rtems-proxy 1.2.0__tar.gz → 1.3.0b2__tar.gz

{rtems_proxy-1.2.0 → rtems_proxy-1.3.0b2}/.copier-answers.yml

@@ -1,16 +1,18 @@
 # Changes here will be overwritten by Copier
-_commit: 2.6.0
-_src_path: gh:DiamondLightSource/python-copier-template
+_commit: 5.0.1
+_src_path: https://github.com/DiamondLightSource/python-copier-template
 author_email: giles.knap@diamond.ac.uk
 author_name: Giles Knap
 description: Support for a K8S proxy container in controlling and monitoring RTEMS
     EPICS IOCs
 distribution_name: rtems-proxy
-docker: false
+docker: true
+docker_debug: false
 docs_type: README
 git_platform: github.com
 github_org: epics-containers
 package_name: rtems_proxy
 pypi: true
 repo_name: rtems-proxy
-type_checker: mypy
+strict_typing: false
+type_checker: pyright

rtems_proxy-1.3.0b2/.devcontainer/devcontainer.json

@@ -0,0 +1,73 @@
+// For format details, see https://containers.dev/implementors/json_reference/
+{
+    "name": "Python 3 Developer Container",
+    "build": {
+        "dockerfile": "../Dockerfile",
+        "target": "developer"
+    },
+    "remoteEnv": {
+        // Allow X11 apps to run inside the container
+        "DISPLAY": "${localEnv:DISPLAY}",
+        // Do the equivalent of "activate" the venv so we don't have to "uv run" everything
+        "VIRTUAL_ENV": "/workspaces/${localWorkspaceFolderBasename}/.venv",
+        "PATH": "/workspaces/${localWorkspaceFolderBasename}/.venv/bin:${containerEnv:PATH}"
+    },
+    "customizations": {
+        "vscode": {
+            // Set *default* container specific settings.json values on container create.
+            "settings": {
+                // Use the container's python by default
+                "python.defaultInterpreterPath": "/workspaces/${localWorkspaceFolderBasename}/.venv/bin/python",
+                // Don't activate the venv as it is already in the PATH
+                "python.terminal.activateEnvInCurrentTerminal": false,
+                "python.terminal.activateEnvironment": false,
+                // Workaround to prevent garbled python REPL in the terminal
+                // https://github.com/microsoft/vscode-python/issues/25505
+                "python.terminal.shellIntegration.enabled": false
+            },
+            // Add the IDs of extensions you want installed when the container is created.
+            "extensions": [
+                "ms-python.python",
+                "github.vscode-github-actions",
+                "tamasfe.even-better-toml",
+                "redhat.vscode-yaml",
+                "ryanluker.vscode-coverage-gutters",
+                "charliermarsh.ruff",
+                "ms-azuretools.vscode-docker"
+            ]
+        }
+    },
+    // Create the config folder for the bash-config feature and uv cache
+    // NOTE: The uv cache can get large, DLS users should read
+    // https://dev-guide.diamond.ac.uk/linux-user-environment/how-tos/disk-quota-troubleshooting
+    "initializeCommand": "mkdir -p ${localEnv:HOME}/.config/terminal-config ${localEnv:HOME}/.cache/uv",
+    "runArgs": [
+        // Allow the container to access the host X11 display and EPICS CA
+        "--net=host",
+        // Make sure SELinux does not disable with access to host filesystems like tmp
+        "--security-opt=label=disable"
+    ],
+    "mounts": [
+        // Mount in the user terminal config folder so it can be edited
+        {
+            "source": "${localEnv:HOME}/.config/terminal-config",
+            "target": "/user-terminal-config",
+            "type": "bind"
+        },
+        // Keep a persistent cross container cache for uv
+        {
+            "source": "${localEnv:HOME}/.cache/uv",
+            "target": "/root/.cache/uv",
+            "type": "bind"
+        },
+        // Use a volume mount for the uv venv so it is local to the container
+        {
+            "target": "/workspaces/${localWorkspaceFolderBasename}/.venv",
+            "type": "volume"
+        }
+    ],
+    // Mount the parent as /workspaces so we can pip install peers as editable
+    "workspaceMount": "source=${localWorkspaceFolder}/..,target=/workspaces,type=bind",
+    // After the container is created, install the python project in editable form
+    "postCreateCommand": "uv sync && uv run pre-commit install --install-hooks"
+}

{rtems_proxy-1.2.0 → rtems_proxy-1.3.0b2}/.github/CONTRIBUTING.md

@@ -24,4 +24,4 @@ It is recommended that developers use a [vscode devcontainer](https://code.visua
 
 This project was created using the [Diamond Light Source Copier Template](https://github.com/DiamondLightSource/python-copier-template) for Python projects.
 
