IDP-43-modular: feedback review

Author: hminaee-tc

cpk_lib_python_github/github_app_token_generator_package/github_app_token_generator/auth.py

@@ -2,6 +2,7 @@
 """GitHub App authentication utilities."""
 import logging
 import time
+from typing import Optional
 
 import jwt
 
@@ -11,8 +12,8 @@
 class GitHubAppAuth:
     """Handle GitHub App authentication."""
 
-    def __init__(self, app_id: str, private_key: str):
-        self.app_id = app_id
+    def __init__(self, app_id: int, private_key: str):
+        self.app_id = str(app_id)
         self.private_key = private_key
 
     def generate_jwt(self) -> str:
@@ -46,7 +47,10 @@ def read_private_key(private_key_path: str) -> str:
             raise error
 
     @staticmethod
-    def get_private_key_content(private_key_path=None, private_key_content=None) -> str:
+    def get_private_key_content(
+        private_key_path: Optional[str] = None,
+        private_key_content: Optional[str] = None,
+    ) -> str:
         """Get private key content from file or direct input."""
         if private_key_path and private_key_content:
             raise ValueError("Cannot specify both --private-key-path and --private-key")
@@ -58,8 +62,6 @@ def get_private_key_content(private_key_path=None, private_key_content=None) ->
             logger.debug("Using private key content provided directly")
             return private_key_content
 
-        if private_key_path:
-            logger.debug("Reading private key from file: %s", private_key_path)
-            return GitHubAppAuth.read_private_key(private_key_path)
-
-        raise ValueError("No private key source provided")
+        # If we reach here, private_key_path must be truthy
+        logger.debug("Reading private key from file: %s", private_key_path)
+        return GitHubAppAuth.read_private_key(private_key_path)

cpk_lib_python_github/github_app_token_generator_package/github_app_token_generator/cli.py

@@ -16,14 +16,19 @@ def create_parser() -> argparse.ArgumentParser:
         epilog=f"""
 {Fore.GREEN}{Style.BRIGHT}Examples:{Style.RESET_ALL}
   {Fore.CYAN}# Generate tokens (using private key file){Style.RESET_ALL}
-  {Fore.YELLOW}%(prog)s{Style.RESET_ALL} {Fore.CYAN}--org{Style.RESET_ALL} myorg \\
-    {Fore.CYAN}--app-id{Style.RESET_ALL} APP_ID \\
-    {Fore.CYAN}--private-key-path{Style.RESET_ALL} /path/to/key.pem
+  {Fore.YELLOW}%(prog)s{Style.RESET_ALL} {Fore.CYAN}--app-id{Style.RESET_ALL} $APP_ID \\
+    {Fore.CYAN}--private-key-path{Style.RESET_ALL} /path/to/key.pem \\
+    {Fore.CYAN}--org{Style.RESET_ALL} myorg
 
   {Fore.CYAN}# Generate tokens (using private key content){Style.RESET_ALL}
-  {Fore.YELLOW}%(prog)s{Style.RESET_ALL} {Fore.CYAN}--org{Style.RESET_ALL} myorg \\
-    {Fore.CYAN}--app-id{Style.RESET_ALL} APP_ID \\
-    {Fore.CYAN}--private-key{Style.RESET_ALL} "$(cat /path/to/key.pem)"
+  {Fore.YELLOW}%(prog)s{Style.RESET_ALL} {Fore.CYAN}--app-id{Style.RESET_ALL} $APP_ID \\
+    {Fore.CYAN}--private-key{Style.RESET_ALL} "$(cat /path/to/key.pem)" \\
+    {Fore.CYAN}--org{Style.RESET_ALL} myorg
+
+  {Fore.CYAN}# Using environment variables{Style.RESET_ALL}
+  {Fore.YELLOW}export APP_ID=$APP_ID{Style.RESET_ALL}
+  {Fore.YELLOW}export PRIVATE_KEY_PATH=/path/to/key.pem{Style.RESET_ALL}
+  {Fore.YELLOW}%(prog)s{Style.RESET_ALL} {Fore.CYAN}--org{Style.RESET_ALL} myorg
 
