Python Table Manners: Cut the Cookie Gracefully @ Kaohsiung.py

@clleew
Python Table Manners:
Cut the Cookie Gracefully

A Guideline Toward Cleaner Code

View Slide

@clleew
Outline
• Clean up the table - Dependency Management
• Put the correct tablewares - Testing
• Use the tablewares elegantly - Coding Style
• Mnemonic phrase - Task management
• Say please! - Check before git operation
• Speak formally - Cultivate a git commit convention
• Safety matters - Security Issues
• Where's the Cookie? - Project template

View Slide

@clleew
__name__ = 李唯 / Wei Lee
__position__ = [
Software Engineer @ Rakuten Slice,
Volunteer @ PyCon Taiwan,
"Maintainer of commitizen-tools,
]
__twitter__ = @clleew
__github__ = Lee-W
__blog__ = http://lee-w.github.io
•
$ cat speaker.py

View Slide

@clleew
$ python speaker.py
File "speaker.py", line 1
__name__ = 李唯 / Wei Lee
^
SyntaxError: invalid syntax
$ python speaker.py

View Slide

@clleew
Dependency Management
Clean up the table

View Slide

@clleew
How we used to start
a Python project

View Slide

@clleew
Sometimes we just forgot to…
• ... activate / deactivate virtual environment
• ... add package into requirements.txt

View Slide

@clleew
Pipenv
Python Dev Workﬂow for Humans
• manage virtual environment + package
→ update at once
→ No more manual sync up!
• generate hashes from packages
→ ensure getting the same packages next time

View Slide

@clleew
Initial Virtual Environment

View Slide

@clleew
Empty Pipfile
[[source]]
name = "pypi"
url = "https://pypi.org/simple"
verify_ssl = true
[dev-packages]
[packages]
[requires]
python_version = "3.7"

View Slide

@clleew
Install Package

View Slide

@clleew
Pipfile with “requests”
[[source]]
name = "pypi"
verify_ssl = true
[dev-packages]
[packages]
requests = "*"
[requires]
[packages]
requests = "*"

View Slide

@clleew
"requests": {
"hashes": [
"sha256:11e007a8a2aa0323f5a921e9e6a2d7e4e67d9877e85773fba9ba6419025cbeb4",
"sha256:9cf5292fcd0f598c671cfc1e0d7d1a7f13bb8085e9a590f48c010551dc6c4b31"
],
"index": "pypi",
"version": "==2.22.0"
},
{
......
"default": {
......
"requests": {
"hashes": [
],
"index": "pypi",
"version": "==2.22.0"
},
"urllib3": {
"hashes": [
"sha256:3de946ffbed6e6746608990594d08faac602528ac7015ac28d33cee6a45b7398",
"sha256:9a107b99a5393caf59c7aa3c1249c16e6879447533d0887f4336dde834c7be86"
],
"version": "==1.25.6"
}
},
......
}
Pipfile.lock with “requests”

View Slide

@clleew
"requests": {
"hashes": [
],
"index": "pypi",
"version": "==2.22.0"
},
{
......
"default": {
......
"requests": {
"hashes": [
],
"index": "pypi",
"version": "==2.22.0"
},
"urllib3": {
"hashes": [
"sha256:3de946ffbed6e6746608990594d08faac602528ac7015ac28d33cee6a45b7398",
"sha256:9a107b99a5393caf59c7aa3c1249c16e6879447533d0887f4336dde834c7be86"
],
"version": "==1.25.6"
}
},
......
}
Pipfile.lock with “requests”
You’re guaranteed to install the
exact same package next time.

View Slide

@clleew

View Slide

@clleew
Install package only in dev

View Slide

@clleew
Pipﬁle with “pytest"
[[source]]
name = "pypi"
verify_ssl = true
[dev-packages]
pytest = "*"
[packages]
requests = "*"
[requires]
[dev-packages]
pytest = "*"

View Slide

@clleew
Run in virtual environment

View Slide

@clleew
Some people might say
that pipenv ...
• ... does not update frequently.

• ... locks slowly.

