CM-46563 - Migrate to rich Console, add help rich panels, add syntax highlighting for light themes, fix progress bar

Author: MarshalX

cycode/cli/app.py

@@ -2,6 +2,7 @@
 from typing import Annotated, Optional
 
 import typer
+from typer.completion import install_callback, show_callback
 
 from cycode import __version__
 from cycode.cli.apps import ai_remediation, auth, configure, ignore, report, scan, status
@@ -20,6 +21,7 @@
     pretty_exceptions_short=True,
     context_settings=CLI_CONTEXT_SETTINGS,
     rich_markup_mode='rich',
+    add_completion=False,  # we add it manually to control the rich help panel
 )
 
 app.add_typer(ai_remediation.app)
@@ -39,9 +41,10 @@ def check_latest_version_on_close(ctx: typer.Context) -> None:
 
     # we always want to check the latest version for "version" and "status" commands
     should_use_cache = ctx.invoked_subcommand not in {'version', 'status'}
-    version_checker.check_and_notify_update(
-        current_version=__version__, use_color=ctx.color, use_cache=should_use_cache
-    )
+    version_checker.check_and_notify_update(current_version=__version__, use_cache=should_use_cache)
+
+
+_COMPLETION_RICH_HELP_PANEL = 'Completion options'
 
 
 @app.callback()
@@ -61,6 +64,28 @@ def app_callback(
         Optional[str],
         typer.Option(hidden=True, help='Characteristic JSON object that lets servers identify the application.'),
     ] = None,
+    _: Annotated[
+        Optional[bool],
+        typer.Option(
+            '--install-completion',
+            callback=install_callback,
+            is_eager=True,
+            expose_value=False,
+            help='Install completion for the current shell.',
+            rich_help_panel=_COMPLETION_RICH_HELP_PANEL,
+        ),
+    ] = False,
+    __: Annotated[
+        Optional[bool],
+        typer.Option(
+            '--show-completion',
+            callback=show_callback,
+            is_eager=True,
+            expose_value=False,
+            help='Show completion for the current shell, to copy it or customize the installation.',
+            rich_help_panel=_COMPLETION_RICH_HELP_PANEL,
+        ),
+    ] = False,
 ) -> None:
     init_sentry()
     add_breadcrumb('cycode')

cycode/cli/apps/ai_remediation/print_remediation.py

@@ -1,7 +1,7 @@
 import typer
-from rich.console import Console
 from rich.markdown import Markdown
 
+from cycode.cli.console import console
 from cycode.cli.models import CliResult
 from cycode.cli.printers import ConsolePrinter
 
@@ -12,4 +12,4 @@ def print_remediation(ctx: typer.Context, remediation_markdown: str, is_fix_avai
         data = {'remediation': remediation_markdown, 'is_fix_available': is_fix_available}
         printer.print_result(CliResult(success=True, message='Remediation fetched successfully', data=data))
     else:  # text or table
-        Console().print(Markdown(remediation_markdown))
+        console.print(Markdown(remediation_markdown))

cycode/cli/apps/configure/configure_command.py

@@ -1,7 +1,5 @@
 from typing import Optional
 
-import typer
-
 from cycode.cli.apps.configure.consts import CONFIGURATION_MANAGER, CREDENTIALS_MANAGER
 from cycode.cli.apps.configure.messages import get_credentials_update_result_message, get_urls_update_result_message
 from cycode.cli.apps.configure.prompts import (
@@ -10,6 +8,7 @@
     get_client_id_input,
     get_client_secret_input,
 )
+from cycode.cli.console import console
 from cycode.cli.utils.sentry import add_breadcrumb
 
 
@@ -52,6 +51,6 @@ def configure_command() -> None:
         CREDENTIALS_MANAGER.update_credentials(client_id, client_secret)
 
     if config_updated:
-        typer.echo(get_urls_update_result_message())
+        console.print(get_urls_update_result_message())
     if credentials_updated:
-        typer.echo(get_credentials_update_result_message())
+        console.print(get_credentials_update_result_message())

cycode/cli/apps/ignore/ignore_command.py

@@ -12,45 +12,62 @@
 from cycode.cli.utils.sentry import add_breadcrumb
 from cycode.cli.utils.string_utils import hash_string_to_sha256
 
