gitflow-analytics 1.3.11__py3-none-any.whl → 3.3.0__py3-none-any.whl

gitflow_analytics/core/git_auth.py

@@ -0,0 +1,169 @@
+"""Git authentication setup and validation for GitHub operations."""
+
+import logging
+import subprocess
+from pathlib import Path
+
+from github import Github
+from github.GithubException import BadCredentialsException, GithubException
+
+logger = logging.getLogger(__name__)
+
+
+def verify_github_token(token: str, timeout: int = 10) -> tuple[bool, str, str]:
+    """Verify GitHub token is valid and return authenticated username.
+
+    Args:
+        token: GitHub personal access token
+        timeout: API request timeout in seconds (default: 10)
+
+    Returns:
+        Tuple of (success, username, error_message)
+        - success: True if token is valid
+        - username: GitHub username if successful, empty string otherwise
+        - error_message: Error description if failed, empty string otherwise
+    """
+    if not token:
+        return False, "", "GitHub token is empty"
+
+    try:
+        github = Github(token, timeout=timeout)
+        user = github.get_user()
+        username = user.login
+        logger.info(f"GitHub token verified successfully for user: {username}")
+        return True, username, ""
+    except BadCredentialsException:
+        error_msg = "GitHub token is invalid or expired"
+        logger.error(error_msg)
+        return False, "", error_msg
+    except GithubException as e:
+        error_msg = (
+            f"GitHub API error: {e.data.get('message', str(e)) if hasattr(e, 'data') else str(e)}"
+        )
+        logger.error(error_msg)
+        return False, "", error_msg
+    except Exception as e:
+        error_msg = f"Unexpected error verifying GitHub token: {str(e)}"
+        logger.error(error_msg)
+        return False, "", error_msg
+
+
+def setup_git_credentials(token: str, username: str = "git") -> bool:
+    """Configure git to use GitHub token for HTTPS authentication.
+
+    This function sets up the git credential helper to store credentials
+    and adds the GitHub token to ~/.git-credentials.
+
+    Args:
+        token: GitHub personal access token
+        username: Username for git authentication (default: "git")
+
+    Returns:
+        True if setup successful, False otherwise
+    """
+    try:
+        # Configure git to use credential helper store
+        subprocess.run(
+            ["git", "config", "--global", "credential.helper", "store"],
+            check=True,
+            capture_output=True,
+            text=True,
+        )
+        logger.debug("Configured git credential helper to 'store'")
+
+        # Add credentials to ~/.git-credentials
+        credentials_file = Path.home() / ".git-credentials"
+        credential_line = f"https://{username}:{token}@github.com\n"
+
+        # Read existing credentials
+        existing_credentials = []
+        if credentials_file.exists():
+            with open(credentials_file) as f:
+                existing_credentials = f.readlines()
+
+        # Check if GitHub credential already exists
+        github_creds = [line for line in existing_credentials if "github.com" in line]
+        if github_creds:
+            # Remove old GitHub credentials
+            existing_credentials = [
+                line for line in existing_credentials if "github.com" not in line
+            ]
+            logger.debug("Replaced existing GitHub credentials")
+
+        # Add new credential
+        existing_credentials.append(credential_line)
+
+        # Write back to file with proper permissions
+        credentials_file.touch(mode=0o600, exist_ok=True)
+        with open(credentials_file, "w") as f:
+            f.writelines(existing_credentials)
+
+        logger.info("Git credentials configured successfully")
+        return True
+
+    except subprocess.CalledProcessError as e:
+        logger.error(f"Failed to configure git credential helper: {e.stderr}")
+        return False
+    except OSError as e:
+        logger.error(f"Failed to write git credentials file: {e}")
+        return False
+    except Exception as e:
+        logger.error(f"Unexpected error setting up git credentials: {e}")
+        return False
+
+
+def preflight_git_authentication(config: dict) -> bool:
+    """Run pre-flight checks for git authentication and setup credentials.
+
+    This function verifies the GitHub token and configures git credentials
+    before any git operations are performed.
+
+    Args:
+        config: Configuration dictionary containing github.token
+
+    Returns:
+        True if authentication is ready, False if setup failed
+    """
+    # Extract GitHub token from config
+    github_config = config.get("github", {})
+    token = github_config.get("token")
+
+    if not token:
+        logger.error("❌ GITHUB_TOKEN not found in configuration")
+        print("❌ GITHUB_TOKEN not found in config. Add to .env file or config.yaml")
+        print("   Example .env file:")
+        print("   GITHUB_TOKEN=ghp_xxxxxxxxxxxxxxxxxxxx")
+        print("\n   Or in config.yaml:")
+        print("   github:")
+        print("     token: ${GITHUB_TOKEN}")
+        return False
+
+    # Verify token is valid
+    success, username, error_msg = verify_github_token(token)
+    if not success:
+        logger.error(f"❌ GitHub token validation failed: {error_msg}")
+        if "invalid or expired" in error_msg.lower():
+            print("❌ GitHub token invalid or expired. Generate new token at:")
+            print("   https://github.com/settings/tokens")
+            print("\n   Required permissions:")
+            print("   - repo (Full control of private repositories)")
+            print("   - read:org (Read org and team membership)")
+        elif "api error" in error_msg.lower():
+            print(f"❌ Cannot access GitHub API: {error_msg}")
+            print("   Check your network connection and GitHub API status:")
+            print("   https://www.githubstatus.com/")
+        else:
+            print(f"❌ GitHub authentication failed: {error_msg}")
+        return False
+
+    # Setup git credentials
+    if not setup_git_credentials(token, username="git"):
+        logger.error("❌ Failed to setup git credentials")
+        print("❌ Failed to configure git credentials")
+        print("   Try manually running:")
+        print("   git config --global credential.helper store")
+        return False
+
+    logger.info(f"✅ GitHub authentication configured successfully (user: {username})")
+    print(f"✅ GitHub authentication configured successfully (user: {username})")
+    return True

