diff --git a/.cirrus.yml b/.cirrus.yml index b819c8bc..696846e1 100644 --- a/.cirrus.yml +++ b/.cirrus.yml @@ -5,8 +5,8 @@ env: ARTIFACTORY_DEPLOY_ACCESS_TOKEN: VAULT[development/artifactory/token/${CIRRUS_REPO_OWNER}-${CIRRUS_REPO_NAME}-qa-deployer access_token] ARTIFACTORY_DEPLOY_REPO: sonarsource-pypi-public-qa GITHUB_TOKEN: VAULT[development/github/token/licenses-ro token] - SONAR_TOKEN: VAULT[development/kv/data/sonarcloud data.token] - SONAR_HOST_URL: https://sonarcloud.io + SONAR_TOKEN: VAULT[development/kv/data/next data.token] + SONAR_HOST_URL: https://next.sonarqube.com/sonarqube DEPLOY_PULL_REQUEST: 'true' POETRY_VIRTUALENVS_PATH: "~/.cache/poetry/venvs" POETRY_CACHE_DIR: "~/.cache/poetry/pypoetry" @@ -80,13 +80,13 @@ formatting_task: analysis_task: <<: *POETRY_TEMPLATE alias: analysis - name: "SC Analysis" + name: "NEXT Analysis" analysis_script: - poetry run pytest --cov-report=xml:coverage.xml --cov-config=pyproject.toml --cov=src --cov-branch tests - uv venv - source .venv/bin/activate - - uv pip install . - - pysonar-scanner -Dsonar.organization=sonarsource -DbuildNumber=${CI_BUILD_NUMBER} + - uv pip install . + - pysonar-scanner -Dsonar.projectKey=SonarSource_sonar-scanner-python -Dsonar.projectName="Python Scanner" -DbuildNumber=${CI_BUILD_NUMBER} always: pytest_artifacts: path: "coverage.xml" @@ -139,7 +139,6 @@ its_task: - jfrog poetry-config --server-id-resolve repox --repo-resolve sonarsource-pypi - jfrog poetry install - unset SONAR_TOKEN - - unset SONARCLOUD_ANALYSIS - unset SONAR_HOST_URL - poetry run pytest diff --git a/README.md b/README.md index 377a99ec..51b38af1 100644 --- a/README.md +++ b/README.md @@ -1,144 +1,12 @@ # pysonar-scanner -A wrapper around SonarScanner CLI, available on PyPI. +**DEPRECATION NOTICE:** -# Disclaimer +This application is no longer actively maintained and has been deprecated in favor of `pysonar`. `pysonar` offers a more Python-centric experience and support for newer versions of SonarQube. -This project is currently in beta and APIs are subject to change. -These changes include configuration parameter names. +**Please migrate to `pysonar` for all future usage.** -# Requirements - - - SonarQube v9.9 or higher - - Python 3.8 or above - -# Installation - -Install with pip: -``` -pip install pysonar-scanner -``` - -# Usage - -Once installed, the `pysonar-scanner` can be run from the command line to perform an analysis. -It assumes a running SonarQube server or a project configured on SonarCloud. - -## Setting up analysis properties - -In order for the analysis to run, analysis properties need to be defined. -There are multiple ways of providing these properties, described below in descending order of priority: - -* Through CLI arguments to the `pysonar-scanner` command -* Under the `[tool.sonar]` key of the `pyproject.toml` file -* Through common properties extracted from the `pyproject.toml` -* In a dedicated `sonar-project.properties` file -* Through environment variables - -### Through CLI arguments - -Analysis properties can be provided as CLI arguments to the `pysonar-scanner` command. -They follow the same convention as when running the SonarScanner CLI directly -(see [documentation](https://docs.sonarsource.com/sonarqube/9.9/analyzing-source-code/scanners/sonarscanner/#running-from-zip-file)). -This means that analysis properties provided that way should be prepended with `-D`, for instance: - -``` -$ pysonar-scanner -Dsonar.login=myAuthenticationToken -``` - -You can use all the argument allowed by __SonarScanner__. -For more information on __SonarScanner__ please refer to the [SonarScanner documentation](https://docs.sonarsource.com/sonarqube/9.9/analyzing-source-code/scanners/sonarscanner/) - -### With a pyproject.toml file - -Inside a `pyproject.toml`, Sonar analysis properties can be defined under the `tool.sonar` table. - -``` -[tool.sonar] -# must