PYSCAN-44 Read extra analysis properties from pyproject.toml files (#34)

Author: guillaume-dequenne

README.md

@@ -20,6 +20,7 @@ There are multiple ways of providing these properties, described below in descen
 
 * Through CLI arguments to the `sonar-scanner-python` command
 * Under the `[tool.sonar]` key of the `pyproject.toml` file
+* Through common properties extracted from the `pyproject.toml`
 * In a dedicated `sonar-project.properties` file
 * Through environment variables
 
@@ -77,6 +78,16 @@ Or:
 sonar-scanner-python -Dsonar.projectHome="path/to/projectHome"
 ```
 
+
+### Through project properties extracted from the `pyproject.toml`
+
+When a `pyproject.toml` file is available, it is possible to set the `-read-project-config` flag
+to allow the scanner to deduce analysis properties from the project configuration.
+
+This is currently supported only for projects using `poetry`.
+
+The Sonar scanner will then use the project name and version defined through Poetry, they won't have to be duplicated under a dedicated `tool.sonar` section.
+
 ### With a sonar-project.properties file
 
 Exactly like [__SonarScanner__](https://docs.sonarsource.com/sonarqube/9.9/analyzing-source-code/scanners/sonarscanner/),

src/py_sonar_scanner/configuration.py

@@ -44,7 +44,7 @@ def __init__(self):
         self.sonar_scanner_version = "4.6.2.2472"
         self.sonar_scanner_executable_path = ""
         self.scan_arguments = []
-        self.wrapper_arguments = argparse.Namespace(debug=False)
+        self.wrapper_arguments = argparse.Namespace(debug=False, read_project_config=False)
 
     def setup(self) -> None:
         """This is executed when run from the command line"""
@@ -60,6 +60,14 @@ def _read_wrapper_arguments(self):
         argument_parser.add_argument("-toml.path", "-Dtoml.path", "--toml.path", dest="toml_path")
         argument_parser.add_argument("-project.home", "-Dproject.home", "--project.home", dest="project_home")
         argument_parser.add_argument("-X", action="store_true", dest="debug")
+        argument_parser.add_argument(
+            "-read.project.config",
+            "-Dread.project.config",
+            "--read-project-config",
+            "-read-project-config",
+            action="store_true",
+            dest="read_project_config",
+        )
         self.wrapper_arguments, _ = argument_parser.parse_known_args(args=sys.argv[1:])
 
     def _read_toml_args(self) -> list[str]:
@@ -69,6 +77,10 @@ def _read_toml_args(self) -> list[str]:
             toml_data = self._read_toml_file()
         except OSError as e:
             self.log.exception("Error while opening .toml file: %s", str(e))
+        if self.wrapper_arguments.read_project_config:
+            common_toml_properties = self._extract_common_properties(toml_data)
+            for key, value in common_toml_properties.items():
+                self._add_parameter_to_scanner_args(scan_arguments, key, value)
         sonar_properties = self._extract_sonar_properties(toml_data)
         for key, value in sonar_properties.items():
             self._add_parameter_to_scanner_args(scan_arguments, key, value)
@@ -83,6 +95,23 @@ def _extract_sonar_properties(self, toml_properties):
         sonar_properties = tool_data["sonar"]
         return sonar_properties if isinstance(sonar_properties, dict) else {}
 
+    def _extract_common_properties(self, toml_properties):
+        properties = {}
+        if "tool" in toml_properties.keys() and "poetry" in toml_properties["tool"]:
+            poetry_properties = toml_properties["tool"]["poetry"]
+            properties = self._extract_from_poetry_properties(poetry_properties)
+        return properties
+
+    def _extract_from_poetry_properties(self, poetry_properties):
+        result = {}
+        if "name" in poetry_properties:
+            result["project.name"] = poetry_properties["name"]
+        if "version" in poetry_properties:
+            result["project.version"] = poetry_properties["version"]
+        # Note: Python version can be extracted from dependencies.python, however it
+        # may be specified with constraints, e.g ">3.8", which is not currently supported by sonar-python
+        return result
+
     def _add_parameter_to_scanner_args(self, scan_arguments: list[str], key: str, value: Union[str, dict]):
         if isinstance(value, str):
             scan_arguments.append(f"-Dsonar.{key}={value}")

tests/resources/test_toml_file.toml

@@ -0,0 +1,14 @@
+[tool]
+ignored_property="something"
+
+[tool.poetry]
+name = "my_name"
+version = "0.0.1"
+
+[tool.sonar]
+project.name = "overridden_name"
+python.version = "3.10"
+
+[tool.sonar.property_class]
+property1="value1"
+

tests/resources/test_toml_file_poetry.toml

@@ -0,0 +1,6 @@
+[tool.poetry]
+random="42"
+
+[tool.sonar]
+project.name = "my_project_name"
+python.version = "3.10"

tests/resources/toml_no_common_properties.toml

@@ -24,7 +24,8 @@
 from py_sonar_scanner.logger import ApplicationLogger
 
