scc-cli 1.5.3__py3-none-any.whl

scc_cli/doctor/checks/environment.py

@@ -0,0 +1,182 @@
+"""Environment health checks for doctor module.
+
+Checks for Git, Docker, WSL2, and workspace path requirements.
+"""
+
+from __future__ import annotations
+
+import subprocess
+from pathlib import Path
+
+from ..types import CheckResult
+
+
+def check_git() -> CheckResult:
+    """Check if Git is installed and accessible."""
+    from ... import git as git_module
+
+    if not git_module.check_git_installed():
+        return CheckResult(
+            name="Git",
+            passed=False,
+            message="Git is not installed or not in PATH",
+            fix_hint="Install Git from https://git-scm.com/downloads",
+            fix_url="https://git-scm.com/downloads",
+            severity="error",
+        )
+
+    version = git_module.get_git_version()
+    return CheckResult(
+        name="Git",
+        passed=True,
+        message="Git is installed and accessible",
+        version=version,
+    )
+
+
+def check_docker() -> CheckResult:
+    """Check if Docker is installed and running."""
+    from ... import docker as docker_module
+
+    version = docker_module.get_docker_version()
+
+    if version is None:
+        return CheckResult(
+            name="Docker",
+            passed=False,
+            message="Docker is not installed or not running",
+            fix_hint="Install Docker Desktop from https://docker.com/products/docker-desktop",
+            fix_url="https://docker.com/products/docker-desktop",
+            severity="error",
+        )
+
+    # Parse and check minimum version
+    current = docker_module._parse_version(version)
+    required = docker_module._parse_version(docker_module.MIN_DOCKER_VERSION)
+
+    if current < required:
+        return CheckResult(
+            name="Docker",
+            passed=False,
+            message=f"Docker version {'.'.join(map(str, current))} is below minimum {docker_module.MIN_DOCKER_VERSION}",
+            version=version,
+            fix_hint="Update Docker Desktop to the latest version",
+            fix_url="https://docker.com/products/docker-desktop",
+            severity="error",
+        )
+
+    return CheckResult(
+        name="Docker",
+        passed=True,
+        message="Docker is installed and meets version requirements",
+        version=version,
+    )
+
+
+def check_docker_sandbox() -> CheckResult:
+    """Check if Docker sandbox feature is available."""
+    from ... import docker as docker_module
+
+    if not docker_module.check_docker_sandbox():
+        return CheckResult(
+            name="Docker Sandbox",
+            passed=False,
+            message="Docker sandbox feature is not available",
+            fix_hint=f"Requires Docker Desktop {docker_module.MIN_DOCKER_VERSION}+ with sandbox feature enabled",
+            fix_url="https://docs.docker.com/desktop/features/sandbox/",
+            severity="error",
+        )
+
+    return CheckResult(
+        name="Docker Sandbox",
+        passed=True,
+        message="Docker sandbox feature is available",
+    )
+
+
+def check_docker_running() -> CheckResult:
+    """Check if Docker daemon is running."""
+    try:
+        result = subprocess.run(
+            ["docker", "info"],
+            capture_output=True,
+            timeout=10,
+        )
+        if result.returncode == 0:
+            return CheckResult(
+                name="Docker Daemon",
+                passed=True,
+                message="Docker daemon is running",
+            )
+        else:
+            return CheckResult(
+                name="Docker Daemon",
+                passed=False,
+                message="Docker daemon is not running",
+                fix_hint="Start Docker Desktop or run 'sudo systemctl start docker'",
+                severity="error",
+            )
+    except (subprocess.TimeoutExpired, FileNotFoundError):
+        return CheckResult(
+            name="Docker Daemon",
+            passed=False,
+            message="Could not connect to Docker daemon",
+            fix_hint="Ensure Docker Desktop is running",
+            severity="error",
+        )
+
+
+def check_wsl2() -> tuple[CheckResult, bool]:
+    """Check WSL2 environment and return (result, is_wsl2)."""
+    from ... import platform as platform_module
+
+    is_wsl2 = platform_module.is_wsl2()
+
+    if is_wsl2:
+        return (
+            CheckResult(
+                name="WSL2 Environment",
+                passed=True,
+                message="Running in WSL2 (recommended for Windows)",
+                severity="info",
+            ),
+            True,
+        )
+
+    return (
+        CheckResult(
+            name="WSL2 Environment",
+            passed=True,
+            message="Not running in WSL2",
+            severity="info",
+        ),
+        False,
+    )
+
+
+def check_workspace_path(workspace: Path | None = None) -> CheckResult:
+    """Check if workspace path is optimal (not on Windows mount in WSL2)."""
