Skip to content

docs(examples): runnable supplier bulk-add example#5

Merged
unidoc-ahall merged 2 commits into
masterfrom
docs/examples-add-suppliers
Jul 14, 2026
Merged

docs(examples): runnable supplier bulk-add example#5
unidoc-ahall merged 2 commits into
masterfrom
docs/examples-add-suppliers

Conversation

@unidoc-ahall

Copy link
Copy Markdown
Contributor

Closes #4.

Starts an examples/ folder — runnable, copy-and-go snippets that show what the SDK can do. First one is the most common first task: getting suppliers in fast.

  • examples/add_suppliers.py — a list of suppliers (name, type, criticality, data access, CIA classification, markdown notes) run through client.suppliers.add(...), printing the assigned identifier + CIA per row. Per-row try/except IsmsError so one bad row doesn't abort the batch, and a final "Added N of M" summary.
  • examples/README.mdpip install isms-sdk + the two env vars (or ISMS_ENV file).
  • CI: ruff check now includes examples/ so a published example can't silently rot.

Verified against the live API: suppliers.addPOST /v1/suppliers, all fields map to the create DTO, saas/high are valid enums, CIA persists on create, and the response carries identifier/name/CIA. ruff check examples clean.

First entry in examples/: add_suppliers.py loops client.suppliers.add(...) over a
list (name, type, criticality, data access, CIA, markdown notes) and prints the
assigned identifier + CIA per supplier. README covers install + env setup. CI now
lints examples/ (ruff check src tests examples) so a published example can't
silently rot when the SDK changes.

Closes #4.
@unidoc-ahall unidoc-ahall requested a review from unidoc-alip July 14, 2026 10:25

@unidoc-alip unidoc-alip left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Clean, well-scoped addition. examples/add_suppliers.py matches SupplierResource.add's actual contract (verified against src/isms/client.py), per-row error handling is a nice touch, and looping ruff over examples/ is the right call to keep the example from rotting. Security review came back clean: no secrets, no injection surface, error output only echoes server response text. Both items below have already been fixed on the branch.


1. [should-fix] examples/add_suppliers.py line 8

This example hardcodes real companies (Anthropic, Microsoft) with specific compliance claims — SOC 2 Type II, ISO 27001/27017/27018, GDPR SCCs, EU-US DPF certification — baked into notes. These are factual assertions about real third parties' current certifications, and they'll drift out of date (certs lapse, DPF status changes) with no mechanism to catch it, unlike the SDK calls themselves which are ruff/CI-checked.

Fixed by swapping to a fictional supplier that illustrates the same fields without asserting real, time-sensitive facts about actual vendors:

suppliers = [
    {
        "name": "Acme Cloud SaaS",
        "supplier_type": "saas",
        "criticality": "high",
        "data_access": True,
        "contact": "https://trust.acme-cloud.example",
        "confidentiality": 5,
        "integrity": 4,
        "availability": 4,
        "notes": (
            "Hosted CRM used by the sales team for customer records and "
            "pipeline data.\n\n"
            "## Services\n"
            "CRM web app and REST API.\n\n"
            "## Data protection\n"
            "SOC 2 Type II. GDPR-compliant Data Processing Addendum with "
            "Standard Contractual Clauses for EU-to-US transfers."
        ),
    },
    # ... second entry follows the same pattern
]

2. [nit] examples/add_suppliers.py line 3

client = IsmsClient.from_env() runs unguarded at import time — if env vars are missing this raises a raw EnvironmentError traceback rather than a friendly message. Matches the SDK's own docstring style, so not blocking, but worth smoothing over since this is likely a new user's first contact with the SDK.

Fixed with a short guard pointing at the README:

try:
    client = IsmsClient.from_env()
except EnvironmentError as e:
    sys.exit(f"{e}\n\nSee examples/README.md for setup.")

… review)

- Swap the real-vendor entries (Anthropic/Microsoft) for fictional suppliers
  (Acme Cloud SaaS, Globex Managed Hosting) — same fields, but no factual,
  time-sensitive compliance claims about real third parties that would drift out
  of date with nothing to catch it.
- Guard IsmsClient.from_env() so a missing-env run exits with the error + a
  pointer to examples/README.md instead of a raw EnvironmentError traceback.
- Move the markdown notes into readable triple-quoted constants instead of
  concatenated string fragments — the markdown reads as markdown in the source.
@unidoc-ahall

Copy link
Copy Markdown
Contributor Author

Thanks @unidoc-alip — both applied on the branch:

1. [should-fix] real-vendor compliance claims. Swapped Anthropic/Microsoft for fictional suppliers (Acme Cloud SaaS, Globex Managed Hosting). Same fields exercised (type, criticality, data_access, CIA, markdown notes with ## Services / ## Data protection), but no factual cert claims about real vendors that could go stale.

2. [nit] unguarded from_env(). Wrapped it in try/except EnvironmentError that sys.exits with the error plus a pointer to examples/README.md, so a first-run-without-env gives a friendly message instead of a traceback.

Also cleaned up the notes while here — moved the markdown into readable triple-quoted constants instead of concatenated "..." "..." fragments, so the markdown actually reads as markdown in the source.

ruff check examples clean, parses. (Other uncommitted files on the branch — client.py, a new create_task.py — are separate WIP and not part of this commit.)

@unidoc-alip unidoc-alip left a comment

Copy link
Copy Markdown
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks good to me

@unidoc-ahall unidoc-ahall merged commit 5d969cd into master Jul 14, 2026
5 checks passed
@unidoc-ahall unidoc-ahall deleted the docs/examples-add-suppliers branch July 14, 2026 15:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Add runnable examples (start with bulk-adding suppliers)

2 participants