Commit 529f10f4 authored by Guilhem Bonnefille's avatar Guilhem Bonnefille Committed by Gaëtan Montury
Browse files

Harmonize the arguments variables

parent 6fd8224a

.gitlab-ci.yml

+1 −0
Original line number Diff line number Diff line
@@ -20,3 +20,4 @@ include: 


variables:

  GITLAB_CI_FILES: "templates/gitlab-ci-python.yml"

  LYCHEE_EXTRA_OPTS: "--exclude https://docs.defectdojo.com/en/connecting_your_tools"
 
 No newline at end of file

README.md

+16 −10
Original line number Diff line number Diff line
@@ -155,8 +155,7 @@ It is bound to the `build` stage, and uses the following variables: 
| Input / Variable         | Description                        | Default value     |

| ------------------------ | ---------------------------------- | ----------------- |

| `pylint-enabled` / `PYLINT_ENABLED` | Set to `true` to enable the `pylint` job                  | _none_ (disabled) |

| `pylint-args` / `PYLINT_ARGS` | Additional [pylint CLI options](http://pylint.pycqa.org/en/latest/user_guide/run.html#command-line-options) |  _none_           |

| `pylint-files` / `PYLINT_FILES` | Files or directories to analyse   | _none_ (by default analyses all found python source files) |

| `pylint-args` / `PYLINT_ARGS` | Additional [pylint CLI options](http://pylint.pycqa.org/en/latest/user_guide/run.html#command-line-options) | `.`           |

| `pylint-severity` / `PYLINT_SEVERITY` | The minimum [pylint message level](https://pylint.readthedocs.io/en/latest/user_guide/messages/#messages-categories) that will fail the job (lower severity findings will appear as a non-failing warning) -  (one of: `fatal`, `error`, `warning`, `convention`, `refactor`, `any`) | `any` |



In addition to a textual report in the console, this job produces the following reports, kept for one day:
@@ -166,6 +165,9 @@ In addition to a textual report in the console, this job produces the following 
| `$PYTHON_PROJECT_DIR/reports/py-lint.codeclimate.json` | [Code Climate](https://github.com/codeclimate/platform/blob/master/spec/analyzers/SPEC.md#data-types) | [GitLab integration](https://docs.gitlab.com/ci/yaml/artifacts_reports/#artifactsreportscodequality) |

| `$PYTHON_PROJECT_DIR/reports/py-lint.parseable.txt` | [parseable](https://pylint.pycqa.org/en/latest/user_guide/usage/output.html) | [SonarQube integration](https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/importing-external-issues/external-analyzer-reports/) |



:warning:  The input `pylint-files` / `PYLINT_FILES` was removed since version 9.0.0. If you were using this, merge it into `pylint-args` / `PYLINT_ARGS`





### Test jobs



The Python template features four alternative test jobs:
@@ -353,6 +355,7 @@ This job **disabled by default** and runs [black](https://black.readthedocs.io) 
| Input / Variable | Description                                                             | Default value     |

| ---------------- | ----------------------------------------------------------------------- | ----------------- |

| `black-enabled` / `PYTHON_BLACK_ENABLED` | Set to `true` to enable black job               | _none_ (disabled) |

| `black-args` / `PYTHON_BLACK_ARGS`     | [black options and arguments](https://black.readthedocs.io/en/stable/usage_and_configuration/the_basics.html) | `--diff .` |



When `black` detects malformed code, the result is displayed in the job's output log (as a diff).
@@ -363,6 +366,7 @@ This job **disabled by default** and runs [isort](https://pycqa.github.io/isort/ 
| Input / Variable | Description                                                             | Default value     |

| ---------------- | ----------------------------------------------------------------------- | ----------------- |

| `isort-enabled` / `PYTHON_ISORT_ENABLED` | Set to `true` to enable isort job               | _none_ (disabled) |

| `isort-args` / `PYTHON_ISORT_ARGS`       | Additional [Isort options](https://pycqa.github.io/isort/docs/configuration/options.html) | `.` |



### `py-ruff` job
@@ -402,8 +406,7 @@ It is bound to the `build` stage, and uses the following variables: 
| Input / Variable         | Description                        | Default value     |

| ------------------------ | ---------------------------------- | ----------------- |

| `mypy-enabled` / `MYPY_ENABLED` | Set to `true` to enable the `mypy` job                  | _none_ (disabled) |

| `mypy-args` / `MYPY_ARGS` | Additional [mypy CLI options](https://mypy.readthedocs.io/en/stable/command_line.html) | _none_           |

| `mypy-files` / `MYPY_FILES` | Files or directories to analyse   | _none_ (by default analyses all found python source files) |

| `mypy-args` / `MYPY_ARGS` | Additional [mypy CLI options](https://mypy.readthedocs.io/en/stable/command_line.html) | `--exclude /.cache/ --exclude /.venv/ .` |



