Use setuptools for plugin mechanism.

.github/workflows/publish.yaml

@@ -10,6 +10,11 @@ jobs:
   build-n-publish:
     name: Build and publish Python 🐍 distributions 📦 to PyPI and TestPyPI
     runs-on: ubuntu-latest
+    environment:
+      name: pypi
+      url: https://pypi.org/p/statick-tooling
+    permissions:
+      id-token: write
 
     steps:
       - uses: actions/checkout@v3
@@ -18,47 +23,12 @@ jobs:
         uses: actions/setup-python@v4
         with:
           python-version: '3.11'
-
-      - uses: actions/cache@v3
-        if: startsWith(runner.os, 'Linux')
-        with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
-          restore-keys: |
-            ${{ runner.os }}-pip-
-
-      - uses: actions/cache@v3
-        if: startsWith(runner.os, 'macOS')
-        with:
-          path: ~/Library/Caches/pip
-          key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
-          restore-keys: |
-            ${{ runner.os }}-pip-
-
-      - uses: actions/cache@v3
-        if: startsWith(runner.os, 'Windows')
-        with:
-          path: ~\AppData\Local\pip\Cache
-          key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
-          restore-keys: |
-            ${{ runner.os }}-pip-
-
-      - name: Install tools
-        run: |
-          python -m pip install --upgrade setuptools
-          python -m pip install --upgrade wheel
+          cache: 'pip'
 
       - name: Build a binary wheel and a source tarball
         run: |
-          python setup.py sdist bdist_wheel
-
-      - name: Publish distribution 📦 to Test PyPI
-        uses: pypa/gh-action-pypi-publish@release/v1
-        with:
-          password: ${{ secrets.PYPI_TEST_TOKEN }}
-          repository_url: https://test.pypi.org/legacy/
+          pip install -q build
+          python -m build
 
       - name: Publish distribution 📦 to PyPI
         uses: pypa/gh-action-pypi-publish@release/v1
-        with:
-          password: ${{ secrets.PYPI_TOKEN }}

.github/workflows/tests.yaml

@@ -8,77 +8,43 @@ on:  # NOLINT
     - cron: '0 10 * * MON'
   workflow_dispatch:
 
-
 jobs:
   build:
 
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        os: [macos-latest, ubuntu-20.04, ubuntu-22.04, windows-latest]
-        python-version: ['3.8', '3.9', '3.10', '3.11']
+        os: [macos-latest, ubuntu-20.04, ubuntu-22.04, ubuntu-24.04, windows-latest]
+        python-version: ['3.9', '3.10', '3.11', '3.12', '3.13']
 
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: Set up Python ${{ matrix.python-version }}
-        uses: actions/setup-python@v4
+        uses: actions/setup-python@v5
         with:
           python-version: ${{ matrix.python-version }}
+          cache: 'pip'
 
-      - uses: actions/setup-node@v3
-        with:
-          node-version: '16'
-
-      - uses: actions/cache@v3
-        if: startsWith(runner.os, 'Linux')
-        with:
-          path: ~/.cache/pip
-          key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
-          restore-keys: |
-            ${{ runner.os }}-pip-
-
-      - uses: actions/cache@v3
-        if: startsWith(runner.os, 'macOS')
-        with:
-          path: ~/Library/Caches/pip
-          key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
-          restore-keys: |
-            ${{ runner.os }}-pip-
-
-      - uses: actions/cache@v3
-        if: startsWith(runner.os, 'Windows')
+      - uses: actions/setup-node@v4
         with:
-          path: ~\AppData\Local\pip\Cache
-          key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
-          restore-keys: |
-            ${{ runner.os }}-pip-
+          node-version: '20'
 
