Merge pull request #1 from ImadYIdrissi/config/Create_pip_compile_ecosystem

Config/create pip compile ecosystem & create first CI for the project

Author: ImadYIdrissi

.github/workflows/code_ci.yml

@@ -4,9 +4,6 @@ on:
   push:
     branches:
       - "**"
-  pull_request:
-    branches:
-      - master
 
 env:
   ENV_FILE: .env
@@ -16,49 +13,78 @@ jobs:
     name: Get Environment Variables
     runs-on: ubuntu-latest
     outputs:
-      python-version: ${{ steps.load-env.outputs.python-version }}
+      python-version: ${{ steps.load-internal-env.outputs.python-version }}
+      github-actions: ${{steps.load-external-env.outputs.github-actions}}
     steps:
       - name: Checkout Code
         uses: actions/checkout@v3
 
-      - name: Load Environment Variables
-        id: load-env
+      - name: Load Project's Internal Environment Variables
+        id: load-internal-env
         run: |
-          set -a
+          set -x
           [ -f ${{ env.ENV_FILE }} ] && source ${{ env.ENV_FILE }}
-          echo "::set-output name=python-version::$PYTHON_VERSION"
+          echo "python-version=$PYTHON_VERSION" >> $GITHUB_OUTPUT
+      - name: Load External Environment Variables
+        id: load-external-env
+        run: |
+          set -x 
+          if [ "$GITHUB_ACTIONS" = "true" ]; then
+            echo "github-actions=$GITHUB_ACTIONS" >> $GITHUB_OUTPUT
+          else
+            echo "github-actions=false" >> $GITHUB_OUTPUT
+          fi
 
   env-setup:
     name: Setup Python and Install Dependencies
     runs-on: ubuntu-latest
     needs: env-vars
+
     steps:
       - name: Checkout Code
         uses: actions/checkout@v3
-
       - name: Set up Python
-        id: setup-python
         uses: actions/setup-python@v4
         with:
           python-version: ${{ needs.env-vars.outputs.python-version }}
-
-      - name: Create Python Dev-tools Dependencies Cache
-        uses: actions/cache@v3
-        with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-dev-tools-dev-tools-${{ hashFiles('requirements.dev.txt') }}
-
-      - name: Install Development Dependencies
-        run: pip install -r requirements.dev.txt
-
-      - name: Create Python prod-libs Dependencies Cache
+      - name: Create Non-root User & Install dependencies # This step does not run on github actions
+        if: ${{ needs.env-vars.outputs.github-actions == 'false' }}
+        run: |
+          useradd -ms /bin/bash pyrunner
+          mkdir -p /home/pyrunner/.cache/pip
+          chown -R pyrunner:pyrunner /home/pyrunner
+          chmod -R 700 /home/pyrunner/.cache/pip
+
+          sudo -u pyrunner bash -c "
+          python -m venv ~/venv &&
+          source ~/venv/bin/activate &&
+          pip install --upgrade pip &&
+          pip install -r requirements.txt
+          "
+      - name: Install Python Dependencies
+        if: ${{ needs.env-vars.outputs.github-actions == 'true' }}
+        run: |
+          python -m venv ~/venv &&
+          source ~/venv/bin/activate &&
+          pip install --upgrade pip &&
+          pip install -r requirements.txt
+      - name: Verify Python Version
+        run: |
+          source ~/venv/bin/activate
+          ACTUAL_VERSION=$(python --version 2>&1 | sed 's/Python //')
+          EXPECTED_VERSION="${{ needs.env-vars.outputs.python-version }}"
+          echo "Actual: $ACTUAL_VERSION"
+          echo "Expected: $EXPECTED_VERSION"
+      
+          if [ "$ACTUAL_VERSION" != "$EXPECTED_VERSION" ]; then
+            echo "ERROR: Python version mismatch: expected $EXPECTED_VERSION, got $ACTUAL_VERSION"
+            exit 1
+          fi
+      - name: Save Python Environment Cache
         uses: actions/cache@v3
         with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-prod-libs-${{ hashFiles('requirements.txt') }}
-
-      - name: Install Prod Dependencies
-        run: pip install -r requirements.txt
+          path: ~/venv
+          key: ${{ runner.os }}-python-venv-${{ hashFiles('requirements.txt') }}
 
   lint:
     name: Flake8 linting
@@ -68,18 +94,16 @@ jobs:
       - name: Checkout Code
         uses: actions/checkout@v3
 
