mcli-framework 7.10.1__py3-none-any.whl → 7.11.0__py3-none-any.whl

mcli/workflow/notebook/validator.py

@@ -0,0 +1,313 @@
+"""
+Validation utilities for workflow notebooks.
+
+Provides validation for:
+- JSON schema compliance
+- Code syntax checking
+- Shell script validation
+- MCLI API validation
+"""
+
+import ast
+import subprocess
+import tempfile
+from pathlib import Path
+from typing import Any, Dict, List, Optional
+
+from mcli.lib.logger.logger import get_logger
+
+from .schema import NOTEBOOK_SCHEMA, CellLanguage, CellType, WorkflowNotebook
+
+logger = get_logger()
+
+
+class NotebookValidator:
+    """Validator for workflow notebooks."""
+
+    def __init__(self):
+        self.schema_errors: List[str] = []
+        self.syntax_errors: List[str] = []
+
+    def validate_schema(self, notebook: WorkflowNotebook) -> bool:
+        """
+        Validate notebook against JSON schema.
+
+        Args:
+            notebook: WorkflowNotebook to validate
+
+        Returns:
+            True if valid, False otherwise
+        """
+        self.schema_errors = []
+
+        try:
+            import jsonschema
+
+            data = notebook.to_dict()
+            jsonschema.validate(instance=data, schema=NOTEBOOK_SCHEMA)
+            return True
+
+        except ImportError:
+            # jsonschema not installed, do basic validation
+            logger.warning("jsonschema not installed, performing basic validation")
+            return self._basic_schema_validation(notebook)
+
+        except Exception as e:
+            self.schema_errors.append(str(e))
+            return False
+
+    def _basic_schema_validation(self, notebook: WorkflowNotebook) -> bool:
+        """Basic schema validation without jsonschema library."""
+        valid = True
+
+        # Check required fields
+        if not notebook.metadata.mcli.name:
+            self.schema_errors.append("Missing required field: metadata.mcli.name")
+            valid = False
+
+        if notebook.nbformat != 4:
+            self.schema_errors.append(f"Invalid nbformat: {notebook.nbformat} (expected 4)")
+            valid = False
+
+        # Validate cells
+        for i, cell in enumerate(notebook.cells):
+            if not cell.cell_type:
+                self.schema_errors.append(f"Cell {i}: Missing cell_type")
+                valid = False
+
+            if not cell.source and not isinstance(cell.source, (str, list)):
+                self.schema_errors.append(f"Cell {i}: Missing or invalid source")
+                valid = False
+
+        return valid
+
+    def validate_syntax(self, notebook: WorkflowNotebook) -> bool:
+        """
+        Validate code syntax in all code cells.
+
+        Args:
+            notebook: WorkflowNotebook to validate
+
+        Returns:
+            True if all code is syntactically valid, False otherwise
+        """
+        self.syntax_errors = []
+        all_valid = True
+
+        for i, cell in enumerate(notebook.cells):
+            if cell.cell_type != CellType.CODE:
+                continue
+
+            language = cell.language
+            code = cell.source_text
+
+            if language == CellLanguage.PYTHON:
+                if not self._validate_python_syntax(code, i):
+                    all_valid = False
+
+            elif language in (CellLanguage.SHELL, CellLanguage.BASH, CellLanguage.ZSH):
+                if not self._validate_shell_syntax(code, i):
+                    all_valid = False
+
+        return all_valid
+
+    def _validate_python_syntax(self, code: str, cell_index: int) -> bool:
+        """Validate Python code syntax."""
+        try:
+            ast.parse(code)
+            return True
+        except SyntaxError as e:
+            self.syntax_errors.append(
+                f"Cell {cell_index} (Python): Syntax error at line {e.lineno}: {e.msg}"
+            )
+            return False
+        except Exception as e:
+            self.syntax_errors.append(f"Cell {cell_index} (Python): {str(e)}")
+            return False
+
+    def _validate_shell_syntax(self, code: str, cell_index: int) -> bool:
+        """Validate shell script syntax using bash -n."""
+        try:
+            # Create temporary file with shell script
+            with tempfile.NamedTemporaryFile(mode="w", suffix=".sh", delete=False) as f:
+                f.write(code)
+                temp_path = f.name
+
+            try:
+                # Use bash -n to check syntax without executing
+                result = subprocess.run(
+                    ["bash", "-n", temp_path],
+                    capture_output=True,
+                    text=True,
+                    timeout=5,
+                )
+
+                if result.returncode != 0:
+                    error_msg = result.stderr.strip()
+                    self.syntax_errors.append(f"Cell {cell_index} (Shell): {error_msg}")
+                    return False
+
+                return True
+
+            finally:
+                # Clean up temp file
+                Path(temp_path).unlink(missing_ok=True)
+
+        except subprocess.TimeoutExpired:
+            self.syntax_errors.append(f"Cell {cell_index} (Shell): Validation timeout")