       - name: Install dependencies
         run: |
-          python -m pip install --upgrade pip
-          python -m pip install --upgrade setuptools
-          python -m pip install --upgrade wheel
-          python -m pip install --upgrade coverage
-          python -m pip install --upgrade mypy
-          python -m pip install --upgrade statick
-          python -m pip install --upgrade statick-md
-          python -m pip install --upgrade tox
-          python -m pip install --upgrade tox-gh-actions
-          python -m pip install --upgrade virtualenv
-          python -m pip install -r requirements.txt
+          pip install --upgrade pip
+          pip install .[docs,test]
 
-      # Have to install newer version from non-apt source due to SSL library compatibility issues.
-      - name: Install Node and node-based tools (Linux)
-        if: matrix.os == 'ubuntu-20.04' || matrix.os == 'ubuntu-22.04'
+      - name: Install Node-based tools (Linux)
+        if: runner.os == 'Linux'
         run: |
           npm install -g markdownlint-cli
           npm install -g dockerfilelint
           npm install -g dockerfile_lint
 
       # Do not install on macos until there is a hadolint release for macos (Darwin on arm64 architecture).
       - name: Install Hadolint binary (github)
-        if: matrix.os == 'ubuntu-20.04' || matrix.os == 'ubuntu-22.04' || matrix.os == 'windows-latest'
+        if: runner.os == 'Linux' || runner.os == 'Windows'
         run: |
           mkdir -p $HOME/.local/bin
           echo "$HOME/.local/bin" >> $GITHUB_PATH
@@ -87,7 +53,7 @@ jobs:
           mv hadolint $HOME/.local/bin/
 
       - name: Install Hadolint docker image (Linux)
-        if: matrix.os == 'ubuntu-20.04' || matrix.os == 'ubuntu-22.04'
+        if: runner.os == 'Linux'
         run: |
           docker pull hadolint/hadolint:latest
 
@@ -105,12 +71,12 @@ jobs:
           fail_ci_if_error: false
 
       - name: Statick Documentation
-        if: matrix.os == 'ubuntu-20.04' || matrix.os == 'ubuntu-22.04'
+        if: runner.os == 'Linux'
         run: |
           statick . --check --user-paths . --profile documentation.yaml
 
       - name: Self check
-        if: matrix.os == 'ubuntu-20.04' || matrix.os == 'ubuntu-22.04'
+        if: runner.os == 'Linux'
         run: |
           mkdir statick-output
           statick . --output-directory statick-output --check --profile self_check.yaml

CHANGELOG.md

@@ -6,6 +6,25 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/)
 
 ## Unreleased
 
+### Added
+
+- Support for Python 3.12 and 3.13.
+- Use of `pyproject.toml` instead of `setup.py` and `requirements.txt`.
+- Supports new plugin discovery mechanism for the main Statick tool.
+  - Switched from yapsy to setuptools for plugin mechanism. (sscpac/statick#508)
+
+### Changed
+
+- Disabled code coverage requirements in CI for now.
+  - Unable to get line coverage working with new plugin mechanism.
+    Unit tests still work to find problems.
+- Updated README to use more modern approach to installing Python and NPM packages.
+- Rename plugin modules so they are shorter and less redundant.
+
+### Removed
+
+- No longer support Python 3.8.
+
 ## v0.2.0 - 2025-01-03
 
 ### Added

README.md

@@ -17,32 +17,55 @@ Custom exceptions can be applied the same way they are with [Statick exceptions]
 
 ## Table of Contents
 
-* [Installation](#installation)
-* [Usage](#usage)
-* [Existing Plugins](#existing-plugins)
-  * [Discovery Plugins](#discovery-plugins)
-  * [Tool Plugins](#tool-plugins)
-* [Contributing](#contributing)
-  * [Mypy](#mypy)
-  * [Formatting](#formatting)
+- [Statick Tooling Plugins](#statick-tooling-plugins)
+  - [Table of Contents](#table-of-contents)
+  - [Installation](#installation)
+  - [Usage](#usage)
+    - [Pip Install](#pip-install)
+    - [Pip Install and Custom Configuration](#pip-install-and-custom-configuration)
+    - [Source Install and Custom Configuration](#source-install-and-custom-configuration)
+  - [Existing Plugins](#existing-plugins)
+    - [Discovery Plugins](#discovery-plugins)
+    - [Tool Plugins](#tool-plugins)
+  - [Contributing](#contributing)
+    - [Mypy](#mypy)
+    - [Formatting](#formatting)
 
 ## Installation
 
 The recommended method to install these Statick plugins is via pip:
 
 ```shell
-python3 -m pip install statick-tooling
+pip install statick-tooling
 ```
 
 You can also clone the repository and use it locally.
 
 ## Usage
 
-Make sure you install all the dependencies from apt/npm:
+Make sure you install all the dependencies from apt/npm.
+See <https://github.com/nodesource/distributions> for Node/npm installation instructions.
+
+Configure npm to allow a non-root user to install packages.
+
+```shell
+npm config set prefix '~/.local/'
+```
+
+Make sure `~/.local/bin` exists.
+Check your `PATH` with `echo $PATH`.
+If `~/.local/bin` is not listed then add it to your `PATH`.
+
+```shell
+mkdir -p ~/.local/bin
+echo 'export PATH="$HOME/.local/bin/:$PATH"' >> ~/.bashrc
+```
+
+Install npm packages.
 
 ```shell
-cat install.txt | xargs sudo apt-get install -y
-cat npm-deps.txt | xargs sudo npm install -g
+npm install -g dockerfilelint
+npm install -g dockerfile_lint
 ```
 
 ### Pip Install

pyproject.toml

@@ -0,0 +1,66 @@
+[build-system]
+requires = ["setuptools", "wheel"]
+build-backend = "setuptools.build_meta"
+
+[project]
+name = "statick-tooling"
+authors = [{name = "NIWC Pacific"}]
+description="Statick analysis plugins for Tooling files."
+version = "0.2.0"
+readme = "README.md"
+requires-python = ">=3.9"
+license = {text = "CC0-1.0"}
+classifiers = [
+    "License :: CC0 1.0 Universal (CC0 1.0) Public Domain Dedication",
+    "Programming Language :: Python :: 3",
+    "Programming Language :: Python :: 3.9",
+    "Programming Language :: Python :: 3.10",
+    "Programming Language :: Python :: 3.11",
+    "Programming Language :: Python :: 3.12",
+    "Programming Language :: Python :: 3.13",
+    "Topic :: Software Development :: Quality Assurance",
+    "Topic :: Software Development :: Testing",
+    "Typing :: Typed",
+]
+
+dependencies = [
+    "importlib_metadata",
+    "statick",
+    "types-docutils",
+]
+
+[tool.setuptools.package-data]
+statick_tool = [
+    "rsc/*",
+    "rsc/.*",
+]
+
+[project.entry-points."statick_tool.plugins.discovery"]
+dockerfile = "statick_tool.plugins.discovery.dockerfile:DockerfileDiscoveryPlugin"
+
+[project.entry-points."statick_tool.plugins.tool"]
+dockerfile-lint = "statick_tool.plugins.tool.dockerfile_lint:DockerfileULintToolPlugin"
+dockerfilelint = "statick_tool.plugins.tool.dockerfilelint:DockerfileLintToolPlugin"
+hadolint = "statick_tool.plugins.tool.hadolint:HadolintToolPlugin"
+
+[project.urls]
+"Homepage" = "https://github.com/sscpac/statick-tooling"
+"Bug Tracker" = "https://github.com/sscpac/statick-tooling/issues"
+
+[project.optional-dependencies]
+test = [
+    "coverage",
+    "mock",
+    "pytest",
+    "pytest-cov",
+    "statick-md@git+https://github.com/tdenewiler/statick-md@stdlib-plugins",
+    "tox",
+    "tox-gh-actions",
+]
+docs = [
+    "sphinx==1.7.9",
+    "yaml-1.3",
+]
+
+[tool.isort]
+profile = "black"