be unique in a given SonarQube/SonarCloud instance -projectKey=my:project - -# --- optional properties --- -# defaults to project key -#projectName=My project -# defaults to 'not provided' -#projectVersion=1.0 - -# Path is relative to the pyproject.toml file. Defaults to . -#sources=. - -# Encoding of the source code. Default is default system encoding -#sourceEncoding=UTF-8 -``` - -The configuration parameters can be found in the [SonarQube documentation](https://docs.sonarsource.com/sonarqube/9.9/analyzing-source-code/analysis-parameters/). - -In the `pyproject.toml` file the prefix `sonar.` for parameter keys should be omitted. -For example, `sonar.scm.provider` in the documentation will become `scm.provider` in the `pyproject.toml` file. - -By default, the scanner will expect the `pyproject.toml` file to be present in the current directory. -However, its path can be provided manually through the `toml.path` ([PYSCAN-40](https://sonarsource.atlassian.net/jira/software/c/projects/PYSCAN/issues/PYSCAN-40)) CLI argument as well as through the `sonar.projectHome` argument. For instance: - -``` -pysonar-scanner -Dtoml.path="path/to/pyproject.toml" -``` - -Or: - -``` -pysonar-scanner -Dsonar.projectHome="path/to/projectHome" -``` - - -### Through project properties extracted from the `pyproject.toml` - -When a `pyproject.toml` file is available, it is possible to set the `-read-project-config` flag -to allow the scanner to deduce analysis properties from the project configuration. - -This is currently supported only for projects using `poetry`. - -The Sonar scanner will then use the project name and version defined through Poetry, they won't have to be duplicated under a dedicated `tool.sonar` section. - -### With a sonar-project.properties file - -Exactly like [__SonarScanner__](https://docs.sonarsource.com/sonarqube/9.9/analyzing-source-code/scanners/sonarscanner/), -the analysis can also be configured with a `sonar-project.properties` file: - -``` -# must be unique in a given SonarQube/SonarCloud instance -sonar.projectKey=my:project - -# --- optional properties --- - -# defaults to project key -#sonar.projectName=My project -# defaults to 'not provided' -#sonar.projectVersion=1.0 - -# Path is relative to the sonar-project.properties file. Defaults to . -#sonar.sources=. - -# Encoding of the source code. Default is default system encoding -#sonar.sourceEncoding=UTF-8 -``` - -### Through environment variables - -It is also possible to define configure the scanner through environment variables: - -``` -$ export SONAR_HOST_URL="http://localhost:9000" -$ pysonar-scanner -``` - -See the __SonarScanner__ [documentation](https://docs.sonarsource.com/sonarqube/9.9/analyzing-source-code/scanners/sonarscanner/) for more information. - -# Installation from testPyPI - -To install the latest pre-released version of Sonar Scanner Python. Execute the following command: - -```shell -pip install --index-url https://test.pypi.org/simple/ --extra-index-url https://pypi.org/simple/ pysonar-scanner -``` +You can install it via pip: +`pip install pysonar` # License diff --git a/pyproject.toml b/pyproject.toml index cfa9a413..87a061bc 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -10,7 +10,7 @@ keywords = ['sonar', 'sonarqube', 'sonarcloud', 'cleancode'] license = 'LGPL-3.0-only' name = 'pysonar-scanner' readme = 'README.md' -version = "0.2.0" +version = "0.3.0" dynamic = ["dependencies"] [project.urls] diff --git a/sonar-project.properties b/sonar-project.properties index f0ec98cb..2ecf1995 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -1,5 +1,5 @@ sonar.projectKey=SonarSource_sonar-scanner-python -sonar.projectName=sonar-scanner-python +sonar.projectName=Python Scanner sonar.organization=sonarsource sonar.python.version=3.8,3.9,3.10,3.11,3.12 sonar.python.coverage.reportPaths=coverage.xml