 {Fore.BLUE}{Style.BRIGHT}Environment Variables:{Style.RESET_ALL}
   {Fore.MAGENTA}APP_ID{Style.RESET_ALL}                    GitHub App ID
@@ -34,40 +39,30 @@ def create_parser() -> argparse.ArgumentParser:
 
     # Add arguments
     parser.add_argument(
-        "--app-id", help="GitHub App ID (or set APP_ID env var)", metavar="ID"
+        "--app-id", type=int, help="(REQUIRED) GitHub App ID (or set APP_ID env var)", metavar="ID"
     )
 
     # Private key group
     key_group = parser.add_mutually_exclusive_group()
     key_group.add_argument(
-        "--private-key-path", help="Path to private key file", metavar="PATH"
+        "--private-key-path",
+        help="(REQUIRED if private-key not present) Path to private key file",
+        metavar="PATH",
     )
     key_group.add_argument(
-        "--private-key", help="Private key content directly", metavar="KEY_CONTENT"
+        "--private-key",
+        help="(REQUIRED if private-key-path not present) Private key content directly",
+        metavar="KEY_CONTENT",
     )
 
     # Operations
-    parser.add_argument(
-        "--org", help="Organization name to get token for", metavar="ORG"
-    )
-    parser.add_argument(
-        "--installation-id", help="Installation ID (if known)", metavar="ID"
-    )
-    parser.add_argument(
-        "--list-installations", action="store_true", help="List all installations"
-    )
-    parser.add_argument(
-        "--analyze-app", action="store_true", help="Analyze GitHub App details"
-    )
-    parser.add_argument(
-        "--validate-token", help="Validate an existing token", metavar="TOKEN"
-    )
-    parser.add_argument(
-        "--revoke-token", help="Revoke an existing token", metavar="TOKEN"
-    )
-    parser.add_argument(
-        "--force", action="store_true", help="Skip confirmation prompts"
-    )
+    parser.add_argument("--org", help="Organization name to get token for", metavar="ORG")
+    parser.add_argument("--installation-id", help="Installation ID (if known)", metavar="ID")
+    parser.add_argument("--list-installations", action="store_true", help="List all installations")
+    parser.add_argument("--analyze-app", action="store_true", help="Analyze GitHub App details")
+    parser.add_argument("--validate-token", help="Validate an existing token", metavar="TOKEN")
+    parser.add_argument("--revoke-token", help="Revoke an existing token", metavar="TOKEN")
+    parser.add_argument("--force", action="store_true", help="Skip confirmation prompts")
     parser.add_argument("--debug", action="store_true", help="Enable debug logging")
 
     return parser

cpk_lib_python_github/github_app_token_generator_package/github_app_token_generator/config.py

@@ -20,17 +20,6 @@ class Config:
     timeout: int = 30
     debug: bool = False
 
-    def __post_init__(self):
-        """Validate configuration after initialization."""
-        if self.app_id:
-            try:
-                # Ensure app_id is a valid integer
-                int(self.app_id)
-            except ValueError as error:
-                raise ValueError(
-                    f"Invalid app_id: {self.app_id}. Must be a number."
-                ) from error
-
     @property
     def has_private_key(self) -> bool:
         """Check if private key is configured."""
@@ -64,9 +53,15 @@ def get_config_from_env(args) -> Config:
 
     # Check if this operation requires app configuration
     needs_app_config = requires_app_config(args)
+    # Handle app_id with proper type conversion
+    if args.app_id:
+        config.app_id = args.app_id  # Already int from parser
+    elif os.getenv("APP_ID"):
+        try:
+            config.app_id = int(os.getenv("APP_ID"))  # Convert env var to int
+        except ValueError as exc:
+            raise ValueError(f"Invalid APP_ID environment variable: {os.getenv('APP_ID')}") from exc
 