 CURRENT_DIR = os.path.dirname(os.path.abspath(__file__))
-TEST_TOML_FILE = "test_toml_file.toml"
+TEST_TOML_FILE_POETRY = "test_toml_file_poetry.toml"
+TOML_NO_COMMON_PROPERTIES = "toml_no_common_properties.toml"
 SAMPLE_SCANNER_PATH = "path/to/scanner/py-sonar-scanner"
 
 
@@ -129,40 +130,75 @@ def test_dict_with_valid_values(self, mock_sys):
     @patch("py_sonar_scanner.configuration.sys")
     def test_toml_with_valid_values(self, mock_sys):
         configuration = Configuration()
-        toml_file_path = os.path.join(CURRENT_DIR, "resources", TEST_TOML_FILE)
+        toml_file_path = os.path.join(CURRENT_DIR, "resources", TEST_TOML_FILE_POETRY)
         mock_sys.argv = [SAMPLE_SCANNER_PATH, f"-Dtoml.path={toml_file_path}"]
         configuration.setup()
         self.assertListEqual(
             configuration.scan_arguments,
             [
-                "-Dsonar.property1=value1",
-                "-Dsonar.property2=value2",
+                "-Dsonar.project.name=overridden_name",
+                "-Dsonar.python.version=3.10",
                 "-Dsonar.property_class.property1=value1",
-                f"-Dtoml.path={CURRENT_DIR}/resources/test_toml_file.toml",
+                f"-Dtoml.path={CURRENT_DIR}/resources/{TEST_TOML_FILE_POETRY}",
+            ],
+        )
+
+    @patch("py_sonar_scanner.configuration.sys")
+    def test_toml_overridden_common_properties(self, mock_sys):
+        configuration = Configuration()
+        toml_file_path = os.path.join(CURRENT_DIR, "resources", TEST_TOML_FILE_POETRY)
+        mock_sys.argv = [SAMPLE_SCANNER_PATH, f"-Dtoml.path={toml_file_path}", "-read.project.config"]
+        configuration.setup()
+        self.assertListEqual(
+            configuration.scan_arguments,
+            [
+                "-Dsonar.project.name=my_name",
+                "-Dsonar.project.version=0.0.1",
+                "-Dsonar.project.name=overridden_name",
+                "-Dsonar.python.version=3.10",
+                "-Dsonar.property_class.property1=value1",
+                f"-Dtoml.path={CURRENT_DIR}/resources/{TEST_TOML_FILE_POETRY}",
+                "-read.project.config",
+            ],
+        )
+
+    @patch("py_sonar_scanner.configuration.sys")
+    def test_toml_no_common_properties(self, mock_sys):
+        configuration = Configuration()
+        toml_file_path = os.path.join(CURRENT_DIR, "resources", TOML_NO_COMMON_PROPERTIES)
+        mock_sys.argv = [SAMPLE_SCANNER_PATH, f"-Dtoml.path={toml_file_path}", "-read.project.config"]
+        configuration.setup()
+        self.assertListEqual(
+            configuration.scan_arguments,
+            [
+                "-Dsonar.project.name=my_project_name",
+                "-Dsonar.python.version=3.10",
+                f"-Dtoml.path={CURRENT_DIR}/resources/{TOML_NO_COMMON_PROPERTIES}",
+                "-read.project.config",
             ],
         )
 
     @patch("py_sonar_scanner.configuration.sys")
     def test_duplicate_values_toml_cli(self, mock_sys):
         configuration = Configuration()
-        toml_file_path = os.path.join(CURRENT_DIR, "resources", TEST_TOML_FILE)
-        mock_sys.argv = [SAMPLE_SCANNER_PATH, f"-Dtoml.path={toml_file_path}", "-Dsonar.property1=value1"]
+        toml_file_path = os.path.join(CURRENT_DIR, "resources", TEST_TOML_FILE_POETRY)
+        mock_sys.argv = [SAMPLE_SCANNER_PATH, f"-Dtoml.path={toml_file_path}", "-Dsonar.project.name=second_override"]
         configuration.setup()
         self.assertListEqual(
             configuration.scan_arguments,
             [
-                "-Dsonar.property1=value1",
-                "-Dsonar.property2=value2",
+                "-Dsonar.project.name=overridden_name",
+                "-Dsonar.python.version=3.10",
                 "-Dsonar.property_class.property1=value1",
-                f"-Dtoml.path={CURRENT_DIR}/resources/test_toml_file.toml",
-                "-Dsonar.property1=value1",
+                f"-Dtoml.path={CURRENT_DIR}/resources/{TEST_TOML_FILE_POETRY}",
+                "-Dsonar.project.name=second_override",
             ],
         )
 
     @patch("builtins.open")
     @patch("py_sonar_scanner.configuration.sys")
     def test_error_while_reading_toml_file(self, mock_sys, mock_open):
-        toml_file_path = os.path.join(CURRENT_DIR, "resources", TEST_TOML_FILE)
+        toml_file_path = os.path.join(CURRENT_DIR, "resources", TEST_TOML_FILE_POETRY)
         mock_sys.argv = ["path/to/scanner/py-sonar-scanner", f"-Dtoml.path={toml_file_path}"]
 
         mock_open.side_effect = OSError("Test error while opening file.")
@@ -173,7 +209,7 @@ def test_error_while_reading_toml_file(self, mock_sys, mock_open):
             self.assertListEqual(
                 configuration.scan_arguments,
                 [
-                    f"-Dtoml.path={CURRENT_DIR}/resources/test_toml_file.toml",
+                    f"-Dtoml.path={CURRENT_DIR}/resources/{TEST_TOML_FILE_POETRY}",
                 ],
             )