+    from ... import platform as platform_module
+
+    if workspace is None:
+        return CheckResult(
+            name="Workspace Path",
+            passed=True,
+            message="No workspace specified",
+            severity="info",
+        )
+
+    if platform_module.is_wsl2() and platform_module.is_windows_mount_path(workspace):
+        return CheckResult(
+            name="Workspace Path",
+            passed=False,
+            message=f"Workspace is on Windows filesystem: {workspace}",
+            fix_hint="Move project to ~/projects inside WSL for better performance",
+            severity="warning",
+        )
+
+    return CheckResult(
+        name="Workspace Path",
+        passed=True,
+        message=f"Workspace path is optimal: {workspace}",
+    )

scc_cli/doctor/checks/json_helpers.py

@@ -0,0 +1,157 @@
+"""JSON validation helpers for doctor module.
+
+Provides enhanced JSON validation with code frames and helpful hints.
+"""
+
+from __future__ import annotations
+
+import json
+from pathlib import Path
+
+from ...theme import Indicators
+from ..types import JsonValidationResult
+
+
+def validate_json_file(file_path: Path) -> JsonValidationResult:
+    """
+    Validate a JSON file and extract detailed error information.
+
+    Args:
+        file_path: Path to the JSON file to validate
+
+    Returns:
+        JsonValidationResult with validation status and error details
+    """
+    if not file_path.exists():
+        return JsonValidationResult(valid=True, file_path=file_path)
+
+    try:
+        content = file_path.read_text(encoding="utf-8")
+        json.loads(content)
+        return JsonValidationResult(valid=True, file_path=file_path)
+    except json.JSONDecodeError as e:
+        code_frame = format_code_frame(content, e.lineno, e.colno, file_path)
+        return JsonValidationResult(
+            valid=False,
+            error_message=e.msg,
+            line=e.lineno,
+            column=e.colno,
+            file_path=file_path,
+            code_frame=code_frame,
+        )
+    except OSError as e:
+        return JsonValidationResult(
+            valid=False,
+            error_message=f"Cannot read file: {e}",
+            file_path=file_path,
+        )
+
+
+def format_code_frame(
+    content: str,
+    error_line: int,
+    error_col: int,
+    file_path: Path,
+    context_lines: int = 2,
+) -> str:
+    """
+    Format a code frame showing the error location with context.
+
+    Creates a visual representation like:
+        10 │   "selected_profile": "dev-team",
+        11 │   "preferences": {
+      → 12 │     "auto_update": true
+           │     ^
+        13 │     "show_tips": false
+        14 │   }
+
+    Args:
+        content: The file content
+        error_line: Line number where error occurred (1-indexed)
+        error_col: Column number where error occurred (1-indexed)
+        file_path: Path to the file (for display)
+        context_lines: Number of lines to show before/after error
+
+    Returns:
+        Formatted code frame string with Rich markup
+    """
+    lines = content.splitlines()
+    total_lines = len(lines)
+
+    # Calculate line range to display
+    start_line = max(1, error_line - context_lines)
+    end_line = min(total_lines, error_line + context_lines)
+
+    # Calculate padding for line numbers
+    max_line_num = end_line
+    line_num_width = len(str(max_line_num))
+
+    frame_lines = []
+
+    # Add file path header
+    frame_lines.append(f"[dim]File: {file_path}[/dim]")
+    frame_lines.append("")
+
+    for line_num in range(start_line, end_line + 1):
+        line_content = lines[line_num - 1] if line_num <= total_lines else ""
+
+        # Truncate long lines to prevent secret leakage (keep first 80 chars)
+        if len(line_content) > 80:
+            line_content = line_content[:77] + "..."
+
+        if line_num == error_line:
+            # Error line with arrow indicator
+            frame_lines.append(
+                f"[bold red]{Indicators.get('ARROW')} {line_num:>{line_num_width}} │[/bold red] "
+                f"[white]{_escape_rich(line_content)}[/white]"
+            )
+            # Caret line pointing to error column
+            caret_padding = " " * (line_num_width + 4 + max(0, error_col - 1))
+            frame_lines.append(f"[bold red]{caret_padding}^[/bold red]")
+        else:
+            # Context line
+            frame_lines.append(
+                f"[dim]  {line_num:>{line_num_width}} │[/dim] "
+                f"[dim]{_escape_rich(line_content)}[/dim]"
+            )
+
+    return "\n".join(frame_lines)
+
+
+def _escape_rich(text: str) -> str:
+    """Escape Rich markup characters in text."""