In addition to a textual report in the console, this job produces the following reports, kept for one day:
@@ -412,6 +415,8 @@ In addition to a textual report in the console, this job produces the following 
| `$PYTHON_PROJECT_DIR/reports/py-mypy.codeclimate.json` | [Code Climate](https://github.com/soul-catcher/mypy-gitlab-code-quality) | [GitLab integration](https://docs.gitlab.com/ci/yaml/artifacts_reports/#artifactsreportscodequality) |

| `$PYTHON_PROJECT_DIR/reports/py-mypy.console.txt` | [mypy console output](https://mypy.readthedocs.io/) | [SonarQube integration](https://docs.sonarsource.com/sonarqube-server/analyzing-source-code/importing-external-issues/external-analyzer-reports/) |



:warning:  The input `mypy-files` / `MYPY_FILES` was removed since version 9.0.0. If you were using this, merge it into `mypy-args` / `MYPY_ARGS`



#### `py-basedpyright` job



This job is **disabled by default** and performs type checking based on [basedpyright](https://docs.basedpyright.com/) (a fork of Microsoft's pyright).
@@ -516,12 +521,13 @@ The publish job is bound to the `publish` stage, is executed on a Git tag matchi 


| Input / Variable        | Description                                                             | Default value     |

| ----------------------- | ----------------------------------------------------------------------- | ----------------- |

| `package-enabled` / `PYTHON_PACKAGE_ENABLED`| Set to `true` to enable the build job                                 | `false` (disabled) |

| `publish-enabled` / `PYTHON_PUBLISH_ENABLED`| Set to `true` to enable the publish job                                 | _none_ (disabled) |

| `repository-url` / `PYTHON_REPOSITORY_URL`| Target PyPI repository to publish packages                              | _[GitLab project's PyPI packages repository](https://docs.gitlab.com/user/packages/pypi_repository/)_ |

| :lock: `PYTHON_REPOSITORY_USERNAME`| Target PyPI repository username credential                              | `gitlab-ci-token` |

| :lock: `PYTHON_REPOSITORY_PASSWORD`| Target PyPI repository password credential                              | `$CI_JOB_TOKEN` |



For information on building recommandations look [`py-package`](/README.md#py-package-job).

For information on building recommandations look [`py-package`](README.md#py-package-job).



#### Setuptools tip
@@ -756,9 +762,9 @@ The variant *requires* the additional configuration parameters: 
| Input / Variable                              | Description                                                                                                           | Default value                                                         |

| --------------------------------------------- | --------------------------------------------------------------------------------------------------------------------- | --------------------------------------------------------------------- |

| `TBC_AWS_PROVIDER_IMAGE`                      | The [AWS Auth Provider](https://gitlab.com/to-be-continuous/tools/aws-auth-provider) image to use (can be overridden) | `registry.gitlab.com/to-be-continuous/tools/aws-auth-provider:latest` |

| `aws-region` / `AWS_REGION`                   | Default region (where the Codeartifact repository is located)                                                         | _none_                                                                |

| `aws-codeartifact-domain` / `AWS_CODEARTIFACT_DOMAIN` | The CodeArtifact domain name                                                                                       | _none_                                                                |

| `aws-codeartifact-domain-owner` / `AWS_CODEARTIFACT_DOMAIN_OWNER` | The CodeArtifact domain owner account ID                                                                      | _none_                                                                |

| `aws-region` / `AWS_REGION`                   | Default region (where the CodeArtifact repository is located)                                                         | _none_                                                                |

| `aws-codeartifact-domain` / `AWS_CODEARTIFACT_DOMAIN` | AWS CodeArtifact domain name                                                                                       | _none_                                                                |

| `aws-codeartifact-domain-owner` / `AWS_CODEARTIFACT_DOMAIN_OWNER` | AWS  CodeArtifact domain owner account ID                                                                      | _none_                                                                |

| `aws-codeartifact-repository` / `AWS_CODEARTIFACT_REPOSITORY` | The CodeArtifact repository name                                                                                 | _none_                                                                |



##### OIDC authentication config

kicker.json

+36 −27
Original line number Diff line number Diff line
@@ -67,7 +67,7 @@ 
    },

    {

      "id":"publish",

      "name":"publish",

      "name":"Publish Package",

      "description":"This job allows publishing the built packages to a PyPI compatible repository ([GitLab packages](https://docs.gitlab.com/user/packages/pypi_repository/) by default.",

      "enable_with": "PYTHON_PUBLISH_ENABLED"

    },
@@ -79,12 +79,8 @@ 
      "variables": [

        {

          "name": "PYLINT_ARGS",

          "description": "Additional [pylint CLI options](http://pylint.pycqa.org/en/latest/user_guide/run.html#command-line-options)",

          "advanced": true

        },

        {

          "name": "PYLINT_FILES",

          "description": "Files or directories to analyse",

          "description": "[pylint CLI options and arguments](http://pylint.pycqa.org/en/latest/user_guide/run.html#command-line-options)",

          "default": ".",

          "advanced": true

        },

        {
@@ -209,7 +205,7 @@ 
      "variables": [

        {

          "name": "PYTHON_AUTO_RELEASE_ENABLED",

          "description": "When set the job start automatically. When not set (default), the job is manual. Note that this behavior also depends on release-enabled being set.",

