🚸 Update formatting of source_code when a new Transform is created

[rcannood]

The resulting source code is now:

repo: https://github.com/laminlabs/nf-lamin
path: validation/main.nf
branch: main # or commit: abcdef if a tag or commit
entrypoint: foobar

---

When I run the following command:

NXF_VER=25.10.0 nextflow \
  -trace ai.lamin \
  run https://packages.viash-hub.com/vsh/toolbox \
  -r v0.1.x \
  -main-script target/nextflow/bgzip/main.nf \
  -profile docker \
  -latest \
  -resume \
  --input README.md \
  --output out.tar.gz \
  --publish_dir output

The following logs are produced:

Nov-20 10:21:19.839 [main] DEBUG nextflow.scm.ProviderConfig - Detected SCM config: [providers:[vsh:[server:packages.viash-hub.com, platform:gitlab]]]
Nov-20 10:21:19.846 [main] DEBUG ai.lamin.nf_lamin.util.GitHelper - Extracted git info: GitInfo(provider=gitlab, remoteUrl=https://packages.viash-hub.com/vsh/toolbox.git, isTag=false, isBranch=true, isCommit=false)

---

Unfortunately the Nextflow API doesn't expose whether the provided revision is a tag, branch, or commit sha. Hence I had to implement a GitHelper to pretty much detect that information (again). From the command above we can see that the Githelper is able to detect whether the reference is a tag, branch, or commit.

---

The GitHelper does need to access private classes from the Nextflow codebase so that it can read in the Nextflow SCM so that it can infer whether the repo is a gitlab, github, gitea, etc... repo when the repo is not in one of the standard git provider platforms. From the log we can again see that that GitHelper was able to pick up the relevant SCM config, because it found out that the provider is gitlab.

---

@falexwolf Given that this is able to detect the git provider (gitlab, github, ...), should this information be stored somewhere? Or shall we leave the stored information as is?

[github-actions]

🚀 Deployed on https://692b42090540b6db5f125b1e--nextflow-lamin-usecases-7797.netlify.app

[Copilot]

Pull request overview

This PR introduces a GitHelper utility class to extract detailed Git repository information and refactors transform creation in LaminRunManager to generate properly formatted source code metadata in YAML-like format. The changes enable better distinction between sliding transforms (branches) and pinned transforms (commits/tags), and support detection of various Git providers including custom instances via Nextflow's SCM configuration.

Key Changes:

• Added GitHelper utility with Git provider detection, revision type classification (tag/branch/commit), and source URL construction
• Refactored transform creation to use structured TransformMetadata and generate YAML-like source code instead of JSON
• Added createInputArtifact method for handling remote input artifacts

Reviewed changes

Copilot reviewed 3 out of 3 changed files in this pull request and generated 11 comments.

File	Description
src/main/groovy/ai/lamin/nf_lamin/util/GitHelper.groovy	New utility class for extracting Git information from .git directories, detecting providers, and constructing source URLs
src/test/groovy/ai/lamin/nf_lamin/util/GitHelperTest.groovy	Comprehensive unit tests for GitHelper provider detection, commit hash recognition, and URL construction
src/main/groovy/ai/lamin/nf_lamin/LaminRunManager.groovy	Refactored transform creation with new TransformMetadata structure, YAML-like source code formatting, and createInputArtifact method

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The regex pattern (.+) is too greedy and may capture trailing whitespace, newlines, or content from subsequent lines in the git config. Consider using a more specific pattern like ([^\s\n]+) to capture only the URL without trailing whitespace or newlines.

Suggested change

	def matcher = configText =~ /\[remote "origin"\][^\[]*?url\s*=\s*(.+)/
	def matcher = configText =~ /\[remote "origin"\][^\[]*?url\s*=\s*([^\s\n]+)/

[Copilot]

The Azure DevOps URL format _git?version=GC${commitOrRef} is incomplete. Azure DevOps URLs require additional path components including the project and repository name. The format should be something like ?path=/${filePath}&version=GC${commitOrRef}, and the base URL construction in constructSourceUrl would need special handling for Azure DevOps to include the project path correctly. Consider reviewing Azure DevOps Git URL patterns or marking this as unsupported until properly implemented.

Suggested change

	return "_git?version=GC${commitOrRef}"
	// Azure DevOps URL format requires project, repo, file path, and commit/ref; not supported here
	return null

[Copilot]

The createInputArtifact method lacks test coverage. While there are tests for other methods in LaminRunManager, this new method should have unit tests to verify the behavior, especially the logic for skipping local files and creating artifacts for remote paths.

