Python Project Blueprint
Check the Makefile for automation as the initial step, it defines all project commands.
| Make Command | Description |
|---|---|
make venv |
Creates a virtual environment in .venv. |
make lock |
Generates requirements.txt from pyproject.toml using pip-compile. |
make upgrade |
Updates all packages in requirements.txt to the latest allowed versions. |
make install |
Syncs the environment with locked dependencies and installs the app in editable mode. |
make setup |
Installs dependencies and sets up git hooks (runs install and pre-commit install). |
make outdated |
Checks for newer versions of dependencies using pip-check-updates. |
make compatibility |
Checks each dependencies for python version compatibility. |
make pip-upgrade |
Upgrades pip to its latest version. |
make lint |
Checks code style using ruff without modifying files. |
make format |
Automatically fixes code style issues using ruff. |
make security |
Runs bandit to check for security vulnerabilities. |
make test |
Runs unit and integration tests using pytest (also runs security). |
make sbom |
Generates a Software Bill of Materials (SBOM) in sbom.json. |
make audit |
Generates a security audit report in audit.json. |
make build |
Creates distribution files (Wheel & Tarball) in dist/. |
make publish |
Uploads artifacts to the repository using twine. |
make docker-build |
Builds the Docker image for the application. |
make docker-run |
Runs the Docker container with mounted volumes for testing. |
make aws-login |
Authenticates Docker with AWS ECR. |
make docker-publish |
Tags and pushes the Docker image to AWS ECR. |
make docs |
Generates documentation from docstrings into the docs/ directory. |
make clean |
Removes build artifacts, caches, and generated files. |
make all |
Runs the full development cycle: lock, install, upgrade, lint, test, build. |
The make publish require
export TWINE_USERNAME=your_ldap_user
export TWINE_PASSWORD=your_ldap_password
export TWINE_REPOSITORY_URL="https://nexus.mycompany.com/repository/pypi-internal/"environment variables.
The make compatibility accepts a parameter example make compatibility py_version=3.9 to mark dependencies
that are not compatible with the given target version.
Build and run the job as:
make docker-build
make docker-runThe containerised job can be deployed example to AWS or to Kubernetes.
- Place infrastructure IaC in the infrastructure directory to build and maintain infrastructure as code.
- Place Helm Chart in the charts directory for Kubernetes deployment.
Under src/my_job/ use
adapter/ # for extractors and loaders
config/ # to load and deal with application configurations e.g., resources
exception/ # for collection of internal exceptions
model/ # for domain models
resources/ # for static data and configuration
service/ # for the business logic, the transformers
main.py # the job orchestration Install git pre-commit hook by running make setup.
To test it, add the following bad.py to src/my_job/.
import yaml
with open("bad.yaml") as f:
data = yaml.load(f)
print(data)Run
git add -A
git commit -m 'Testing git hook' - Fix linting issues by running
make format. - Then observe security issue when trying to commit.
Finally remove the bad.py file.
If virtualenv gets broken it will not expose binaries properly example:
make test
make: pytest: No such file or directoryIn such case reset it by:
rm -rf .venv
make venv
make installTwine accepts configuration from ~/.pypirc
# ~/.pypirc
[distutils]
index-servers =
nexus
[nexus]
# NOTE: Ensure this URL ends with a trailing slash
repository = https://nexus.mycompany.com/repository/pypi-internal/
username = your_ldap_user
password = your_ldap_passwordand
make publish repo=nexuscommand can be used to publish the artefacts.