From 08985cfaa621721d2026d5d85a8071204228d140 Mon Sep 17 00:00:00 2001 From: Jon Zeolla Date: Wed, 17 Sep 2025 20:25:23 -0400 Subject: [PATCH] fix(mcp): replace api key usage with oauth --- .github/etc/dictionary.txt | 1 - docs/ai-ide-support.md | 37 ++++--------------- docs/configuration.md | 6 +-- docs/hooks.md | 6 +-- docs/optional-setup.md | 6 +-- hooks/post_gen_project.py | 33 ----------------- .../.gitignore" | 2 - .../Taskfile.yml" | 12 ------ 8 files changed, 12 insertions(+), 91 deletions(-) diff --git a/.github/etc/dictionary.txt b/.github/etc/dictionary.txt index 577a36a..99b9149 100644 --- a/.github/etc/dictionary.txt +++ b/.github/etc/dictionary.txt @@ -5,7 +5,6 @@ cookiecutter dependabot digestabot dockerhub -envrc htmlcov pylance pythonpath diff --git a/docs/ai-ide-support.md b/docs/ai-ide-support.md index ee59b65..1a0141f 100644 --- a/docs/ai-ide-support.md +++ b/docs/ai-ide-support.md @@ -1,46 +1,25 @@ # AI IDE Support -The AI-Native Python template includes configuration files to work seamlessly with AI-powered development tools. +The AI-Native Python template automatically configures AI-powered development tools during project generation. [← Back to Documentation Index](index.md) -## Tool-agnostic configurations +## Automatic Configuration -### .mcp.json +When you generate a new project, the post-generation hook automatically detects which IDEs and AI assistants you have installed and creates appropriate configuration files: -Model Context Protocol configuration pre-set to integrate with: +- Model Context Protocol (MCP) configuration for [Zenable](https://zenable.io) and other MCP servers (if supported tools are detected) +- IDE-specific configuration files based on what's installed (Claude, GitHub Copilot, Cursor, etc.) +- Project-specific context and guidelines tailored to your project -- [Zenable](https://zenable.io)'s MCP server -- [Context7](https://context7.com/)'s MCP server - -## Specific IDE configurations - -### Claude Code - -Every generated project includes a `CLAUDE.md` file with: +These configurations are dynamically generated based on your installed IDEs and project settings, and include: - Project-specific context and guidelines - Technology stack information - Code style rules and patterns - Common tasks and workflows - -### GitHub Copilot Configuration - -The template includes `.github/copilot-instructions.md` with: - -- Project-specific context for GitHub Copilot -- Code conventions and patterns -- Testing requirements and workflow +- Testing requirements and patterns - Security considerations -- Common code patterns and examples -- Task automation commands - -### Cursor IDE Configuration - -The template includes `.cursor/rules/` directory with: - -- `project.mdc`: Always-active rules with project info, tech stack, and key commands -- `testing.mdc`: Auto-attached rules for test files with testing guidelines and patterns For more details on testing configuration and practices, see the [Testing Guide](testing.md). diff --git a/docs/configuration.md b/docs/configuration.md index 3c984c6..dc8a4a7 100644 --- a/docs/configuration.md +++ b/docs/configuration.md @@ -40,13 +40,9 @@ After your project is generated, you are able to make any changes you'd like. He ### Environment Variables -Create or modify the `.envrc` file in your project root: +Set environment variables for development: ```bash -# API Keys -export ZENABLE_API_KEY="your-api-key-here" - -# Development settings export PYTHONPATH="${PWD}/src:${PYTHONPATH}" export UV_PYTHON_PREFERENCE="only-system" ``` diff --git a/docs/hooks.md b/docs/hooks.md index 60f17a4..9157a64 100644 --- a/docs/hooks.md +++ b/docs/hooks.md @@ -14,9 +14,8 @@ The `post_gen_project.py` hook runs after project generation to: 2. Create the project's initial commit 3. Set up GitHub remote (if credentials available) 4. Generate a fully up-to-date `uv.lock` file -5. Create an `.envrc` with API keys -6. Run `task init` to install dependencies -7. Push to GitHub and create an initial release +5. Run `task init` to install dependencies +6. Push to GitHub and create an initial release ### Configuration @@ -24,7 +23,6 @@ Environment variables can be set before running cookiecutter to modify hook beha - `SKIP_GIT_PUSH=true` - Skip automatic Git push - `RUN_POST_HOOK=false` - Skip the post-generation hook entirely (not recommended) -- `ZENABLE_API_KEY="..."