gitflow_analytics/core/git_timeout_wrapper.py

@@ -0,0 +1,347 @@
+"""Git operation wrapper with timeout protection.
+
+This module provides timeout-protected git operations to prevent hanging
+when repositories require authentication or have network issues.
+"""
+
+import logging
+import os
+import subprocess
+import threading
+import time
+from contextlib import contextmanager
+from pathlib import Path
+from typing import Callable, Optional, TypeVar
+
+logger = logging.getLogger(__name__)
+
+T = TypeVar("T")
+
+
+class GitOperationTimeout(Exception):
+    """Raised when a git operation exceeds its timeout."""
+
+    pass
+
+
+class GitTimeoutWrapper:
+    """Wrapper for git operations with timeout protection."""
+
+    def __init__(self, default_timeout: int = 30):
+        """Initialize the git timeout wrapper.
+
+        Args:
+            default_timeout: Default timeout in seconds for git operations
+        """
+        self.default_timeout = default_timeout
+        self._operation_stack = []  # Track nested operations for debugging
+
+    @contextmanager
+    def operation_tracker(self, operation_name: str, repo_path: Optional[Path] = None):
+        """Track the current git operation for debugging and heartbeat logging.
+
+        Args:
+            operation_name: Name of the operation being performed
+            repo_path: Optional repository path for context
+        """
+        operation_info = {
+            "name": operation_name,
+            "repo_path": str(repo_path) if repo_path else None,
+            "start_time": time.time(),
+            "thread_id": threading.current_thread().ident,
+        }
+
+        self._operation_stack.append(operation_info)
+        logger.info(
+            f"🚀 Starting operation: {operation_name} {f'for {repo_path}' if repo_path else ''}"
+        )
+
+        try:
+            yield operation_info
+        finally:
+            if self._operation_stack and self._operation_stack[-1] == operation_info:
+                self._operation_stack.pop()
+                elapsed = time.time() - operation_info["start_time"]
+                logger.info(f"✅ Completed operation: {operation_name} in {elapsed:.1f}s")
+
+    def get_current_operation(self) -> Optional[dict]:
+        """Get the currently running operation for this thread."""
+        thread_id = threading.current_thread().ident
+        for op in reversed(self._operation_stack):
+            if op.get("thread_id") == thread_id:
+                return op
+        return None
+
+    def run_with_timeout(
+        self,
+        func: Callable[..., T],
+        args: tuple = (),
+        kwargs: dict = None,
+        timeout: Optional[int] = None,
+        operation_name: str = "git_operation",
+    ) -> T:
+        """Run a function with timeout protection using threading.
+
+        Args:
+            func: Function to run
+            args: Positional arguments for the function
+            kwargs: Keyword arguments for the function
+            timeout: Timeout in seconds (uses default if not specified)
+            operation_name: Name of the operation for logging
+
+        Returns:
+            The result of the function
+
+        Raises:
+            GitOperationTimeout: If the operation times out
+        """
+        timeout = timeout or self.default_timeout
+        kwargs = kwargs or {}
+        result = [None]
+        exception = [None]
+
+        def target():
+            try:
+                result[0] = func(*args, **kwargs)
+            except Exception as e:
+                exception[0] = e
+
+        thread = threading.Thread(target=target, daemon=True)
+        thread.start()
+        thread.join(timeout)
+
+        if thread.is_alive():
+            # Thread is still running after timeout
+            logger.error(f"⏱️ Operation '{operation_name}' timed out after {timeout}s")
+            # Note: We can't actually kill the thread in Python, it will continue running
+            # but we'll raise an exception to prevent waiting for it
+            raise GitOperationTimeout(f"Operation '{operation_name}' timed out after {timeout}s")
+
+        if exception[0]:
+            raise exception[0]
+
+        return result[0]
+
+    def run_git_command(
+        self,
+        cmd: list[str],
+        cwd: Optional[Path] = None,
+        timeout: Optional[int] = None,
+        capture_output: bool = True,
+        check: bool = True,
+    ) -> subprocess.CompletedProcess:
+        """Run a git command with timeout protection.
+
+        Args:
+            cmd: Command to run as list of strings
+            cwd: Working directory for the command
+            timeout: Timeout in seconds (uses default if not specified)
+            capture_output: Whether to capture stdout/stderr
+            check: Whether to raise exception on non-zero return code
+
+        Returns:
+            CompletedProcess instance with the result
+
+        Raises:
+            GitOperationTimeout: If the command times out
+            subprocess.CalledProcessError: If check=True and command fails
+        """
+        timeout = timeout or self.default_timeout
+
+        # Set environment to prevent authentication prompts
+        env = os.environ.copy()
+        env.update(
+            {
+                "GIT_TERMINAL_PROMPT": "0",
+                "GIT_ASKPASS": "/bin/echo",
+                "SSH_ASKPASS": "/bin/echo",
+                "GCM_INTERACTIVE": "never",
+                "GIT_SSH_COMMAND": "ssh -o BatchMode=yes -o StrictHostKeyChecking=no -o PasswordAuthentication=no",
+                "DISPLAY": "",
+                "GIT_CREDENTIAL_HELPER": "",
+                "GCM_PROVIDER": "none",
+            }
+        )
+
+        operation_name = " ".join(cmd[:2])  # e.g., "git fetch"
+
+        with self.operation_tracker(operation_name, cwd):
+            try:
+                result = subprocess.run(
+                    cmd,
+                    cwd=cwd,
+                    env=env,
+                    capture_output=capture_output,
+                    text=True,
+                    timeout=timeout,
+                    check=check,
+                )
+                return result
+
+            except subprocess.TimeoutExpired as e:
+                logger.error(f"⏱️ Git command timed out after {timeout}s: {' '.join(cmd)}")
+                raise GitOperationTimeout(
