mcp-souschef 2.8.0__py3-none-any.whl → 3.2.0__py3-none-any.whl

souschef/ci/common.py

@@ -0,0 +1,126 @@
+"""Common CI/CD analysis utilities for Chef cookbooks."""
+
+from pathlib import Path
+from typing import Any
+
+import yaml
+
+from souschef.core.path_utils import _normalize_path
+
+
+def _normalize_cookbook_base(cookbook_path: str | Path) -> Path:
+    """Normalise and resolve a cookbook path to prevent traversal."""
+    return (
+        _normalize_path(cookbook_path)
+        if isinstance(cookbook_path, str)
+        else cookbook_path.resolve()
+    )
+
+
+def _initialise_patterns(base_path: Path) -> dict[str, Any]:
+    """Build initial pattern flags before deeper inspection."""
+    return {
+        "has_kitchen": (base_path / ".kitchen.yml").exists(),
+        "has_chefspec": (base_path / "spec").exists(),
+        "has_inspec": (base_path / "test" / "integration").exists(),
+        "has_berksfile": (base_path / "Berksfile").exists(),
+        "has_cookstyle": (base_path / ".cookstyle.yml").exists(),
+        "has_foodcritic": (base_path / ".foodcritic").exists(),
+        "lint_tools": [],
+        "kitchen_suites": [],
+        "kitchen_platforms": [],
+    }
+
+
+def _detect_lint_tools(base_path: Path) -> list[str]:
+    """Detect linting tools configured in the cookbook directory."""
+    lint_tools: list[str] = []
+    if (base_path / ".foodcritic").exists():
+        lint_tools.append("foodcritic")
+    if (base_path / ".cookstyle.yml").exists():
+        lint_tools.append("cookstyle")
+    return lint_tools
+
+
+def _has_chefspec_tests(base_path: Path) -> bool:
+    """Return True when ChefSpec tests are present."""
+    spec_dir = base_path / "spec"
+    return spec_dir.exists() and any(spec_dir.glob("**/*_spec.rb"))
+
+
+def _parse_kitchen_configuration(kitchen_file: Path) -> tuple[list[str], list[str]]:
+    """Extract Test Kitchen suites and platforms from configuration."""
+    kitchen_suites: list[str] = []
+    kitchen_platforms: list[str] = []
+
+    try:
+        with kitchen_file.open() as file_handle:  # nosonar
+            kitchen_config = yaml.safe_load(file_handle)
+            if not kitchen_config:
+                return kitchen_suites, kitchen_platforms
+
+            suites = kitchen_config.get("suites", [])
+            if suites:
+                kitchen_suites.extend(suite.get("name", "default") for suite in suites)
+
+            platforms = kitchen_config.get("platforms", [])
+            if platforms:
+                kitchen_platforms.extend(
+                    platform.get("name", "unknown") for platform in platforms
+                )
+    except (yaml.YAMLError, OSError, KeyError, TypeError, AttributeError):
+        # Gracefully handle malformed .kitchen.yml - continue with empty config
+        # Catches: YAML syntax errors, file I/O errors, missing config keys,
+        # type mismatches in config structure, and missing dict attributes
+        return kitchen_suites, kitchen_platforms
+
+    return kitchen_suites, kitchen_platforms
+
+
+def analyse_chef_ci_patterns(cookbook_path: str | Path) -> dict[str, Any]:
+    """
+    Analyse Chef cookbook for CI/CD patterns and testing configurations.
+
+    This function examines a Chef cookbook directory to detect various
+    testing and linting tools, as well as Test Kitchen configurations
+    including suites and platforms.
+
+    Args:
+        cookbook_path: Path to the Chef cookbook directory to analyse.
+
+    Returns:
+        Dictionary containing detected patterns with the following keys:
+            - has_kitchen (bool): Whether Test Kitchen is configured
+              (.kitchen.yml exists)
+            - has_chefspec (bool): Whether ChefSpec tests are present
+              (spec/**/*_spec.rb files)
+            - has_inspec (bool): Whether InSpec tests are present
+              (test/integration/ exists)
+            - has_berksfile (bool): Whether Berksfile exists
+            - lint_tools (list[str]): List of detected linting tools
+              ('foodcritic', 'cookstyle')
+            - kitchen_suites (list[str]): Names of Test Kitchen suites
+              found in .kitchen.yml
+
+    Note:
+        If .kitchen.yml is malformed or cannot be parsed, the function
+        continues with empty suite and platform lists rather than
+        raising an exception.
+
+    """
+    base_path = _normalize_cookbook_base(cookbook_path)
+
+    patterns: dict[str, Any] = _initialise_patterns(base_path)
+    patterns["lint_tools"] = _detect_lint_tools(base_path)
+    patterns["has_chefspec"] = _has_chefspec_tests(base_path)
+
+    kitchen_file = base_path / ".kitchen.yml"
+    if kitchen_file.exists():
+        suites, platforms = _parse_kitchen_configuration(kitchen_file)
+        patterns["kitchen_suites"] = suites
+        patterns["kitchen_platforms"] = platforms
+
+    # Add backward compatibility alias
+    patterns["test_suites"] = patterns["kitchen_suites"]
+
+    return patterns

souschef/ci/github_actions.py

@@ -11,6 +11,8 @@ from typing import Any
 
 import yaml
 
+from souschef.ci.common import analyse_chef_ci_patterns
+
 # GitHub Actions constants
 ACTION_CHECKOUT = "actions/checkout@v4"
 ACTION_SETUP_RUBY = "ruby/setup-ruby@v1"
@@ -53,7 +55,7 @@ def generate_github_workflow_from_chef_ci(
         raise FileNotFoundError(f"Cookbook directory not found: {cookbook_path}")
 
     # Analyse Chef CI patterns
-    patterns = _analyse_chef_ci_patterns(cookbook_dir)
+    patterns = analyse_chef_ci_patterns(cookbook_dir)
 
     # Build workflow structure
     workflow = _build_workflow_structure(
@@ -63,97 +65,6 @@ def generate_github_workflow_from_chef_ci(
     return yaml.dump(workflow, default_flow_style=False, sort_keys=False)
 
 
-def _analyse_chef_ci_patterns(cookbook_dir: Path) -> dict[str, Any]:
-    """
-    Analyse Chef cookbook for CI/CD patterns and testing configurations.
-
-    This function examines a Chef cookbook directory to detect various
-    testing and linting tools, as well as Test Kitchen configurations
-    including suites and platforms.
-
-    Args:
-        cookbook_dir: Path to the Chef cookbook directory to analyse.
-
-    Returns:
-        Dictionary containing detected patterns with the following keys:
-            - has_kitchen (bool): Whether Test Kitchen is configured
-              (.kitchen.yml exists)
-            - has_chefspec (bool): Whether ChefSpec tests are present
-              (spec/**/*_spec.rb files)
-            - has_cookstyle (bool): Whether Cookstyle is configured
-              (.cookstyle.yml exists)
-            - has_foodcritic (bool): Whether Foodcritic (legacy) is
-              configured (.foodcritic exists)
-            - kitchen_suites (list[str]): Names of Test Kitchen suites
-              found in .kitchen.yml
-            - kitchen_platforms (list[str]): Names of Test Kitchen
-              platforms found in .kitchen.yml
-
-    Note:
-        If .kitchen.yml is malformed or cannot be parsed, the function
-        continues with empty suite and platform lists rather than
-        raising an exception.
-
-    Example:
-        >>> patterns = _analyze_chef_ci_patterns(Path("/path/to/cookbook"))
-        >>> patterns["has_kitchen"]
-        True
-        >>> patterns["kitchen_suites"]
-        ['default', 'integration']
-
-    """
-    patterns: dict[str, Any] = {
-        "has_kitchen": False,
-        "has_chefspec": False,
-        "has_cookstyle": False,
-        "has_foodcritic": False,
-        "kitchen_suites": [],
-        "kitchen_platforms": [],
-    }
-
-    # Check for Test Kitchen
-    kitchen_yml = cookbook_dir / ".kitchen.yml"
-    if kitchen_yml.exists():
-        patterns["has_kitchen"] = True
-        try:
-            with kitchen_yml.open() as f:
-                kitchen_config = yaml.safe_load(f)
-                if kitchen_config:
-                    # Extract suites
-                    suites = kitchen_config.get("suites", [])
-                    if suites:
-                        patterns["kitchen_suites"] = [
-                            s.get("name", "default") for s in suites
-                        ]
-                    # Extract platforms
-                    platforms = kitchen_config.get("platforms", [])
-                    if platforms:
-                        patterns["kitchen_platforms"] = [
-                            p.get("name", "unknown") for p in platforms
