provider block validation using python-hcl2

[SatyendraGollaFacets]

Summary by CodeRabbit

• New Features
  • Added validation to ensure provider blocks are not present in Terraform module files. Validation now scans all .tf files and fails with a clear error if provider blocks are detected.
• Documentation
  • Updated documentation to clarify that provider blocks are disallowed in modules and should be declared in facets.yaml.
  • Added details about the new provider block validation to the testing documentation.
• Tests
  • Introduced tests to verify provider block validation and error handling for invalid Terraform files.
• Chores
  • Added python-hcl2 as a required dependency.

[coderabbitai]

Walkthrough

A new validation step was introduced to scan Terraform files for provider blocks, disallowing their presence in modules. Documentation was updated to reflect this policy, a new utility function was added for enforcement, dependencies were updated to include python-hcl2, and new tests were created to verify the behavior.

Changes

File(s)	Change Summary
README.md, TESTING.md	Updated documentation to describe provider block validation and clarify module requirements.
ftf_cli/commands/validate_directory.py	Added invocation of the new provider block validation step in the directory validation command.
ftf_cli/utils.py	Added validate_no_provider_blocks(path) to scan .tf files for provider blocks.
setup.py	Added python-hcl2 to install_requires and development dependencies.
tests/test_utils.py	Added tests for provider block validation, including detection, allowance, and parse errors.

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant CLI
    participant Utils

    User->>CLI: Run validate-directory command
    CLI->>Utils: validate_facets_tf_vars(path)
    CLI->>Utils: validate_no_provider_blocks(path)
    Utils->>Utils: Scan all *.tf files
    Utils->>CLI: Raise error if provider block found
    CLI->>CLI: Continue with other validation steps
    CLI->>User: Output results

Loading

Poem

In burrows deep, where modules dwell,
No provider blocks are allowed to swell.
With hcl2 we scan and see,
That only facets set providers free.
Tests now guard this rabbit’s den—
Clean Terraform, again and again! 🐇✨

✨ Finishing Touches

• 📝 Generate Docstrings

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Explain this complex logic.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai explain this code block.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and explain its main purpose.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai generate docstrings to generate docstrings for this PR.
• @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Nitpick comments (4)

ftf_cli/utils.py (1)

937-957: LGTM! Well-implemented validation function with one minor improvement opportunity.

The function correctly implements the provider block validation with proper recursive file discovery, clear error reporting, and appropriate fail-fast behavior for parse errors.

Minor improvement for exception handling:

Consider using proper exception chaining for better error traceability:

        except Exception as e:
-            raise click.UsageError(f"❌ Failed to parse {tf_file}: {e}")
+            raise click.UsageError(f"❌ Failed to parse {tf_file}: {e}") from e

tests/test_utils.py (3)

193-194: Remove unused import and improve exception specificity in tests.

The os import is unused and should be removed. Additionally, the test functions should catch the specific click.UsageError exception that validate_no_provider_blocks raises, rather than generic Exception.

 from ftf_cli.utils import validate_no_provider_blocks
-import os
+import click

---

552-557: Use specific exception type for more precise testing.

The test should catch click.UsageError specifically since that's what validate_no_provider_blocks raises according to the implementation.

 def test_validate_no_provider_blocks_detects_provider(tmp_path):
     tf_file = tmp_path / "main.tf"
     tf_file.write_text('provider "aws" { region = "us-west-2" }')
-    with pytest.raises(Exception) as excinfo:
+    with pytest.raises(click.UsageError) as excinfo:
         validate_no_provider_blocks(str(tmp_path))
     assert "Provider blocks are not allowed" in str(excinfo.value)

---

567-572: Use specific exception type for parse error testing.

Similar to the first test, this should catch click.UsageError specifically.

 def test_validate_no_provider_blocks_parse_error(tmp_path):
     tf_file = tmp_path / "main.tf"
     tf_file.write_text('this is not valid hcl')
-    with pytest.raises(Exception) as excinfo:
+    with pytest.raises(click.UsageError) as excinfo:
         validate_no_provider_blocks(str(tmp_path))
     assert "Failed to parse" in str(excinfo.value)

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 8885f24 and f7e63e4.

📒 Files selected for processing (6)

• README.md (2 hunks)
• TESTING.md (1 hunks)
• ftf_cli/commands/validate_directory.py (2 hunks)
• ftf_cli/utils.py (1 hunks)
• setup.py (2 hunks)
• tests/test_utils.py (2 hunks)

🧰 Additional context used

🧠 Learnings (2)

README.md (1)

Learnt from: vishnukv-facets
PR: Facets-cloud/module-development-cli#0
File: :0-0
Timestamp: 2025-05-26T13:13:07.039Z
Learning: All user-facing properties in spec must have both 'title' and 'description' fields. Properties with 'x-ui-override-disable': true are considered internal and skip this validation, while properties with 'x-ui-overrides-only': true are still user-facing and require validation. This is enforced by the check_properties_have_required_fields() function in ftf_cli/utils.py.

tests/test_utils.py (1)

Learnt from: vishnukv-facets
PR: Facets-cloud/module-development-cli#0
File: :0-0
Timestamp: 2025-05-26T13:13:07.039Z
Learning: All user-facing properties in spec must have both 'title' and 'description' fields. Properties with 'x-ui-override-disable': true are considered internal and skip this validation, while properties with 'x-ui-overrides-only': true are still user-facing and require validation. This is enforced by the check_properties_have_required_fields() function in ftf_cli/utils.py.

🧬 Code Graph Analysis (2)

ftf_cli/commands/validate_directory.py (1)

ftf_cli/utils.py (1)

• validate_no_provider_blocks (937-957)

tests/test_utils.py (1)

ftf_cli/utils.py (1)

• validate_no_provider_blocks (937-957)

🪛 Ruff (0.11.9)

ftf_cli/utils.py

951-951: Within an except clause, raise exceptions with raise ... from err or raise ... from None to distinguish them from errors in exception handling

(B904)

tests/test_utils.py

194-194: os imported but unused

Remove unused import: os

(F401)

🔇 Additional comments (5)

setup.py (1)

29-29: LGTM! Dependency additions are correct.

The python-hcl2 dependency is properly added to both install_requires and dev dependencies, ensuring it's available for the new validation functionality in both production and development environments.

Also applies to: 40-40

TESTING.md (1)

97-100: LGTM! Clear documentation of the new validation behavior.

The documentation clearly explains the provider block validation policy and references the appropriate test coverage. This will help developers understand the validation requirements and locate relevant tests.

README.md (1)

132-132: LGTM! Documentation accurately reflects the new validation functionality.

The updates clearly communicate the provider block validation to users and explain the policy rationale. The documentation is consistent with the implementation and other documentation updates.

Also applies to: 143-143

ftf_cli/commands/validate_directory.py (1)

7-7: LGTM! Clean integration of the new validation step.

The import and function call are properly integrated into the existing validation flow. The placement after validate_facets_tf_vars and before the success message maintains the logical validation sequence.

Also applies to: 59-59

tests/test_utils.py (1)

560-564: Test coverage looks good for the success case.

This test correctly verifies that Terraform files without provider blocks are allowed to pass validation.