Skip to content

Dev #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
gamesguru wants to merge 21 commits into
base: master
Choose a base branch
from
Draft

Dev #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
21 commits
Select commit Hold shift + click to select a range
c936d61
wip makefile, github workflow
gamesguru Mar 2, 2024
10b209e
wip format
gamesguru Mar 2, 2024
fa3c02f
fixup makefile more
gamesguru Mar 2, 2024
3aca76b
try fixing workflow yaml too
gamesguru Mar 2, 2024
33d939c
try-except in latest_version.py
gamesguru Mar 2, 2024
72a4b75
black .
gamesguru Mar 2, 2024
12b0ee9
unset intentional error
gamesguru Mar 2, 2024
92d59c3
TEST THIS: updated process.py
gamesguru Mar 2, 2024
cb96f66
fix process.py
gamesguru Mar 3, 2024
abe0f4d
add check-vars
gamesguru Apr 16, 2024
9244f27
update makefile, workflow
gamesguru Apr 16, 2024
91a4183
lint sql/latest_version.py
gamesguru Apr 18, 2024
810083f
fix README title and status badge (image)
gamesguru Apr 18, 2024
c949dc0
makefile, readme
gamesguru Apr 18, 2024
905b3a2
del deploy/install-prod and _check-git-up-to-date
gamesguru Apr 18, 2024
ef9a059
update readme
gamesguru Apr 18, 2024
a96acca
add make docs target
gamesguru Apr 18, 2024
d8a4732
adjust sections in Makefile
gamesguru Apr 18, 2024
bf29771
remove old travis CI config file
gamesguru Apr 22, 2024
8f27bfe
remove TODO
gamesguru Apr 22, 2024
8324bf3
remove format.sh; remove blank line in py file
gamesguru Apr 23, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
59 changes: 59 additions & 0 deletions .github/workflows/test.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
---
name: ci

'on':
push:
branches:
- '**'

permissions:
contents: write

jobs:
ci:
runs-on: [self-hosted, dev]
Copy link

@cubic-dev-ai cubic-dev-ai bot Jan 12, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1: Self-hosted runner with write permissions and broad branch triggers creates security risk. Consider: (1) restricting the trigger to specific branches like main/master only, (2) using GitHub-hosted runners for untrusted branches, or (3) removing write permissions and using a separate workflow for deployments.

Prompt for AI agents 
Check if this issue is valid — if so, understand the root cause and fix it. At .github/workflows/test.yml, line 14:

<comment>Self-hosted runner with write permissions and broad branch triggers creates security risk. Consider: (1) restricting the trigger to specific branches like `main`/`master` only, (2) using GitHub-hosted runners for untrusted branches, or (3) removing write permissions and using a separate workflow for deployments.</comment>

<file context>
@@ -0,0 +1,59 @@
+
+jobs:
+  ci:
+    runs-on: [self-hosted, dev]
+    steps:
+      - name: Checkout
</file context>
Fix with Cubic

steps:
- name: Checkout
uses: actions/checkout@v4

- name: Extras / Count Lines of Source Code
run: make extras/cloc

# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Lint
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- name: Lint
run: make format

- name: Check
run: git diff HEAD --quiet

# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Build [Prod] (and Upload binary)
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- name: Check release version
id: check-release-version
if: github.ref == 'refs/heads/master'
env:
GH_TOKEN: ${{ github.token }}
run: |
RELEASE_TAG=$(make deploy/get-current-db-version)
# Test that github-cli is working
gh --version
gh release list -L 1
# TODO: enhance this to be: if release_tag > current_prod_tag, deploy.
# Otherwise, can skip this step entirely?
gh release view $RELEASE_TAG || echo "PUBLISH=1" >> "$GITHUB_OUTPUT"
Copy link

@cubic-dev-ai cubic-dev-ai bot Jan 12, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2: Quote the $RELEASE_TAG variable to prevent word splitting and handle empty/special values safely.

Prompt for AI agents 
Check if this issue is valid — if so, understand the root cause and fix it. At .github/workflows/test.yml, line 46:

<comment>Quote the $RELEASE_TAG variable to prevent word splitting and handle empty/special values safely.</comment>

<file context>
@@ -0,0 +1,59 @@
+          gh release list -L 1
+          # TODO: enhance this to be: if release_tag > current_prod_tag, deploy.
+          #       Otherwise, can skip this step entirely?
+          gh release view $RELEASE_TAG || echo "PUBLISH=1" >> "$GITHUB_OUTPUT"
+
+      # yamllint disable rule:line-length
</file context>
Suggested change
gh release view $RELEASE_TAG || echo "PUBLISH=1" >> "$GITHUB_OUTPUT"
gh release view "$RELEASE_TAG" || echo "PUBLISH=1" >> "$GITHUB_OUTPUT"
Fix with Cubic

Copy link

@cubic-dev-ai cubic-dev-ai bot Jan 12, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1: The release existence check is fragile. gh release view failing doesn't always mean the release doesn't exist—it could be a network error, auth failure, or rate limit. Consider checking the specific exit code or error message to distinguish between "release not found" and other failures.

