JeffreyHuynh1
commented
9 months ago The ticket specified to validate the .fossa.yml and fossa-deps.yml configs.
.fossa config is validated at parsing and an error will be thrown if the config isn't correct. Fossa-deps is only used in fossa analyze so I just moved that function call to validate fossa-deps earlier on in the analyze work flow. As a result, I didn't include the validation for .fossa and fossa-deps it in the preflightChecks function to avoid duplicate calls to validate the config files.
Was wondering if my logic makes sense, or if I should just add the config validation to the preflight checks?
Overview
As a fossa user, I want fossa to perform pre-flight mode so I’m confident that my API key, and configuration and dependency files are valid.
Acceptance criteria
If fossa-cli, has invalid API key for action, it should halt prior to analysis or any actions that requires API key
If fossa-cli, has invalid fossa-deps, it should halt prior to analysis or any actions
If fossa-cli, has invalid fossa-yml, it should halt prior to analysis or any action
If fossa-cli, should be able to connect to access app.fossa.com for any command that requires VALID API Key (or halt)
If fossa-cli, should be able to write to temp directory in the system
Testing plan
PreflightChecksSpec:
Manually tested related commands with invalid api key
Risks
Metrics
References
Checklist
docs/.docs/README.msand gave consideration to how discoverable or not my documentation is.Changelog.md. If this PR did not mark a release, I added my changes into an# Unreleasedsection at the top..fossa.ymlorfossa-deps.{json.yml}, I updateddocs/references/files/*.schema.jsonAND I have updated example files used byfossa initcommand. You may also need to update these if you have added/removed new dependency type (e.g.pip) or analysis target type (e.g.poetry).docs/references/subcommands/<subcommand>.md.