From a61bf4a9a93fffda9a9c9c1e09b77414dd7a2213 Mon Sep 17 00:00:00 2001 From: Jesse Shaffer Date: Thu, 15 Sep 2022 12:28:02 -0500 Subject: [PATCH 1/2] use json config, and directly call the cflint api --- pom.xml | 13 +- .../plugin/coldfusion/ColdFusionPlugin.java | 1 - .../plugin/coldfusion/ColdFusionSensor.java | 7 +- .../coldfusion/cflint/CFLintAnalyzer.java | 118 +++++++++++++----- .../cflint/CFlintJSONConfigExporter.java | 54 ++++++++ 5 files changed, 156 insertions(+), 37 deletions(-) create mode 100644 src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFlintJSONConfigExporter.java diff --git a/pom.xml b/pom.xml index 5fab0f0..00be138 100644 --- a/pom.xml +++ b/pom.xml @@ -6,7 +6,7 @@ com.stepstone.sonar.plugin sonar-coldfusion-plugin sonar-plugin - 2.2.0 + 2.3.0 SonarQube Coldfusion Plugin Enables scanning of ColdFusion source files @@ -97,6 +97,13 @@ ${sonar.version} test + + + com.github.cflint + CFLint + ${cflint.version} + all + @@ -113,7 +120,7 @@ https://github.com/stepstone-tech/sonar-coldfusion - + de.jutzig github-release-plugin diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionPlugin.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionPlugin.java index f9cd74e..4cb1a24 100644 --- a/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionPlugin.java +++ b/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionPlugin.java @@ -74,6 +74,5 @@ public void define(Context context) { ColdFusionSonarWayProfile.class, ColdFusionProfileExporter.class ); - } } diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionSensor.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionSensor.java index 5ff79b0..8b0de3b 100644 --- a/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionSensor.java +++ b/src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionSensor.java @@ -19,7 +19,8 @@ import com.google.common.base.Preconditions; import com.stepstone.sonar.plugin.coldfusion.cflint.CFLintAnalyzer; import com.stepstone.sonar.plugin.coldfusion.cflint.CFLintAnalysisResultImporter; -import com.stepstone.sonar.plugin.coldfusion.cflint.CFLintConfigExporter; +import com.stepstone.sonar.plugin.coldfusion.cflint.CFlintJSONConfigExporter; + import org.sonar.api.batch.fs.FileSystem; import org.sonar.api.batch.fs.InputFile; import org.sonar.api.batch.sensor.Sensor; @@ -90,10 +91,10 @@ private void analyze(SensorContext context) throws IOException, XMLStreamExcepti } private File generateCflintConfig() throws IOException, XMLStreamException { - final File configFile = new File(fs.workDir(), "cflint-config.xml"); + final File configFile = new File(fs.workDir(), "cflint-config.json"); Collection ruleKeys = ruleProfile.findByRepository(ColdFusionPlugin.REPOSITORY_KEY) .stream().map(rule -> rule.ruleKey().toString()).collect(Collectors.toList()); - new CFLintConfigExporter(ruleKeys).save(configFile); + new CFlintJSONConfigExporter(ruleKeys).save(configFile); return configFile; } diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintAnalyzer.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintAnalyzer.java index ff8a43d..56ac06f 100644 --- a/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintAnalyzer.java +++ b/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintAnalyzer.java @@ -16,23 +16,38 @@ package com.stepstone.sonar.plugin.coldfusion.cflint; -import com.stepstone.sonar.plugin.coldfusion.ColdFusionPlugin; +import java.io.File; +import java.io.FileOutputStream; +import java.io.IOException; +import java.io.OutputStreamWriter; +import java.io.Writer; +import java.nio.charset.Charset; +import java.nio.charset.StandardCharsets; +import java.util.ArrayList; +import java.util.List; +import java.util.stream.Collectors; -import com.google.common.base.Preconditions; -import com.google.common.base.Strings; +import javax.xml.stream.XMLStreamException; import org.sonar.api.batch.fs.FileSystem; +import org.sonar.api.batch.fs.InputFile; import org.sonar.api.batch.sensor.SensorContext; import org.sonar.api.config.Configuration; import org.sonar.api.utils.command.Command; -import org.sonar.api.utils.command.CommandExecutor; import org.sonar.api.utils.command.StreamConsumer; import org.sonar.api.utils.log.Logger; import org.sonar.api.utils.log.Loggers; -import java.io.File; -import java.io.IOException; -import javax.xml.stream.XMLStreamException; +import com.cflint.api.CFLintAPI; +import com.cflint.api.CFLintResult; +import com.cflint.config.CFLintConfiguration; +import com.cflint.config.CFLintPluginInfo; +import