          "description": "When set the job start automatically on production branch. When not set (default), the job is manual. Note that this behavior also depends on release-enabled being set.",

          "type": "boolean",

          "advanced": true

        },
@@ -282,18 +278,34 @@ 
      "id": "black",

      "name": "black",

      "description": "Code formatting based on [black](https://black.readthedocs.io)",

      "enable_with": "PYTHON_BLACK_ENABLED"

      "enable_with": "PYTHON_BLACK_ENABLED",

      "variables": [

        {

          "name": "PYTHON_BLACK_ARGS",

          "description": "[black options and arguments](https://black.readthedocs.io/en/stable/usage_and_configuration/the_basics.html)",

          "default": "--diff .",

          "advanced": true

        }

      ]

    },

    {

      "id": "isort",

      "name": "isort",

      "description": "Check imports order with [isort](https://pycqa.github.io/isort)",

      "enable_with": "PYTHON_ISORT_ENABLED"

      "enable_with": "PYTHON_ISORT_ENABLED",

      "variables": [

        {

          "name": "PYTHON_ISORT_ARGS",

          "description": "Additional [Isort options](https://pycqa.github.io/isort/docs/configuration/options.html)",

          "default": ".",

          "advanced": true

        }

      ]

    },

    {

      "id": "ruff",

      "name": "Ruff",

      "description": "An extremely fast Python linter and code formatter, written in Rust. [Ruff](https://docs.astral.sh/ruff/)",

      "name": "Ruff check",

      "description": "Enable code linting with Ruff. [Ruff](https://docs.astral.sh/ruff/)",

      "enable_with": "RUFF_ENABLED",

      "variables": [

        {
@@ -305,8 +317,8 @@ 
    },

    {

      "id": "ruff-format",

      "name": "Ruff Format",

      "description": "An extremely fast Python linter and code formatter, written in Rust. [Ruff](https://docs.astral.sh/ruff/)",

      "name": "Ruff format",

      "description": "Enable code formatting with Ruff. [Ruff](https://docs.astral.sh/ruff/)",

      "enable_with": "RUFF_FORMAT_ENABLED",

      "variables": [

      ]
@@ -314,17 +326,13 @@ 
    {

      "id": "mypy",

      "name": "mypy",

      "description": "Code analysis based on [mypy](https://mypy.readthedocs.io/).",

      "description": "Code analysis based on [mypy](https://mypy.readthedocs.io/)",

      "enable_with": "MYPY_ENABLED",

      "variables": [

        {

          "name": "MYPY_ARGS",

          "description": "Additional [mypy CLI options](https://mypy.readthedocs.io/en/stable/command_line.html)",

          "advanced": true

        },

        {

          "name": "MYPY_FILES",

          "description": "Files or directories to analyse",

          "description": "[mypy CLI options and arguments](https://mypy.readthedocs.io/en/stable/command_line.html)",

          "default": "--exclude /.cache/ --exclude /.venv/ .",

          "advanced": true

        }

      ]
@@ -423,7 +431,7 @@ 
        },

        {

          "name": "AWS_REGION",

          "description": "Default region (where the codeartifact repository is located)"

          "description": "Default region (where the CodeArtifact repository is located)"

        },

        {

          "name": "AWS_OIDC_AUD",
@@ -449,20 +457,21 @@ 
        },

        {

          "name": "AWS_CODEARTIFACT_DOMAIN",

          "description": "The AWS CodeArtifact domain",

          "description": "AWS CodeArtifact domain",

          "mandatory": true

        },

        {

          "name": "AWS_CODEARTIFACT_DOMAIN_OWNER",

          "description": "The AWS CodeArtifact domain owner",

          "description": "AWS CodeArtifact domain owner",

          "mandatory": true

        },

        {

          "name": "AWS_CODEARTIFACT_REPOSITORY",

          "description": "The AWS CodeArtifact repository",

          "description": "AWS CodeArtifact repository name",

          "mandatory": true

        }

      ]

    }

  ]

}

templates/gitlab-ci-python-aws-codeartifact.yml

+1 −1
Original line number Diff line number Diff line
@@ -13,7 +13,7 @@ spec: 
      description: AWS CodeArtifact repository name

      default: ''

    aws-region:

      description: Default region (where the Codeartifact registry is located)

      description: Default region (where the CodeArtifact repository is located)

      default: ''

    aws-oidc-aud:

      description: The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/aws/))_

templates/gitlab-ci-python-gcp.yml

+1 −1
Original line number Diff line number Diff line
@@ -5,7 +5,7 @@ 
spec:

  inputs:

    gcp-oidc-aud:

      description: The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/google_cloud/)))_

      description: The `aud` claim for the JWT token _(only required for [OIDC authentication](https://docs.gitlab.com/ci/cloud_services/google_cloud/))_

      default: $CI_SERVER_URL

    gcp-oidc-account:

      description: Default Service Account to which impersonate with OpenID Connect authentication