Prompt for AI agents 
Check if this issue is valid — if so, understand the root cause and fix it. At .github/workflows/test.yml, line 46:

<comment>The release existence check is fragile. `gh release view` failing doesn't always mean the release doesn't exist—it could be a network error, auth failure, or rate limit. Consider checking the specific exit code or error message to distinguish between "release not found" and other failures.</comment>

<file context>
@@ -0,0 +1,59 @@
+          gh release list -L 1
+          # TODO: enhance this to be: if release_tag > current_prod_tag, deploy.
+          #       Otherwise, can skip this step entirely?
+          gh release view $RELEASE_TAG || echo "PUBLISH=1" >> "$GITHUB_OUTPUT"
+
+      # yamllint disable rule:line-length
</file context>
Fix with Cubic

# yamllint disable rule:line-length
- name: Build (production release)
if: github.ref == 'refs/heads/master' && steps.check-release-version.outputs.PUBLISH
env:
GH_TOKEN: ${{ github.token }}
run: set -o pipefail; make build

- name: Upload artifacts (production release)
if: github.ref == 'refs/heads/master' && steps.check-release-version.outputs.PUBLISH
env:
GH_TOKEN: ${{ github.token }}
run: set -o pipefail; make deploy/upload
9 changes: 0 additions & 9 deletions .travis.yml
View file
Open in desktop

This file was deleted.

97 changes: 97 additions & 0 deletions Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,97 @@
SHELL=/bin/bash

.DEFAULT_GOAL := _help

# NOTE: must put a <TAB> character and two pound "\t##" to show up in this list. Keep it brief! IGNORE_ME
.PHONY: _help
_help:
@grep -h "##" $(MAKEFILE_LIST) | grep -v IGNORE_ME | grep -v ^# | sed -e 's/##//' | column -t -s $$'\t'



# ---------------------------------------
# Format
# ---------------------------------------

.PHONY: format
format: ## format SQL with pg_format
# TODO: what about import.sql? It gets formatted too ugly
# TODO: what about Python files?
pg_format -L -s 2 -w 100 sql/tables.sql >sql/tables.fmt.sql
mv sql/tables.fmt.sql sql/tables.sql



# ---------------------------------------
# Build, test, and docs
# ---------------------------------------

DB_VERSION ?= $(shell python3 sql/latest_version.py)
DB_FILE ?= sql/usda.sqlite3
DB_XZ_FILE ?= sql/dist/usda.sqlite3-${DB_VERSION}.tar.xz

.PHONY: build
build: clean
build: ## Build the release (compressed XZ file)
test "${DB_VERSION}"
./sql/build.sh ${DB_VERSION}
du -h ${DB_XZ_FILE}

.PHONY: test
test: ## Test the SQL database with basic queries
test -f ${DB_FILE}
sqlite3 ${DB_FILE} ".tables"
sqlite3 ${DB_FILE} "\
SELECT * FROM nutr_def WHERE id=328; \
SELECT long_desc FROM food_des WHERE id=9050; \
SELECT * FROM version; \
"

.PHONY: docs
docs: ## Build the relational SVG diagram
./docs/sqleton.sh



# ---------------------------------------
# Deploy
# ---------------------------------------

.PHONY: deploy/get-current-db-version
deploy/get-current-db-version:
@test "${DB_VERSION}"
@echo v${DB_VERSION}


.PHONY: deploy/upload
deploy/upload: ## Upload to GitHub releases
test -n "${DB_VERSION}"
test -f ${DB_XZ_FILE}
gh release create v${DB_VERSION} --generate-notes
gh release upload v${DB_VERSION} ${DB_XZ_FILE}

.PHONY: deploy/delete
deploy/delete:
[[ "$(shell read -e -p 'Really delete v${DB_VERSION}? [y/N]> '; echo $$REPLY)" == [Yy]* ]]
Copy link

@cubic-dev-ai cubic-dev-ai bot Jan 12, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P1: Interactive confirmation prompt won't work because $(shell ...) is evaluated during Make's parse phase, not during recipe execution. The read command requires an interactive terminal that isn't available at parse time, so this safety check will fail or be bypassed. This is dangerous for a destructive operation that deletes releases and tags.