com.cflint.config.ConfigBuilder; +import com.cflint.exception.CFLintConfigurationException; +import com.cflint.exception.CFLintScanException; +import com.google.common.base.Preconditions; +import com.google.common.base.Strings; +import com.stepstone.sonar.plugin.coldfusion.ColdFusionPlugin; public class CFLintAnalyzer { @@ -50,29 +65,62 @@ public CFLintAnalyzer(SensorContext sensorContext) { public void analyze(File configFile) throws IOException, XMLStreamException { File executableJar = null; try { - Command command = Command.create(settings.get(ColdFusionPlugin.CFLINT_JAVA).orElseThrow( - IllegalStateException::new - )); - addCflintJavaOpts(command); - executableJar = extractCflintJar(); - command.addArgument("-jar") - .addArgument(executableJar.getPath()) - .addArgument("-xml") - .addArgument("-folder") - .addArgument(settings.get("sonar.projectBaseDir").orElseThrow( - IllegalStateException::new - )) - .addArgument("-xmlfile") - .addArgument(fs.workDir() + File.separator + "cflint-result.xml") - .addArgument("-configfile") - .addArgument(configFile.getPath()); - - CommandExecutor executor = CommandExecutor.create(); - int exitCode = executor.execute(command, new LogInfoStreamConsumer(), new LogErrorStreamConsumer(), Integer.MAX_VALUE); - - if (exitCode != 0) { - throw new IllegalStateException("The CFLint analyzer failed with exit code: " + exitCode); - } + // Command command = Command.create(settings.get(ColdFusionPlugin.CFLINT_JAVA).orElseThrow( + // IllegalStateException::new + // )); + // addCflintJavaOpts(command); + // executableJar = extractCflintJar(); + + List filesToScan = new ArrayList<>(); + + for (InputFile file : fs.inputFiles(fs.predicates().hasLanguage(ColdFusionPlugin.LANGUAGE_KEY))) + filesToScan.add(file.absolutePath()); + + try { + ConfigBuilder cflintConfigBuilder = new ConfigBuilder(new CFLintPluginInfo()); + cflintConfigBuilder.addCustomConfig(configFile.getPath()); + + CFLintAPI linter = new CFLintAPI( + cflintConfigBuilder.build() + ); + linter.setVerbose(true); + + CFLintResult lintResult = linter.scan(filesToScan); + + try (final Writer xmlwriter = createXMLWriter(fs.workDir() + File.separator + "cflint-result.xml", StandardCharsets.UTF_8)) { + lintResult.writeXml(xmlwriter); + } + } catch(CFLintScanException se) { + se.printStackTrace(); + }catch(Exception ce) { + throw new IOException(ce); + } + + + // command.addArgument("-jar") + // .addArgument(executableJar.getPath()) + // .addArgument("-xml") + // // .addArgument("-folder") + // // .addArgument(settings.get("sonar.projectBaseDir").orElseThrow( + // // IllegalStateException::new + // // )) + // .addArgument("-file") + // .addArgument(fileArg) + // .addArgument("-xmlfile") + // .addArgument(fs.workDir() + File.separator + "cflint-result.xml") + // .addArgument("-configfile") + // .addArgument(configFile.getPath()) + // .addArgument("-v"); + + + // CommandExecutor executor = CommandExecutor.create(); + // int exitCode = executor.execute(command, new LogInfoStreamConsumer(), new LogErrorStreamConsumer(), Integer.MAX_VALUE); + + // if (exitCode != 0) { + // throw new IllegalStateException("The CFLint analyzer failed with exit code: " + exitCode); + // } + + } finally { //cleanup if(executableJar!= null && executableJar.exists()) { @@ -113,4 +161,14 @@ public void consumeLine(String line) { } } + private Writer createXMLWriter(final String xmlOutFile, final Charset encoding) throws IOException { + final OutputStreamWriter out = new OutputStreamWriter(new FileOutputStream(xmlOutFile), encoding); + try { + out.append(String.format("%n", encoding)); + } catch (final IOException e) { + throw new IOException(e); + } + return out; + } + } diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFlintJSONConfigExporter.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFlintJSONConfigExporter.java new file mode 100644 index 0000000..c321fd2 --- /dev/null +++ b/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFlintJSONConfigExporter.java @@ -0,0 +1,54 @@ +/* +Copyright 2016 StepStone GmbH + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package com.stepstone.sonar.plugin.coldfusion.cflint; + +import java.io.File; +import java.io.FileWriter; +import java.io.IOException; +import java.io.Writer; +import java.util.Collection; + +import javax.xml.stream.XMLStreamException; + +public class CFlintJSONConfigExporter { + + private final Collection ruleKeys; + public CFlintJSONConfigExporter(Collection ruleKeys) { + this.ruleKeys = ruleKeys; + } + + public void save(File configFile) throws IOException, XMLStreamException { + try (FileWriter writer = new FileWriter(configFile)) { + save(writer); + } + } + + public void save(Writer writer) throws IOException, XMLStreamException { + writer.append("{ \"includes\": ["); + + boolean first = true; + for (String ruleKey : ruleKeys) { + if (first) first=false; + else writer.append(","); + + writer.append(" {\"code\":\"" + ruleKey + "\"}"); + } + + writer.append(" ] }"); + writer.close(); + } +} From da4bcb007f8c095ddbafae288710fb506c85b39d Mon Sep 17 00:00:00 2001 From: Jesse Shaffer Date: Thu, 15 Sep 2022 12:36:34 -0500 Subject: [PATCH 2/2] futher cleanup --- pom.xml | 27 ----- .../coldfusion/cflint/CFLintAnalyzer.java | 98 ++++--------------- .../cflint/CFLintConfigExporter.java | 65 ------------ .../profile/ColdFusionProfileExporter.java | 18 ++-- 4 files changed, 29 insertions(+), 179 deletions(-) delete mode 100644 src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintConfigExporter.java diff --git a/pom.xml b/pom.xml index 00be138..b5cef53 100644 --- a/pom.xml +++ b/pom.xml @@ -102,7 +102,6 @@ com.github.cflint CFLint ${cflint.version} - all @@ -120,32 +119,6 @@ https://github.com/stepstone-tech/sonar-coldfusion - de.jutzig github-release-plugin diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintAnalyzer.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintAnalyzer.java index 56ac06f..321a427 100644 --- a/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintAnalyzer.java +++ b/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintAnalyzer.java @@ -63,71 +63,28 @@ public CFLintAnalyzer(SensorContext sensorContext) { } public void analyze(File configFile) throws IOException, XMLStreamException { - File executableJar = null; + List filesToScan = new ArrayList<>(); + + for (InputFile file : fs.inputFiles(fs.predicates().hasLanguage(ColdFusionPlugin.LANGUAGE_KEY))) + filesToScan.add(file.absolutePath()); + try { - // Command command = Command.create(settings.get(ColdFusionPlugin.CFLINT_JAVA).orElseThrow( - // IllegalStateException::new - // )); - // addCflintJavaOpts(command); - // executableJar = extractCflintJar(); - - List filesToScan = new ArrayList<>(); - - for (InputFile file : fs.inputFiles(fs.predicates().hasLanguage(ColdFusionPlugin.LANGUAGE_KEY))) - filesToScan.add(file.absolutePath()); - - try { - ConfigBuilder cflintConfigBuilder = new ConfigBuilder(new CFLintPluginInfo()); - cflintConfigBuilder.addCustomConfig(configFile.getPath()); - - CFLintAPI linter = new CFLintAPI( - cflintConfigBuilder.build() - ); - linter.setVerbose(true); - - CFLintResult lintResult = linter.scan(filesToScan); - - try (final Writer xmlwriter = createXMLWriter(fs.workDir() + File.separator + "cflint-result.xml", StandardCharsets.UTF_8)) { - lintResult.writeXml(xmlwriter); - } - } catch(CFLintScanException se) { - se.printStackTrace(); - }catch(Exception ce) { - throw new IOException(ce); - } - - - // command.addArgument("-jar") - // .addArgument(executableJar.getPath()) - // .addArgument("-xml") - // // .addArgument("-folder") - // // .addArgument(settings.get("sonar.projectBaseDir").orElseThrow( - // // IllegalStateException::new - // // )) - // .addArgument("-file") - // .addArgument(fileArg) - // .addArgument("-xmlfile") - // .addArgument(fs.workDir() + File.separator + "cflint-result.xml") - // .addArgument("-configfile") - // .addArgument(configFile.getPath()) - // .addArgument("-v"); - - - // CommandExecutor executor = CommandExecutor.create(); - // int exitCode = executor.execute(command, new LogInfoStreamConsumer(), new LogErrorStreamConsumer(), Integer.MAX_VALUE); - - // if (exitCode != 0) { - // throw new IllegalStateException("The CFLint analyzer failed with exit code: " + exitCode); - // } - - - } finally { - //cleanup - if(executableJar!= null && executableJar.exists()) { - executableJar.deleteOnExit(); + ConfigBuilder cflintConfigBuilder = new ConfigBuilder(new CFLintPluginInfo()); + cflintConfigBuilder.addCustomConfig(configFile.getPath()); + + CFLintAPI linter = new CFLintAPI( + cflintConfigBuilder.build() + ); + linter.setVerbose(true); + + CFLintResult lintResult = linter.scan(filesToScan); + + try (final Writer xmlwriter = createXMLWriter(fs.workDir() + File.separator + "cflint-result.xml", StandardCharsets.UTF_8)) { + lintResult.writeXml(xmlwriter); } + } catch(Exception ce) { + throw new IOException(ce); } - } protected File extractCflintJar() throws IOException { @@ -144,23 +101,6 @@ protected void addCflintJavaOpts(Command command) { } } - private class LogInfoStreamConsumer implements StreamConsumer { - - @Override - public void consumeLine(String line) { - logger.info("Consuming line {}", line); - } - - } - - private class LogErrorStreamConsumer implements StreamConsumer { - - @Override - public void consumeLine(String line) { - logger.error("Error consuming line {}", line); - } - } - private Writer createXMLWriter(final String xmlOutFile, final Charset encoding) throws IOException { final OutputStreamWriter out = new OutputStreamWriter(new FileOutputStream(xmlOutFile), encoding); try { diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintConfigExporter.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintConfigExporter.java deleted file mode 100644 index bd9036f..0000000 --- a/src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintConfigExporter.java +++ /dev/null @@ -1,65 +0,0 @@ -/* -Copyright 2016 StepStone GmbH - -Licensed under the Apache License, Version 2.0 (the "License"); -you may not use this file except in compliance with the License. -You may obtain a copy of the License at - - http://www.apache.org/licenses/LICENSE-2.0 - -Unless required by applicable law or agreed to in writing, software -distributed under the License is distributed on an "AS IS" BASIS, -WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -See the License for the specific language governing permissions and -limitations under the License. -*/ - -package com.stepstone.sonar.plugin.coldfusion.cflint; - -import javax.xml.stream.XMLOutputFactory; -import javax.xml.stream.XMLStreamException; -import javax.xml.stream.XMLStreamWriter; -import java.io.File; -import java.io.FileWriter; -import java.io.IOException; -import java.io.Writer; -import java.util.Collection; - -public class CFLintConfigExporter { - - private final Collection ruleKeys; - public CFLintConfigExporter(Collection ruleKeys) { - this.ruleKeys = ruleKeys; - } - - public void save(File configFile) throws IOException, XMLStreamException { - try (FileWriter writer = new FileWriter(configFile)) { - save(writer); - } - } - - public void save(Writer writer) throws IOException, XMLStreamException { - final XMLOutputFactory xmlOutputFactory = XMLOutputFactory.newInstance(); - XMLStreamWriter xtw=null; - try { - xtw = xmlOutputFactory.createXMLStreamWriter(writer); - - xtw.writeStartDocument(); - xtw.writeStartElement("config"); - - for (String ruleKey: ruleKeys) { - xtw.writeStartElement("includes"); - xtw.writeAttribute("code", ruleKey); - xtw.writeEndElement(); - } - - xtw.writeEndElement(); - xtw.writeEndDocument(); - } finally { - if(xtw!=null) { - xtw.close(); - } - } - - } -} diff --git a/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionProfileExporter.java b/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionProfileExporter.java index 6d82701..719ee72 100644 --- a/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionProfileExporter.java +++ b/src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionProfileExporter.java @@ -16,18 +16,20 @@ package com.stepstone.sonar.plugin.coldfusion.profile; -import com.google.common.base.Throwables; -import com.stepstone.sonar.plugin.coldfusion.ColdFusionPlugin; -import com.stepstone.sonar.plugin.coldfusion.cflint.CFLintConfigExporter; -import org.sonar.api.profiles.ProfileExporter; -import org.sonar.api.profiles.RulesProfile; - -import javax.xml.stream.XMLStreamException; import java.io.IOException; import java.io.Writer; import java.util.Collection; import java.util.stream.Collectors; +import javax.xml.stream.XMLStreamException; + +import org.sonar.api.profiles.ProfileExporter; +import org.sonar.api.profiles.RulesProfile; + +import com.google.common.base.Throwables; +import com.stepstone.sonar.plugin.coldfusion.ColdFusionPlugin; +import com.stepstone.sonar.plugin.coldfusion.cflint.CFlintJSONConfigExporter; + public class ColdFusionProfileExporter extends ProfileExporter { public ColdFusionProfileExporter() { @@ -41,7 +43,7 @@ public void exportProfile(RulesProfile ruleProfile, Writer writer) { Collection ruleKeys = ruleProfile.getActiveRulesByRepository(ColdFusionPlugin.REPOSITORY_KEY) .stream().map(rule -> rule.getRule().ruleKey().rule()) .collect(Collectors.toList()); - new CFLintConfigExporter(ruleKeys).save(writer); + new CFlintJSONConfigExporter(ruleKeys).save(writer); } catch (IOException | XMLStreamException e) { Throwables.propagate(e); }