Skip to content

feat: add complypack init command and JSON Schema validation layer#142

Draft
trevor-vaughan wants to merge 1 commit into
mainfrom
feat/80-complypack-init-cmd
Draft

feat: add complypack init command and JSON Schema validation layer#142
trevor-vaughan wants to merge 1 commit into
mainfrom
feat/80-complypack-init-cmd

Conversation

@trevor-vaughan

Copy link
Copy Markdown
Member
  • Introduce complypack init with interactive (charmbracelet/huh) and
    flag-driven modes for generating complypack.yaml configs
  • Add Draft 2020-12 JSON Schema at schemas/jsonschema/ with embedded
    go:embed, enforcing reverse-domain IDs, semver, and evaluator-id format
  • Wire schema validation into LoadConfig, pack, and mcp serve entry points
  • Add unknown-key detection with Levenshtein did-you-mean suggestions
  • Restructure Taskfile into root + .taskfiles/{deps,dev}.yml includes
  • Pin Ginkgo as Go 1.24+ tool dependency; CI uses go tool ginkgo
  • Add ADR-018 documenting schema file layout and symlink rationale
  • Expose module version via internal/version for --version flag and
    generated config headers

Details:

Init command (cmd/complypack/cli/init.go):

  • Interactive mode: huh forms with inline validators derived from schema
    regex patterns (single source of truth for ID, version, evaluator-id)
  • Non-interactive mode: --schema, --source, --evaluator-id, --id, --version
  • O_EXCL prevents accidental overwrites; --force switches to O_TRUNC
  • Credential detection on source URIs with --allow-credentials escape hatch
  • --strict promotes unknown-key warnings to errors

Schema validation (schemas/jsonschema/):

  • complypack.schema.json embedded via go:embed; symlinked at
    schemas/json-schema/ for editor discoverability
  • validate.go: scope-aware validators (ValidateConfig, ValidateForPack,
    ValidateForMCP, ValidateForInit) with human-readable error mapping
  • unknown.go: walks deserialized maps against known-field registry;
    Levenshtein-based did-you-mean on unrecognized keys

Config layer (internal/config/complypack.go):

  • LoadConfig gains strict parameter; pack always validates strictly,
    mcp serve uses lenient mode (warnings on stderr, no startup failure)
  • BuildConfig, MarshalConfigYAML, WriteConfigFile, CheckCredentialURIs
    extracted as shared helpers
  • omitempty on optional struct tags for clean partial configs

Build and docs:

  • Taskfile split: root aliases delegate to .taskfiles/{deps,dev}.yml
  • README updated with init usage, shell completion, and --strict docs
  • Windows symlink caveat documented in README and ADR-018

Closes: #80

Assisted-by: Claude (Anthropic, Claude Opus 4.6)
Signed-off-by: Trevor Vaughan tvaughan@redhat.com

- Introduce `complypack init` with interactive (charmbracelet/huh) and
  flag-driven modes for generating complypack.yaml configs
- Add Draft 2020-12 JSON Schema at schemas/jsonschema/ with embedded
  go:embed, enforcing reverse-domain IDs, semver, and evaluator-id format
- Wire schema validation into LoadConfig, pack, and mcp serve entry points
- Add unknown-key detection with Levenshtein did-you-mean suggestions
- Restructure Taskfile into root + .taskfiles/{deps,dev}.yml includes
- Pin Ginkgo as Go 1.24+ tool dependency; CI uses `go tool ginkgo`
- Add ADR-018 documenting schema file layout and symlink rationale
- Expose module version via internal/version for --version flag and
  generated config headers

Details:

Init command (cmd/complypack/cli/init.go):
- Interactive mode: huh forms with inline validators derived from schema
  regex patterns (single source of truth for ID, version, evaluator-id)
- Non-interactive mode: --schema, --source, --evaluator-id, --id, --version
- O_EXCL prevents accidental overwrites; --force switches to O_TRUNC
- Credential detection on source URIs with --allow-credentials escape hatch
- --strict promotes unknown-key warnings to errors

Schema validation (schemas/jsonschema/):
- complypack.schema.json embedded via go:embed; symlinked at
  schemas/json-schema/ for editor discoverability
- validate.go: scope-aware validators (ValidateConfig, ValidateForPack,
  ValidateForMCP, ValidateForInit) with human-readable error mapping
- unknown.go: walks deserialized maps against known-field registry;
  Levenshtein-based did-you-mean on unrecognized keys

Config layer (internal/config/complypack.go):
- LoadConfig gains strict parameter; pack always validates strictly,
  mcp serve uses lenient mode (warnings on stderr, no startup failure)
- BuildConfig, MarshalConfigYAML, WriteConfigFile, CheckCredentialURIs
  extracted as shared helpers
- omitempty on optional struct tags for clean partial configs

Build and docs:
- Taskfile split: root aliases delegate to .taskfiles/{deps,dev}.yml
- README updated with init usage, shell completion, and --strict docs
- Windows symlink caveat documented in README and ADR-018

Closes: #80

Assisted-by: Claude (Anthropic, Claude Opus 4.6)
Signed-off-by: Trevor Vaughan <tvaughan@redhat.com>
@trevor-vaughan trevor-vaughan force-pushed the feat/80-complypack-init-cmd branch from b488b6b to 3d3bab9 Compare July 13, 2026 21:16
@github-actions

Copy link
Copy Markdown

✅ CRAP Load Analysis: PASS (no baseline)

No baseline file found at .gaze/baseline.json. Showing current scores without regression detection.

How to Enable Regression Detection

Generate and commit a baseline file to track CRAP score changes over time:

# 1. Install gaze
go install github.com/unbound-force/gaze/cmd/gaze@latest

# 2. Run tests and generate baseline
go test -coverprofile=coverage.out ./...
mkdir -p .gaze
gaze crap --format=json --coverprofile=coverage.out ./... > .gaze/baseline.json

# 3. Commit the baseline
git add .gaze/baseline.json
git commit -m "chore: add CRAP baseline for regression detection"

For more information:

Summary

Metric Value
Functions analysed 84
Avg complexity 4.5
Avg line coverage 73.3%
Avg CRAP score 9.8
CRAPload (>= 15) 9
Avg contract coverage 85.3%
Avg GazeCRAP score 34.4
GazeCRAPload (>= 15) 2

View full analysis logs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Add complypack init command to generate complypack.yaml

1 participant