-For more information on common tasks like setting up a developer environment, running the tests, and setting a pre-commit hook, see the template's [How-to guides](https://diamondlightsource.github.io/python-copier-template/2.6.0/how-to.html).
+For more information on common tasks like setting up a developer environment, running the tests, and setting a pre-commit hook, see the template's [How-to guides](https://diamondlightsource.github.io/python-copier-template/5.0.1/how-to.html).

{rtems_proxy-1.2.0 → rtems_proxy-1.3.0b2}/.github/ISSUE_TEMPLATE/bug_report.md

@@ -7,7 +7,7 @@ assignees: ''
 
 ---
 
-Describe the bug, including a clear and concise description of the expected behavior, the actual behavior and the context in which you encountered it (ideally include details of your environment).
+Describe the bug, including a clear and concise description of the expected behaviour, the actual behavior and the context in which you encountered it (ideally include details of your environment).
 
 ## Steps To Reproduce
 Steps to reproduce the behavior:

rtems_proxy-1.3.0b2/.github/copilot-instructions.md

@@ -0,0 +1,44 @@
+# GitHub Copilot Instructions for rtems-proxy
+
+## Development Environment
+
+This project uses [uv](https://docs.astral.sh/uv/) for dependency management and task running.
+
+## Running Tests and Checks
+
+Always use `uv` to run tox commands:
+
+```bash
+# Run all checks in parallel
+uv run tox -p
+
+# Run specific environment
+uv run tox -e type-checking
+uv run tox -e tests
+uv run tox -e pre-commit
+```
+
+## Type Checking
+
+- Run type checking with: `uv run pyright src tests`
+- Or via tox: `uv run tox -e type-checking`
+- Always fix type errors before committing
+
+## Installing Dependencies
+
+```bash
+# Install all dependencies including dev dependencies
+uv sync --group dev
+```
+
+## Code Style
+
+- This project uses `ruff` for linting and formatting
+- Run `uv run tox -e pre-commit` to check formatting
+- Pre-commit hooks will auto-format code
+
+## Important Notes
+
+- Do NOT run `tox` directly - always use `uv run tox`
+- Do NOT run `pytest` or `pyright` directly - use `uv run` prefix or tox environments
+- All external tools (pytest, pyright, pre-commit) are configured in `pyproject.toml` with `allowlist_externals`

rtems_proxy-1.3.0b2/.github/workflows/_container.yml

@@ -0,0 +1,87 @@
+on:
+  workflow_call:
+    inputs:
+      publish:
+        type: boolean
+        description: If true, pushes image to container registry
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v5
+        with:
+          # Need this to get version number from last tag
+          fetch-depth: 0
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Log in to GitHub Docker Registry
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and export to Docker local cache
+        uses: docker/build-push-action@v6
+        env:
+          DOCKER_BUILD_RECORD_UPLOAD: false
+        with:
+          context: .
+          # Need load and tags so we can test it below
+          load: true
+          tags: tag_for_testing
+
+      - name: Test cli works in cached runtime image
+        run: docker run --rm tag_for_testing --version
+
+      - name: Create tags for publishing image
+        id: meta
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/${{ github.repository }}-runtime
+          tags: |
+            type=ref,event=tag
+            type=raw,value=latest
+
+      - name: Push cached image to container registry
+        if: inputs.publish && github.ref_type == 'tag'
+        uses: docker/build-push-action@v6
+        env:
+          DOCKER_BUILD_RECORD_UPLOAD: false
+        # This does not build the image again, it will find the image in the
+        # Docker cache and publish it
+        with:
+          context: .
+          push: true
+          tags: ${{ steps.meta.outputs.tags }}
+          labels: ${{ steps.meta.outputs.labels }}
+
+      - name: Create tags for publishing image
+        id: meta-developer
+        uses: docker/metadata-action@v5
+        with:
+          images: ghcr.io/${{ github.repository }}-developer
+          tags: |
+            type=ref,event=tag
+            type=raw,value=latest
+
+      - name: Push cached developer (build target) image to container registry
+        if: inputs.publish && github.ref_type == 'tag'
+        uses: docker/build-push-action@v6
+        env:
+          DOCKER_BUILD_RECORD_UPLOAD: false
+        # This does not build the image again, it will find the image in the
+        # Docker cache and publish it
+        with:
+          context: .
+          target: build
+          push: true
+          tags: ${{ steps.meta-developer.outputs.tags }}
+          labels: ${{ steps.meta-developer.outputs.labels }}

{rtems_proxy-1.2.0 → rtems_proxy-1.3.0b2}/.github/workflows/_dist.yml

@@ -7,15 +7,18 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           # Need this to get version number from last tag
           fetch-depth: 0
 
+      - name: Install uv
+        uses: astral-sh/setup-uv@v7
+
       - name: Build sdist and wheel
         run: >
           export SOURCE_DATE_EPOCH=$(git log -1 --pretty=%ct) &&
-          pipx run build
+          uvx --from build pyproject-build
 
       - name: Upload sdist and wheel as artifacts
         uses: actions/upload-artifact@v4
@@ -24,12 +27,10 @@ jobs:
           path: dist
 
       - name: Check for packaging errors
-        run: pipx run twine check --strict dist/*
+        run: uvx twine check --strict dist/*
 
       - name: Install produced wheel
-        uses: ./.github/actions/install_requirements
-        with:
-          pip-install: dist/*.whl
+        run: python -m pip install dist/*.whl
 
       - name: Test module --version works using the installed wheel
         # If more than one module in src/ replace with module name to test

{rtems_proxy-1.2.0 → rtems_proxy-1.3.0b2}/.github/workflows/_pypi.yml

@@ -11,7 +11,7 @@ jobs:
 
     steps:
       - name: Download dist artifact
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           name: dist
           path: dist

{rtems_proxy-1.2.0 → rtems_proxy-1.3.0b2}/.github/workflows/_release.yml

@@ -7,7 +7,7 @@ jobs:
 
     steps:
       - name: Download artifacts
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v5
         with:
           merge-multiple: true
 
@@ -23,7 +23,7 @@ jobs:
       - name: Create GitHub Release
         # We pin to the SHA, not the tag, for security reasons.
         # https://docs.github.com/en/actions/learn-github-actions/security-hardening-for-github-actions#using-third-party-actions
-        uses: softprops/action-gh-release@e7a8f85e1c67a31e6ed99a94b41bd0b71bbee6b8 # v2.0.9
+        uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v2.4.1
         with:
           prerelease: ${{ contains(github.ref_name, 'a') || contains(github.ref_name, 'b') || contains(github.ref_name, 'rc') }}
           files: "*"

rtems_proxy-1.3.0b2/.github/workflows/_test.yml

@@ -0,0 +1,39 @@
+on:
+  workflow_call:
+    inputs:
+      python-version:
+        type: string
+        description: The version of python to install, default is from .python-version file
+        default: ""
+      runs-on:
+        type: string
+        description: The runner to run this job on
+        required: true
+
+env:
+  # https://github.com/pytest-dev/pytest/issues/2042
+  PY_IGNORE_IMPORTMISMATCH: "1"
+  UV_PYTHON: ${{ inputs.python-version }}
+
+jobs:
+  run:
+    runs-on: ${{ inputs.runs-on }}
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v5
+        with:
+          # Need this to get version number from last tag
+          fetch-depth: 0
+
+      - name: Install uv
+        uses: astral-sh/setup-uv@v7
+
+      - name: Run tests
+        run: uv run --locked tox -e tests
+
+      - name: Upload coverage to Codecov
+        uses: codecov/codecov-action@v5
+        with:
+          name: ${{ inputs.python-version }}/${{ inputs.runs-on }}
+          files: cov.xml

{rtems_proxy-1.2.0 → rtems_proxy-1.3.0b2}/.github/workflows/_tox.yml

@@ -13,10 +13,10 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
-      - name: Install python packages
-        uses: ./.github/actions/install_requirements
+      - name: Install uv
+        uses: astral-sh/setup-uv@v7
 
       - name: Run tox
-        run: tox -e ${{ inputs.tox }}
+        run: uv run --locked tox -e ${{ inputs.tox }}

{rtems_proxy-1.2.0 → rtems_proxy-1.3.0b2}/.github/workflows/ci.yml

@@ -2,46 +2,46 @@ name: CI
 
 on:
   push:
+    branches:
+      - main
+    tags:
+      - '*'
   pull_request:
 
 jobs:
-  check:
-    uses: ./.github/workflows/_check.yml
 
   lint:
-    needs: check
-    if: needs.check.outputs.branch-pr == ''
     uses: ./.github/workflows/_tox.yml
     with:
       tox: pre-commit,type-checking
 
   test:
-    needs: check
-    if: needs.check.outputs.branch-pr == ''
     strategy:
       matrix:
         runs-on: ["ubuntu-latest"] # can add windows-latest, macos-latest
-        python-version: ["3.10", "3.11", "3.12"]
-        include:
-          # Include one that runs in the dev environment
-          - runs-on: "ubuntu-latest"
-            python-version: "dev"
+        python-version: ["3.11", "3.12", "3.13"]
       fail-fast: false
     uses: ./.github/workflows/_test.yml
     with:
       runs-on: ${{ matrix.runs-on }}
       python-version: ${{ matrix.python-version }}
-    secrets:
-      CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
+
+  container:
+    needs: test
+    if: always()
+    uses: ./.github/workflows/_container.yml
+    with:
+      publish: ${{ needs.test.result == 'success' }}
+    permissions:
+      contents: read
+      packages: write
 
   dist:
-    needs: check
-    if: needs.check.outputs.branch-pr == ''
     uses: ./.github/workflows/_dist.yml
 
   pypi:
+    needs: [dist, test]
     if: github.ref_type == 'tag'
-    needs: dist
     uses: ./.github/workflows/_pypi.yml
     permissions:
       id-token: write
@@ -49,8 +49,8 @@ jobs:
       PYPI_TOKEN: ${{ secrets.PYPI_TOKEN }}
 
   release:
+    needs: [dist, test]
     if: github.ref_type == 'tag'
-    needs: [dist]
     uses: ./.github/workflows/_release.yml
     permissions:
       contents: write

{rtems_proxy-1.2.0 → rtems_proxy-1.3.0b2}/.gitignore

@@ -64,9 +64,6 @@ target/
 .venv*
 venv*
 
-# further build artifacts
-lockfiles/
-uv.lock
 
 # ruff cache
 .ruff_cache/

rtems_proxy-1.3.0b2/.gitleaks.toml

@@ -0,0 +1,19 @@
+# This allow-list is limited to YAML/YML files to cut down SealedSecrets false positives.
+# All gitleaks default rules still apply everywhere (useDefault = true).
+# To broaden this allow-list to all files, comment out the 'paths' line below.
+
+[extend]
+useDefault = true
+
+[[rules]]
+id = "generic-api-key"
+
+# Pattern-only allowlist for long Ag… tokens in YAML 
+[[rules.allowlists]]
+condition = "AND"
+regexes = [
+  # Boundary-safe Ag… token without lookarounds (RE2-safe)
+  '''(?:^|[^A-Za-z0-9+/=])(Ag[A-Za-z0-9+/]{500,}={0,2})(?:[^A-Za-z0-9+/=]|$)'''
+]
+# Limit to YAML only for now. Comment this out if you want it to apply everywhere.
+paths = ['''(?i).*\.ya?ml$''']

{rtems_proxy-1.2.0 → rtems_proxy-1.3.0b2}/.pre-commit-config.yaml

@@ -1,8 +1,9 @@
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.5.0
+    rev: v5.0.0
     hooks:
       - id: check-added-large-files
+        exclude: ^uv.lock
       - id: check-yaml
       - id: check-merge-conflict
       - id: end-of-file-fixer
@@ -12,7 +13,7 @@ repos:
       - id: ruff
         name: lint with ruff
         language: system
-        entry: ruff check --force-exclude
+        entry: ruff check --force-exclude --fix
         types: [python]
         require_serial: true
 
@@ -22,3 +23,16 @@ repos:
         entry: ruff format --force-exclude
         types: [python]
         require_serial: true
+
+      - id: uv-sync
+        name: update uv.lock and venv
+        pass_filenames: false
+        language: system
+        entry: uv sync
+        files: ^(uv\.lock|pyproject\.toml)$
+
+  # TODO restore this when go.org is available at DLS again
+  # - repo: https://github.com/gitleaks/gitleaks
+  #   rev: v8.28.0
+  #   hooks:
+  #     - id: gitleaks

rtems_proxy-1.3.0b2/.python-version

@@ -0,0 +1 @@
+3.11

{rtems_proxy-1.2.0 → rtems_proxy-1.3.0b2}/.vscode/launch.json

@@ -14,10 +14,6 @@
                 "debug-test"
             ],
             "console": "integratedTerminal",
-            "env": {
-                // Enable break on exception when debugging tests (see: tests/conftest.py)
-                "PYTEST_RAISE": "1",
-            },
         }
     ]
 }

rtems_proxy-1.3.0b2/Dockerfile

@@ -0,0 +1,45 @@
+# The devcontainer should use the developer target and run as root with podman
+# or docker with user namespaces.
+FROM ghcr.io/diamondlightsource/ubuntu-devcontainer:noble AS developer
+
+# Add any system dependencies for the developer/build environment here
+# RUN apt-get update -y && apt-get install -y --no-install-recommends \
+#     graphviz \
+#     && apt-get dist-clean
+
+# The build stage installs the context into the venv
+FROM developer AS build
+
+# Change the working directory to the `app` directory
+# and copy in the project
+WORKDIR /app
+COPY . /app
+RUN chmod o+wrX .
+
+# Tell uv sync to install python in a known location so we can copy it out later
+ENV UV_PYTHON_INSTALL_DIR=/python
+
+# Sync the project without its dev dependencies
+RUN --mount=type=cache,target=/root/.cache/uv \
+    uv sync --locked --no-editable --no-dev
+
+ENV PATH=/app/.venv/bin:$PATH
+
+# The runtime stage copies the built venv into a runtime container
+FROM ubuntu:noble AS runtime
+
+# Add apt-get system dependecies for runtime here if needed
+# RUN apt-get update -y && apt-get install -y --no-install-recommends \
+#     some-library \
+#     && apt-get dist-clean
+
+# Copy the python installation from the build stage
+COPY --from=build /python /python
+
+# Copy the environment, but not the source code
+COPY --from=build /app/.venv /app/.venv
+ENV PATH=/app/.venv/bin:$PATH
+
+# change this entrypoint if it is not the same as the repo
+ENTRYPOINT ["rtems-proxy"]
+CMD ["--version"]

{rtems_proxy-1.2.0 → rtems_proxy-1.3.0b2}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: rtems-proxy
-Version: 1.2.0
+Version: 1.3.0b2
 Summary: Support for a K8S proxy container in controlling and monitoring RTEMS EPICS IOCs
 Author-email: Giles Knap <giles.knap@diamond.ac.uk>
 License:                                  Apache License
@@ -208,27 +208,18 @@ License:                                  Apache License
 Project-URL: GitHub, https://github.com/epics-containers/rtems-proxy
 Classifier: Development Status :: 3 - Alpha
 Classifier: License :: OSI Approved :: Apache Software License
-Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
 Classifier: Programming Language :: Python :: 3.12
-Requires-Python: >=3.10
+Classifier: Programming Language :: Python :: 3.13
+Requires-Python: >=3.11
 Description-Content-Type: text/markdown
 License-File: LICENSE
 Requires-Dist: jinja2
 Requires-Dist: pexpect
 Requires-Dist: ruamel.yaml
+Requires-Dist: stdio-socket>=1.3.1
 Requires-Dist: telnetlib3
 Requires-Dist: typer
-Provides-Extra: dev
-Requires-Dist: copier; extra == "dev"
-Requires-Dist: mypy; extra == "dev"
-Requires-Dist: pipdeptree; extra == "dev"
-Requires-Dist: pre-commit; extra == "dev"
-Requires-Dist: pytest; extra == "dev"
-Requires-Dist: pytest-cov; extra == "dev"
-Requires-Dist: ruff; extra == "dev"
-Requires-Dist: tox-direct; extra == "dev"
-Requires-Dist: types-mock; extra == "dev"
 Dynamic: license-file
 
 [![CI](https://github.com/epics-containers/rtems-proxy/actions/workflows/ci.yml/badge.svg)](https://github.com/epics-containers/rtems-proxy/actions/workflows/ci.yml)
@@ -244,8 +235,41 @@ Support for a K8S proxy container in controlling and monitoring RTEMS EPICS IOCs
 Source          | <https://github.com/epics-containers/rtems-proxy>
 :---:           | :---:
 PyPI            | `pip install rtems-proxy`
+Docker          | `docker run ghcr.io/epics-containers/rtems-proxy:latest`
 Releases        | <https://github.com/epics-containers/rtems-proxy/releases>
 
 ```
 rtems_proxy --help
 ```
+## Development
+
+This project uses [uv](https://docs.astral.sh/uv/) for dependency management.
+
+### Running Tests and Type Checking
+
+Use `uv` to run the tox test suite:
+
+```bash
+uv run tox -p
+```
+
+This will run:
+- `tests` - pytest with coverage
+- `type-checking` - pyright static type checking
+- `pre-commit` - code formatting and linting
+
+To run a specific tox environment:
+
+```bash
+uv run tox -e type-checking
+uv run tox -e tests
+uv run tox -e pre-commit
+```
+
+### Installing Dependencies
+
+Install all dependencies including dev dependencies:
+
+```bash
+uv sync --group dev
+```