Skip to content
Snippets Groups Projects
Commit 81e711d2 authored by Pierre Smeyers's avatar Pierre Smeyers
Browse files

feat(ruff): generate JSON report when SonarQube is detected

parent 87f62431
Branches
Tags
No related merge requests found
...@@ -294,6 +294,13 @@ This job **disabled by default** and runs [Ruff](https://docs.astral.sh/ruff/) o ...@@ -294,6 +294,13 @@ This job **disabled by default** and runs [Ruff](https://docs.astral.sh/ruff/) o
:warning: Ruff can replace isort, Black, Bandit, Pylint and much more. [More info](https://github.com/astral-sh/ruff/blob/main/docs/faq.md#which-tools-does-ruff-replace). :warning: Ruff can replace isort, Black, Bandit, Pylint and much more. [More info](https://github.com/astral-sh/ruff/blob/main/docs/faq.md#which-tools-does-ruff-replace).
In addition to logs in the console, this job produces the following reports, kept for one week:
| Report | Format | Usage |
| -------------- | ---------------------------------------------------------------------------- | ----------------- |
| `$PYTHON_PROJECT_DIR/reports/py-ruff.gitlab.json` | [GitLab](https://docs.astral.sh/ruff/settings/#output-format) | [GitLab integration](https://docs.gitlab.com/ee/ci/yaml/artifacts_reports.html#artifactsreportscodequality) |
| `$PYTHON_PROJECT_DIR/reports/py-ruff.native.json` | [JSON](https://docs.astral.sh/ruff/settings/#output-format) | [SonarQube integration](https://docs.sonarqube.org/latest/analysis/external-issues/)<br/>_This report is generated only if SonarQube template is detected_ |
### SonarQube analysis ### SonarQube analysis
If you're using the SonarQube template to analyse your Python code, here is a sample `sonar-project.properties` file: If you're using the SonarQube template to analyse your Python code, here is a sample `sonar-project.properties` file:
...@@ -317,6 +324,8 @@ sonar.python.coverage.reportPaths=reports/py-coverage.cobertura.xml ...@@ -317,6 +324,8 @@ sonar.python.coverage.reportPaths=reports/py-coverage.cobertura.xml
sonar.python.pylint.reportPaths=reports/py-lint.parseable.txt sonar.python.pylint.reportPaths=reports/py-lint.parseable.txt
# Bandit: CSV format (if enabled) # Bandit: CSV format (if enabled)
sonar.python.bandit.reportPaths=reports/py-bandit.bandit.csv sonar.python.bandit.reportPaths=reports/py-bandit.bandit.csv
# Ruff: JSON format (if enabled)
sonar.python.ruff.reportPaths=reports/py-ruff.native.json
``` ```
More info: More info:
......
...@@ -919,18 +919,24 @@ py-ruff: ...@@ -919,18 +919,24 @@ py-ruff:
if [[ ${BANDIT_ENABLED} == "true" || ${PYLINT_ENABLED} == "true" || ${PYTHON_ISORT_ENABLED} == "true" || ${PYTHON_BLACK_ENABLED} == "true" ]]; then if [[ ${BANDIT_ENABLED} == "true" || ${PYLINT_ENABLED} == "true" || ${PYTHON_ISORT_ENABLED} == "true" || ${PYTHON_BLACK_ENABLED} == "true" ]]; then
log_warn "Ruff can replace isort, Black, Bandit, Pylint" log_warn "Ruff can replace isort, Black, Bandit, Pylint"
fi fi
# Ruff is self dependent tool (written in Rust), so is can be install alone without project dependency (so not need _pip and _run) # Ruff is self dependent tool (written in Rust), it can be installed without project dependencies (_pip and _run don't look required here)
- pip install ${PIP_OPTS} ruff - pip install ${PIP_OPTS} ruff
- ruff check . ${RUFF_ARGS} ${RUFF_EXCLUDE:---extend-exclude .venv,.cache} --output-format gitlab --output-file reports/ruff.gitlab.json || ruff check . ${RUFF_ARGS} ${RUFF_EXCLUDE:---extend-exclude .venv,.cache} --output-format grouped # JSON output (for SonarQube)
- |
if [[ "$SONAR_HOST_URL" ]]
then
ruff check . ${RUFF_ARGS} ${RUFF_EXCLUDE:---extend-exclude .venv,.cache} --exit-zero --output-format json --output-file reports/py-ruff.native.json
fi
# then GitLab and grouped/console formats
- ruff check . ${RUFF_ARGS} ${RUFF_EXCLUDE:---extend-exclude .venv,.cache} --output-format gitlab --output-file reports/py-ruff.gitlab.json || ruff check . ${RUFF_ARGS} ${RUFF_EXCLUDE:---extend-exclude .venv,.cache} --output-format grouped
artifacts: artifacts:
name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG" name: "$CI_JOB_NAME artifacts from $CI_PROJECT_NAME on $CI_COMMIT_REF_SLUG"
expire_in: 1 day expire_in: 1 day
when: always when: always
reports: reports:
codequality: $PYTHON_PROJECT_DIR/reports/ruff.gitlab.json codequality: $PYTHON_PROJECT_DIR/reports/py-ruff.gitlab.json
paths: paths:
- "$PYTHON_PROJECT_DIR/reports/ruff.gitlab.json" - "$PYTHON_PROJECT_DIR/reports/py-ruff.*"
rules: rules:
# exclude if $RUFF_ENABLED not set # exclude if $RUFF_ENABLED not set
- if: '$RUFF_ENABLED != "true"' - if: '$RUFF_ENABLED != "true"'
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment