Skip to content

Migrate from socket-sdk-python to socketdev>=3.0.0 and switch to uv #113

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Aug 24, 2025
Merged

Migrate from socket-sdk-python to socketdev>=3.0.0 and switch to uv #113

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
a20ca32
Migrate from socket-sdk-python to socketdev>=3.0.0 and switch to uv
dacoburn Aug 23, 2025
9f50f6d
Switch to uv.lock for dependency management
dacoburn Aug 23, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -18,5 +18,5 @@ RUN for i in $(seq 1 10); do \
sleep 30; \
done && \
if [ ! -z "$SDK_VERSION" ]; then \
pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socket-sdk-python==${SDK_VERSION}; \
pip install --index-url ${PIP_INDEX_URL} --extra-index-url ${PIP_EXTRA_INDEX_URL} socketdev==${SDK_VERSION}; \
fi
51 changes: 22 additions & 29 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
.PHONY: setup compile-deps sync-deps clean test lint init-tools local-dev first-time-setup update-deps dev-setup sync-all first-time-local-setup
.PHONY: setup sync clean test lint update-lock local-dev first-time-setup dev-setup sync-all first-time-local-setup

# Environment variable for local SDK path (optional)
SOCKET_SDK_PATH ?= ../socket-sdk-python
SOCKET_SDK_PATH ?= ../socketdev

# Environment variable to control local development mode
USE_LOCAL_SDK ?= false
Expand All @@ -16,44 +16,37 @@ first-time-local-setup:
$(MAKE) clean
$(MAKE) USE_LOCAL_SDK=true dev-setup

# Update dependencies after changing pyproject.toml
update-deps: compile-deps sync-deps
# Update lock file after changing pyproject.toml
update-lock:
uv lock

# Setup for local development
dev-setup: clean local-dev setup

# Sync all dependencies after pulling changes
sync-all: sync-deps
sync-all: sync

# === Implementation targets ===

# Creates virtual environment and installs pip-tools
init-tools:
python -m venv .venv
. .venv/bin/activate && pip install pip-tools

# Installs dependencies needed for local development
# Currently: socket-sdk-python from test PyPI or local path
local-dev: init-tools
# Currently: socketdev from test PyPI or local path
local-dev:
ifeq ($(USE_LOCAL_SDK),true)
. .venv/bin/activate && pip install -e $(SOCKET_SDK_PATH)
uv add --editable $(SOCKET_SDK_PATH)
endif

# Creates/updates requirements.txt files with locked versions based on pyproject.toml
compile-deps: local-dev
. .venv/bin/activate && pip-compile --output-file=requirements.txt pyproject.toml
. .venv/bin/activate && pip-compile --extra=dev --output-file=requirements-dev.txt pyproject.toml
. .venv/bin/activate && pip-compile --extra=test --output-file=requirements-test.txt pyproject.toml

# Creates virtual environment and installs dependencies from pyproject.toml
setup: compile-deps
. .venv/bin/activate && pip install -e ".[dev,test]"
# Creates virtual environment and installs dependencies from uv.lock
setup: update-lock
uv sync --all-extras
ifeq ($(USE_LOCAL_SDK),true)
uv add --editable $(SOCKET_SDK_PATH)
endif

# Installs exact versions from requirements.txt into your virtual environment
sync-deps:
. .venv/bin/activate && pip-sync requirements.txt requirements-dev.txt requirements-test.txt
# Installs exact versions from uv.lock into your virtual environment
sync:
uv sync --all-extras
ifeq ($(USE_LOCAL_SDK),true)
. .venv/bin/activate && pip install -e $(SOCKET_SDK_PATH)
uv add --editable $(SOCKET_SDK_PATH)
endif

# Removes virtual environment and cache files
Expand All @@ -62,8 +55,8 @@ clean:
find . -type d -name "__pycache__" -exec rm -rf {} +

test:
pytest
uv run pytest

lint:
ruff check .
ruff format --check .
uv run ruff check .
uv run ruff format --check .
18 changes: 8 additions & 10 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -371,9 +371,9 @@ make first-time-setup
2. Local Development Setup (for SDK development):
```bash
pyenv local 3.11 # Ensure correct Python version
SOCKET_SDK_PATH=~/path/to/socket-sdk-python make first-time-local-setup
SOCKET_SDK_PATH=~/path/to/socketdev make first-time-local-setup
```
The default SDK path is `../socket-sdk-python` if not specified.
The default SDK path is `../socketdev` if not specified.

#### Ongoing Development Tasks

Expand All @@ -392,25 +392,23 @@ make sync-all
High-level workflows:
- `make first-time-setup`: Complete setup using PyPI packages
- `make first-time-local-setup`: Complete setup for local SDK development
- `make update-deps`: Update requirements.txt files and sync dependencies
- `make update-lock`: Update uv.lock file after changing pyproject.toml
- `make sync-all`: Sync dependencies after pulling changes
- `make dev-setup`: Setup for local development (included in first-time-local-setup)

Implementation targets:
- `make init-tools`: Creates virtual environment and installs pip-tools
- `make local-dev`: Installs dependencies needed for local development
- `make compile-deps`: Generates requirements.txt files with locked versions
- `make setup`: Creates virtual environment and installs dependencies
- `make sync-deps`: Installs exact versions from requirements.txt
- `make setup`: Creates virtual environment and installs dependencies from uv.lock
- `make sync`: Installs exact versions from uv.lock
- `make clean`: Removes virtual environment and cache files
- `make test`: Runs pytest suite
- `make lint`: Runs ruff for code formatting and linting
- `make test`: Runs pytest suite using uv run
- `make lint`: Runs ruff for code formatting and linting using uv run

### Environment Variables

#### Core Configuration
- `SOCKET_SECURITY_API_KEY`: Socket Security API token (alternative to --api-token parameter)
- `SOCKET_SDK_PATH`: Path to local socket-sdk-python repository (default: ../socket-sdk-python)
- `SOCKET_SDK_PATH`: Path to local socketdev repository (default: ../socketdev)

#### GitLab Integration
- `GITLAB_TOKEN`: GitLab API token for GitLab integration (supports both Bearer and PRIVATE-TOKEN authentication)
Expand Down
6 changes: 3 additions & 3 deletions pyproject.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ build-backend = "hatchling.build"

[project]
name = "socketsecurity"
version = "2.2.2"
version = "2.2.4"
requires-python = ">= 3.10"
license = {"file" = "LICENSE"}
dependencies = [
Expand All @@ -16,7 +16,7 @@ dependencies = [
'GitPython',
'packaging',
'python-dotenv',
'socket-sdk-python>=2.1.8,<3'
'socketdev>=3.0.0,<4.0.0'
]
readme = "README.md"
description = "Socket Security CLI for CI/CD"
Expand Down Expand Up @@ -45,7 +45,7 @@ test = [
dev = [
"ruff>=0.3.0",
"twine", # for building
"pip-tools>=7.4.0", # for pip-compile
"uv>=0.1.0", # for dependency management
"pre-commit",
"hatch"
]
Expand Down
73 changes: 0 additions & 73 deletions requirements-dev.lock
View file
Open in desktop

This file was deleted.

73 changes: 0 additions & 73 deletions requirements-dev.txt
View file
Open in desktop

This file was deleted.

71 changes: 0 additions & 71 deletions requirements.lock
View file
Open in desktop

This file was deleted.

Loading
Loading