-      - name: Restore Python Dev-tools Dependencies Cache
+      - name: Restore Python Environment Cache
         uses: actions/cache@v3
         with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-dev-tools-${{ hashFiles('requirements.dev.txt') }}
-          restore-keys: |
-            ${{ runner.os }}-pip-dev-tools-
-      - name: Install Flake8
-        run: pip install flake8 flake8-pyproject
+          path: ~/venv
+          key: ${{ runner.os }}-python-venv-${{ hashFiles('requirements.txt') }}
 
       - name: Run Flake8
-        run: flake8 .
+        run: |
+          source ~/venv/bin/activate
+          flake8 .
 
   security:
     name: Security Check
@@ -89,18 +113,16 @@ jobs:
       - name: Checkout Code
         uses: actions/checkout@v3
 
-      - name: Restore Python Dev-tools Dependencies Cache
+      - name: Restore Python Environment Cache
         uses: actions/cache@v3
         with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-dev-tools-${{ hashFiles('requirements.dev.txt') }}
-          restore-keys: |
-            ${{ runner.os }}-pip-dev-tools-
-      - name: Install Bandit
-        run: pip install bandit
+          path: ~/venv
+          key: ${{ runner.os }}-python-venv-${{ hashFiles('requirements.txt') }}
 
       - name: Run Bandit Security Check
-        run: bandit -r .
+        run: |
+          source ~/venv/bin/activate
+          bandit -r .
 
   quality:
     name: Code Quality
@@ -110,34 +132,24 @@ jobs:
       - name: Checkout Code
         uses: actions/checkout@v3
 
-      - name: Restore Python Dev-tools Dependencies Cache
-        uses: actions/cache@v3
-        with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-dev-tools-${{ hashFiles('requirements.dev.txt') }}
-          restore-keys: |
-            ${{ runner.os }}-pip-dev-tools-
-
-      - name: Restore Python Prod Dependencies Cache
+      - name: Restore Python Environment Cache
         uses: actions/cache@v3
         with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-prod-${{ hashFiles('requirements.txt') }}
-          restore-keys: |
-            ${{ runner.os }}-pip-prod-
+          path: ~/venv
+          key: ${{ runner.os }}-python-venv-${{ hashFiles('requirements.txt') }}
 
-      - name: Install Pylint, Black & Pydocstyle
-        run: pip install pylint black pydocstyle
-
-      - name: Install Prod libs
-        run: pip install -r requirements.txt
-
-      - name: Pylint linting
-        run: pylint .
+      - name: Run Pylint
+        run: |
+          source ~/venv/bin/activate
+          pylint .
 
       - name: Check Black Formatting
-        run: black --check .
+        run: |
+          source ~/venv/bin/activate
+          black --check .
 
       - name: Check Pydocstyle
-        run: pydocstyle .
+        run: |
+          source ~/venv/bin/activate
+          pydocstyle .
         continue-on-error: true # Non-blocking

README.md

@@ -37,6 +37,25 @@ DataOps-Forge/                     # Root of the repository containing all proje
 - Docker / Docker-desktop
 - act : To test CICD jobs
 
