PyPI - mcp-dbutils - Versions diffs - 0.12.0__tar.gz → 0.14.0__tar.gz - Mend

mcp-dbutils 0.12.0tar.gz → 0.14.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (52) hide show

mcp_dbutils-0.14.0/.github/workflows/quality-assurance.yml ADDED Viewed

@@ -0,0 +1,266 @@
+name: Quality Assurance
+# 添加明确的权限声明
+permissions:
+  contents: read
+  pull-requests: write  # 允许创建PR评论
+  issues: write         # 允许创建issue评论
+  checks: write         # 允许更新检查状态
+on:
+  push:
+    branches: [ main ]
+  pull_request:
+    branches: [ main ]
+jobs:
+  pytest:
+    runs-on: ubuntu-latest
+    services:
+      postgres:
+        image: postgres:15-alpine
+        env:
+          POSTGRES_PASSWORD: postgres
+        ports:
+          - 5432:5432
+        options: >-
+          --health-cmd pg_isready
+          --health-interval 10s
+          --health-timeout 5s
+          --health-retries 5
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install uv
+        uses: astral-sh/setup-uv@v4
+      - name: Set up Python
+        run: uv python install
+      - name: Create and activate venv
+        run: |
+          uv venv
+          . .venv/bin/activate
+      - name: Install dependencies
+        run: uv pip install -e ".[test]"
+      - name: Run tests with coverage
+        id: tests
+        run: |
+          uv run pytest \
+            -v \
+            --cov=src/mcp_dbutils \
+            --cov-report=html \
+            --cov-report=term-missing \
+            --cov-report=json:coverage.json \
+            --cov-report=xml:coverage.xml \
+            tests/
+      - name: Upload coverage report
+        uses: actions/upload-artifact@v4
+        with:
+          name: coverage-report
+          path: coverage.xml
+      - name: Calculate coverage percentage
+        id: calc_coverage
+        run: |
+          COVERAGE=$(jq -r '.totals.percent_covered' coverage.json)
+          echo "Coverage: $COVERAGE"
+          echo "percentage=${COVERAGE%.*}" >> $GITHUB_OUTPUT
+          if (( $(echo "$COVERAGE >= 90" | bc -l) )); then
+            echo "color=green" >> $GITHUB_OUTPUT
+          elif (( $(echo "$COVERAGE >= 80" | bc -l) )); then
+            echo "color=yellow" >> $GITHUB_OUTPUT
+          else
+            echo "color=red" >> $GITHUB_OUTPUT
+          fi
+      - name: Create Coverage Badge
+        uses: schneegans/dynamic-badges-action@v1.7.0
+        with:
+          auth: ${{ secrets.GIST_SECRET }}
+          gistID: bdd0a63ec2a816539ff8c136ceb41e48
+          filename: coverage.json
+          label: "coverage"
+          message: "${{ steps.calc_coverage.outputs.percentage }}%"
+          color: "${{ steps.calc_coverage.outputs.color }}"
+          namedLogo: python
+  sonarcloud:
+    name: SonarCloud
+    needs: pytest
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+      - name: Download coverage report
+        uses: actions/download-artifact@v4
+        with:
+          name: coverage-report
+      - name: SonarCloud Scan
+        uses: SonarSource/sonarqube-scan-action@v5.0.0
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      - name: SonarQube Quality Gate Check
+        uses: sonarsource/sonarqube-quality-gate-action@master
+        timeout-minutes: 5
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+        with:
+          scanMetadataReportFile: .scannerwork/report-task.txt
+      - name: SonarCloud PR Comment
+        if: github.event_name == 'pull_request'
+        uses: actions/github-script@v6
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_PROJECT_KEY: 'donghao1393_mcp-dbutils'
+        with:
+          script: |
+            const fs = require('fs');
+            // 读取质量门禁结果
+            let qualityGateStatus = 'Unknown';
+            try {
+              const reportTaskContent = fs.readFileSync('.scannerwork/report-task.txt', 'utf8');
+              const ceTaskIdMatch = reportTaskContent.match(/ceTaskId=(.+)/);
+              if (ceTaskIdMatch && ceTaskIdMatch[1]) {
+                const ceTaskId = ceTaskIdMatch[1];
+                // 等待分析完成
+                let analysisComplete = false;
+                let retries = 0;
+                while (!analysisComplete && retries < 10) {
+                  const ceTaskResponse = await fetch(
+                    `https://sonarcloud.io/api/ce/task?id=${ceTaskId}`,
+                    { headers: { Authorization: `Bearer ${process.env.SONAR_TOKEN}` } }
+                  ).then(res => res.json());
+                  if (ceTaskResponse.task && ceTaskResponse.task.status === 'SUCCESS') {
+                    analysisComplete = true;
+                  } else {
+                    retries++;
+                    await new Promise(resolve => setTimeout(resolve, 5000)); // 等待5秒
+                  }
+                }
+              }
+            } catch (error) {
+              console.error('Error reading report task file:', error);
+            }
+            // 获取SonarCloud分析结果
+            const projectKey = process.env.SONAR_PROJECT_KEY;
+            const sonarResponse = await fetch(
+              `https://sonarcloud.io/api/measures/component?component=${projectKey}&metricKeys=bugs,vulnerabilities,code_smells,coverage,duplicated_lines_density`,
+              { headers: { Authorization: `Bearer ${process.env.SONAR_TOKEN}` } }
+            ).then(res => res.json());
+            // 解析结果
+            let coverage = 'N/A';
+            let bugs = 'N/A';
+            let vulnerabilities = 'N/A';
+            let codeSmells = 'N/A';
+            let duplication = 'N/A';
+            if (sonarResponse && sonarResponse.component && sonarResponse.component.measures) {
+              const measures = sonarResponse.component.measures;
+              for (const measure of measures) {
+                switch (measure.metric) {
+                  case 'coverage':
+                    coverage = `${parseFloat(measure.value).toFixed(2)}%`;
+                    break;
+                  case 'bugs':
+                    bugs = measure.value;
+                    break;
+                  case 'vulnerabilities':
+                    vulnerabilities = measure.value;
+                    break;
+                  case 'code_smells':
+                    codeSmells = measure.value;
+                    break;
+                  case 'duplicated_lines_density':
+                    duplication = `${parseFloat(measure.value).toFixed(2)}%`;
+                    break;
+                }
+              }
+            }
+            // 获取质量门禁状态
+            const qualityGateResponse = await fetch(
+              `https://sonarcloud.io/api/qualitygates/project_status?projectKey=${projectKey}`,
+              { headers: { Authorization: `Bearer ${process.env.SONAR_TOKEN}` } }
+            ).then(res => res.json());
+            if (qualityGateResponse && qualityGateResponse.projectStatus) {
+              qualityGateStatus = qualityGateResponse.projectStatus.status === 'OK' ? '✅ Passed' : '❌ Failed';
+            }
+            // 计算总问题数
+            const totalIssues = parseInt(bugs || 0) + parseInt(vulnerabilities || 0) + parseInt(codeSmells || 0);
+            // 生成评论内容
+            let recommendations = [];
+            if (parseInt(bugs) > 0) recommendations.push('- Fix identified bugs to improve code reliability');
+            if (parseInt(vulnerabilities) > 0) recommendations.push('- Address security vulnerabilities to enhance application security');
+            if (parseInt(codeSmells) > 5) recommendations.push('- Refactor code to reduce code smells and improve maintainability');
+            if (parseFloat(coverage) < 80) recommendations.push('- Increase test coverage to meet the 80% minimum requirement');
+            if (parseFloat(duplication) > 3) recommendations.push('- Reduce code duplication to improve maintainability');
+            const comment = [
+              '## SonarCloud Analysis Results',
+              '',
+              '### Summary',
+              `- **Quality Gate**: ${qualityGateStatus}`,
+              `- **Coverage**: ${coverage}`,
+              `- **Total Issues**: ${totalIssues}`,
+              `- **Code Duplication**: ${duplication}`,
+              '',
+              '### Details',
+              `- **Code Smells**: ${codeSmells}`,
+              `- **Bugs**: ${bugs}`,
+              `- **Security Vulnerabilities**: ${vulnerabilities}`,
+              '',
+              '### Recommendations',
+              ...recommendations,
+              '',
+              `[View full report on SonarCloud](https://sonarcloud.io/dashboard?id=${projectKey})`
+            ].join('\n');
+            // 发布或更新PR评论
+            const { data: comments } = await github.rest.issues.listComments({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              issue_number: context.issue.number,
+            });
+            const botComment = comments.find(comment =>
+              comment.user.login === 'github-actions[bot]' &&
+              comment.body.includes('SonarCloud Analysis Results')
+            );
+            if (botComment) {
+              await github.rest.issues.updateComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                comment_id: botComment.id,
+                body: comment,
+              });
+              console.log('Updated existing SonarCloud comment');
+            } else {
+              await github.rest.issues.createComment({
+                owner: context.repo.owner,
+                repo: context.repo.repo,
+                issue_number: context.issue.number,
+                body: comment,
+              });
+              console.log('Created new SonarCloud comment');
+            }

{mcp_dbutils-0.12.0 → mcp_dbutils-0.14.0}/CHANGELOG.md RENAMED Viewed

@@ -1,3 +1,17 @@
+# [0.14.0](https://github.com/donghao1393/mcp-dbutils/compare/v0.13.0...v0.14.0) (2025-03-14)
+### Features
+* implement SonarCloud PR auto-comment system ([#33](https://github.com/donghao1393/mcp-dbutils/issues/33)) ([4e83211](https://github.com/donghao1393/mcp-dbutils/commit/4e83211c4c7a289a6b794cdc5e03caac301d173c)), closes [#32](https://github.com/donghao1393/mcp-dbutils/issues/32)
+# [0.13.0](https://github.com/donghao1393/mcp-dbutils/compare/v0.12.0...v0.13.0) (2025-03-14)
+### Features
+* configure SonarCloud quality gates ([#31](https://github.com/donghao1393/mcp-dbutils/issues/31)) ([454c4d3](https://github.com/donghao1393/mcp-dbutils/commit/454c4d384e4ddd8d324fe4292b13436c6b22328c)), closes [#30](https://github.com/donghao1393/mcp-dbutils/issues/30)
 # [0.12.0](https://github.com/donghao1393/mcp-dbutils/compare/v0.11.0...v0.12.0) (2025-03-14)

{mcp_dbutils-0.12.0 → mcp_dbutils-0.14.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: mcp-dbutils
-Version: 0.12.0
+Version: 0.14.0
 Summary: MCP Database Utilities Service
 Author: Dong Hao
 License-Expression: MIT
@@ -460,6 +460,38 @@ Provides MySQL-specific features:
 - SSL/TLS secure connection
 - URL and standard connection methods
+## Code Quality
+### Quality Gates
+We use SonarCloud to maintain high code quality standards. All pull requests must pass the following quality gates:
+- Code Coverage: ≥ 80%
+- Code Quality:
+  * No blocker or critical issues
+  * Less than 10 major issues
+  * Code duplication < 3%
+- Security:
+  * No security vulnerabilities
+  * No security hotspots
+### Automated Checks
+Our CI/CD pipeline automatically performs:
+1. Full test suite execution
+2. Code coverage analysis
+3. SonarCloud static code analysis
+4. Quality gate validation
+Pull requests that don't meet these standards will be automatically blocked from merging.
+### Local Development
+To check code quality locally:
+1. Run tests with coverage:
+   ```bash
+   pytest --cov=src/mcp_dbutils --cov-report=xml:coverage.xml tests/
+   ```
+2. Use SonarLint in your IDE to catch issues early
+3. Review SonarCloud analysis results in PR comments
 ## Contributing
 Contributions are welcome! Here's how you can help:

{mcp_dbutils-0.12.0 → mcp_dbutils-0.14.0}/README.md RENAMED Viewed

@@ -437,6 +437,38 @@ Provides MySQL-specific features:
 - SSL/TLS secure connection
 - URL and standard connection methods
+## Code Quality
+### Quality Gates
+We use SonarCloud to maintain high code quality standards. All pull requests must pass the following quality gates:
+- Code Coverage: ≥ 80%
+- Code Quality:
+  * No blocker or critical issues
+  * Less than 10 major issues
+  * Code duplication < 3%
+- Security:
+  * No security vulnerabilities
+  * No security hotspots
+### Automated Checks
+Our CI/CD pipeline automatically performs:
+1. Full test suite execution
+2. Code coverage analysis
+3. SonarCloud static code analysis
+4. Quality gate validation
+Pull requests that don't meet these standards will be automatically blocked from merging.
+### Local Development
+To check code quality locally:
+1. Run tests with coverage:
+   ```bash
+   pytest --cov=src/mcp_dbutils --cov-report=xml:coverage.xml tests/
+   ```
+2. Use SonarLint in your IDE to catch issues early
+3. Review SonarCloud analysis results in PR comments
 ## Contributing
 Contributions are welcome! Here's how you can help:

{mcp_dbutils-0.12.0 → mcp_dbutils-0.14.0}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [project]
 name = "mcp-dbutils"
-version = "0.12.0"
+version = "0.14.0"
 description = "MCP Database Utilities Service"
 readme = "README.md"
 license = "MIT"

mcp_dbutils-0.14.0/sonar-project.properties ADDED Viewed

@@ -0,0 +1,14 @@
+sonar.organization=donghao1393
+sonar.projectKey=donghao1393_mcp-dbutils
+sonar.sources=src/mcp_dbutils
+sonar.tests=tests
+sonar.python.coverage.reportPaths=coverage.xml
+sonar.python.version=3.10
+# PR Analysis Configuration
+sonar.pullrequest.provider=github
+sonar.pullrequest.github.repository=donghao1393/mcp-dbutils
+sonar.pullrequest.github.endpoint=https://api.github.com/
+# Quality Gate Settings
+sonar.qualitygate.wait=true

mcp_dbutils-0.12.0/.github/workflows/quality-assurance.yml DELETED Viewed

@@ -1,102 +0,0 @@
-name: Quality Assurance
-on:
-  push:
-    branches: [ main ]
-  pull_request:
-    branches: [ main ]
-jobs:
-  pytest:
-    runs-on: ubuntu-latest
-    services:
-      postgres:
-        image: postgres:15-alpine
-        env:
-          POSTGRES_PASSWORD: postgres
-        ports:
-          - 5432:5432
-        options: >-
-          --health-cmd pg_isready
-          --health-interval 10s
-          --health-timeout 5s
-          --health-retries 5
-    steps:
-      - uses: actions/checkout@v4
-      - name: Install uv
-        uses: astral-sh/setup-uv@v4
-      - name: Set up Python
-        run: uv python install
-      - name: Create and activate venv
-        run: |
-          uv venv
-          . .venv/bin/activate
-      - name: Install dependencies
-        run: uv pip install -e ".[test]"
-      - name: Run tests with coverage
-        id: tests
-        run: |
-          uv run pytest \
-            -v \
-            --cov=src/mcp_dbutils \
-            --cov-report=html \
-            --cov-report=term-missing \
-            --cov-report=json:coverage.json \
-            --cov-report=xml:coverage.xml \
-            tests/
-      - name: Upload coverage report
-        uses: actions/upload-artifact@v4
-        with:
-          name: coverage-report
-          path: coverage.xml
-      - name: Calculate coverage percentage
-        id: calc_coverage
-        run: |
-          COVERAGE=$(jq -r '.totals.percent_covered' coverage.json)
-          echo "Coverage: $COVERAGE"
-          echo "percentage=${COVERAGE%.*}" >> $GITHUB_OUTPUT
-          if (( $(echo "$COVERAGE >= 90" | bc -l) )); then
-            echo "color=green" >> $GITHUB_OUTPUT
-          elif (( $(echo "$COVERAGE >= 80" | bc -l) )); then
-            echo "color=yellow" >> $GITHUB_OUTPUT
-          else
-            echo "color=red" >> $GITHUB_OUTPUT
-          fi
-      - name: Create Coverage Badge
-        uses: schneegans/dynamic-badges-action@v1.7.0
-        with:
-          auth: ${{ secrets.GIST_SECRET }}
-          gistID: bdd0a63ec2a816539ff8c136ceb41e48
-          filename: coverage.json
-          label: "coverage"
-          message: "${{ steps.calc_coverage.outputs.percentage }}%"
-          color: "${{ steps.calc_coverage.outputs.color }}"
-          namedLogo: python
-  sonarcloud:
-    name: SonarCloud
-    needs: pytest
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v4
-        with:
-          fetch-depth: 0
-      - name: Download coverage report
-        uses: actions/download-artifact@v4
-        with:
-          name: coverage-report
-      - name: SonarCloud Scan
-        uses: SonarSource/sonarqube-scan-action@v5.0.0
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

mcp_dbutils-0.12.0/sonar-project.properties DELETED Viewed

@@ -1,6 +0,0 @@
-sonar.organization=donghao1393
-sonar.projectKey=donghao1393_mcp-dbutils
-sonar.sources=src/mcp_dbutils
-sonar.tests=tests
-sonar.python.coverage.reportPaths=coverage.xml
-sonar.python.version=3.10