Skip to content

FIX: Resolve dependencies issues in deconstruct flow #389

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
haggit-eliyahu wants to merge 5 commits into
base: main
Choose a base branch
from
Open

FIX: Resolve dependencies issues in deconstruct flow #389

haggit-eliyahu wants to merge 5 commits into from

Conversation

@haggit-eliyahu
Copy link
Contributor

@haggit-eliyahu haggit-eliyahu commented Dec 23, 2025
edited
Loading

Description

This PR fixes the depnedencies resolution in the decunstruct flow by:

  1. adding a pypi default index
  2. adding the default dev depnedencies (soar-sdk, pytest, pytest-json-reports)
  3. adding logic to search for local dependencies (+added all of the relevant .whl files to the packaged repo)

Checklist:

Please ensure you have completed the following items before submitting your PR.
This helps us review your contribution faster and more efficiently.

General Checks:

  • I have read and followed the project's contributing.md guide.
  • My code follows the project's coding style guidelines.
  • I have performed a self-review of my own code.
  • My changes do not introduce any new warnings.
  • My changes pass all existing tests.
  • I have added new tests where appropriate to cover my changes. (If applicable)
  • I have updated the documentation where necessary (e.g., README, API docs). (If applicable)

Open-Source Specific Checks:

  • My changes do not introduce any Personally Identifiable Information (PII) or sensitive customer data.
  • My changes do not expose any internal-only code examples, configurations, or URLs.
  • All code examples, comments, and messages are generic and suitable for a public repository.
  • I understand that any internal context or sensitive details related to this work are handled separately in internal systems (Buganizer for Google team members).

For Google Team Members and Reviewers Only:

  • I have included the Buganizer ID in the PR title or description (e.g., "Internal Buganizer ID: 123456789" or "Related Buganizer: go/buganizer/123456789").
  • I have ensured that all internal discussions and PII related to this work remain in Buganizer.
  • I have tagged the PR with one or more labels that reflect the pull request purpose.

Screenshots (If Applicable)

If your changes involve UI or visual elements, please include screenshots or GIFs here.
Ensure any sensitive data is redacted or generalized.

Further Comments / Questions

Any additional comments, questions, or areas where you'd like specific feedback.

@haggit-eliyahu haggit-eliyahu requested a review from a team as a code owner December 23, 2025 08:10
@gemini-code-assist
Copy link
Contributor

gemini-code-assist bot commented Dec 23, 2025

Summary of Changes

Hello @haggit-eliyahu, I'm Gemini Code Assist1! I'm currently reviewing this pull request and will post my feedback shortly. In the meantime, here's a summary to help you and other reviewers quickly get up to speed!

This pull request addresses and resolves several critical dependency management issues within the project's deconstruct flow. The changes streamline the process of installing both remote and local Python packages, ensuring that development environments are consistently set up with all necessary dependencies, including development-specific tools and internal libraries. This leads to a more reliable and efficient build and testing process.

Highlights

  • Dependency Resolution Enhancement: Improved the deconstruct flow's dependency resolution by adding a default PyPI index and including essential development dependencies like soar-sdk, pytest, and pytest-json-reports.
  • Local Package Handling: Implemented logic to search for and correctly resolve local dependencies, ensuring that .whl files for internal packages are properly integrated into the project's dependency graph.
  • Robust Metadata Parsing: Enhanced the parsing of integration metadata to gracefully handle missing ShouldInstalledInSystem keys by providing a default False value, preventing potential errors.

🧠 New Feature in Public Preview: You can now enable Memory to help Gemini Code Assist learn from your team's feedback. This makes future code reviews more consistent and personalized to your project's style. Click here to enable Memory in your admin console.

Using Gemini Code Assist

The full guide for Gemini Code Assist can be found on our documentation page, here are some quick tips.

Invoking Gemini

You can request assistance from Gemini at any point by creating a comment using either /gemini <command> or @gemini-code-assist <command>. Below is a summary of the supported commands on the current page.

Feature Command Description
Code Review /gemini review Performs a code review for the current pull request in its current state.
Pull Request Summary /gemini summary Provides a summary of the current pull request in its current state.
Comment @gemini-code-assist Responds in comments when explicitly tagged, both in pull request comments and review comments.
Help /gemini help Displays a list of available commands.