+## Setup the environment
+
+1. Create virtual env via pyenv, for convention call it dataops-forge
+2. Activate virtual env
+
+    ```bash
+    pyenv activate dataops-forge
+    pip install -U pip pip-tools
+    ```
+
+    NB: It is recommended to set up this environment as your default IDE interpreter. 3. Install and update python tools
+
+3. [Optional] if need to update python requirements, then recompile them this way :
+
+    ```bash
+    pip-compile requirements.in
+    pip-compile requirements.dev.in
+    ```
+
 ## Run CI locally
 
 Move to the root of the project.
@@ -58,3 +77,26 @@ Or if you want to test just a particular area
 ```bash
 act -j quality
 ```
+
+You can also visualize the dependency graph with
+
+```bash
+act --graph
+```
+
+Example output
+
+```plaintext
+INFO[0000] Using docker host 'unix:///var/run/docker.sock', and daemon socket 'unix:///var/run/docker.sock'
+             ╭───────────────────────────╮
+             │ Get Environment Variables │
+             ╰───────────────────────────╯
+                           ⬇
+       ╭───────────────────────────────────────╮
+       │ Setup Python and Install Dependencies │
+       ╰───────────────────────────────────────╯
+                           ⬇
+ ╭────────────────╮ ╭────────────────╮ ╭──────────────╮
+ │ Flake8 linting │ │ Security Check │ │ Code Quality │
+ ╰────────────────╯ ╰────────────────╯ ╰──────────────╯
+```

requirements.dev.in

@@ -0,0 +1,6 @@
+black
+bandit
+flake8
+flake8-pyproject
+pylint
+pydocstyle

requirements.dev.txt

@@ -1,6 +1,82 @@
-black
-bandit
-flake8
-flake8-pyproject
-pylint
-pydocstyle
+#
+# This file is autogenerated by pip-compile with Python 3.12
+# by the following command:
+#
+#    pip-compile requirements.dev.in
+#
+astroid==3.3.8
+    # via pylint
+bandit==1.8.0
+    # via -r requirements.dev.in
+black==24.10.0
+    # via -r requirements.dev.in
+build==1.2.2.post1
+    # via pip-tools
+click==8.1.8
+    # via
+    #   black
+    #   pip-tools
+dill==0.3.9
+    # via pylint
+flake8==7.1.1
+    # via
+    #   -r requirements.dev.in
+    #   flake8-pyproject
+flake8-pyproject==1.2.3
+    # via -r requirements.dev.in
+isort==5.13.2
+    # via pylint
+markdown-it-py==3.0.0
+    # via rich
+mccabe==0.7.0
+    # via
+    #   flake8
+    #   pylint
+mdurl==0.1.2
+    # via markdown-it-py
+mypy-extensions==1.0.0
+    # via black
+packaging==24.2
+    # via
+    #   black
+    #   build
+pathspec==0.12.1
+    # via black
+pbr==6.1.0
+    # via stevedore
+pip-tools==7.4.1
+    # via -r requirements.dev.in
+platformdirs==4.3.6
+    # via
+    #   black
+    #   pylint
+pycodestyle==2.12.1
+    # via flake8
+pydocstyle==6.3.0
+    # via -r requirements.dev.in
+pyflakes==3.2.0
+    # via flake8
+pygments==2.18.0
+    # via rich
+pylint==3.3.3
+    # via -r requirements.dev.in
+pyproject-hooks==1.2.0
+    # via
+    #   build
+    #   pip-tools
+pyyaml==6.0.2
+    # via bandit
+rich==13.9.4
+    # via bandit
+snowballstemmer==2.2.0
+    # via pydocstyle
+stevedore==5.4.0
+    # via bandit
+tomlkit==0.13.2
+    # via pylint
+wheel==0.45.1
+    # via pip-tools
+
+# The following packages are considered to be unsafe in a requirements file:
+# pip
+# setuptools

requirements.in

@@ -0,0 +1,6 @@
+-r requirements.dev.in
+pandas
+db-dtypes
+fastapi[standard]
+google-cloud-bigquery
+google-cloud-bigquery-storage