+                    f"Git command '{operation_name}' timed out after {timeout}s"
+                ) from e
+
+            except subprocess.CalledProcessError as e:
+                # Check if it's an authentication error
+                error_str = (e.stderr or "").lower()
+                if any(
+                    x in error_str
+                    for x in ["authentication", "permission denied", "401", "403", "password"]
+                ):
+                    logger.error(f"🔐 Authentication failed for git command: {operation_name}")
+                    logger.error(f"   Error details: {e.stderr}")
+                raise
+
+    def fetch_with_timeout(self, repo_path: Path, timeout: int = 30) -> bool:
+        """Fetch from remote with timeout protection.
+
+        Args:
+            repo_path: Path to the repository
+            timeout: Timeout in seconds
+
+        Returns:
+            True if fetch succeeded, False otherwise
+        """
+        try:
+            self.run_git_command(
+                ["git", "fetch", "--all"], cwd=repo_path, timeout=timeout, check=True
+            )
+            logger.info(f"✅ Fetch succeeded for {repo_path.name}")
+            return True
+        except (GitOperationTimeout, subprocess.CalledProcessError) as e:
+            # Extract detailed error information
+            error_detail = ""
+            if isinstance(e, subprocess.CalledProcessError) and e.stderr:
+                error_detail = e.stderr.strip()
+                # Check for authentication-specific errors
+                if (
+                    "could not read Username" in error_detail
+                    or "could not read Password" in error_detail
+                ):
+                    logger.error(
+                        f"🔐 Authentication required for {repo_path.name}. "
+                        f"Repository uses HTTPS but no credentials configured. "
+                        f"Consider: (1) Configure git credential helper, "
+                        f"(2) Use SSH URLs instead, or (3) Set GITHUB_TOKEN in environment."
+                    )
+                elif "Authentication failed" in error_detail or "403" in error_detail:
+                    logger.error(
+                        f"🔐 Authentication failed for {repo_path.name}. "
+                        f"Check that your GitHub token has proper permissions."
+                    )
+                else:
+                    logger.warning(f"Git fetch failed for {repo_path.name}: {error_detail}")
+            else:
+                logger.warning(f"Git fetch failed for {repo_path.name}: {e}")
+            return False
+
+    def pull_with_timeout(self, repo_path: Path, timeout: int = 30) -> bool:
+        """Pull from remote with timeout protection.
+
+        Args:
+            repo_path: Path to the repository
+            timeout: Timeout in seconds
+
+        Returns:
+            True if pull succeeded, False otherwise
+        """
+        try:
+            self.run_git_command(["git", "pull"], cwd=repo_path, timeout=timeout, check=True)
+            return True
+        except (GitOperationTimeout, subprocess.CalledProcessError) as e:
+            logger.warning(f"Git pull failed for {repo_path}: {e}")
+            return False
+
+    def clone_with_timeout(
+        self, clone_url: str, target_path: Path, branch: Optional[str] = None, timeout: int = 60
+    ) -> bool:
+        """Clone a repository with timeout protection.
+
+        Args:
+            clone_url: URL of the repository to clone
+            target_path: Target path for the cloned repository
+            branch: Optional branch to checkout
+            timeout: Timeout in seconds (default 60s for cloning)
+
+        Returns:
+            True if clone succeeded, False otherwise
+        """
+        cmd = ["git", "clone", "--config", "credential.helper="]
+        if branch:
+            cmd.extend(["-b", branch])
+        cmd.extend([clone_url, str(target_path)])
+
+        try:
+            self.run_git_command(cmd, timeout=timeout, check=True)
+            return True
+        except (GitOperationTimeout, subprocess.CalledProcessError) as e:
+            logger.warning(f"Git clone failed for {clone_url}: {e}")
+            return False
+
+
+class HeartbeatLogger:
+    """Provides heartbeat logging for long-running operations."""
+
+    def __init__(self, interval: int = 5):
+        """Initialize heartbeat logger.
+
+        Args:
+            interval: Interval in seconds between heartbeat logs
+        """
+        self.interval = interval
+        self._stop_event = threading.Event()
+        self._thread = None
+        self._wrapper = GitTimeoutWrapper()
+
+    def start(self):
+        """Start the heartbeat logging thread."""
+        if self._thread and self._thread.is_alive():
+            return
+
+        self._stop_event.clear()
+        self._thread = threading.Thread(target=self._heartbeat_loop, daemon=True)
+        self._thread.start()
+
+    def stop(self):
+        """Stop the heartbeat logging thread."""
+        self._stop_event.set()
+        if self._thread:
+            self._thread.join(timeout=1)
+
+    def _heartbeat_loop(self):
+        """Main heartbeat loop that logs current operations."""
+        last_log_time = 0
+
+        while not self._stop_event.is_set():
+            current_time = time.time()
+
+            if current_time - last_log_time >= self.interval:
+                operation = self._wrapper.get_current_operation()
+                if operation:
+                    elapsed = current_time - operation["start_time"]
+                    repo_info = f"for {operation['repo_path']} " if operation["repo_path"] else ""
+                    logger.info(
+                        f"💓 Heartbeat: Still running '{operation['name']}' "
+                        f"{repo_info}"
+                        f"(elapsed: {elapsed:.1f}s)"
+                    )
+                last_log_time = current_time
+
+            # Sleep in small increments to be responsive to stop event
+            self._stop_event.wait(0.5)
+
+    def __enter__(self):
+        """Context manager entry."""
+        self.start()
+        return self
+
+    def __exit__(self, exc_type, exc_val, exc_tb):
+        """Context manager exit."""
+        self.stop()
+
+
+# Global instance for convenience
+git_wrapper = GitTimeoutWrapper()

