itw-python-builder 0.1.39__tar.gz → 0.1.41__tar.gz

{itw_python_builder-0.1.39 → itw_python_builder-0.1.41}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: itw_python_builder
-Version: 0.1.39
+Version: 0.1.41
 Summary: Standardized Django deployment pipeline with Docker, testing, and SonarQube integration
 Author-email: IT-Works <contact@it-works.io>
 License: MIT

itw_python_builder-0.1.41/itw_python_builder/notify.py

@@ -0,0 +1,97 @@
+import os
+import smtplib
+import ssl
+import sys
+from email.mime.multipart import MIMEMultipart
+from email.mime.text import MIMEText
+from pathlib import Path
+
+TEMPLATE_PATH = Path(__file__).parent / 'templates' / 'new_version_email.html'
+
+
+def _env_getter():
+    env_path = Path.cwd() / '.env'
+    try:
+        from decouple import Config, RepositoryEnv
+        if env_path.exists():
+            cfg = Config(RepositoryEnv(str(env_path)))
+            return lambda key, default=None: cfg(key, default=default) if default is not None else cfg(key, default='')
+    except ImportError:
+        pass
+    return lambda key, default=None: os.environ[key] if default is None else os.environ.get(key, default)
+
+
+def _read_smtp_config() -> dict:
+    get = _env_getter()
+    return {
+        'host': get('EMAIL_HOST', 'smtp.gmail.com'),
+        'port': int(get('EMAIL_PORT', '587')),
+        'user': get('EMAIL_HOST_USER'),
+        'password': get('EMAIL_HOST_PASSWORD'),
+        'use_tls': str(get('EMAIL_USE_TLS', 'True')).lower() == 'true',
+    }
+
+
+def _read_team_emails() -> list:
+    raw = _env_getter()('EMAIL_RECIPIENTS', '')
+    return [addr.strip() for addr in (raw or '').split(',') if addr.strip()]
+
+
+def _render_template(version: str, commit_message: str) -> str:
+    html = TEMPLATE_PATH.read_text(encoding='utf-8')
+    safe_commit = (commit_message or '').strip() or '—'
+    safe_commit_html = (
+        safe_commit
+        .replace('&', '&')
+        .replace('<', '&lt;')
+        .replace('>', '&gt;')
+        .replace('\n', '<br>')
+    )
+    return html.replace('{VERSION}', version).replace('{COMMIT_MESSAGE}', safe_commit_html)
+
+
+def send_new_version_email(version: str, commit_message: str = '') -> int:
+    recipients = _read_team_emails()
+    if not recipients:
+        print('[notify] EMAIL_RECIPIENTS is empty — skipping email notification.')
+        return 0
+
+    cfg = _read_smtp_config()
+    html_body = _render_template(version, commit_message)
+
+    msg = MIMEMultipart('alternative')
+    msg['Subject'] = f'itw-python-builder — Version i ri ({version})'
+    msg['From'] = cfg['user']
+    msg['To'] = ', '.join(recipients)
+    msg.attach(MIMEText(html_body, 'html', 'utf-8'))
+
+    context = ssl.create_default_context()
+    with smtplib.SMTP(cfg['host'], cfg['port']) as smtp:
+        if cfg['use_tls']:
+            smtp.starttls(context=context)
+        smtp.login(cfg['user'], cfg['password'])
+        smtp.sendmail(cfg['user'], recipients, msg.as_string())
+
+    print(f'[notify] Sent release email for {version} to {len(recipients)} recipient(s).')
+    return len(recipients)
+
+
+def _main() -> int:
+    if len(sys.argv) < 2:
+        print(
+            'Usage: python -m itw_python_builder.notify <version> [<commit_message>]',
+            file=sys.stderr,
+        )
+        return 2
+    version = sys.argv[1]
+    commit_message = sys.argv[2] if len(sys.argv) >= 3 else ''
+    try:
+        send_new_version_email(version, commit_message)
+    except Exception as exc:
+        print(f'[notify] Failed to send release email: {exc}', file=sys.stderr)
+        return 1
+    return 0
+
+
+if __name__ == '__main__':
+    sys.exit(_main())

{itw_python_builder-0.1.39 → itw_python_builder-0.1.41}/itw_python_builder/tasks.py

@@ -15,6 +15,12 @@ from itw_python_builder.utils import (
     install_sigint_guard,
     abort_if_interrupted,
     step,
+    safe_remove,
+    ensure_gitignored,
+    gitignore_touched_this_run,
+    load_cached_token,
+    save_token_to_cache,
+    probe_gitlab_token,
 )
 from itw_python_builder.ssr_tasks import *  # noqa: F401,F403  — exposes ssr-init
 