Customization

To customize Gemini Code Assist for GitHub experience, repository maintainers can create a configuration file and/or provide a custom code review style guide (such as PEP-8 for Python) by creating and adding files to a .gemini/ folder in the base of the repository. Detailed instructions can be found here.

Limitations & Feedback

Gemini Code Assist may make mistakes. Please leave feedback on any instances where its feedback is incorrect or counter productive. You can react with 👍 and 👎 on @gemini-code-assist comments. If you're interested in giving your feedback about your experience with Gemini Code Assist for Github and other Google products, sign up here.

You can also get AI-powered code generation, chat, as well as code reviews directly in the IDE at no cost with the Gemini Code Assist IDE Extension.

Footnotes

  1. Review the Privacy Notices, Generative AI Prohibited Use Policy, Terms of Service, and learn how to configure Gemini Code Assist in GitHub here. Gemini can make mistakes, so double check it and use code with caution.

@haggit-eliyahu haggit-eliyahu force-pushed the resolve-dependencies-in-deconstruct branch from e6e893e to 3938b49 Compare December 23, 2025 08:11
@github-actions
Copy link

github-actions bot commented Dec 23, 2025

Marketplace Validation Failed

Click to view the full report

Validation Report

🧩 Integrations
Pre-Build Stage

infoblox_threat_defense_with_ddi

Validation Name Details
⚠️ Uv Lock Error happened while executing a command: uv lock --check: Using CPython 3.11.14 interpreter at: /opt/hostedtoolcache/Python/3.11.14/x64/bin/python error: Failed to generate package metadata for tipcommon==1.1.9.2 @ path+../../../../packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl Caused by: Failed to read from the distribution cache Caused by: failed to query metadata of file /home/runner/work/content-hub/content-hub/packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl: No such file or directory (os error 2)

team_cymru_scout

Validation Name Details
⚠️ Uv Lock Error happened while executing a command: uv lock --check: Using CPython 3.11.14 interpreter at: /opt/hostedtoolcache/Python/3.11.14/x64/bin/python error: Failed to generate package metadata for tipcommon==1.1.9.2 @ path+../../../../packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl Caused by: Failed to read from the distribution cache Caused by: failed to query metadata of file /home/runner/work/content-hub/content-hub/packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl: No such file or directory (os error 2)

gemini-code-assist[bot]
gemini-code-assist bot reviewed Dec 23, 2025
View reviewed changes
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request introduces significant improvements to dependency resolution in the deconstruct flow. The changes, including adding a default PyPI index, handling local wheel dependencies, and automatically adding default development dependencies, are well-implemented. I've identified a potential bug in the version comparison logic and have a couple of suggestions for refactoring and improving consistency, which I've detailed in the comments below.

@github-actions
Copy link

github-actions bot commented Dec 23, 2025

Marketplace Validation Failed

Click to view the full report

Validation Report

🧩 Integrations
Pre-Build Stage

team_cymru_scout

Validation Name Details
⚠️ Uv Lock Error happened while executing a command: uv lock --check: Using CPython 3.11.14 interpreter at: /opt/hostedtoolcache/Python/3.11.14/x64/bin/python error: Failed to generate package metadata for tipcommon==1.1.9.2 @ path+../../../../packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl Caused by: Failed to read from the distribution cache Caused by: failed to query metadata of file /home/runner/work/content-hub/content-hub/packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl: No such file or directory (os error 2)

infoblox_threat_defense_with_ddi

Validation Name Details
⚠️ Uv Lock Error happened while executing a command: uv lock --check: Using CPython 3.11.14 interpreter at: /opt/hostedtoolcache/Python/3.11.14/x64/bin/python error: Failed to generate package metadata for tipcommon==1.1.9.2 @ path+../../../../packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl Caused by: Failed to read from the distribution cache Caused by: failed to query metadata of file /home/runner/work/content-hub/content-hub/packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl: No such file or directory (os error 2)

