Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Post analysis URL in logs #28

Closed
TomasTomecek opened this issue Jun 30, 2022 · 6 comments
Closed

Post analysis URL in logs #28

TomasTomecek opened this issue Jun 30, 2022 · 6 comments
Labels
kind/feature Categorizes issue or PR as related to a new feature. priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. sig/user-experience Issues or PRs related to the User Experience of our Services, Tools, and Libraries.

Comments

@TomasTomecek
Copy link
Contributor

Bug description

Once the analysis is done, it would be nice to review it on your web frontend. Could the pre-commit hook put a link in logs?

Actual behavior

2022-06-30 15:10:40,243 [1017843] WARNING  invectio.lib: Multiple imports for '_dummy_thread' found ('_thread' and 'allocate_lock'), detection might give misleading results                                                                                                                                                
2022-06-30 15:10:40,247 [1017843] WARNING  invectio.lib: Detected multiple imports with same name 'cStringIO', results of calls will differ based on actual execution                                                                                                                                                       
2022-06-30 15:10:42,766 [1017843] INFO     thamos.lib: Successfully submitted advise analysis 'adviser-220630131041-a0de409d483ad409' to 'https://khemenu.thoth-station.ninja/api/v1'                                                                                                                                       
                           Application stack guidance                                                                                                                                                                                                                                                                       
                                 ╷                                 ╷                                                                                                                                                                                                                                                        
  Link                           │ Message                         │ Type                                                                                                                                                                                                                                                   
 ════════════════════════════════╪═════════════════════════════════╪═══════════

Expected behavior

Well, my expected behaviour would be only a few lines of output with errors and a link to the analysis:

  https://github.com/o │ Project does NOT use │ urllib3            │ ⚠️ WARNING                                                                                                                                                                                                                                              
  ssf/scorecard/blob/m │ static source code   │                    │                                                                                                                                                                                                                                                        
  ain/docs/checks.md   │ analysis based on    │                    │                                                                                                                                                                                                                                                        
                       │ Security Scorecards  │                    │             
  https://github.com/o │ Project does NOT use │ urllib3            │ ⚠️ WARNING   
  ssf/scorecard/blob/m │ tools for automatic  │                    │             
  ain/docs/checks.md   │ dependency updates   │                    │             
                       │ based on Security    │                    │             
                       │ Scorecards           │                    │             
  https://github.com/o │ Project does not     │ urllib3            │ ⚠️ WARNING   
  ssf/scorecard/blob/m │ have any security    │                    │             
  ain/docs/checks.md   │ policy published     │                    │             
                       │ based on Security    │                    │             
                       │ Scorecards           │                    │             
                       ╵                      ╵                    ╵
Analysis details: https://thoth-station.ninja/search/advise/adviser-220630131041-a0de409d483ad409/packages

I am getting a wall of text right now which is hard to inspect. I believe that's where the frontend would be really helpful.
@TomasTomecek TomasTomecek added the kind/bug Categorizes issue or PR as related to a bug. label Jun 30, 2022
@TomasTomecek
Copy link
Contributor Author

Sorry, this is an RFE, wrong type /o\

@mayaCostantini mayaCostantini added kind/feature Categorizes issue or PR as related to a new feature. and removed kind/bug Categorizes issue or PR as related to a bug. labels Jun 30, 2022
@mayaCostantini
Copy link
Contributor

We have an EPIC going on including this issue to make thamos output more readable: thoth-station/thamos#1118

However, we could work on a temporary solution to make the output less verbose in the meantime

@mayaCostantini
Copy link
Contributor

/sig user-experience
/priority critical-urgent

@sesheta sesheta added sig/user-experience Issues or PRs related to the User Experience of our Services, Tools, and Libraries. priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. labels Jun 30, 2022
@codificat
Copy link
Member

Note that the link to the analysis should already be shown... only that it is buried inside that "wall of text" (search for the text "Results can be browsed in Thoth search").

Unfortunately the link provided there is (still) broken. thoth-station/support#219 is fixed but apparently not release in prod, will take a look at that.

Besides that, as Maya mentioned, I hope thoth-station/thamos#1118 can help here.

@codificat
Copy link
Member

Unfortunately the link provided there is (still) broken. thoth-station/support#219 is fixed but apparently not release in prod, will take a look at that.