@@ -27,9 +33,8 @@ from pathlib import Path
 PYLINTRC = Path(__file__).parent / ".pylintrc"
 
 
-@task
-def login(ctx: Context, username=None):
-    """Capture GitLab token. Backend also logs into the container registry."""
+def _prompt_and_store_token(ctx: Context, username: str = None) -> str:
+    """Prompt for the GitLab token, set env vars, save to cache, and do podman login on backend."""
     if not username:
         username = get_gitlab_username(ctx)
     token = getpass.getpass(f'Enter GitLab token for {username}: ')
@@ -37,6 +42,7 @@ def login(ctx: Context, username=None):
         raise RuntimeError('No token entered; aborting login.')
     os.environ['GITLAB_TOKEN'] = token
     os.environ['GITLAB_USERNAME'] = username
+    save_token_to_cache(token)
     if detect_project_type() == 'backend':
         print(f'Logging in to gitreg.it-works.io:443 as {username}')
         ctx.run(
@@ -45,6 +51,44 @@ def login(ctx: Context, username=None):
         )
     else:
         print(f'[itw] GitLab token captured for {username} (will be used for package upload).')
+    return token
+
+
+def _gitlab_api_host(ctx: Context) -> str:
+    host, _ = _parse_gitlab_remote(ctx)
+    return _GITLAB_API_HOST_MAP.get(host, host)
+
+
+def ensure_gitlab_auth(ctx: Context) -> None:
+    """Make sure GITLAB_TOKEN is set and valid."""
+    if os.environ.get('GITLAB_TOKEN'):
+        return
+
+    cached = load_cached_token()
+    if cached:
+        project_type = detect_project_type()
+        api_host = _gitlab_api_host(ctx)
+        username = get_gitlab_username(ctx)
+        status = probe_gitlab_token(ctx, project_type, api_host, username, cached)
+        if status == 'ok':
+            os.environ['GITLAB_TOKEN'] = cached
+            os.environ.setdefault('GITLAB_USERNAME', username)
+            print('[itw] Using cached GitLab token.')
+            return
+        if status == 'unreachable':
+            print('[itw] Could not reach GitLab to verify cached token; using it anyway.')
+            os.environ['GITLAB_TOKEN'] = cached
+            os.environ.setdefault('GITLAB_USERNAME', username)
+            return
+        print('[itw] Cached GitLab token was rejected (401/403). Please log in again.')
+
+    _prompt_and_store_token(ctx)
+
+
+@task
+def login(ctx: Context, username=None):
+    """Capture GitLab token. Backend also logs into the container registry."""
+    _prompt_and_store_token(ctx, username)
 
 
 def build_frontend(ctx: Context, branch: str, ssr: bool = False) -> None:
@@ -99,6 +143,8 @@ def commit_version(ctx: Context, version: Version) -> None:
     else:
         ctx.run(f'git add {Version.VERSION_FILE_NAME}')
     ctx.run('git add CHANGELOG.md')
+    if gitignore_touched_this_run():
+        ctx.run('git add .gitignore')
     ctx.run(f'git commit -m \'version update to {version}\'')
 
 
@@ -138,9 +184,13 @@ def tag_build_push(ctx: Context, version: Version, skip_pipeline: bool = False,
         step('push image', pushimage, ctx)
     else:
         branch = get_current_branch(ctx)
+        if ensure_gitignored('dist.tar.gz'):
+            print('[itw] Added "dist.tar.gz" to .gitignore.')
         step('build', build_frontend, ctx, branch, ssr=ssr)
         step('package', package_dist, ctx)
         step('upload', upload_dist, ctx, version)
+        if safe_remove('dist.tar.gz'):
+            print('[itw] Removed local artifact dist.tar.gz after upload.')
     step('changelog', changelog, ctx, version)
     step('push', push, ctx)
 
@@ -167,12 +217,12 @@ def _ensure_unique_tag(ctx: Context, version: Version) -> None:
 def incrementrc(ctx: Context, skip_pipeline=False, pylintrc=None, ssr=False) -> None:
     """Increment release candidate version and deploy. Use --ssr for Angular SSR builds."""
     check_branch(ctx)
-    login(ctx)
+    ensure_gitlab_auth(ctx)
     project_type = detect_project_type()
     version = read_version(ctx)
     version.increment_release_candidate()
     _ensure_unique_tag(ctx, version)
-    if project_type == 'backend':
+    if project_type == 'backend' and not skip_pipeline:
         lint(ctx, pylintrc=pylintrc)
     tag_build_push(ctx, version, skip_pipeline, ssr=ssr)
     save_version(version)
@@ -223,7 +273,7 @@ def incrementmajor(ctx: Context, skip_pipeline=False, ssr=False) -> None:
 def release(ctx: Context, skip_pipeline=False, ssr=False) -> None:
     """Promote release candidate to stable release and deploy. Use --ssr for Angular SSR builds."""
     _ = check_branch(ctx)
-    login(ctx)
+    ensure_gitlab_auth(ctx)
     version = read_version(ctx)
     version.reset_release_candidate(release=True)
     _ensure_unique_tag(ctx, version)
@@ -238,11 +288,13 @@ def test(ctx: Context, settings='backend.test_settings'):
     """Run tests with coverage (Django or Angular/karma)"""
     if detect_project_type() == 'frontend':
         ctx.run('npx ng test --no-watch --code-coverage --browsers=ChromeHeadlessNoSandbox')
+        print("✓ Tests completed")
         return
     detect_and_activate_venv()
     ctx.run(f'python -m coverage run manage.py test --settings={settings} --noinput -v 2')
     ctx.run('python -m coverage report -m')
     ctx.run('python -m coverage xml -o coverage.xml')
+    print("✓ Tests completed")
 
 
 @task
@@ -287,6 +339,7 @@ def analyze(ctx: Context):
     if detect_project_type() == 'backend':
         detect_and_activate_venv()
     load_env(ctx)
+    print("Running SonarQube analysis...")
     try:
         version = read_version(ctx)
         sonar_version = str(version).lstrip('v.')
@@ -317,45 +370,6 @@ def buildlocal(ctx: Context, ssr=False):
     print(f'✓ Built local image: {local_tag}')
 
 
-@task
-def testlocal(ctx: Context, settings='backend.test_settings'):
-    """Run tests locally (Django or Angular/karma)"""
-    if detect_project_type() == 'frontend':
-        ctx.run('npx ng test --no-watch --code-coverage --browsers=ChromeHeadlessNoSandbox')
-        print("✓ Tests completed")
-        return
-    detect_and_activate_venv()
-    ctx.run(f'python -m coverage run manage.py test --settings={settings} --noinput -v 2')
-    ctx.run('python -m coverage report -m')
-    ctx.run('python -m coverage xml -o coverage.xml')
-    print("✓ Tests completed")
-
-
-@task
-def analyzelocal(ctx: Context):
-    """Run SonarQube static analysis locally"""
-    if detect_project_type() == 'backend':
-        detect_and_activate_venv()
-    load_env(ctx)
-    print("Running SonarQube analysis...")
-    try:
-        version = read_version(ctx)
-        sonar_version = str(version).lstrip('v.')
-    except:
-        sonar_version = "0.0.0"
-
-    sonar_host = os.environ.get('SONAR_HOST_URL', '')
-    sonar_token = os.environ.get('SONAR_TOKEN', '')
-    git_depth = os.environ.get('GIT_DEPTH', '0')
-
-    if not sonar_host or not sonar_token:
-        raise RuntimeError('SONAR_HOST_URL and SONAR_TOKEN environment variables must be set.')
-    ctx.run(
-        f'podman run --rm -e SONAR_HOST_URL={sonar_host} -e SONAR_TOKEN={sonar_token} -e GIT_DEPTH={git_depth} --user=root -v "$(pwd)":/usr/src:Z docker.io/sonarsource/sonar-scanner-cli:latest -X -Dsonar.projectVersion={sonar_version}',
-        pty=True)
-    print("✓ SonarQube analysis completed")
-
-
 @task
 def pipelinelocal(ctx: Context, settings='backend.test_settings', pylintrc=None):
     """Local pipeline: (lint →) test → analyze"""
@@ -371,12 +385,12 @@ def pipelinelocal(ctx: Context, settings='backend.test_settings', pylintrc=None)
     print("\n" + "=" * 60)
     print(f"Step {'2' if project_type == 'backend' else '1'}: Running tests...")
     print("=" * 60)
-    step('tests', testlocal, ctx, settings)
+    step('tests', test, ctx, settings)
 
     print("\n" + "=" * 60)
     print(f"Step {'3' if project_type == 'backend' else '2'}: Running SonarQube analysis...")
     print("=" * 60)
-    step('analyze', analyzelocal, ctx)
+    step('analyze', analyze, ctx)
 
     print("\n" + "=" * 60)
     print("✓ Local pipeline completed successfully!")