1 similar comment
@github-actions
Copy link

github-actions bot commented Dec 23, 2025

Marketplace Validation Failed

Click to view the full report

Validation Report

🧩 Integrations
Pre-Build Stage

team_cymru_scout

Validation Name Details
⚠️ Uv Lock Error happened while executing a command: uv lock --check: Using CPython 3.11.14 interpreter at: /opt/hostedtoolcache/Python/3.11.14/x64/bin/python error: Failed to generate package metadata for tipcommon==1.1.9.2 @ path+../../../../packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl Caused by: Failed to read from the distribution cache Caused by: failed to query metadata of file /home/runner/work/content-hub/content-hub/packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl: No such file or directory (os error 2)

infoblox_threat_defense_with_ddi

Validation Name Details
⚠️ Uv Lock Error happened while executing a command: uv lock --check: Using CPython 3.11.14 interpreter at: /opt/hostedtoolcache/Python/3.11.14/x64/bin/python error: Failed to generate package metadata for tipcommon==1.1.9.2 @ path+../../../../packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl Caused by: Failed to read from the distribution cache Caused by: failed to query metadata of file /home/runner/work/content-hub/content-hub/packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl: No such file or directory (os error 2)

@haggit-eliyahu haggit-eliyahu force-pushed the resolve-dependencies-in-deconstruct branch from 115f7c4 to 295f9ee Compare December 23, 2025 08:29
@haggit-eliyahu haggit-eliyahu requested a review from a team as a code owner December 23, 2025 08:29
@github-actions
Copy link

github-actions bot commented Dec 23, 2025

Marketplace Validation Failed

Click to view the full report

Validation Report

🧩 Integrations
Pre-Build Stage

infoblox_threat_defense_with_ddi

Validation Name Details
⚠️ Uv Lock Error happened while executing a command: uv lock --check: Using CPython 3.11.14 interpreter at: /opt/hostedtoolcache/Python/3.11.14/x64/bin/python error: Failed to generate package metadata for tipcommon==1.1.9.2 @ path+../../../../packages/tipcommon/TIPCommon-1.1.9.2/TIPCommon-1.1.9.2-py2.py3-none-any.whl Caused by: Failed to extract archive: tipcommon-1.1.9.2-py2.py3-none-any.whl Caused by: Invalid zip file structure Caused by: an upstream reader returned an error: unexpected end of file Caused by: unexpected end of file
⚠️ Integration Version Bump release_notes.yml file must be updated before PR

team_cymru_scout

Validation Name Details
⚠️ Uv Lock Error happened while executing a command: uv lock --check: Using CPython 3.11.14 interpreter at: /opt/hostedtoolcache/Python/3.11.14/x64/bin/python error: Failed to generate package metadata for tipcommon==1.1.9.2 @ path+../../../../packages/tipcommon/TIPCommon-1.1.9.2/TIPCommon-1.1.9.2-py2.py3-none-any.whl Caused by: Failed to extract archive: tipcommon-1.1.9.2-py2.py3-none-any.whl Caused by: Invalid zip file structure Caused by: an upstream reader returned an error: unexpected end of file Caused by: unexpected end of file
⚠️ Integration Version Bump release_notes.yml file must be updated before PR

@haggit-eliyahu haggit-eliyahu force-pushed the resolve-dependencies-in-deconstruct branch from 295f9ee to 2fee1c1 Compare December 23, 2025 09:07
@github-actions
Copy link

github-actions bot commented Dec 23, 2025

Marketplace Validation Failed

Click to view the full report

Validation Report

🧩 Integrations
Pre-Build Stage

infoblox_threat_defense_with_ddi

Validation Name Details
⚠️ Uv Lock Error happened while executing a command: uv lock --check: Using CPython 3.11.14 interpreter at: /opt/hostedtoolcache/Python/3.11.14/x64/bin/python error: Failed to generate package metadata for tipcommon==1.1.9.2 @ path+../../../../packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl Caused by: Failed to extract archive: tipcommon-1.1.9.2-py2.py3-none-any.whl Caused by: Invalid zip file structure Caused by: an upstream reader returned an error: unexpected end of file Caused by: unexpected end of file

team_cymru_scout

Validation Name Details
⚠️ Uv Lock Error happened while executing a command: uv lock --check: Using CPython 3.11.14 interpreter at: /opt/hostedtoolcache/Python/3.11.14/x64/bin/python error: Failed to generate package metadata for tipcommon==1.1.9.2 @ path+../../../../packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl Caused by: Failed to extract archive: tipcommon-1.1.9.2-py2.py3-none-any.whl Caused by: Invalid zip file structure Caused by: an upstream reader returned an error: unexpected end of file Caused by: unexpected end of file