This is now solved and the fix is part of the current release of adviser, 0.56.1. It should make it into production as part of thoth-station/thoth-application#2598

Besides that, as Maya mentioned, I hope thoth-station/thamos#1118 can help here.

This is also available now in thamos 1.27.9:

pep@uio ps-ip (master) $ thamos advise --short
2022-08-05 18:21:22,349 [213052] WARNING  thamos: Development dependencies will not be considered during the resolution process - see https://thoth-station.ninja/j/no_dev
2022-08-05 18:21:22,349 [213052] INFO     thamos.lib: Using Pipenv files to manage dependencies located in '/home/pep/github/thoth/ps-ip/overlays/ps-ip-ifd'
2022-08-05 18:21:22,349 [213052] INFO     thamos.lib: Submitting Pipfile.lock as a base for user's stack scoring - see https://thoth-station.ninja/j/user_stack
2022-08-05 18:21:22,689 [213052] INFO     thamos.lib: Using 'latest' recommendation type - see https://thoth-station.ninja/recommendation-types/
2022-08-05 18:21:22,690 [213052] INFO     thamos.lib: Performing static analysis of sources to gather library usage
2022-08-05 18:21:22,691 [213052] WARNING  thamos.lib: No library usage was aggregated - no Python sources found
2022-08-05 18:21:23,925 [213052] INFO     thamos.lib: Successfully submitted advise analysis 'adviser-220805162123-c5097c2c6cda7130' to 'https://khemenu.thoth-station.ninja/api/v1'
                                                                         Short Summary                                                                         
                                 The advise analysis fished with 28 INFO messages, 22 WARNING messages, and 0 ERROR messages.                                  
                    Results can be browsed in Thoth search: https://thoth-station.ninja/search/advise/adviser-220805162123-c5097c2c6cda7130

With that, I believe this can be consider this request as done and
/close

it. If you feel something is missing please do not hesitate to reopen or open a new one as appropriate.

@sesheta sesheta closed this as completed Aug 5, 2022
@sesheta
Copy link
Member

sesheta commented Aug 5, 2022

@codificat: Closing this issue.

In response to this:

Unfortunately the link provided there is (still) broken. thoth-station/support#219 is fixed but apparently not release in prod, will take a look at that.

This is now solved and the fix is part of the current release of adviser, 0.56.1. It should make it into production as part of thoth-station/thoth-application#2598

Besides that, as Maya mentioned, I hope thoth-station/thamos#1118 can help here.

This is also available now in thamos 1.27.9:

pep@uio ps-ip (master) $ thamos advise --short
2022-08-05 18:21:22,349 [213052] WARNING  thamos: Development dependencies will not be considered during the resolution process - see https://thoth-station.ninja/j/no_dev
2022-08-05 18:21:22,349 [213052] INFO     thamos.lib: Using Pipenv files to manage dependencies located in '/home/pep/github/thoth/ps-ip/overlays/ps-ip-ifd'
2022-08-05 18:21:22,349 [213052] INFO     thamos.lib: Submitting Pipfile.lock as a base for user's stack scoring - see https://thoth-station.ninja/j/user_stack
2022-08-05 18:21:22,689 [213052] INFO     thamos.lib: Using 'latest' recommendation type - see https://thoth-station.ninja/recommendation-types/
2022-08-05 18:21:22,690 [213052] INFO     thamos.lib: Performing static analysis of sources to gather library usage
2022-08-05 18:21:22,691 [213052] WARNING  thamos.lib: No library usage was aggregated - no Python sources found
2022-08-05 18:21:23,925 [213052] INFO     thamos.lib: Successfully submitted advise analysis 'adviser-220805162123-c5097c2c6cda7130' to 'https://khemenu.thoth-station.ninja/api/v1'
                                                                        Short Summary                                                                         
                                The advise analysis fished with 28 INFO messages, 22 WARNING messages, and 0 ERROR messages.                                  
                   Results can be browsed in Thoth search: https://thoth-station.ninja/search/advise/adviser-220805162123-c5097c2c6cda7130

With that, I believe this can be consider this request as done and
/close

it. If you feel something is missing please do not hesitate to reopen or open a new one as appropriate.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/feature Categorizes issue or PR as related to a new feature. priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. sig/user-experience Issues or PRs related to the User Experience of our Services, Tools, and Libraries.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@codificat @TomasTomecek @sesheta @mayaCostantini