itw_python_builder-0.1.41/itw_python_builder/templates/new_version_email.html

@@ -0,0 +1,38 @@
+<!DOCTYPE html>
+<html lang="sq">
+<head>
+  <meta charset="UTF-8">
+  <title>itw-python-builder — Version i ri</title>
+</head>
+<body style="margin:0;padding:0;background:#f4f6f8;font-family:Arial,Helvetica,sans-serif;color:#1f2937;">
+  <table role="presentation" width="100%" cellpadding="0" cellspacing="0" style="background:#f4f6f8;padding:24px 0;">
+    <tr>
+      <td align="center">
+        <table role="presentation" width="600" cellpadding="0" cellspacing="0" style="background:#ffffff;border-radius:8px;overflow:hidden;box-shadow:0 1px 3px rgba(0,0,0,0.08);">
+          <tr>
+            <td style="background:#0f172a;color:#ffffff;padding:20px 28px;">
+              <h1 style="margin:0;font-size:20px;">itw-python-builder — Version i ri</h1>
+            </td>
+          </tr>
+          <tr>
+            <td style="padding:28px;">
+              <p style="margin:0 0 16px 0;font-size:15px;">Përshëndetje kolegë,</p>
+              <p style="margin:0 0 16px 0;font-size:15px;">
+                Një version i ri i paketës <strong>itw-python-builder</strong> është publikuar:
+                <strong>{VERSION}</strong>.
+              </p>
+              <p style="margin:0 0 8px 0;font-size:15px;"><strong>Mesazhi i commit-it:</strong></p>
+              <div style="background:#f3f4f6;border-left:4px solid #0f172a;padding:12px 16px;font-size:14px;line-height:1.5;color:#374151;margin:0 0 20px 0;">
+                {COMMIT_MESSAGE}
+              </div>
+              <p style="margin:0 0 8px 0;font-size:15px;"><strong>Komanda për të bërë upgrade:</strong></p>
+              <pre style="background:#0f172a;color:#f9fafb;padding:14px 16px;border-radius:6px;font-size:13px;overflow-x:auto;margin:0 0 20px 0;">pip install itw-python-builder=={VERSION} --no-cache-dir</pre>
+              <p style="margin:0;font-size:13px;color:#6b7280;">Faleminderit</p>
+            </td>
+          </tr>
+        </table>
+      </td>
+    </tr>
+  </table>
+</body>
+</html>

{itw_python_builder-0.1.39 → itw_python_builder-0.1.41}/itw_python_builder/utils.py

@@ -1,7 +1,3 @@
-"""Shared helpers used by tasks.py and ssr_tasks.py.
-
-Only non-@task functions live here. CLI tasks stay in tasks.py / ssr_tasks.py.
-"""
 import getpass
 import io
 import json
@@ -255,6 +251,103 @@ def _parse_gitlab_remote(ctx: Context) -> tuple:
     return host, path
 
