Statick analysis plugins for Tooling files.
This project has been archived.
The maintainers of this project have marked this project as archived. No new releases are expected.
Project description
Statick Tooling Plugins
This is a set of plugins for Statick that will discover tooling related files and perform static analysis on those files.
Custom exceptions can be applied the same way they are with Statick exceptions.
Table of Contents
Installation
The recommended method to install these Statick plugins is via pip:
pip install statick-tooling
You can also clone the repository and use it locally.
Usage
Make sure you install all the dependencies from apt/npm. See https://github.com/nodesource/distributions for Node/npm installation instructions.
Configure npm to allow a non-root user to install packages.
npm config set prefix '~/.local/'
Make sure ~/.local/bin exists.
Check your PATH with echo $PATH.
If ~/.local/bin is not listed then add it to your PATH.
mkdir -p ~/.local/bin
echo 'export PATH="$HOME/.local/bin/:$PATH"' >> ~/.bashrc
Install npm packages.
npm install -g dockerfilelint
npm install -g dockerfile_lint
Pip Install
The most common usage is to use statick and statick-tooling from pip. In that case your directory structure will look like the following:
project-root
|- tooling-project
|- statick-config
To run with the default configuration for the statick-tooling tools use:
statick tooling-project/ --output-directory statick-output/ --profile tooling-profile.yaml
Pip Install and Custom Configuration
There are times when you will want to have a custom Statick configuration. This is usually done to run a different set of tools than are called out in the default profile, or to add exceptions. For this case you will have to add the new Statick configuration somewhere. This example will have custom exceptions in the tooling-project, such that the directory structure is:
project-root
|- tooling-project
|- statick-config
|- rsc
|- exceptions.yaml
|- statick-output
For this setup you will run the following:
statick tooling-project/ --output-directory statick-output/ --user-paths tooling-project/statick-config/ --profile tooling-profile.yaml
Source Install and Custom Configuration
The last type of setup will be to have all of the tools available from cloning repositories, not installing from pip. The directory structure will look like:
project-root
|- tooling-project
|- statick-config
|- rsc
|- exceptions.yaml
|- statick-output
|- statick
|- statick-tooling
Using the example where we want to override the default exceptions with custom ones in the tooling-project, the command to run would be:
./statick/statick tooling-project/ --output-directory statick-output/ --user-paths statick-tooling/,tooling-project/statick-config/ --profile tooling-profile.yaml
Existing Plugins
Discovery Plugins
Note that if a file exists without the extension listed it can still be discovered if the file command identifies it
as a specific file type.
This type of discovery must be supported by the discovery plugin and only works on operating systems where the file
command exists.
| File Type | Extensions |
|---|---|
| dockerfile | Dockerfile* |
Tool Plugins
| Tool | About |
|---|---|
| dockerfilelint | A rule based 'linter' for Dockerfiles. |
| dockerfile-lint | A rule based 'linter' for Dockerfiles. |
| hadolint | Dockerfile linter, validate inline bash, written in Haskell. |
Contributing
If you write a new feature for Statick or are fixing a bug, you are strongly encouraged to add unit tests for your contribution. In particular, it is much easier to test whether a bug is fixed (and identify future regressions) if you can add a small unit test which replicates the bug.
Before submitting a change, please run tox to check that you have not introduced any regressions or violated any code style guidelines.
Mypy
Statick Tooling uses mypy to check that type hints are being followed properly. Type hints are described in PEP 484 and allow for static typing in Python. To determine if proper types are being used in Statick Tooling the following command will show any errors, and create several types of reports that can be viewed with a text editor or web browser.
python3 -m pip install mypy
mkdir report
mypy --ignore-missing-imports --strict --html-report report/ --txt-report report src
It is hoped that in the future we will generate coverage reports from mypy and use those to check for regressions.
Formatting
Statick code is formatted using black. To fix locally use
python3 -m pip install black
black src tests
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file statick_tooling-0.3.0.tar.gz.
File metadata
- Download URL: statick_tooling-0.3.0.tar.gz
- Upload date:
- Size: 13.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.0.1 CPython/3.12.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
9e716133a35df77c49b7f0e95b112ace24539f0b9c955372050bd4cf8b3e4a64
|
|
| MD5 |
5476f1fa26cdaf4688788ac793cce797
|
|
| BLAKE2b-256 |
a1bad13e27e8ba99cb322bf2d185c6fc93d0e48af77af64d9c54811113daa23a
|
File details
Details for the file statick_tooling-0.3.0-py3-none-any.whl.
File metadata
- Download URL: statick_tooling-0.3.0-py3-none-any.whl
- Upload date:
- Size: 14.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.0.1 CPython/3.12.8
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
2736cb567d846bff30c3b85ea191d692bbe702a53e695d66b32cc3bba1b14548
|
|
| MD5 |
679c9a37fd20a1e8bb1dfb3c21f7be84
|
|
| BLAKE2b-256 |
5a76b228e07e957a5c4f290f3c1752fbc8282d5edba243c21816007b20e8f947
|