[Copilot]

The new methods collectTransformMetadata, generateTransformKey, generateTransformDescription, and generateTransformSourceCode lack test coverage. These methods contain important business logic for determining commit vs branch usage and formatting source code. Consider adding unit tests to verify the various code paths, especially the gitInfo-based commit/branch detection logic.

[Copilot]

The getTags and getBranches methods only read from .git/refs/tags and .git/refs/heads directories, but Git can store refs in a packed format in .git/packed-refs for performance. This means tags and branches stored in packed-refs won't be detected, leading to incorrect classification of revisions as commits instead of tags/branches. Consider reading and parsing .git/packed-refs in addition to the refs directories.

[Copilot]

The regex .replaceFirst(/:/, '/') will replace the first colon it finds, but git@ URLs can have port numbers (e.g., git@host:port:user/repo.git). While rare, this could incorrectly transform URLs with port numbers. Consider using a more specific pattern like .replaceFirst(/([^:]+):/, '$1/') or validating the URL format more carefully.

Suggested change

	.replaceFirst(/:/, '/')
	.replaceFirst(/([^:]+):/, '$1/')

[Copilot]

The Files.list() and Files.walk() methods return streams that should be closed to avoid resource leaks. In Groovy, the collect() terminal operation doesn't automatically close the stream. Consider wrapping these in a try-with-resources block or using withCloseable() to ensure the streams are properly closed, especially in long-running applications.

[Copilot]

The Files.walk() stream should be closed to avoid resource leaks. Consider wrapping this in a try-with-resources block or using withCloseable() to ensure the stream is properly closed, especially in long-running applications.

Suggested change

	try {
	return Files.walk(branchesDir)
	try (def stream = Files.walk(branchesDir)) {
	return stream

[Copilot]

Reading .git/config files could expose sensitive information like credentials embedded in URLs. While this implementation doesn't log the full URL, consider sanitizing URLs to remove any embedded credentials (e.g., https://user:password@host/repo) before storing or using them, especially if they might be logged or stored in the database.

[Copilot]

The getBranches method only reads from .git/refs/heads, but Git can store refs in .git/packed-refs. Branches stored in packed-refs won't be detected, leading to incorrect revision classification. Consider reading and parsing .git/packed-refs in addition to the refs directories.

Suggested change

	Path branchesDir = projectDir.resolve('.git/refs/heads')
	if (!Files.exists(branchesDir)) {
	return []
	}
	try {
	return Files.walk(branchesDir)
	.filter { Files.isRegularFile(it) }
	.map { branchesDir.relativize(it).toString() }
	.collect() as List<String>
	} catch (Exception e) {
	log.debug "Failed to read branches: ${e.message}"
	return []
	}
	Set<String> branches = new HashSet<>()
	Path branchesDir = projectDir.resolve('.git/refs/heads')
	if (Files.exists(branchesDir)) {
	try {
	Files.walk(branchesDir)
	.filter { Files.isRegularFile(it) }
	.forEach {
	branches.add(branchesDir.relativize(it).toString())
	}
	} catch (Exception e) {
	log.debug "Failed to read branches from refs/heads: ${e.message}"
	}
	}
	// Also parse .git/packed-refs for packed branches
	Path packedRefs = projectDir.resolve('.git/packed-refs')
	if (Files.exists(packedRefs)) {
	try {
	Files.lines(packedRefs).forEach { line ->
	line = line.trim()
	if (line.isEmpty() || line.startsWith('#') || line.startsWith('^')) {
	return
	}
	// Format: <hash> <ref>
	int spaceIdx = line.indexOf(' ')
	if (spaceIdx > 0) {
	String ref = line.substring(spaceIdx + 1)
	if (ref.startsWith('refs/heads/')) {
	String branchName = ref.substring('refs/heads/'.length())
	branches.add(branchName)
	}
	}
	}
	} catch (Exception e) {
	log.debug "Failed to read branches from packed-refs: ${e.message}"
	}
	}
	return new ArrayList<>(branches)

[falexwolf]

Thank you, Robrecht!

Can we also have a test that tests the source_code formatting end-to-end like we do in lamindb?

https://github.com/laminlabs/lamindb/blob/main/tests/core/test_transform_from_git.py

The unit tests look good, but if the overall format isn't tested things can go wrong? Or aren't you populating the full source_code field?

To your question re Git provider: I'd say this information is stored in the URL and we shouldn't duplicate unless it very clearly provides a benefit. Duplication always has downsides and we should have a good reason.

Otherwise this seems good to me!