` - Auto-populate API key in .envrc For more environment variable options, see the [Optional Setup Guide](optional-setup.md#environment-variable-configuration). diff --git a/docs/optional-setup.md b/docs/optional-setup.md index 90f8b3a..2ab9b4e 100644 --- a/docs/optional-setup.md +++ b/docs/optional-setup.md @@ -48,8 +48,4 @@ uvx --with gitpython cookiecutter git+ssh://git@github.com/zenable-io/ai-native- ## Environment Variable Configuration -Generated projects include an `.envrc` file for environment-specific settings. API keys can be pre-populated during project generation by setting environment -variables before running cookiecutter (see the [Hooks Guide](hooks.md#configuration)). - -To request support for additional API keys, please [open an issue](https://github.com/Zenable-io/ai-native-python/issues/new) or [pull -request](../CONTRIBUTING.md)! +Set environment variables before running cookiecutter to modify hook behavior (see the [Hooks Guide](hooks.md#configuration)). diff --git a/hooks/post_gen_project.py b/hooks/post_gen_project.py index 72579aa..14e5615 100755 --- a/hooks/post_gen_project.py +++ b/hooks/post_gen_project.py @@ -122,34 +122,6 @@ def write_context(*, context: dict) -> None: yaml.dump(context, file) -def populate_envrc() -> None: - """Create and populate the .envrc file with API key.""" - envrc_path = Path(".envrc") - zenable_api_key = os.environ.get("ZENABLE_API_KEY") - - if zenable_api_key: - envrc_path.write_text(f'export API_KEY="{zenable_api_key}"\n') - else: - envrc_path.write_text('export API_KEY=""\n') - - # Restrict permissions to read-only, by the owner/current user - envrc_path.chmod(0o600) - - -def notify_envrc() -> None: - zenable_api_key = os.environ.get("ZENABLE_API_KEY") - print("\n" + "=" * 70) - print("NOTE: Environment Configuration") - print("=" * 70) - print("\nA .envrc file has been created in your project directory") - print("To use services that require API keys, update the .envrc file with your keys") - print("The .envrc file has already been added to your .gitignore") - print("=" * 70 + "\n") - if zenable_api_key: - print("Your ZENABLE_API_KEY has been automatically populated from the environment") - print("=" * 70 + "\n") - - def notify_dockerhub_secrets() -> None: """Notify user about required Docker Hub secrets for releases.""" # We no longer need this once https://github.com/docker/roadmap/issues/314 is available @@ -311,9 +283,6 @@ def run_post_gen_hook(): check=True, ) - # Create .envrc file with API key template - populate_envrc() - # Run the initial setup step automatically so pre-commit hooks, etc. are pre-installed. However, if it fails, don't fail the overall repo generation # (i.e. check=False) subprocess.run(["task", "init"], check=False, capture_output=True) @@ -321,8 +290,6 @@ def run_post_gen_hook(): # Notify about Docker Hub secrets if Docker Hub publishing is enabled if cookiecutter_context.get("dockerhub") == "yes": notify_dockerhub_secrets() - - notify_envrc() except subprocess.CalledProcessError as error: stdout = error.stdout.decode("utf-8") if error.stdout else "No stdout" stderr = error.stderr.decode("utf-8") if error.stderr else "No stderr" diff --git "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/.gitignore" "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/.gitignore" index d26c2a5..a2ed07e 100644 --- "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/.gitignore" +++ "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/.gitignore" @@ -1,11 +1,9 @@ -.mcp.json .task/* .lycheecache sbom.*.json vulns.*.json license-check.*.json {{ cookiecutter.github_org }}_{{ cookiecutter.project_slug }}_*_*.tar -.envrc # Created by https://www.toptal.com/developers/gitignore/api/vim,emacs,visualstudiocode,python,macos,windows # Edit at https://www.toptal.com/developers/gitignore?templates=vim,emacs,visualstudiocode,python,macos,windows diff --git "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/Taskfile.yml" "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/Taskfile.yml" index bbafbea..4f0955e 100644 --- "a/{{cookiecutter.project_name|replace(\" \", \"\")}}/Taskfile.yml" +++ "b/{{cookiecutter.project_name|replace(\" \", \"\")}}/Taskfile.yml" @@ -39,17 +39,6 @@ tasks: # Sync dependencies with uv - uv sync --frozen --all-extras - init-direnv: - desc: Sets up direnv locally - internal: true - status: - - '{{ '{{if eq .GITHUB_ACTIONS "true"}}exit 0{{end}}' }}' - cmds: - - task: brew-install - vars: - TOOLS: direnv - - direnv allow - init-pre-commit: desc: Install the pre-commit hooks internal: true @@ -77,7 +66,6 @@ tasks: desc: Initialize the repo for local use; intended to be run after git clone cmds: - task: init-uv - - task: init-direnv - task: init-pre-commit - task: init-docker-multiplatform