-    # App ID - CLI args take precedence over env vars
-    config.app_id = args.app_id or os.getenv("APP_ID")
     if needs_app_config and not config.app_id:
         logger.error(
             "App ID is required for this operation. "
@@ -82,7 +77,7 @@ def get_config_from_env(args) -> Config:
     config.private_key_content = args.private_key or os.getenv("PRIVATE_KEY")
 
     if needs_app_config and not config.has_private_key:
-        logger.error(
+        logger.debug(
             "Private key is required for this operation. "
             "Set PRIVATE_KEY or PRIVATE_KEY_PATH environment variable "
             "or use --private-key/--private-key-path"
@@ -135,9 +130,7 @@ def validate_environment() -> bool:
             return False
 
         if not (private_key_path or private_key_content):
-            logger.warning(
-                "Neither PRIVATE_KEY_PATH nor PRIVATE_KEY environment variable set"
-            )
+            logger.warning("Neither PRIVATE_KEY_PATH nor PRIVATE_KEY environment variable set")
             return False
 
         # Validate app_id is a number

cpk_lib_python_github/github_app_token_generator_package/github_app_token_generator/formatters.py

@@ -108,17 +108,13 @@ def format_token_validation(self, validation_result: Dict[str, Any]) -> str:
 
             if "repositories_count" in validation_result:
                 count = validation_result["repositories_count"]
-                lines.append(
-                    f"Accessible repositories: {Fore.CYAN}{count}{Style.RESET_ALL}"
-                )
+                lines.append(f"Accessible repositories: {Fore.CYAN}{count}{Style.RESET_ALL}")
 
             if "rate_limit" in validation_result:
                 rate_limit = validation_result["rate_limit"]
                 remaining = rate_limit.get("remaining", "Unknown")
                 limit = rate_limit.get("limit", "Unknown")
-                lines.append(
-                    f"Rate limit: {Fore.YELLOW}{remaining}/{limit}{Style.RESET_ALL}"
-                )
+                lines.append(f"Rate limit: {Fore.YELLOW}{remaining}/{limit}{Style.RESET_ALL}")
 
             if "scopes" in validation_result and validation_result["scopes"]:
                 scopes = ", ".join(validation_result["scopes"])
@@ -148,8 +144,7 @@ def _format_basic_app_info(self, app_info: Dict[str, Any]) -> str:
                 f"  Owner: {Fore.MAGENTA}",
                 f"{owner.get('login', 'Unknown')}{Style.RESET_ALL}",
                 f"  Owner Type: {owner.get('type', 'Unknown')}",
-                f"  URL: {Fore.BLUE}"
-                f"{app_info.get('html_url', 'Unknown')}{Style.RESET_ALL}",
+                f"  URL: {Fore.BLUE}" f"{app_info.get('html_url', 'Unknown')}{Style.RESET_ALL}",
                 f"  Created: {Fore.BLUE}",
                 f"{app_info.get('created_at', 'Unknown')}{Style.RESET_ALL}",
                 "",  # Empty line
@@ -177,14 +172,11 @@ def format_app_analysis(
         lines.extend(
             [
                 f"{Fore.BLUE}{Style.BRIGHT}📍 Installation Summary{Style.RESET_ALL}",
-                f"  Total Installations: {Fore.YELLOW}",
-                f"{len(installations)}{Style.RESET_ALL}",
+                f"  Total Installations: {Fore.YELLOW}{len(installations)}{Style.RESET_ALL}",
             ]
         )
 
-        total_repos = sum(
-            repos.get("total_count", 0) for repos in installation_repos.values()
-        )
+        total_repos = sum(repos.get("total_count", 0) for repos in installation_repos.values())
 
         lines.extend(
             [
@@ -215,11 +207,7 @@ def format_app_analysis(
 
         # Repository details
         if installation_repos:
-            lines.append(
-                self._format_repo_details(
-                    installations, installation_repos, total_repos
-                )
-            )
+            lines.append(self._format_repo_details(installations, installation_repos, total_repos))
 
         return "\n".join(lines)
 
@@ -285,9 +273,7 @@ def _format_repo_details(
 
                 # Add "more repositories" line if needed
                 if repo_count > threshold:
-                    lines.append(
-                        f"    ... and {repo_count - threshold} more repositories"
-                    )
+                    lines.append(f"    ... and {repo_count - threshold} more repositories")
 
         return "\n".join(lines)
 

cpk_lib_python_github/github_app_token_generator_package/github_app_token_generator/github_api.py

@@ -16,9 +16,7 @@ class GitHubAPIClient:
     def __init__(self, timeout: int = 30):
         self.timeout = timeout
 