+_FILTER_BY_RICH_HELP_PANEL = 'Filter options'
+_SECRETS_FILTER_BY_RICH_HELP_PANEL = 'Secrets filter options'
+_SCA_FILTER_BY_RICH_HELP_PANEL = 'SCA filter options'
+
 
 def _is_package_pattern_valid(package: str) -> bool:
     return re.search('^[^@]+@[^@]+$', package) is not None
 
 
 def ignore_command(  # noqa: C901
-    by_value: Annotated[
-        Optional[str], typer.Option(help='Ignore a specific value while scanning for Secrets.', show_default=False)
+    by_path: Annotated[
+        Optional[str],
+        typer.Option(
+            help='Ignore a specific file or directory while scanning.',
+            show_default=False,
+            rich_help_panel=_FILTER_BY_RICH_HELP_PANEL,
+        ),
     ] = None,
-    by_sha: Annotated[
+    by_rule: Annotated[
         Optional[str],
         typer.Option(
-            help='Ignore a specific SHA512 representation of a string while scanning for Secrets.', show_default=False
+            help='Ignore scanning a specific Secrets rule ID or IaC rule ID.',
+            show_default=False,
+            rich_help_panel=_FILTER_BY_RICH_HELP_PANEL,
         ),
     ] = None,
-    by_path: Annotated[
+    by_value: Annotated[
         Optional[str],
-        typer.Option(help='Avoid scanning a specific path. You`ll need to specify the scan type.', show_default=False),
+        typer.Option(
+            help='Ignore a specific value.',
+            show_default=False,
+            rich_help_panel=_SECRETS_FILTER_BY_RICH_HELP_PANEL,
+        ),
     ] = None,
-    by_rule: Annotated[
+    by_sha: Annotated[
         Optional[str],
         typer.Option(
-            help='Ignore scanning a specific secret rule ID or IaC rule ID. You`ll to specify the scan type.',
+            help='Ignore a specific SHA512 representation of a string.',
             show_default=False,
+            rich_help_panel=_SECRETS_FILTER_BY_RICH_HELP_PANEL,
         ),
     ] = None,
     by_package: Annotated[
         Optional[str],
         typer.Option(
-            help='Ignore scanning a specific package version while running an SCA scan. '
-            'Expected pattern: name@version.',
+            help='Ignore scanning a specific package version. Expected pattern: [cyan]name@version[/cyan].',
             show_default=False,
+            rich_help_panel=_SCA_FILTER_BY_RICH_HELP_PANEL,
         ),
     ] = None,
     by_cve: Annotated[
         Optional[str],
         typer.Option(
-            help='Ignore scanning a specific CVE while running an SCA scan. Expected pattern: CVE-YYYY-NNN.',
+            help='Ignore scanning a specific CVE. Expected pattern: [cyan]CVE-YYYY-NNN[/cyan].',
             show_default=False,
+            rich_help_panel=_SCA_FILTER_BY_RICH_HELP_PANEL,
         ),
     ] = None,
     scan_type: Annotated[

cycode/cli/apps/report/sbom/sbom_command.py

@@ -8,6 +8,8 @@
 from cycode.cli.utils.sentry import add_breadcrumb
 from cycode.cyclient.report_client import ReportParameters
 
+_OUTPUT_RICH_HELP_PANEL = 'Output options'
+
 
 def sbom_command(
     ctx: typer.Context,
@@ -27,6 +29,7 @@ def sbom_command(
             '--output-format',
             '-o',
             help='Specify the output file format.',
+            rich_help_panel=_OUTPUT_RICH_HELP_PANEL,
         ),
     ] = SbomOutputFormatOption.JSON,
     output_file: Annotated[
@@ -36,6 +39,7 @@ def sbom_command(
             show_default='Autogenerated filename saved to the current directory',
             dir_okay=False,
             writable=True,
+            rich_help_panel=_OUTPUT_RICH_HELP_PANEL,
         ),
     ] = None,
     include_vulnerabilities: Annotated[

cycode/cli/apps/report/sbom/sbom_report_file.py

@@ -3,7 +3,9 @@
 import re
 from typing import Optional
 
-import click
+import typer
+
+from cycode.cli.console import console
 
 
 class SbomReportFile:
@@ -21,14 +23,14 @@ def is_exists(self) -> bool:
         return self._file_path.exists()
 
     def _prompt_overwrite(self) -> bool:
-        return click.confirm(f'File {self._file_path} already exists. Save with a different filename?', default=True)
+        return typer.confirm(f'File {self._file_path} already exists. Save with a different filename?', default=True)
 
     def _write(self, content: str) -> None:
         with open(self._file_path, 'w', encoding='UTF-8') as f:
             f.write(content)
 
     def _notify_about_saved_file(self) -> None:
-        click.echo(f'Report saved to {self._file_path}')
+        console.print(f'Report saved to {self._file_path}')
 
     def _find_and_set_unique_filename(self) -> None:
         attempt_no = 0

cycode/cli/apps/scan/code_scanner.py

@@ -12,6 +12,7 @@
 from cycode.cli import consts
 from cycode.cli.cli_types import SeverityOption
 from cycode.cli.config import configuration_manager
+from cycode.cli.console import console
 from cycode.cli.exceptions import custom_exceptions
 from cycode.cli.exceptions.handle_scan_errors import handle_scan_exception
 from cycode.cli.files_collector.excluder import exclude_irrelevant_documents_to_scan
@@ -83,7 +84,7 @@ def scan_sca_commit_range(ctx: typer.Context, path: str, commit_range: str) -> N
     scan_commit_range_documents(ctx, from_commit_documents, to_commit_documents, scan_parameters=scan_parameters)
 
 
-def scan_disk_files(ctx: click.Context, paths: Tuple[str]) -> None:
+def scan_disk_files(ctx: typer.Context, paths: Tuple[str]) -> None:
     scan_type = ctx.obj['scan_type']
     progress_bar = ctx.obj['progress_bar']
 
@@ -642,7 +643,7 @@ def parse_pre_receive_input() -> str:
     return pre_receive_input.splitlines()[0]
 
 
-def _get_default_scan_parameters(ctx: click.Context) -> dict:
+def _get_default_scan_parameters(ctx: typer.Context) -> dict:
     return {
         'monitor': ctx.obj.get('monitor'),
         'report': ctx.obj.get('report'),
@@ -916,7 +917,7 @@ def _try_get_report_url_if_needed(
         logger.debug('Failed to get report URL', exc_info=e)
 
 
-def _set_aggregation_report_url(ctx: click.Context, aggregation_report_url: Optional[str] = None) -> None:
+def _set_aggregation_report_url(ctx: typer.Context, aggregation_report_url: Optional[str] = None) -> None:
     ctx.obj['aggregation_report_url'] = aggregation_report_url
 
 
@@ -1007,7 +1008,7 @@ def _normalize_file_path(path: str) -> str:
 
 def perform_post_pre_receive_scan_actions(ctx: typer.Context) -> None:
     if scan_utils.is_scan_failed(ctx):
-        click.echo(consts.PRE_RECEIVE_REMEDIATION_MESSAGE)
+        console.print(consts.PRE_RECEIVE_REMEDIATION_MESSAGE)
 
 
 def enable_verbose_mode(ctx: typer.Context) -> None:

cycode/cli/apps/scan/repository/repository_command.py

@@ -63,6 +63,6 @@ def repository_command(
         perform_pre_scan_documents_actions(ctx, scan_type, documents_to_scan)
 
         logger.debug('Found all relevant files for scanning %s', {'path': path, 'branch': branch})
-        scan_documents(ctx, documents_to_scan, get_scan_parameters(ctx, (path,)))
+        scan_documents(ctx, documents_to_scan, get_scan_parameters(ctx, (str(path),)))
     except Exception as e:
         handle_scan_exception(ctx, e)

cycode/cli/apps/scan/scan_ci/ci_integrations.py

@@ -2,6 +2,8 @@
 
 import click
 
+from cycode.cli.console import console
+
 
 def github_action_range() -> str:
     before_sha = os.getenv('BEFORE_SHA')
@@ -11,7 +13,7 @@ def github_action_range() -> str:
     head_sha = os.getenv('GITHUB_SHA')
     ref = os.getenv('GITHUB_REF')
 