+            return False
+        except Exception as e:
+            self.syntax_errors.append(f"Cell {cell_index} (Shell): {str(e)}")
+            return False
+
+    def validate_mcli_apis(self, notebook: WorkflowNotebook) -> bool:
+        """
+        Validate MCLI API usage in code cells.
+
+        This checks for:
+        - Proper Click decorator usage
+        - MCLI library imports
+        - Common API patterns
+
+        Args:
+            notebook: WorkflowNotebook to validate
+
+        Returns:
+            True if API usage is valid, False otherwise
+        """
+        # TODO: Implement MCLI-specific API validation
+        # This could check for:
+        # - @click.command() or @click.group() decorators
+        # - Proper import statements
+        # - Common anti-patterns
+        return True
+
+    def get_all_errors(self) -> List[str]:
+        """Get all validation errors."""
+        return self.schema_errors + self.syntax_errors
+
+
+class CodeLinter:
+    """Linter for workflow notebook code."""
+
+    def __init__(self):
+        self.issues: List[Dict[str, any]] = []
+
+    def lint_python(self, code: str) -> List[Dict[str, any]]:
+        """
+        Lint Python code using available linters.
+
+        Tries to use (in order):
+        1. flake8
+        2. pylint
+        3. Basic AST-based checks
+
+        Returns:
+            List of lint issues
+        """
+        self.issues = []
+
+        # Try flake8
+        try:
+            import flake8.api.legacy as flake8_api
+
+            style_guide = flake8_api.get_style_guide()
+            with tempfile.NamedTemporaryFile(mode="w", suffix=".py", delete=False) as f:
+                f.write(code)
+                temp_path = f.name
+
+            try:
+                report = style_guide.check_files([temp_path])
+                # Convert flake8 results to our format
+                # (this is simplified - actual implementation would parse flake8 output)
+                if report.total_errors > 0:
+                    self.issues.append(
+                        {
+                            "severity": "warning",
+                            "message": f"Found {report.total_errors} style issues",
+                            "line": 0,
+                        }
+                    )
+            finally:
+                Path(temp_path).unlink(missing_ok=True)
+
+        except ImportError:
+            # flake8 not available, try basic checks
+            self._basic_python_lint(code)
+
+        return self.issues
+
+    def _basic_python_lint(self, code: str):
+        """Basic Python linting using AST."""
+        try:
+            tree = ast.parse(code)
+
+            # Check for common issues
+            for node in ast.walk(tree):
+                # Check for unused imports (simplified)
+                if isinstance(node, ast.Import):
+                    # TODO: Check if imports are actually used
+                    pass
+
+                # Check for bare except
+                if isinstance(node, ast.ExceptHandler) and node.type is None:
+                    self.issues.append(
+                        {
+                            "severity": "warning",
+                            "message": "Bare except clause - consider specifying exception type",
+                            "line": node.lineno,
+                        }
+                    )
+
+        except SyntaxError:
+            # Already caught by syntax validation
+            pass
+
+    def lint_shell(self, code: str) -> List[Dict[str, any]]:
+        """
+        Lint shell script using shellcheck if available.
+
+        Returns:
+            List of lint issues
+        """
+        self.issues = []
+
+        try:
+            # Create temporary file
+            with tempfile.NamedTemporaryFile(mode="w", suffix=".sh", delete=False) as f:
+                f.write(code)
+                temp_path = f.name
+
+            try:
+                # Try to use shellcheck
+                result = subprocess.run(
+                    ["shellcheck", "-f", "json", temp_path],
+                    capture_output=True,
+                    text=True,
+                    timeout=10,
+                )
+
+                if result.stdout:
+                    import json
+
+                    issues = json.loads(result.stdout)
+                    self.issues = [
+                        {
+                            "severity": issue.get("level", "warning"),
+                            "message": issue.get("message", ""),
+                            "line": issue.get("line", 0),
+                            "code": issue.get("code", ""),
+                        }
+                        for issue in issues
+                    ]
+
+            finally:
+                Path(temp_path).unlink(missing_ok=True)
+
+        except FileNotFoundError:
+            # shellcheck not installed
+            logger.debug("shellcheck not found, skipping shell linting")
+        except Exception as e:
+            logger.warning(f"Shell linting failed: {e}")
+
+        return self.issues

mcli/workflow/secrets/__init__.py

@@ -0,0 +1,4 @@
+"""Secrets workflow - migrated from lib.secrets"""
+from .secrets_cmd import secrets
+
+__all__ = ["secrets"]

mcli/workflow/secrets/secrets_cmd.py

@@ -0,0 +1,192 @@
+"""
+Secrets workflow command - migrated from lib.secrets
+
+This is now a workflow instead of a lib utility.
+All secrets management functionality remains the same.
+"""
+
+from pathlib import Path
+from typing import Optional
+
+import click
+
+from mcli.lib.ui.styling import error, info, success, warning
+
+# Import from the original lib.secrets modules (keeping the implementation)
+from mcli.lib.secrets.manager import SecretsManager
+from mcli.lib.secrets.repl import run_repl
+from mcli.lib.secrets.store import SecretsStore
+
+
+@click.command(name="secrets", help="Secure secrets management with encryption and git sync")
+@click.option("--repl", is_flag=True, help="Launch interactive secrets shell")
+@click.option("--set", "set_secret", nargs=2, type=str, help="Set a secret (KEY VALUE)")
+@click.option("--get", "get_secret", type=str, help="Get a secret value")
+@click.option("--list", "list_secrets", is_flag=True, help="List all secrets")
+@click.option("--delete", "delete_secret", type=str, help="Delete a secret")
+@click.option("--namespace", "-n", default="default", help="Namespace for secrets")
+@click.option("--show", is_flag=True, help="Show full value (not masked)")
+@click.option("--export", is_flag=True, help="Export secrets as environment variables")
+@click.option("--import-file", type=click.Path(exists=True), help="Import from env file")
+@click.option("--store-init", is_flag=True, help="Initialize secrets store")
+@click.option("--store-push", is_flag=True, help="Push secrets to store")
+@click.option("--store-pull", is_flag=True, help="Pull secrets from store")
+@click.option("--store-sync", is_flag=True, help="Sync secrets with store")
+@click.option("--store-status", is_flag=True, help="Show store status")
+@click.option("--remote", type=str, help="Git remote URL (for store init)")
+@click.option("--message", "-m", type=str, help="Commit message (for store operations)")
+@click.option("--output", "-o", type=click.Path(), help="Output file (for export)")
+def secrets(
+    repl: bool,
+    set_secret: Optional[tuple],
+    get_secret: Optional[str],
+    list_secrets: bool,
+    delete_secret: Optional[str],
+    namespace: str,
+    show: bool,
+    export: bool,
+    import_file: Optional[str],
+    store_init: bool,
+    store_push: bool,
+    store_pull: bool,
+    store_sync: bool,
+    store_status: bool,
+    remote: Optional[str],
+    message: Optional[str],
+    output: Optional[str],
+):
+    """
+    Secrets management workflow - all-in-one command for managing secrets.
+
+    Examples:
+        mcli workflows secrets --repl                    # Interactive shell
+        mcli workflows secrets --set API_KEY abc123      # Set a secret
+        mcli workflows secrets --get API_KEY             # Get a secret
+        mcli workflows secrets --list                    # List all secrets
+        mcli workflows secrets --export                  # Export as env vars
+        mcli workflows secrets --store-init              # Initialize git store
+    """
+    manager = SecretsManager()
+
+    # Handle REPL
+    if repl:
+        run_repl()
+        return
+
+    # Handle set
+    if set_secret:
+        key, value = set_secret
+        try:
+            manager.set(key, value, namespace)
+            success(f"Secret '{key}' set in namespace '{namespace}'")
+        except Exception as e:
+            error(f"Failed to set secret: {e}")
+        return
+
+    # Handle get
+    if get_secret:
+        value = manager.get(get_secret, namespace)
+        if value is not None:
+            if show:
+                click.echo(value)
+            else:
+                masked = (
+                    value[:3] + "*" * (len(value) - 6) + value[-3:]
+                    if len(value) > 6
+                    else "*" * len(value)
+                )
+                info(f"{get_secret} = {masked}")
+                info("Use --show to display the full value")
+        else:
+            warning(f"Secret '{get_secret}' not found in namespace '{namespace}'")
+        return
+
+    # Handle list
+    if list_secrets:
+        secrets_list = manager.list(namespace if namespace != "default" else None)
+        if secrets_list:
+            info("Secrets:")
+            for secret in secrets_list:
+                click.echo(f"  • {secret}")
+        else:
+            info("No secrets found")
+        return
+
+    # Handle delete
+    if delete_secret:
+        if click.confirm(f"Are you sure you want to delete '{delete_secret}'?"):
+            if manager.delete(delete_secret, namespace):
+                success(f"Secret '{delete_secret}' deleted from namespace '{namespace}'")
+            else:
+                warning(f"Secret '{delete_secret}' not found in namespace '{namespace}'")
+        return
+
+    # Handle export
+    if export:
+        env_vars = manager.export_env(namespace if namespace != "default" else None)
+        if env_vars:
+            if output:
+                with open(output, "w") as f:
+                    for key, value in env_vars.items():
+                        f.write(f"export {key}={value}\n")
+                success(f"Exported {len(env_vars)} secrets to {output}")
+            else:
+                for key, value in env_vars.items():
+                    click.echo(f"export {key}={value}")
+        else:
+            info("No secrets to export")
+        return
+
+    # Handle import
+    if import_file:
+        count = manager.import_env(Path(import_file), namespace)
+        success(f"Imported {count} secrets into namespace '{namespace}'")
+        return
+
+    # Store operations
+    store = SecretsStore()
+
+    if store_init:
+        store.init(remote)
+        success("Secrets store initialized")
+        return
+
+    if store_push:
+        store.push(manager.secrets_dir, message)
+        success("Secrets pushed to store")
+        return
+
+    if store_pull:
+        store.pull(manager.secrets_dir)
+        success("Secrets pulled from store")
+        return
+
+    if store_sync:
+        store.sync(manager.secrets_dir, message)
+        success("Secrets synced with store")
+        return
+
+    if store_status:
+        status = store.status()
+        info("Secrets Store Status:")
+        click.echo(f"  Initialized: {status['initialized']}")
+        click.echo(f"  Path: {status['store_path']}")
+
+        if status["initialized"]:
+            click.echo(f"  Branch: {status['branch']}")
+            click.echo(f"  Commit: {status['commit']}")
+            click.echo(f"  Clean: {status['clean']}")
+
+            if status["has_remote"]:
+                click.echo(f"  Remote: {status['remote_url']}")
+            else:
+                click.echo("  Remote: Not configured")
+        return
+
+    # If no action specified, show help
+    ctx = click.get_current_context()
+    click.echo(ctx.get_help())
+
+
+if __name__ == "__main__":
+    secrets()