-    def get_installation_access_token(
-        self, jwt_token: str, installation_id: int
-    ) -> str:
+    def get_installation_access_token(self, jwt_token: str, installation_id: int) -> str:
         """Get installation access token."""
         url = f"{self.BASE_URL}/app/installations/{installation_id}/access_tokens"
         headers = {
@@ -27,9 +25,7 @@ def get_installation_access_token(
         }
 
         try:
-            logger.debug(
-                "Requesting access token for installation ID: %s", installation_id
-            )
+            logger.debug("Requesting access token for installation ID: %s", installation_id)
             response = requests.post(url, headers=headers, timeout=self.timeout)
             response.raise_for_status()
 
@@ -44,14 +40,10 @@ def get_installation_access_token(
             return token_data["token"]
 
         except requests.exceptions.HTTPError as http_error:
-            logger.error(
-                "HTTP error occurred while getting access token: %s", http_error
-            )
+            logger.error("HTTP error occurred while getting access token: %s", http_error)
             raise http_error
         except requests.exceptions.RequestException as req_error:
-            logger.error(
-                "Request error occurred while getting access token: %s", req_error
-            )
+            logger.error("Request error occurred while getting access token: %s", req_error)
             raise req_error
 
     def list_installations(self, jwt_token: str) -> List[Dict[str, Any]]:
@@ -72,14 +64,10 @@ def list_installations(self, jwt_token: str) -> List[Dict[str, Any]]:
             return installations
 
         except requests.exceptions.HTTPError as http_error:
-            logger.error(
-                "HTTP error occurred while listing installations: %s", http_error
-            )
+            logger.error("HTTP error occurred while listing installations: %s", http_error)
             raise http_error
         except requests.exceptions.RequestException as req_error:
-            logger.error(
-                "Request error occurred while listing installations: %s", req_error
-            )
+            logger.error("Request error occurred while listing installations: %s", req_error)
             raise req_error
 
     def validate_token(self, token: str) -> Dict[str, Any]:
@@ -122,9 +110,7 @@ def validate_token(self, token: str) -> Dict[str, Any]:
             return {
                 "valid": False,
                 "status_code": response.status_code,
-                "reason": error_messages.get(
-                    response.status_code, f"HTTP {response.status_code}"
-                ),
+                "reason": error_messages.get(response.status_code, f"HTTP {response.status_code}"),
             }
 
         except requests.exceptions.RequestException as req_error:
@@ -148,10 +134,7 @@ def revoke_installation_token(self, token: str) -> bool:
             return True
 
         except requests.exceptions.HTTPError as http_error:
-            if (
-                http_error.response is not None
-                and http_error.response.status_code == 404
-            ):
+            if http_error.response is not None and http_error.response.status_code == 404:
                 logger.warning("Token not found or already revoked")
                 return False
             logger.error("HTTP error occurred while revoking token: %s", http_error)
@@ -181,15 +164,11 @@ def get_app_info(self, jwt_token: str) -> Dict[str, Any]:
             logger.error("Error fetching app info: %s", error)
             raise error
 
-    def get_installation_repositories(
-        self, jwt_token: str, installation_id: int
-    ) -> Dict[str, Any]:
+    def get_installation_repositories(self, jwt_token: str, installation_id: int) -> Dict[str, Any]:
         """Get repositories accessible by installation."""
         try:
             # First get an installation access token
-            installation_token = self.get_installation_access_token(
-                jwt_token, installation_id
-            )
+            installation_token = self.get_installation_access_token(jwt_token, installation_id)
 
             # Use the installation token to get repositories
             url = f"{self.BASE_URL}/installation/repositories"
@@ -209,9 +188,7 @@ def get_installation_repositories(
             # Return empty result instead of raising
             return {"total_count": 0, "repositories": [], "error": str(error)}
 
-    def get_accessible_repositories_via_token(
-        self, installation_token: str
-    ) -> Dict[str, Any]:
+    def get_accessible_repositories_via_token(self, installation_token: str) -> Dict[str, Any]:
         """Get repositories using installation token instead of JWT."""
         url = f"{self.BASE_URL}/installation/repositories"
         headers = {