-                        ]
-        except (yaml.YAMLError, OSError, KeyError, TypeError, AttributeError):
-            # Gracefully handle malformed .kitchen.yml - continue with empty config
-            # Catches: YAML syntax errors, file I/O errors, missing config keys,
-            # type mismatches in config structure, and missing dict attributes
-            pass
-
-    # Check for ChefSpec
-    spec_dir = cookbook_dir / "spec"
-    if spec_dir.exists() and any(spec_dir.glob("**/*_spec.rb")):
-        patterns["has_chefspec"] = True
-
-    # Check for Cookstyle
-    cookstyle_yml = cookbook_dir / ".cookstyle.yml"
-    if cookstyle_yml.exists():
-        patterns["has_cookstyle"] = True
-
-    # Check for Foodcritic (legacy)
-    if (cookbook_dir / ".foodcritic").exists():
-        patterns["has_foodcritic"] = True
-
-    return patterns
-
-
 def _build_workflow_structure(
     workflow_name: str,
     patterns: dict[str, Any],

souschef/ci/gitlab_ci.py

@@ -1,9 +1,8 @@
 """GitLab CI generation from Chef CI/CD patterns."""
 
-from pathlib import Path
 from typing import Any
 
-import yaml
+from souschef.ci.common import analyse_chef_ci_patterns
 
 
 def generate_gitlab_ci_from_chef_ci(
@@ -28,7 +27,7 @@ def generate_gitlab_ci_from_chef_ci(
 
     """
     # Analyse Chef CI patterns
-    ci_patterns = _analyse_chef_ci_patterns(cookbook_path)
+    ci_patterns = analyse_chef_ci_patterns(cookbook_path)
 
     # Generate CI configuration
     return _generate_gitlab_ci_yaml(
@@ -36,55 +35,6 @@ def generate_gitlab_ci_from_chef_ci(
     )
 
 
-def _analyse_chef_ci_patterns(cookbook_path: str) -> dict[str, Any]:
-    """
-    Analyse Chef cookbook for CI/CD patterns.
-
-    Args:
-        cookbook_path: Path to Chef cookbook.
-
-    Returns:
-        Dictionary of detected CI patterns.
-
-    """
-    base_path = Path(cookbook_path)
-
-    patterns: dict[str, Any] = {
-        "has_kitchen": (base_path / ".kitchen.yml").exists(),
-        "has_chefspec": (base_path / "spec").exists(),
-        "has_inspec": (base_path / "test" / "integration").exists(),
-        "has_berksfile": (base_path / "Berksfile").exists(),
-        "lint_tools": [],
-        "test_suites": [],
-    }
-
-    # Detect linting tools
-    lint_tools: list[str] = patterns["lint_tools"]
-    if (base_path / ".foodcritic").exists():
-        lint_tools.append("foodcritic")
-    if (base_path / ".cookstyle.yml").exists():
-        lint_tools.append("cookstyle")
-
-    # Parse kitchen.yml for test suites
-    kitchen_file = base_path / ".kitchen.yml"
-    if kitchen_file.exists():
-        try:
-            test_suites: list[str] = patterns["test_suites"]
-            with kitchen_file.open() as f:
-                kitchen_config = yaml.safe_load(f)
-                if kitchen_config and "suites" in kitchen_config:
-                    test_suites.extend(
-                        suite["name"] for suite in kitchen_config["suites"]
-                    )
-        except (yaml.YAMLError, OSError, KeyError, TypeError, AttributeError):
-            # Gracefully handle malformed .kitchen.yml - continue with empty
-            # test suites. Catches: YAML syntax errors, file I/O errors,
-            # missing config keys, type mismatches
-            pass
-
-    return patterns
-
-
 def _build_lint_jobs(ci_patterns: dict[str, Any], enable_artifacts: bool) -> list[str]:
     """Build lint job configurations."""
     jobs = []

souschef/ci/jenkins_pipeline.py

@@ -1,9 +1,8 @@
 """Jenkins pipeline generation from Chef CI/CD patterns."""
 
-from pathlib import Path
 from typing import Any
 
-import yaml
+from souschef.ci.common import analyse_chef_ci_patterns
 
 
 def generate_jenkinsfile_from_chef_ci(
@@ -29,7 +28,7 @@ def generate_jenkinsfile_from_chef_ci(
 
     """
     # Analyse Chef CI patterns
-    ci_patterns = _analyse_chef_ci_patterns(cookbook_path)
+    ci_patterns = analyse_chef_ci_patterns(cookbook_path)
 
     if pipeline_type == "declarative":
         return _generate_declarative_pipeline(
@@ -39,62 +38,6 @@ def generate_jenkinsfile_from_chef_ci(
         return _generate_scripted_pipeline(pipeline_name, enable_parallel)
 
 
-def _analyse_chef_ci_patterns(cookbook_path: str) -> dict[str, Any]:
-    """
-    Analyse Chef cookbook for CI/CD patterns.
-
-    Detects:
-    - Test Kitchen configuration (.kitchen.yml)
-    - ChefSpec tests (spec/)
-    - InSpec tests (test/integration/)
-    - Foodcritic/Cookstyle linting
-    - Berksfile dependencies
-
-    Args:
-        cookbook_path: Path to Chef cookbook.
-
-    Returns:
-        Dictionary of detected CI patterns.
-
-    """
-    base_path = Path(cookbook_path)
-
-    patterns: dict[str, Any] = {
-        "has_kitchen": (base_path / ".kitchen.yml").exists(),
-        "has_chefspec": (base_path / "spec").exists(),
-        "has_inspec": (base_path / "test" / "integration").exists(),
-        "has_berksfile": (base_path / "Berksfile").exists(),
-        "lint_tools": [],
-        "test_suites": [],
-    }
-
-    # Detect linting tools
-    lint_tools: list[str] = patterns["lint_tools"]
-    if (base_path / ".foodcritic").exists():
-        lint_tools.append("foodcritic")
-    if (base_path / ".cookstyle.yml").exists():
-        lint_tools.append("cookstyle")
-
-    # Parse kitchen.yml for test suites
-    kitchen_file = base_path / ".kitchen.yml"
-    if kitchen_file.exists():
-        try:
-            test_suites: list[str] = patterns["test_suites"]
-            with kitchen_file.open() as f:
-                kitchen_config = yaml.safe_load(f)
-                if kitchen_config and "suites" in kitchen_config:
-                    test_suites.extend(
-                        suite["name"] for suite in kitchen_config["suites"]
-                    )
-        except (yaml.YAMLError, OSError, KeyError, TypeError, AttributeError):
-            # Gracefully handle malformed .kitchen.yml - continue with empty config
-            # Catches: YAML syntax errors, file I/O errors, missing config keys,
-            # type mismatches in config structure, and missing dict attributes
-            pass
-
-    return patterns
-
-
 def _create_lint_stage(ci_patterns: dict[str, Any]) -> str | None:
     """Create lint stage if lint tools are detected."""
     if not ci_patterns.get("lint_tools"):

souschef/cli.py

@@ -11,7 +11,9 @@ from typing import NoReturn
 
 import click
 
+from souschef import __version__
 from souschef.converters.playbook import generate_playbook_from_recipe
+from souschef.core.path_utils import _normalize_path
 from souschef.profiling import (
     generate_cookbook_performance_report,
     profile_function,
@@ -40,8 +42,47 @@ CI_JOB_UNIT_TESTS = "  • Unit Tests (ChefSpec)"
 CI_JOB_INTEGRATION_TESTS = "  • Integration Tests (Test Kitchen)"
 
 
+def _resolve_output_path(output: str | None, default_path: Path) -> Path:
+    """Normalise and validate output paths for generated files."""
+    try:
+        resolved_path = _normalize_path(output) if output else default_path.resolve()
+    except ValueError as exc:  # noqa: TRY003
+        click.echo(f"Invalid output path: {exc}", err=True)
+        raise click.Abort() from exc
+
+    resolved_path.parent.mkdir(parents=True, exist_ok=True)
+    return resolved_path
+
+
+def _safe_write_file(content: str, output: str | None, default_path: Path) -> Path:
+    """
+    Safely write content to a validated file path.
+
+    Args:
+        content: Content to write to file.
+        output: Optional user-specified output path.
+        default_path: Default path if output not specified.
+
+    Returns:
+        The path where content was written.
+
+    Raises:
+        click.Abort: If path validation or write fails.
+
+    """
+    validated_path = _resolve_output_path(output, default_path)
+    try:
+        # Separate validation from write to satisfy SonarQube path construction rules
+        with validated_path.open("w", encoding="utf-8") as f:
+            f.write(content)
+    except OSError as e:
+        click.echo(f"Error writing file: {e}", err=True)
+        raise click.Abort() from e
+    return validated_path
+
+
 @click.group()
-@click.version_option(version="0.1.0", prog_name="souschef")
+@click.version_option(version=__version__, prog_name="souschef")
 def cli() -> None:
     """
     SousChef - Chef to Ansible conversion toolkit.
@@ -433,18 +474,21 @@ def generate_jenkinsfile(
 
     """
     try:
+        safe_cookbook_path = str(_normalize_path(cookbook_path))
         result = generate_jenkinsfile_from_chef(
-            cookbook_path=cookbook_path,
+            cookbook_path=safe_cookbook_path,
             pipeline_type=pipeline_type,
             enable_parallel="yes" if parallel else "no",
         )
 
         # Determine output path
-        output_path = Path(output) if output else Path.cwd() / "Jenkinsfile"
+        _resolve_output_path(output, default_path=Path.cwd() / "Jenkinsfile")
 
-        # Write Jenkinsfile
-        output_path.write_text(result)
-        click.echo(f"✓ Generated {pipeline_type} Jenkinsfile: {output_path}")
+        # Write Jenkinsfile using safe write helper
+        written_path = _safe_write_file(
+            result, output, default_path=Path.cwd() / "Jenkinsfile"
+        )
+        click.echo(f"✓ Generated {pipeline_type} Jenkinsfile: {written_path}")
 
         # Show summary
         click.echo("\nGenerated Pipeline Stages:")
@@ -510,18 +554,18 @@ def generate_gitlab_ci(
 
     """
     try:
+        safe_cookbook_path = str(_normalize_path(cookbook_path))
         result = generate_gitlab_ci_from_chef(
-            cookbook_path=cookbook_path,
+            cookbook_path=safe_cookbook_path,
             enable_cache="yes" if cache else "no",
             enable_artifacts="yes" if artifacts else "no",
         )
 
-        # Determine output path
-        output_path = Path(output) if output else Path.cwd() / ".gitlab-ci.yml"
-
-        # Write GitLab CI config
-        output_path.write_text(result)
-        click.echo(f"✓ Generated GitLab CI configuration: {output_path}")
+        # Write GitLab CI config using safe write helper
+        written_path = _safe_write_file(
+            result, output, default_path=Path.cwd() / ".gitlab-ci.yml"
+        )
+        click.echo(f"✓ Generated GitLab CI configuration: {written_path}")
 