-    click.echo(f'{before_sha}, {push_base_sha}, {pr_base_sha}, {default_branch}, {head_sha}, {ref}')
+    console.print(f'{before_sha}, {push_base_sha}, {pr_base_sha}, {default_branch}, {head_sha}, {ref}')
     if before_sha and before_sha != NO_COMMITS:
         return f'{before_sha}...'
 
@@ -26,7 +28,7 @@ def circleci_range() -> str:
     before_sha = os.getenv('BEFORE_SHA')
     current_sha = os.getenv('CURRENT_SHA')
     commit_range = f'{before_sha}...{current_sha}'
-    click.echo(f'commit range: {commit_range}')
+    console.print(f'commit range: {commit_range}')
 
     if not commit_range.startswith('...'):
         return commit_range

cycode/cli/apps/scan/scan_command.py

@@ -12,6 +12,9 @@
 from cycode.cli.utils.get_api_client import get_scan_cycode_client
 from cycode.cli.utils.sentry import add_breadcrumb
 
+_AUTH_RICH_HELP_PANEL = 'Authentication options'
+_SCA_RICH_HELP_PANEL = 'SCA options'
+
 
 def scan_command(
     ctx: typer.Context,
@@ -28,14 +31,14 @@ def scan_command(
         Optional[str],
         typer.Option(
             help='Specify a Cycode client secret for this specific scan execution.',
-            rich_help_panel='Authentication options',
+            rich_help_panel=_AUTH_RICH_HELP_PANEL,
         ),
     ] = None,
     client_id: Annotated[
         Optional[str],
         typer.Option(
             help='Specify a Cycode client ID for this specific scan execution.',
-            rich_help_panel='Authentication options',
+            rich_help_panel=_AUTH_RICH_HELP_PANEL,
         ),
     ] = None,
     show_secret: Annotated[bool, typer.Option('--show-secret', help='Show Secrets in plain text.')] = False,
@@ -65,15 +68,15 @@ def scan_command(
         List[ScaScanTypeOption],
         typer.Option(
             help='Specify the type of SCA scan you wish to execute.',
-            rich_help_panel='SCA options',
+            rich_help_panel=_SCA_RICH_HELP_PANEL,
         ),
     ] = (ScaScanTypeOption.PACKAGE_VULNERABILITIES, ScaScanTypeOption.LICENSE_COMPLIANCE),
     monitor: Annotated[
         bool,
         typer.Option(
             '--monitor',
             help='When specified, the scan results are recorded in the Discovery module.',
-            rich_help_panel='SCA options',
+            rich_help_panel=_SCA_RICH_HELP_PANEL,
         ),
     ] = False,
     no_restore: Annotated[
@@ -82,7 +85,7 @@ def scan_command(
             '--no-restore',
             help='When specified, Cycode will not run restore command. '
             'Will scan direct dependencies [bold]only[/bold]!',
-            rich_help_panel='SCA options',
+            rich_help_panel=_SCA_RICH_HELP_PANEL,
         ),
     ] = False,
     gradle_all_sub_projects: Annotated[
@@ -91,7 +94,7 @@ def scan_command(
             '--gradle-all-sub-projects',
             help='When specified, Cycode will run gradle restore command for all sub projects. '
             'Should run from root project directory [bold]only[/bold]!',
-            rich_help_panel='SCA options',
+            rich_help_panel=_SCA_RICH_HELP_PANEL,
         ),
     ] = False,
 ) -> None: