Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Config Error Messages Replace "-" With "_" #480

Closed
rgajason opened this issue Feb 13, 2023 · 9 comments · Fixed by #483 or #494
Closed

Config Error Messages Replace "-" With "_" #480

rgajason opened this issue Feb 13, 2023 · 9 comments · Fixed by #483 or #494
Labels
status:confirmed This issue has been reviewed and confirmed status:new This issue needs to be reviewed type:bug Something isn't working

Comments

@rgajason
Copy link
Contributor

Environment

  • ggshield version: 1.14.3
  • Operating system (Linux, macOS, Windows): macOS
  • Operating system version: Ventura 13.1
  • Python version: 3.10.10

Describe the bug

The "Unrecognized key in config" error message displays an underscore instead of hyphen when an invalid configuration is present.

Steps to reproduce:

Create an invalid configuration file such as (note ignored-matches misspelled):

.gitguardian.yml

version: 2
secret:
  ignore-matches:
    - name: some-secret-i-want-to-ignore
      match: 4f2f11652a0<snip>5ead42463

Execute a git commit that includes the secret you wish to ignore (with GGShield configured as a pre-commit hook).

Actual result:

Error message:

Unrecognized key in config: ignore_matches

Note the underscore when the configuration has a hyphen.

Expected result:

Error message:

Unrecognized key in config: ignore-matches

(hyphen instead of underscore)
@rgajason rgajason added status:new This issue needs to be reviewed type:bug Something isn't working labels Feb 13, 2023
@pierrelalanne
Copy link
Collaborator

Thank you for raising this issue @rgajason, we will look into this.

@pierrelalanne pierrelalanne added the status:confirmed This issue has been reviewed and confirmed label Feb 15, 2023
@karo-fox
Copy link
Contributor

Is it ok if I try to fix this one, if it's not taken yet?

@agateau-gg
Copy link
Collaborator

Sure, you're welcome to fix this! Do you have any idea in mind? I am not sure what would be the best way to fix it 🤔

@karo-fox
Copy link
Contributor

I'm thinking of modyfing filter_fields method in FilteredConfig (here's its code) so it will display better warning. Maybe we can change the message to something like: Unrecognized key in config: {invalid key}, expected {valid key}

@agateau-gg
Copy link
Collaborator

I think that's not what this issue is about 😕.

For historical reasons, ggshield accepts config keys written using both - or _, so ignored-matches and ignored_matches are the same. Internally this works by replacing all - with _ (this is done by core.config.load_yaml_dict()).

The problem of this feature is: if a user adds a does-not-exist (dash-separated) key to their config, then ggshield is going to report that does_not_exist (underscore-separated) is not a valid key, which is confusing.

This problem is potentially complicated to fix because at the point we find a non-existing key, we do not have the original key name anymore, so we can't report it.

@karo-fox
Copy link
Contributor

karo-fox commented Feb 18, 2023
edited
Loading

I came up with possible solution:

We can pass optionally self to load_yaml_dict() (when we call it from UserConfig, for example), extract field names of dataclass and check for uknown names before we replace - with _ and report them immediately

This will possibly separate checking and alerting from filtering uknown names, as it is now in FilteredConfig

@agateau-gg
Copy link
Collaborator

I would prefer if load_yaml_dict() remained simple. Actually, I think we could fix this by making it simpler:

  • modify load_yaml_dict() so that it no longer calls replace_in_keys()
  • make FilteredConfig perform the replacement: this way it has access to the original key name and can print it

For consistency, it would be good to remove the call to replace_in_keys() from save_yaml_dict() and instead explicitly call it in UserConfig.save().

We do not need to worry about the impact of the changes on other callers of load_yaml_dict() and save_yaml_dict(): the other callers do not depend on this feature.

Does this sound like a good plan to you @karo-fox?

(Looking at your initial answer, maybe this is what you had in mind and I did not get it 😅)

@karo-fox
Copy link
Contributor

It sounds great. I tried implementing something similar at first on my forked repository. I encountered some failed functional tests with github actions and changed the solution I had in mind. Then I read that those fails can be related to GitHub actions not having access to gitguardian api key.

Anyway, your idea sounds great. I can try implementing it if you don't mind. I am not really experienced with open source contributions and would like to resolve this issue. I also have a question: if functional tests pass on my local machine, is it ok to open pull request, in case those tests fail with github actions on my fork?

@agateau-gg
Copy link
Collaborator

Sure, you are more than welcome to work on it 👍🏻.

The problem with the API key not being available for forks is annoying indeed but it's not a blocker (There is an issue for it: #374, we need to look into it on our side). Until that is fixed, we can run the functional tests manually with a valid key and merge your work if all tests pass.

@karo-fox karo-fox mentioned this issue Feb 22, 2023
Merged
agateau-gg added a commit that referenced this issue Feb 23, 2023
@agateau-gg
Merge pull request #483 from karo-fox/config-error-messages-#480
c700be0 
Config error messages #480
agateau-gg added a commit that referenced this issue Mar 14, 2023
@agateau-gg
fix(check_updates): do not fail with a strange error message
94e4cfc 
Reading the date of the last check from update_check.yaml failed because
the name of the key is `check-at`, not `check_at`. This used to work until
now because `load_yaml_dict()` transparently turned `-` into `_`, but it
does not do this anymore now that we fixed #480.
agateau-gg added a commit that referenced this issue Mar 14, 2023
@agateau-gg
fix(check_updates): do not fail with a strange error message
a4857cd 
Reading the date of the last check from update_check.yaml failed because
the name of the key is `check-at`, not `check_at`. This used to work
because `load_yaml_dict()` transparently turned `-` into `_`, but it
does not do this anymore now that we fixed #480.
agateau-gg added a commit that referenced this issue Mar 14, 2023
@agateau-gg
fix(check_updates): do not fail with a strange error message
09f7d05 
Reading the date of the last check from update_check.yaml failed because
the name of the key is `check-at`, not `check_at`. This used to work
because `load_yaml_dict()` transparently turned `-` into `_`, but it
does not do this anymore now that we fixed #480.

- Fix the key name.
- Move loading and saving to separate functions to make the code easier to
  test.
- Add more tests.
@agateau-gg agateau-gg mentioned this issue Mar 14, 2023
Merged
agateau-gg added a commit that referenced this issue Mar 15, 2023
@agateau-gg
fix(check_updates): do not fail with a strange error message
5b3877a 
Reading the date of the last check from update_check.yaml failed because
the name of the key is `check-at`, not `check_at`. This used to work
because `load_yaml_dict()` transparently turned `-` into `_`, but it
does not do this anymore now that we fixed #480.

- Fix the key name.
- Move loading and saving to separate functions to make the code easier to
  test.
- Add more tests.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
status:confirmed This issue has been reviewed and confirmed status:new This issue needs to be reviewed type:bug Something isn't working
Projects
None yet
Milestone
No milestone
4 participants
@pierrelalanne @rgajason @karo-fox @agateau-gg