         # Show summary
         click.echo("\nGenerated CI Jobs:")
@@ -590,8 +634,9 @@ def generate_github_workflow(
 
     """
     try:
+        safe_cookbook_path = str(_normalize_path(cookbook_path))
         result = generate_github_workflow_from_chef(
-            cookbook_path=cookbook_path,
+            cookbook_path=safe_cookbook_path,
             workflow_name=workflow_name,
             enable_cache="yes" if cache else "no",
             enable_artifacts="yes" if artifacts else "no",
@@ -599,11 +644,11 @@ def generate_github_workflow(
 
         # Determine output path
         if output:
-            output_path = Path(output)
+            output_path = _resolve_output_path(output, Path.cwd() / "ci.yml")
         else:
             workflows_dir = Path.cwd() / ".github" / "workflows"
             workflows_dir.mkdir(parents=True, exist_ok=True)
-            output_path = workflows_dir / "ci.yml"
+            output_path = _resolve_output_path(None, workflows_dir / "ci.yml")
 
         # Write workflow file
         output_path.write_text(result)
@@ -1077,6 +1122,94 @@ def convert_inspec(profile_path: str, output_path: str, output_format: str) -> N
         sys.exit(1)
 
 
+@cli.command("convert-cookbook")
+@click.option(
+    "--cookbook-path",
+    required=True,
+    type=click.Path(exists=True),
+    help="Path to the Chef cookbook directory",
+)
+@click.option(
+    "--output-path",
+    required=True,
+    type=click.Path(),
+    help="Directory where the Ansible role will be created",
+)
+@click.option(
+    "--assessment-file",
+    type=click.Path(exists=True),
+    help="Path to JSON file with assessment results for optimization",
+)
+@click.option(
+    "--role-name",
+    help="Name for the Ansible role (defaults to cookbook name)",
+)
+@click.option(
+    "--skip-templates",
+    is_flag=True,
+    help="Skip conversion of ERB templates to Jinja2",
+)
+@click.option(
+    "--skip-attributes",
+    is_flag=True,
+    help="Skip conversion of attributes to Ansible variables",
+)
+@click.option(
+    "--skip-recipes",
+    is_flag=True,
+    help="Skip conversion of recipes to Ansible tasks",
+)
+def convert_cookbook(
+    cookbook_path: str,
+    output_path: str,
+    assessment_file: str | None = None,
+    role_name: str | None = None,
+    skip_templates: bool = False,
+    skip_attributes: bool = False,
+    skip_recipes: bool = False,
+) -> None:
+    r"""
+    Convert an entire Chef cookbook to a complete Ansible role.
+
+    Performs comprehensive conversion including recipes, templates, attributes,
+    and proper Ansible role structure. Can use assessment data for optimization.
+
+    Example:
+        souschef convert-cookbook --cookbook-path /chef/cookbooks/nginx \\
+                                 --output-path /ansible/roles \\
+                                 --assessment-file assessment.json
+
+    """
+    try:
+        # Load assessment data if provided
+        assessment_data = ""
+        if assessment_file:
+            assessment_path = Path(assessment_file)
+            if assessment_path.exists():
+                assessment_data = assessment_path.read_text()
+            else:
+                click.echo(f"Warning: Assessment file not found: {assessment_file}")
+
+        # Call server function
+        from souschef.server import convert_cookbook_comprehensive
+
+        result = convert_cookbook_comprehensive(
+            cookbook_path=cookbook_path,
+            output_path=output_path,
+            assessment_data=assessment_data,
+            include_templates=not skip_templates,
+            include_attributes=not skip_attributes,
+            include_recipes=not skip_recipes,
+            role_name=role_name or "",
+        )
+
+        click.echo(result)
+
+    except Exception as e:
+        click.echo(f"Error converting cookbook: {e}", err=True)
+        sys.exit(1)
+
+
 @cli.command()
 @click.option("--port", default=8501, help="Port to run the Streamlit app on")
 def ui(port: int) -> None: