Configuration strategy

TBC Arguments Philosophy

Guiding Principle

Prioritize file-based configuration over command-line arguments to ensure consistency between development environments and CI/CD.

Command-line arguments should be limited to the strict minimum necessary for TBC core functionality: report generation and temporary file exclusion.

Implementation

Tool Analysis

For each integrated tool, identify:

Configuration capability: Can the tool read a configuration file?
Need to pass "files" as argument: Is a file argument required for this tool?
Exclusion management: How to exclude the .cache directory? Via:
- .gitignore
- --exclude options
- --extend-exclude options
- Other available mechanisms

Objectives

Consistency: Same configuration across all environments
Simplicity: Minimal CLI interface
Maintainability: Centralized and versioned configuration

This approach ensures a uniform user experience while simplifying maintenance and deployment.

Tools Summary Table

Job	Main Tool	Filtering/Exclusion Mechanism	Other CLI Args	Ignore Support	TODO Recommendations
`py-lint`	pylint	`find -type f -name ".py" -not -path "./.cache/" -not -path "./.venv/*"`	`--output-format=colorized,pylint_gitlab.GitlabCodeClimateReporter:reports/py-lint.codeclimate.json,parseable:reports/py-lint.parseable.txt ${PYLINT_ARGS}` PYLINT_ARGS (default: '')	☑️ No .gitignore but config (pyproject.toml, pylintrc)	☑️ Migrate to `--ignore-paths` and PYLINT_ARGS to `.`
`py-black`	black	`--extend-exclude '(\/\.cache\/\|\/\.venv\/)'`	`. --check`	✅ Via .gitignore if no `--exclude` doc + pyproject.toml, `--exclude...`	☑️ Use .gitignore and add `BLACK_ARGS` to `.`
`py-isort`	isort	`--extend-skip .cache --extend-skip .venv`	`. --check-only`	✅ Via .gitignore`(with`--gitignore) + (pyproject.toml, .isort.cfg) + `--skip`...` doc	☑️ Use .gitignore and add `ISORT_ARGS` to `--gitignore --check-only .`
`py-ruff`	ruff	`--extend-exclude .venv,.cache`	`check . ${RUFF_ARGS}` RUFF_ARGS (default: "")	✅ Via .gitignore + (pyproject.toml, ruff.toml) + `--exclude...` doc	☑️ Use .gitignore so remove `--extend-exclude`
`py-ruff-format`	ruff format	`--exclude .venv,.cache`	`format --check .`	✅ Via .gitignore + (pyproject.toml, ruff.toml) + `--exclude` doc	☑️ Use .gitignore so remove `--exclude` + add `RUFF_FORMAT_ARGS` to `.`
`py-mypy`	mypy	`find -type f -name ".py" -not -path "./.cache/" -not -path "./.venv/*"`	`${MYPY_ARGS}` MYPY_ARGS (default: "")	🔳 .gitignore with `--exclude-gitignore` option + config (pyproject.toml, mypy.ini) doc	☑️ Change `MYPY_ARGS` to `--exclude-gitignore .` and remove `find`
`py-basedpyright`	basedpyright	No filtering	`${PYRIGHT_ARGS}` PYRIGHT_ARGS (default: "")	☑️ Ignores `.*` but not .gitignore + config (pyproject.toml, pyrightconfig.json)	✅ Already optimal
`py-nosetests`	nose	⏭️ not analysed	`--with-xunit --xunit-file=reports/TEST-nosetests.xml --with-coverage --cover-erase --cover-xml --cover-xml-file=reports/py-coverage.cobertura.xml` NOSETESTS_ARGS (default: '')	??	⚠️ Obsolete (Last release: June 2, 2015) and nose2 (Last release: June 1, 2024), remove
`py-compile`	compileall	No filtering	`${PYTHON_COMPILE_ARGS}` PYTHON_COMPILE_ARGS (default: '')*	☑️ but * already skip .* directories	✅ Already optimal
`py-unittest`	unittest + coverage	No filtering	`${UNITTEST_ARGS}` UNITTEST_ARGS (default: '')	🔳 but can define source dir `--source=...`	✅ Already optimal
`py-pytest`	pytest	No filtering	`${PYTEST_ARGS}` PYTEST_ARGS (default: '')	🔳 not use .gitignore but can define `testpaths` or `norecursedirs` in pytest.ini/pyproject.toml or `--ignore`, `--ignore-glob`	✅ Already optimal
`py-package`	various build tools	No filtering	No CLI args	documentation to src-layout, and each tool configuration	☑️ Work on documentation work
`py-publish`	upload artifacts	No filtering	No CLI args	N/A (upload)	✅ No action needed
`py-release`	bump version	No filtering - git operations	No CLI args	N/A (git ops)	✅ No action needed
`py-bandit`	bandit	`--exclude ./.cache,./.venv`	`${BANDIT_ARGS}` BANDIT_ARGS (default: '--recursive .')	☑️ config (pyproject.toml, bandit.yaml) passed with `-c` ??	✅ Already optimal
`py-trivy`	trivy	No filtering	`${TRIVY_ARGS}` 🚧	🔳 No filtering need	🙋‍♂️ Need second opinion
`py-sbom`	syft	No filtering	`${PYTHON_SBOM_OPTS}` PYTHON_SBOM_OPTS (default: --override-default-catalogers python-package-cataloger --select-catalogers -file)	🔳 No .gitignore but `--exclude` doc	🙋‍♂️ Need second opinion

How to leverage .gitignore support

Why rely on .gitignore rather than individual tool-specific config files, given its simplicity and flexibily

Create a process that adds .cache and .venv to .gitignore if they don't exist
Add a TBC recommendation to include .cache, .venv, .tbc in the .gitignore file

Proposal: UV, PDM and Hatch already add file .gitignore with * in venv We can use the same tweak in .cache directory And for reports directory file with

py-coverage.*
py-lint.*
py-ruff.*
py-mypy.*
py-basedpyright.*
py-bandit.*
py-trivy.*
py-sbom.cyclonedx.json