mcli/workflow/workflow.py

@@ -1,5 +1,5 @@
 """
-Workflow command group for mcli.
+Workflows command group for mcli.
 
 All workflow commands are now loaded from portable JSON files in ~/.mcli/commands/
 This provides a clean, maintainable way to manage workflow commands.
@@ -8,11 +8,41 @@ This provides a clean, maintainable way to manage workflow commands.
 import click
 
 
-@click.group(name="workflow")
-def workflow():
-    """Workflow commands for automation, video processing, and daemon management"""
+@click.group(name="workflows")
+def workflows():
+    """Runnable workflows for automation, video processing, and daemon management"""
     pass
 
 
+# Add secrets workflow
+try:
+    from mcli.workflow.secrets.secrets_cmd import secrets
+
+    workflows.add_command(secrets)
+except ImportError as e:
+    # Secrets workflow not available
+    import sys
+    from mcli.lib.logger.logger import get_logger
+
+    logger = get_logger()
+    logger.debug(f"Secrets workflow not available: {e}")
+
+# Add notebook subcommand
+try:
+    from mcli.workflow.notebook.notebook_cmd import notebook
+
+    workflows.add_command(notebook)
+except ImportError as e:
+    # Notebook commands not available
+    import sys
+    from mcli.lib.logger.logger import get_logger
+
+    logger = get_logger()
+    logger.debug(f"Notebook commands not available: {e}")
+
+
+# For backward compatibility, keep workflow as an alias
+workflow = workflows
+
 if __name__ == "__main__":
-    workflow()
+    workflows()