+    return text.replace("[", "\\[").replace("]", "\\]")
+
+
+def get_json_error_hints(error_message: str) -> list[str]:
+    """
+    Get helpful hints based on common JSON error messages.
+
+    Args:
+        error_message: The JSON decode error message
+
+    Returns:
+        List of helpful hints for fixing the error
+    """
+    hints = []
+    error_lower = error_message.lower()
+
+    if "expecting" in error_lower and "," in error_lower:
+        hints.append("Missing comma between values")
+    elif "expecting property name" in error_lower:
+        hints.append("Trailing comma after last item (not allowed in JSON)")
+        hints.append("Missing closing brace or bracket")
+    elif "expecting value" in error_lower:
+        hints.append("Missing value after colon or comma")
+        hints.append("Empty array or object element")
+    elif "expecting ':'" in error_lower:
+        hints.append("Missing colon after property name")
+    elif "unterminated string" in error_lower or "invalid \\escape" in error_lower:
+        hints.append("Unclosed string quote or invalid escape sequence")
+    elif "extra data" in error_lower:
+        hints.append("Multiple root objects (JSON must have single root)")
+
+    if not hints:
+        hints.append("Check JSON syntax near the indicated line")
+
+    return hints

scc_cli/doctor/checks/organization.py

@@ -0,0 +1,264 @@
+"""Organization and marketplace health checks for doctor module.
+
+Checks for org config reachability, marketplace auth, and credential injection.
+"""
+
+from __future__ import annotations
+
+import json
+from typing import Any, cast
+
+from ..types import CheckResult
+
+
+def load_cached_org_config() -> dict[str, Any] | None:
+    """Load cached organization config from cache directory.
+
+    Returns:
+        Cached org config dict if valid, None otherwise.
+    """
+    from ... import config
+
+    cache_file = config.CACHE_DIR / "org_config.json"
+
+    if not cache_file.exists():
+        return None
+
+    try:
+        content = cache_file.read_text()
+        return cast(dict[str, Any], json.loads(content))
+    except (json.JSONDecodeError, OSError):
+        return None
+
+
+def check_org_config_reachable() -> CheckResult | None:
+    """Check if organization config URL is reachable.
+
+    Returns:
+        CheckResult if org config is configured, None for standalone mode.
+    """
+    from ... import config
+    from ...remote import fetch_org_config
+
+    user_config = config.load_user_config()
+
+    # Skip for standalone mode
+    if user_config.get("standalone"):
+        return None
+
+    # Skip if no org source configured
+    org_source = user_config.get("organization_source")
+    if not org_source:
+        return None
+
+    url = org_source.get("url")
+    if not url:
+        return None
+
+    auth = org_source.get("auth")
+
+    # Try to fetch org config
+    try:
+        org_config, etag, status = fetch_org_config(url, auth=auth, etag=None)
+    except Exception as e:
+        return CheckResult(
+            name="Org Config",
+            passed=False,
+            message=f"Failed to fetch org config: {e}",
+            fix_hint="Check network connection and URL",
+            severity="error",
+        )
+
+    if status == 401:
+        return CheckResult(
+            name="Org Config",
+            passed=False,
+            message=f"Authentication required (401) for {url}",
+            fix_hint="Configure auth with: scc setup",
+            severity="error",
+        )
+
+    if status == 403:
+        return CheckResult(
+            name="Org Config",
+            passed=False,
+            message=f"Access denied (403) for {url}",
+            fix_hint="Check your access permissions",
+            severity="error",
+        )
+
+    if status != 200 or org_config is None:
+        return CheckResult(
+            name="Org Config",
+            passed=False,
+            message=f"Failed to fetch org config (status: {status})",
+            fix_hint="Check URL and network connection",
+            severity="error",
+        )
+
+    org_name = org_config.get("organization", {}).get("name", "Unknown")
+    return CheckResult(
+        name="Org Config",
+        passed=True,
+        message=f"Connected to: {org_name}",
+    )
+
+
+def check_marketplace_auth_available() -> CheckResult | None:
+    """Check if marketplace authentication token is available.
+
+    Returns:
+        CheckResult if marketplace is configured, None otherwise.