 
+def safe_remove(name: str) -> bool:
+    if '/' in name or name in ('', '.', '..'):
+        raise ValueError(f'safe_remove: refusing unsafe name {name!r}')
+    target = Path(os.getcwd()) / name
+    if not target.exists() or target.is_dir() or target.is_symlink():
+        return False
+    target.unlink()
+    return True
+
+
+_GITIGNORE_TOUCHED = False
+
+
+def ensure_gitignored(name: str) -> bool:
+    """Append `name` to ./.gitignore if not already present. Returns True if added."""
+    global _GITIGNORE_TOUCHED
+    gi = Path(os.getcwd()) / '.gitignore'
+    if gi.exists():
+        content = gi.read_text(encoding='utf-8')
+        if name in (line.strip() for line in content.splitlines()):
+            return False
+        prefix = '' if content.endswith('\n') or content == '' else '\n'
+        with gi.open('a', encoding='utf-8') as fp:
+            fp.write(f'{prefix}{name}\n')
+    else:
+        gi.write_text(f'{name}\n', encoding='utf-8')
+    _GITIGNORE_TOUCHED = True
+    return True
+
+
+def gitignore_touched_this_run() -> bool:
+    """Return True if `ensure_gitignored` modified .gitignore in this process."""
+    return _GITIGNORE_TOUCHED
+
+
+TOKEN_CACHE_PATH = Path.home() / '.config' / 'itw' / 'gitlab_token'
+
+
+def load_cached_token() -> str:
+    """Return cached GitLab token from disk, or '' if missing/unreadable."""
+    try:
+        if TOKEN_CACHE_PATH.exists():
+            return TOKEN_CACHE_PATH.read_text(encoding='utf-8').strip()
+    except OSError as exc:
+        print(f'[itw] Could not read cached token at {TOKEN_CACHE_PATH}: {exc}')
+    return ''
+
+
+def save_token_to_cache(token: str) -> bool:
+    """Best-effort write of token to disk (mode 0600). Warns and returns False on failure."""
+    try:
+        TOKEN_CACHE_PATH.parent.mkdir(parents=True, exist_ok=True)
+        TOKEN_CACHE_PATH.write_text(token, encoding='utf-8')
+        os.chmod(TOKEN_CACHE_PATH, 0o600)
+        return True
+    except OSError as exc:
+        print(
+            f'[itw] Could not persist token to {TOKEN_CACHE_PATH}: {exc}. '
+            'You will be asked for it again next time.'
+        )
+        return False
+
+
+def probe_gitlab_token(ctx: Context, project_type: str, api_host: str, username: str, token: str) -> str:
+    if project_type == 'backend':
+        result = ctx.run(
+            f'podman login -u {username} --password-stdin gitreg.it-works.io:443 --tls-verify=false',
+            in_stream=io.StringIO(token),
+            hide=True,
+            warn=True,
+        )
+        if result.ok:
+            return 'ok'
+        err = (result.stderr or result.stdout or '').lower()
+        if 'unauthorized' in err or '401' in err or 'authentication' in err:
+            return 'unauthorized'
+        return 'unreachable'
+
+    import ssl
+    import urllib.error
+    import urllib.request
+    req = urllib.request.Request(
+        f'https://{api_host}/api/v4/user',
+        headers={'PRIVATE-TOKEN': token},
+    )
+    ssl_ctx = ssl.create_default_context()
+    ssl_ctx.check_hostname = False
+    ssl_ctx.verify_mode = ssl.CERT_NONE
+    try:
+        with urllib.request.urlopen(req, context=ssl_ctx, timeout=5) as resp:
+            return 'ok' if resp.status == 200 else 'unreachable'
+    except urllib.error.HTTPError as exc:
+        return 'unauthorized' if exc.code in (401, 403) else 'unreachable'
+    except (urllib.error.URLError, TimeoutError, OSError):
+        return 'unreachable'
+
+
 def is_ssr_project() -> bool:
     """Return True if the current frontend project already has SSR scaffolding."""
     cwd = os.getcwd()

{itw_python_builder-0.1.39 → itw_python_builder-0.1.41}/itw_python_builder.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: itw_python_builder
-Version: 0.1.39
+Version: 0.1.41
 Summary: Standardized Django deployment pipeline with Docker, testing, and SonarQube integration
 Author-email: IT-Works <contact@it-works.io>
 License: MIT

{itw_python_builder-0.1.39 → itw_python_builder-0.1.41}/itw_python_builder.egg-info/SOURCES.txt

@@ -4,6 +4,7 @@ pyproject.toml
 itw_python_builder/.pylintrc
 itw_python_builder/__init__.py
 itw_python_builder/cli.py
+itw_python_builder/notify.py
 itw_python_builder/ssr_tasks.py
 itw_python_builder/tasks.py
 itw_python_builder/utils.py
@@ -14,5 +15,6 @@ itw_python_builder.egg-info/dependency_links.txt
 itw_python_builder.egg-info/entry_points.txt
 itw_python_builder.egg-info/requires.txt
 itw_python_builder.egg-info/top_level.txt
+itw_python_builder/templates/new_version_email.html
 itw_python_builder/templates/server.sitemap.snippet.ts
 itw_python_builder/templates/sitemap.routes.ts

{itw_python_builder-0.1.39 → itw_python_builder-0.1.41}/pyproject.toml

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "itw_python_builder"
-version = "0.1.39"
+version = "0.1.41"
 description = "Standardized Django deployment pipeline with Docker, testing, and SonarQube integration"
 readme = "README.md"
 requires-python = ">=3.10"
@@ -40,7 +40,7 @@ Issues = "https://git.it-works.io/"
 include-package-data = true
 
 [tool.setuptools.package-data]
-itw_python_builder = [".pylintrc", "templates/*.ts"]
+itw_python_builder = [".pylintrc", "templates/*.ts", "templates/*.html"]
 
 [project.scripts]
 itw = "itw_python_builder.cli:main"