feat: Add compliance field to versions#20
Conversation
There was a problem hiding this comment.
Pull request overview
This PR adds a new compliance field to product deployment versions, supporting structured compliance framework/status metadata end-to-end (DB model + migration, API schemas, and create/update flows), along with tests validating success and 400s for invalid values.
Changes:
- Add
complianceJSON column to theVersionmodel and an Alembic migration to create/drop it. - Introduce
ComplianceSchemaand wirecomplianceinto version create/update/request/response schemas with enum validation. - Add test coverage for creating/updating
complianceand for rejecting unknown framework/status values.
Reviewed changes
Copilot reviewed 8 out of 8 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| webapp/views.py | Extends version creation to accept/persist compliance. |
| webapp/schemas.py | Adds ComplianceSchema and exposes/validates compliance across version schemas. |
| webapp/models.py | Adds compliance JSON column to Version. |
| webapp/constants.py | Defines allowed compliance frameworks and statuses for validation. |
| tests/test_update_product_deployment_version.py | Adds PUT tests for updating compliance and invalid values. |
| tests/test_create_product_deployment_version.py | Adds POST tests for creating compliance and invalid values. |
| tests/fixtures/models.py | Updates version fixture defaults to include compliance. |
| migrations/versions/d0dc7df37935_add_compliance_field_to_versions.py | Adds migration to create/drop the versions.compliance column. |
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
Onibenjo
left a comment
There was a problem hiding this comment.
"compliance": [
{"framework": "CIS", "status": "Achieved"},
{"framework": "CIS", "status": "Expired"},
],
passing duplicate frameworks with different statuses are silently accepted.
We should have a validation to check for this
|
Nice catch @Onibenjo , fixed. Could you have another look? |
Onibenjo
left a comment
There was a problem hiding this comment.
a minor code structure Q
Asides that, looks good to me
| @validates_schema | ||
| def validate_unique_compliance_frameworks(self, data, **kwargs): | ||
| compliance = data.get("compliance") or [] | ||
| frameworks = [ | ||
| entry["framework"] for entry in compliance if "framework" in entry | ||
| ] | ||
| if len(frameworks) != len(set(frameworks)): | ||
| raise ValidationError( | ||
| "Duplicate frameworks are not allowed.", | ||
| field_name="compliance", | ||
| ) |
There was a problem hiding this comment.
The validator is duplicated in both body schemas as here; a mixin (the same as NormalizeNameMixin) would prevent drift.
then maybe something like
class UniqueComplianceFrameworksMixin:
@validates_schema
def validate_unique_compliance_frameworks(self, data, **kwargs):
compliance = data.get("compliance") or []
frameworks = [
entry["framework"] for entry in compliance if "framework" in entry
]
if len(frameworks) != len(set(frameworks)):
raise ValidationError(
"Duplicate frameworks are not allowed.",
field_name="compliance",
)and then use like
class CreateVersionBodySchema(UniqueComplianceFrameworksMixin, Schema):WDYT?
There was a problem hiding this comment.
For sure, silly thing to miss on my part, thanks for catching!
Done
QA
docker compose up -dthendotrunIssue / Card
https://warthogs.atlassian.net/browse/WD-37230