+    """
+    from ... import config
+    from ...remote import resolve_auth
+
+    user_config = config.load_user_config()
+    org_config = load_cached_org_config()
+
+    # Skip if no org config
+    if org_config is None:
+        return None
+
+    # Skip if no profile selected
+    profile_name = user_config.get("selected_profile")
+    if not profile_name:
+        return None
+
+    # Find the profile
+    profiles = org_config.get("profiles", {})
+    profile = profiles.get(profile_name)
+    if not profile:
+        return None
+
+    # Find the marketplace (dict-based schema)
+    marketplace_name = profile.get("marketplace")
+    marketplaces = org_config.get("marketplaces", {})
+    marketplace = marketplaces.get(marketplace_name)
+
+    if marketplace is None:
+        return CheckResult(
+            name="Marketplace Auth",
+            passed=False,
+            message=f"Marketplace '{marketplace_name}' not found in org config",
+            severity="error",
+        )
+
+    # Check auth requirement
+    auth_spec = marketplace.get("auth")
+
+    if auth_spec is None:
+        return CheckResult(
+            name="Marketplace Auth",
+            passed=True,
+            message="Public marketplace (no auth needed)",
+        )
+
+    # Try to resolve auth
+    try:
+        token = resolve_auth(auth_spec)
+        if token:
+            return CheckResult(
+                name="Marketplace Auth",
+                passed=True,
+                message=f"{auth_spec} is set",
+            )
+        else:
+            # Provide helpful hint based on auth type
+            if auth_spec.startswith("env:"):
+                var_name = auth_spec.split(":", 1)[1]
+                hint = f"Set with: export {var_name}=your-token"
+            else:
+                cmd = auth_spec.split(":", 1)[1] if ":" in auth_spec else auth_spec
+                hint = f"Run manually to debug: {cmd}"
+
+            return CheckResult(
+                name="Marketplace Auth",
+                passed=False,
+                message=f"{auth_spec} not set or invalid",
+                fix_hint=hint,
+                severity="error",
+            )
+    except Exception as e:
+        return CheckResult(
+            name="Marketplace Auth",
+            passed=False,
+            message=f"Auth resolution failed: {e}",
+            severity="error",
+        )
+
+
+def check_credential_injection() -> CheckResult | None:
+    """Check what credentials will be injected into Docker container.
+
+    Shows env var NAMES only, never values. Prevents confusion about
+    whether tokens are being passed to the container.
+
+    Returns:
+        CheckResult showing injection status, None if no profile.
+    """
+    from ... import config
+
+    user_config = config.load_user_config()
+    org_config = load_cached_org_config()
+
+    # Skip if no org config
+    if org_config is None:
+        return None
+
+    # Skip if no profile selected
+    profile_name = user_config.get("selected_profile")
+    if not profile_name:
+        return None
+
+    # Find the profile
+    profiles = org_config.get("profiles", {})
+    profile = profiles.get(profile_name)
+    if not profile:
+        return None
+
+    # Find the marketplace (dict-based schema)
+    marketplace_name = profile.get("marketplace")
+    marketplaces = org_config.get("marketplaces", {})
+    marketplace = marketplaces.get(marketplace_name)
+
+    if marketplace is None:
+        return None
+
+    # Check auth requirement
+    auth_spec = marketplace.get("auth")
+
+    if auth_spec is None:
+        return CheckResult(
+            name="Container Injection",
+            passed=True,
+            message="No credentials needed (public marketplace)",
+        )
+
+    # Determine what env vars will be injected
+    env_vars = []
+
+    if auth_spec.startswith("env:"):
+        var_name = auth_spec.split(":", 1)[1]
+        env_vars.append(var_name)
+
+        # Add standard vars based on marketplace type
+        marketplace_type = marketplace.get("type")
+        if marketplace_type == "gitlab" and var_name != "GITLAB_TOKEN":
+            env_vars.append("GITLAB_TOKEN")
+        elif marketplace_type == "github" and var_name != "GITHUB_TOKEN":
+            env_vars.append("GITHUB_TOKEN")
+
+    if env_vars:
+        env_list = ", ".join(env_vars)
+        return CheckResult(
+            name="Container Injection",
+            passed=True,
+            message=f"Will inject [{env_list}] into Docker env",
+        )
+    else:
+        return CheckResult(
+            name="Container Injection",
+            passed=True,
+            message="Command-based auth (resolved at runtime)",
+        )