@haggit-eliyahu haggit-eliyahu force-pushed the resolve-dependencies-in-deconstruct branch from 2fee1c1 to 6ddfefd Compare December 23, 2025 09:37
@github-actions
Copy link

github-actions bot commented Dec 23, 2025

Marketplace Validation Failed

Click to view the full report

Validation Report

🧩 Integrations
Pre-Build Stage

infoblox_threat_defense_with_ddi

Validation Name Details
⚠️ Uv Lock Error happened while executing a command: uv lock --check: Using CPython 3.11.14 interpreter at: /opt/hostedtoolcache/Python/3.11.14/x64/bin/python error: Failed to generate package metadata for tipcommon==1.1.9.2 @ path+../../../../packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl Caused by: Failed to extract archive: tipcommon-1.1.9.2-py2.py3-none-any.whl Caused by: Invalid zip file structure Caused by: an upstream reader returned an error: unexpected end of file Caused by: unexpected end of file

team_cymru_scout

Validation Name Details
⚠️ Uv Lock Error happened while executing a command: uv lock --check: Using CPython 3.11.14 interpreter at: /opt/hostedtoolcache/Python/3.11.14/x64/bin/python error: Failed to generate package metadata for tipcommon==1.1.9.2 @ path+../../../../packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl Caused by: Failed to extract archive: tipcommon-1.1.9.2-py2.py3-none-any.whl Caused by: Invalid zip file structure Caused by: an upstream reader returned an error: unexpected end of file Caused by: unexpected end of file

@haggit-eliyahu haggit-eliyahu force-pushed the resolve-dependencies-in-deconstruct branch from 6ddfefd to 8975476 Compare December 23, 2025 09:51
@github-actions
Copy link

github-actions bot commented Dec 23, 2025

Marketplace Validation Failed

Click to view the full report

Validation Report

🧩 Integrations
Pre-Build Stage

infoblox_threat_defense_with_ddi

Validation Name Details
⚠️ Uv Lock Error happened while executing a command: uv lock --check: Using CPython 3.11.14 interpreter at: /opt/hostedtoolcache/Python/3.11.14/x64/bin/python error: Failed to generate package metadata for tipcommon==1.1.9.2 @ path+../../../../packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl Caused by: Failed to extract archive: tipcommon-1.1.9.2-py2.py3-none-any.whl Caused by: Invalid zip file structure Caused by: extra field size was indicated to be 49135 but fewer than 49135 bytes remain

team_cymru_scout

Validation Name Details
⚠️ Uv Lock Error happened while executing a command: uv lock --check: Using CPython 3.11.14 interpreter at: /opt/hostedtoolcache/Python/3.11.14/x64/bin/python error: Failed to generate package metadata for tipcommon==1.1.9.2 @ path+../../../../packages/tipcommon/TIPCommon-1.1.9/TIPCommon-1.1.9.2-py2.py3-none-any.whl Caused by: Failed to extract archive: tipcommon-1.1.9.2-py2.py3-none-any.whl Caused by: Invalid zip file structure Caused by: extra field size was indicated to be 49135 but fewer than 49135 bytes remain

@haggit-eliyahu haggit-eliyahu force-pushed the resolve-dependencies-in-deconstruct branch 6 times, most recently from 3fd52ae to 39d8f6d Compare December 24, 2025 16:48
@haggit-eliyahu
resolve dependencies in deconstruct and add all the relevant .whl fil…
56a0ff3 
…es to the packages directory

# Conflicts:
#	packages/mp/pyproject.toml
#	packages/mp/uv.lock

# Conflicts:
#	packages/mp/pyproject.toml
#	packages/mp/uv.lock
@haggit-eliyahu
refactor tests to match the isolated tests environment
1787980
@haggit-eliyahu
change dev/regular logic
5ee38c9
@haggit-eliyahu haggit-eliyahu force-pushed the resolve-dependencies-in-deconstruct branch 2 times, most recently from 661f230 to aaccf4d Compare December 31, 2025 08:01
@haggit-eliyahu haggit-eliyahu force-pushed the resolve-dependencies-in-deconstruct branch from aaccf4d to 2393f02 Compare December 31, 2025 08:03
@haggit-eliyahu haggit-eliyahu added Enhancement New feature or request mp mp related change labels Dec 31, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TalShafir1 TalShafir1 Awaiting requested review from TalShafir1

1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

Enhancement New feature or request mp mp related change

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@haggit-eliyahu