Prompt for AI agents 
Check if this issue is valid — if so, understand the root cause and fix it. At Makefile, line 75:

<comment>Interactive confirmation prompt won't work because `$(shell ...)` is evaluated during Make's parse phase, not during recipe execution. The `read` command requires an interactive terminal that isn't available at parse time, so this safety check will fail or be bypassed. This is dangerous for a destructive operation that deletes releases and tags.</comment>

<file context>
@@ -0,0 +1,97 @@
+
+.PHONY: deploy/delete
+deploy/delete:
+	[[ "$(shell read -e -p 'Really delete v${DB_VERSION}? [y/N]> '; echo $$REPLY)" == [Yy]* ]]
+	gh release delete v${DB_VERSION}
+	git push origin --delete v${DB_VERSION}
</file context>
Fix with Cubic

gh release delete v${DB_VERSION}
git push origin --delete v${DB_VERSION}
- git tag -d v${DB_VERSION}



# ---------------------------------------
# Clean & extras
# ---------------------------------------

.PHONY: clean
clean: ## Clean up leftover bits and stuff from build
rm -f sql/*.sqlite
rm -f sql/*.sqlite3

.PHONY: check-vars
check-vars: ## display all computed vars (won't show passed in)
$(foreach v, $(.VARIABLES), $(if $(filter file, $(origin $(v))), $(info $(v)=$($(v)))))

.PHONY: extras/cloc
extras/cloc: ## count lines of code
cloc HEAD --exclude-dir=usda.svg
40 changes: 23 additions & 17 deletions README.rst
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,9 +1,9 @@
***********
*************
usda-sqlite
***********
*************
Comment on lines +1 to +3
Copy link

@cubic-dev-ai cubic-dev-ai bot Jan 12, 2026
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2: The overline/underline around the document title use 13 asterisks while the title text is 12 characters, violating reStructuredText’s requirement that section adornments match the title length and causing Docutils warnings.

Prompt for AI agents 
Check if this issue is valid — if so, understand the root cause and fix it. At README.rst, line 1:

<comment>The overline/underline around the document title use 13 asterisks while the title text is 12 characters, violating reStructuredText’s requirement that section adornments match the title length and causing Docutils warnings.</comment>

<file context>
@@ -1,9 +1,9 @@
-***********
+*************
  usda-sqlite
-***********
</file context>
Suggested change
*************
usda-sqlite
***********
*************
***********
usda-sqlite
***********
Fix with Cubic


.. image:: https://api.travis-ci.com/nutratech/usda-sqlite.svg?branch=master
:target: https://travis-ci.com/github/nutratech/usda-sqlite
.. image:: https://github.com/nutratech/usda-sqlite/actions/workflows/test.yml/badge.svg
:target: https://github.com/nutratech/usda-sqlite/actions/workflows/test.yml

Python, SQL and CSV files for setting up portable usda-sqlite database.

Expand All @@ -12,6 +12,7 @@ See CLI: https://github.com/nutratech/cli
See nt-sqlite: https://github.com/nutratech/nt-sqlite



Building the database
#########################

Expand All @@ -30,7 +31,9 @@ Building the database
bash setup.sh
python3 process.py

3. If you are committing database changes, add a line to :code:`sql/version.csv` (e.g. :code:`id=3` is the latest in this case),

3. If you are committing database changes, add a line to
:code:`sql/version.csv` (e.g. :code:`id=3` is the latest in this case).

+-----+----------+-----------------------------------+
| id | version | created |
Expand All @@ -42,33 +45,36 @@ Building the database
| 3 | 0.0.2 | Thu 06 Aug 2020 09:21:39 AM EDT |
+-----+----------+-----------------------------------+

4. i. (Optional) Enforce foreign keys with your ``~/.sqliterc`` file,

::
4. i. *(Optional)* Enforce FKs by copying this to your ``~/.sqliterc`` file.

.. code-block:: text

.headers on
.mode column
PRAGMA foreign_keys = 1;

4. ii. Create the database with
4. ii. Create the database.

.. code-block:: bash

cd ../sql
./build.sh X.X.X # e.g. 0.0.8
make build


5. Verify the tables (again inside the SQL shell :code:`sqlite3 usda.sqlite3`),
5. Verify the tables.

.. code-block:: sql

.tables
SELECT * FROM nutr_def WHERE id=328;
SELECT long_desc FROM food_des WHERE id=9050;
SELECT * FROM version;
.exit
make test


6. If everything looks good, upload compressed
:code:`dist/nutra-X.X.X.db.tar.xz` file to binary host.

.. code-block:: bash

make deploy/upload

6. If everything looks good, upload compressed :code:`dist/nutra-X.X.X.db.tar.xz` file to binary host (bitbucket files).


Tables (Relational Design)
Expand Down
1 change: 0 additions & 1 deletion TODO
View file
Open in desktop

This file was deleted.

Loading