gitflow_analytics/core/metrics_storage.py

@@ -378,8 +378,9 @@ class DailyMetricsStorage:
             else:
                 # Fallback for unexpected types
                 metrics["files_changed"] += 0
-            metrics["lines_added"] += commit.get("insertions", 0)
-            metrics["lines_deleted"] += commit.get("deletions", 0)
+            # Use filtered values if available, fallback to raw values
+            metrics["lines_added"] += commit.get("filtered_insertions", commit.get("insertions", 0))
+            metrics["lines_deleted"] += commit.get("filtered_deletions", commit.get("deletions", 0))
             metrics["story_points"] += commit.get("story_points", 0) or 0
 
             # Classification counts
@@ -394,7 +395,15 @@ class DailyMetricsStorage:
             ticket_refs = commit.get("ticket_references", [])
             if ticket_refs:
                 metrics["tracked_commits"] += 1
-                metrics["unique_tickets"].update(ticket_refs)
+                # Extract ticket IDs from ticket reference objects
+                # ticket_refs can be either [{"id": "PROJ-123", "platform": "jira"}] or ["PROJ-123"]
+                ticket_ids = []
+                for ref in ticket_refs:
+                    if isinstance(ref, dict):
+                        ticket_ids.append(ref.get("id", str(ref)))
+                    else:
+                        ticket_ids.append(str(ref))
+                metrics["unique_tickets"].update(ticket_ids)
             else:
                 metrics["untracked_commits"] += 1