬇️-->
+N/A
+<!-- /changelog ⬆️ -->
+
+<!-- TEMPLATE TYPE DON'T REMOVE: python-cli-template-improvement -->

.github/workflows/pr-preview.yml

@@ -1,7 +1,7 @@
 name: PR Preview
 on:
   pull_request:
-    types: [opened, synchronize]
+    types: [opened, synchronize, ready_for_review]
 
 jobs:
   preview:
@@ -12,9 +12,15 @@ jobs:
         with:
           python-version: '3.x'
 
+      # Install all dependencies from pyproject.toml
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -e .
+
       - name: Set preview version
         run: |
-          BASE_VERSION=$(grep -o "__version__.*" socketsecurity/__init__.py | awk '{print $3}' | tr -d "'")
+          BASE_VERSION=$(python -c "from socketsecurity import __version__; print(__version__)")
           PREVIEW_VERSION="${BASE_VERSION}.dev${{ github.event.pull_request.number }}${{ github.event.pull_request.commits }}"
           echo "VERSION=${PREVIEW_VERSION}" >> $GITHUB_ENV
 
@@ -25,7 +31,7 @@ jobs:
 
           # Verify the change
           echo "Updated version in __init__.py:"
-          cat socketsecurity/__init__.py | grep "__version__"
+          python -c "from socketsecurity import __version__; print(__version__)"
 
       - name: Check if version exists on Test PyPI
         id: version_check

.github/workflows/release.yml

@@ -13,6 +13,12 @@ jobs:
         with:
           python-version: '3.x'
 
+      # Install all dependencies from pyproject.toml
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install -e .
+
       - name: Get Version
         id: version
         run: |
@@ -104,4 +110,4 @@ jobs:
             socketdev/cli:latest
             socketdev/cli:${{ env.VERSION }}
           build-args: |
-            CLI_VERSION=${{ env.VERSION }}
+            CLI_VERSION=${{ env.VERSION }}

.github/workflows/version-check.yml

@@ -1,7 +1,7 @@
 name: Version Check
 on:
   pull_request:
-    types: [opened, synchronize]
+    types: [opened, synchronize, ready_for_review]
     paths:
       - 'socketsecurity/**'
       - 'setup.py'

.gitignore

@@ -6,18 +6,20 @@ dist
 *.build
 *.dist
 *.egg-info
-test
 *.env
 run_container.sh
 *.zip
 bin
 scripts/*.py
 *.json
+!tests/**/*.json
 markdown_overview_temp.md
 markdown_security_temp.md
 .DS_Store
 *.pyc
 test.py
 *.cpython-312.pyc`
 file_generator.py
-.env.local
+.coverage
+.env.local
+Pipfile

.python-version

@@ -0,0 +1 @@
+3.12

Dockerfile

@@ -1,12 +1,22 @@
 FROM python:3-alpine
 LABEL org.opencontainers.image.authors="socket.dev"
 ARG CLI_VERSION
+ARG SDK_VERSION
 ARG PIP_INDEX_URL=https://pypi.org/simple
 ARG PIP_EXTRA_INDEX_URL=https://pypi.org/simple
 
 RUN apk update \
     && apk add --no-cache git nodejs npm yarn
 
-RUN pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketsecurity==$CLI_VERSION \
-    && socketcli -v \
-    && socketcli -v | grep -q $CLI_VERSION
+# Install CLI with retries for TestPyPI propagation (10 attempts, 30s each = 5 minutes total)
+RUN for i in $(seq 1 10); do \
+        echo "Attempt $i/10: Installing socketsecurity==$CLI_VERSION"; \
+        if pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketsecurity==$CLI_VERSION; then \
+            break; \
+        fi; \
+        echo "Install failed, waiting 30s before retry..."; \
+        sleep 30; \
+    done && \
+    if [ ! -z "$SDK_VERSION" ]; then \
+        pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socket-sdk-python==${SDK_VERSION}; \
+    fi

Makefile

@@ -0,0 +1,69 @@
+.PHONY: setup compile-deps sync-deps clean test lint init-tools local-dev first-time-setup update-deps dev-setup sync-all first-time-local-setup
+
+# Environment variable for local SDK path (optional)
+SOCKET_SDK_PATH ?= ../socket-sdk-python
+
+# Environment variable to control local development mode
+USE_LOCAL_SDK ?= false
+
+# === High-level workflow targets ===
+
+# First-time repo setup after cloning (using PyPI packages)
+first-time-setup: clean setup
+
+# First-time setup for local development (using local SDK)
+first-time-local-setup: 
+	$(MAKE) clean
+	$(MAKE) USE_LOCAL_SDK=true dev-setup
+
+# Update dependencies after changing pyproject.toml
+update-deps: compile-deps sync-deps
+
+# Setup for local development
+dev-setup: clean local-dev setup
+
+# Sync all dependencies after pulling changes
+sync-all: sync-deps
+
+# === Implementation targets ===
+
+# Creates virtual environment and installs pip-tools
+init-tools:
+	python -m venv .venv
+	. .venv/bin/activate && pip install pip-tools
+
+# Installs dependencies needed for local development
+# Currently: socket-sdk-python from test PyPI or local path
+local-dev: init-tools
+ifeq ($(USE_LOCAL_SDK),true)
+	. .venv/bin/activate && pip install -e $(SOCKET_SDK_PATH)
+endif
+
+# Creates/updates requirements.txt files with locked versions based on pyproject.toml
+compile-deps: local-dev
+	. .venv/bin/activate && pip-compile --output-file=requirements.txt pyproject.toml
+	. .venv/bin/activate && pip-compile --extra=dev --output-file=requirements-dev.txt pyproject.toml
+	. .venv/bin/activate && pip-compile --extra=test --output-file=requirements-test.txt pyproject.toml
+
+# Creates virtual environment and installs dependencies from pyproject.toml
+setup: compile-deps
+	. .venv/bin/activate && pip install -e ".[dev,test]"
+
+# Installs exact versions from requirements.txt into your virtual environment
+sync-deps:
+	. .venv/bin/activate && pip-sync requirements.txt requirements-dev.txt requirements-test.txt
+ifeq ($(USE_LOCAL_SDK),true)
+	. .venv/bin/activate && pip install -e $(SOCKET_SDK_PATH)
+endif
+
+# Removes virtual environment and cache files
+clean:
+	rm -rf .venv
+	find . -type d -name "__pycache__" -exec rm -rf {} +
+
+test:
+	pytest
+
+lint:
+	ruff check .
+	ruff format --check .