• ... does not syncs up with install_requires in setup.py

View Slide

@clleew
Poetry

View Slide

@clleew
Poetry commands

View Slide

@clleew
Testing
Put the correct tablewares

View Slide

@clleew
unittest
Unit testing framework in Python Standard Library

View Slide

@clleew
pytest

View Slide

@clleew
Why pytest
• More Pythonic

• Compatible with old unittest tests

• No more assert.+ (e.g., assertEqual, assertTrue, etc.) 
→ just assert

• Better test discovery

• Advance features: mark, parameterize, etc.

• Plenty of plugins

View Slide

@clleew
Run pytest

View Slide

@clleew
always run python inside a virtual environment

View Slide

@clleew
unittest style tests
import unittest
from atta.partner import sponsor
class TestSponsor(unittest.TestCase):
def setUp(self):
sponsors = sponsor.get_all_sponsors('./data/packages.yaml',
'./data/sponsors.yaml')
self.sponsors = sponsors
......
def test_sponsor_number(self):
self.assertEqual(len(self.sponsors), 1)
.......

View Slide

@clleew
import unittest
def setUp(self):
......
.......
Prepare all the data needed in test cases

View Slide

@clleew
import unittest
def setUp(self):
......
.......

View Slide

@clleew
pytest style tests
import pytest
from report_generator.partner import sponsor
class TestSponsor:
@pytest.fixture(scope="class")
def sponsors(self):
return sponsor.get_all_sponsors("test/data/packages.yaml",
“test/data/sponsors.yaml")
......
def test_sponsor_number(self, sponsors):
assert len(sponsors) == 1
......

View Slide

@clleew
pytest style tests
import pytest
class TestSponsor:
def sponsors(self):
......
......
Prepare the data needed in separate ﬁxtures

View Slide

@clleew
pytest style tests
import pytest
class TestSponsor:
def sponsors(self):
......
......

View Slide

@clleew
pytest style tests
import pytest
@pytest.fixture(scope="function")
def sponsors():
"test/data/sponsors.yaml")
def test_sponsor_number(sponsors):

View Slide

@clleew
Conﬁguration - pytest.ini
[pytest]
addopts = --strict-markers
norecursedirs = .* build dist CVS _darcs {arch} *.egg venv env
virtualenv
Conﬁgure through pyproject.toml will be when 6.0 released #7247

View Slide

@clleew
Pytest - powerful plugins
• pytest-mock: Replace objects that are hard to test with
fake objects

• pytest-cov: Generate test coverage report

• pytest-xdist: Distributed testing

• and etc.

View Slide

@clleew
Coding Style
Use the tablewares elegantly

View Slide

@clleew
ﬂake8
• Enforcing style consistency across Python project

• Check possible errors before running your program

• Eliminate bad style

View Slide

@clleew
import os
os = "My Operating system"
Example - bad_code.py

View Slide

@clleew
import os
redeﬁnition of imported library 
(possible error)

View Slide

@clleew
import os
additional space 
(bad coding style)
(possible error)

View Slide

@clleew
Run ﬂake8

View Slide

@clleew
Conﬁguration - setup.cfg
[flake8]
ignore =
# F632: use ==/!= to compare str, bytes, and int literals
F632,
# W503: Line break occurred before a binary operator
W503,
# E501: Line too long
E501,
# E203: Whitespace before ':' (for black)
E203
exclude =
.git,
__pycache__,
build,
dist
max-line-length = 88

View Slide

@clleew
Pylint

View Slide

@clleew
import os
additional space 
(bad coding style)
(possible error)

View Slide

@clleew
Run pylint

View Slide

@clleew
Run pylint with "-r" argument
A bunch of reports that  
you can compare  
with your previous run

View Slide

Conﬁguration - pyproject.toml
[tool.pylint.messages_control]
disable = [
"bad-continuation",
"missing-function-docstring",
"missing-module-docstring",
"invalid-name"
]
[tool.pylint.format]
max-line-length = 88

View Slide

@clleew
mypy
• Static type checker

• Compile-time type checking 
→ avoid possible runtime errors

• Type annotation enhances readability 
→ machine-checked documentation

View Slide

from typing import List
def func(vals: List[str]):
for val in vals:
assert isinstance(val, str)
func([1, 2, 3])
Example - error_type.py
List[str]
[1, 2, 3]

View Slide

Run mypy

View Slide

Run mypy
all the ﬁles with .py extension

View Slide

Run mypy
ignore errors that libs that is not type annotated

View Slide

@clleew
Conﬁguration - setup.cfg
[mypy]
files = **/*.py
ignore_missing_imports = true
follow_imports = silent
warn_redundant_casts = True
warn_unused_ignores = True
warn_unused_configs = True
[mypy]
files = **/*.py
ignore_missing_imports = true

View Slide

Run mypy with conﬁguration

View Slide

@clleew
One step forward
Fix the style automatically

View Slide

Black

View Slide

Run Black

View Slide

How Black reformat

View Slide

Why Black?
The black code style is not conﬁgurable.

View Slide

Why Black?
The black code style is not conﬁgurable.
No more arguing about which style is better

View Slide

–The Zen of Python, by Tim Peters
“There should be one-- and preferably only
one --obvious way to do it.”

View Slide

Isort

View Slide

Example
wrong_import_order.py
import django
import os
import some_custom_package
import flask
import datetime
...

View Slide

According to PEP8
• Imports should be grouped in the following order:
1. Standard library imports.
2. Related third party imports.
3. Local application/library speciﬁc imports.
• You should put a blank line between each group
of imports.

View Slide

Run Isort

View Slide

Run Isort
import datetime
import os
import django
import flask
import some_custom_package
...

View Slide

@clleew
[tool.isort]
line_length = 88
multi_line_output = 3
include_trailing_comma = true
force_grid_wrap = 0
use_parentheses = true

View Slide

Style formatting and linting

View Slide

View Slide

@clleew
Task Management
Mnemonic phrase

View Slide

Invoke
• Task execution tool that can manage your
commands
• It’s like a Makeﬁle but in Python.

View Slide

Invoke in practice (rg-cli)

View Slide

Before invoke in rg-cli

View Slide

After invoke in rg-cli

View Slide

List all commands

View Slide

How ? - tasks.py
from invoke import task
VENV_PREFIX = "pipenv run"
......
@task
def install(cmd):
"""Install script in pipenv environment"""
cmd.run(f"{VENV_PREFIX} python setup.py install")

View Slide

Modulize - Namespace

View Slide

Autocomplete

View Slide

Why not use Makeﬁle?
1.We’re Python developers!
2.Some tasks might not be easy to handle through
shell script.
3.Combining Python and shell script

View Slide

@clleew
Check before git operation
Say please!

View Slide

@clleew
pre-commit
• Why?

• Sometimes we still forget to run the check commands.

• Prevent committing bad code into codebase

• How?

• pre-commit runs these commands before we do git
operations (e.g., git push, git commit)

View Slide

@clleew
Conﬁg (customized hooks)
.pre-commit-config.yaml
repos:
- repo: local
hooks:
- id: style-reformat
name: style-reformat
stages: [commit]
language: system
pass_filenames: false
entry: inv style.reformat
types: [python]
- id: style-check
name: style-check
stages: [push]
language: system
entry: inv style
types: [python]
......

View Slide

@clleew
repos:
- repo: local
hooks:
stages: [commit]
language: system
types: [python]
- id: style-check
name: style-check
stages: [push]
language: system
entry: inv style
types: [python]
......
stages: [commit]

View Slide

@clleew
repos:
- repo: local
hooks:
stages: [commit]
language: system
types: [python]
- id: style-check
name: style-check
stages: [push]
language: system
entry: inv style
types: [python]
......
stages: [push]
- id: style-check

View Slide

@clleew
Conﬁg (existing hooks)
......
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v3.1.0
hooks:
- id: end-of-file-fixer
- id: trailing-whitespace
args: [--markdown-linebreak-ext=md]

View Slide

@clleew
Setup pre-commit

View Slide

@clleew
Run pre-commit

View Slide

@clleew
Cultivate
a git commit convention
Speak formally

View Slide

View Slide

Hard to ﬁnd to the right version

View Slide

commitizen-tools

View Slide

Commit - cz commit

View Slide

How does the commit look
like?
feat(Kaohsiung.py): This meetup is great
Hope you enjoy these manners
https://kaohsiungpy.kktix.cc/events/20200831

View Slide

Standardized git commits

View Slide

Other Commitizen features
• pre-commit hook prevents you from not using
commitizen
• customizable commit rules
• auto bump project version (SemVar)
• auto generate changelog (Keep a Changelog)

View Slide

@clleew
Security Issues
Safety matters

View Slide

View Slide

Safety
Dependency Checking

View Slide

Check vulnerability
in current environment

View Slide

But if you use pipenv …

View Slide

How does Safety work?
• Search the vulnerability in CVS
(Common Vulnerabilities and Exposures)
• Free DB: update monthly
• Paid DB: update realtime

View Slide

Bandit
Static Analysis

View Slide

Check Common Security
Issue in Python Code

View Slide

Not all the warnings
should be ﬁxed
• Add exclude into your bandit conﬁguration
• Add # nosec after the end of the code to skip
the warning

View Slide

@clleew

View Slide

@clleew
Project template
Where's the Cookie?

View Slide

@clleew
We want these manners in all our Python projects ❗

View Slide

@clleew
We want these manners in all our Python projects ❗
But... we don't want to conﬁgure it everytime ❗

View Slide

@clleew
Create a project template once
and initialize projects through it

View Slide

@clleew
Lee-W / cookiecutter-python-template

View Slide

@clleew

View Slide

@clleew
How to make a template?
cookiecutter.json

View Slide

@clleew
Template structure
Cookiecutter conﬁguration
Template (Use Jinja)

View Slide

@clleew
An example in template
{{cookiecutter.project_slug}}/tasks/env.py
from tasks.common import VENV_PREFIX
@task
def init(ctx):
"""Install production dependencies"""
{% if cookiecutter.dependency_management_tool == 'pipenv' -%}
ctx.run("pipenv install --deploy")
{%- elif cookiecutter.dependency_management_tool == 'poetry' -%}
ctx.run("poetry install --no-dev")
{%- endif %}

View Slide

@clleew
An example in template
{{cookiecutter.project_slug}}/tasks/env.py
from tasks.common import VENV_PREFIX
@task
def init(ctx):
"""Install production dependencies"""
{%- endif %}
{%- endif %}

View Slide

@clleew
import os
def remove_pipfile():
os.remove("Pipfile")
def main():
if "{{ cookiecutter.dependency_management_tool }}" != "pipenv":
remove_pipfile()
if __name__ == "__main__":
main()
Run before/after project is generated
hooks/post_gen_project.py

View Slide

@clleew
Lee-W / cookiecutter-python-template

View Slide

@clleew

View Slide

Other Tools
• Testing
• Hypothesis
• nox
• Documentation
• Mkdocs
• Sphinx

View Slide

@clleew
Related Talks
• Dependency Management
• Tzu-ping Chung - 這樣的開發環境沒問題嗎？ (PyCon TW 2018)
• Kenneth Reitz - Pipenv: The Future of Python Dependency
Management (PyCon US 2018)
• Patrick Muehlbauer - Python Dependency Management (PyCon DE
2018)
• Test
• Chun-Yu Tseng - 快快樂樂成為 Coding Ninja (by pytest) (PyCon APAC
2015)
• Florian Bruhin – Pytest: Rapid Simple Testing (Swiss Python Summit 16)

View Slide

@clleew
Related Talks
• Style Check
• Kyle Knapp - Automating Code Quality (PyCon US 2018)
• Łukasz Langa - Life Is Better Painted Black, or: How to Stop Worrying and Embrace Auto-Formatting
(PyCon US 2019)
• Raymond Hettinger - Beyond PEP 8 -- Best practices for beautiful intelligible code (PyCon 2015)
• Static Typing
• Dustin Ingram - Static Typing in Python (PyCon US 2020)
• Task Managements
• Thea Flowers - Break the Cycle: Three excellent Python tools to automate repetitive tasks (PyCon US
2019)
• Security
• Terri Oda - Python Security Tools (PyCon US 2019)
• Tennessee Leeuwenburg - Watch out for Safety Bandits! (PyCon AU 2018)

View Slide

@clleew
References
• pipenv

• poetry

• ﬂake8

• pylint

• mypy

• black

• isort
• invoke

• pre-commit

• commitizen-tools

• safety

• bandit

• cookiecutter

View Slide

@clleew

View Slide

Python Table Manners: Cut the Cookie Gracefully @ Kaohsiung.py

Python Table Manners: Cut the Cookie Gracefully @ Kaohsiung.py

Lee Wei

More Decks by Lee Wei

Other Decks in Programming

Featured

Transcript