3 * Copyright (C) 2009-2024 SonarSource SA
4 * mailto:info AT sonarsource DOT com
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 3 of the License, or (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public License
17 * along with this program; if not, write to the Free Software Foundation,
18 * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
20 package org.sonar.ce.task.projectanalysis.issue;
22 import com.google.common.collect.EnumMultiset;
23 import com.google.common.collect.HashMultiset;
24 import com.google.common.collect.ImmutableMap;
25 import com.google.common.collect.Multiset;
26 import java.util.HashMap;
28 import javax.annotation.Nullable;
29 import org.sonar.api.issue.IssueStatus;
30 import org.sonar.api.issue.impact.Severity;
31 import org.sonar.api.rules.RuleType;
32 import org.sonar.ce.task.projectanalysis.component.Component;
33 import org.sonar.ce.task.projectanalysis.measure.Measure;
34 import org.sonar.ce.task.projectanalysis.measure.MeasureRepository;
35 import org.sonar.ce.task.projectanalysis.metric.Metric;
36 import org.sonar.ce.task.projectanalysis.metric.MetricRepository;
37 import org.sonar.core.issue.DefaultIssue;
39 import static org.sonar.api.issue.Issue.STATUS_CONFIRMED;
40 import static org.sonar.api.issue.Issue.STATUS_OPEN;
41 import static org.sonar.api.issue.Issue.STATUS_REOPENED;
42 import static org.sonar.api.measures.CoreMetrics.ACCEPTED_ISSUES_KEY;
43 import static org.sonar.api.measures.CoreMetrics.BLOCKER_VIOLATIONS_KEY;
44 import static org.sonar.api.measures.CoreMetrics.BUGS_KEY;
45 import static org.sonar.api.measures.CoreMetrics.CODE_SMELLS_KEY;
46 import static org.sonar.api.measures.CoreMetrics.CONFIRMED_ISSUES_KEY;
47 import static org.sonar.api.measures.CoreMetrics.CRITICAL_VIOLATIONS_KEY;
48 import static org.sonar.api.measures.CoreMetrics.FALSE_POSITIVE_ISSUES_KEY;
49 import static org.sonar.api.measures.CoreMetrics.HIGH_IMPACT_ACCEPTED_ISSUES_KEY;
50 import static org.sonar.api.measures.CoreMetrics.INFO_VIOLATIONS_KEY;
51 import static org.sonar.api.measures.CoreMetrics.MAJOR_VIOLATIONS_KEY;
52 import static org.sonar.api.measures.CoreMetrics.MINOR_VIOLATIONS_KEY;
53 import static org.sonar.api.measures.CoreMetrics.NEW_ACCEPTED_ISSUES_KEY;
54 import static org.sonar.api.measures.CoreMetrics.NEW_BLOCKER_VIOLATIONS_KEY;
55 import static org.sonar.api.measures.CoreMetrics.NEW_BUGS_KEY;
56 import static org.sonar.api.measures.CoreMetrics.NEW_CODE_SMELLS_KEY;
57 import static org.sonar.api.measures.CoreMetrics.NEW_CRITICAL_VIOLATIONS_KEY;
58 import static org.sonar.api.measures.CoreMetrics.NEW_INFO_VIOLATIONS_KEY;
59 import static org.sonar.api.measures.CoreMetrics.NEW_MAJOR_VIOLATIONS_KEY;
60 import static org.sonar.api.measures.CoreMetrics.NEW_MINOR_VIOLATIONS_KEY;
61 import static org.sonar.api.measures.CoreMetrics.NEW_SECURITY_HOTSPOTS_KEY;
62 import static org.sonar.api.measures.CoreMetrics.NEW_VIOLATIONS_KEY;
63 import static org.sonar.api.measures.CoreMetrics.NEW_VULNERABILITIES_KEY;
64 import static org.sonar.api.measures.CoreMetrics.OPEN_ISSUES_KEY;
65 import static org.sonar.api.measures.CoreMetrics.REOPENED_ISSUES_KEY;
66 import static org.sonar.api.measures.CoreMetrics.SECURITY_HOTSPOTS_KEY;
67 import static org.sonar.api.measures.CoreMetrics.VIOLATIONS_KEY;
68 import static org.sonar.api.measures.CoreMetrics.VULNERABILITIES_KEY;
69 import static org.sonar.api.rule.Severity.BLOCKER;
70 import static org.sonar.api.rule.Severity.CRITICAL;
71 import static org.sonar.api.rule.Severity.INFO;
72 import static org.sonar.api.rule.Severity.MAJOR;
73 import static org.sonar.api.rule.Severity.MINOR;
74 import static org.sonar.api.rules.RuleType.BUG;
75 import static org.sonar.api.rules.RuleType.CODE_SMELL;
76 import static org.sonar.api.rules.RuleType.SECURITY_HOTSPOT;
77 import static org.sonar.api.rules.RuleType.VULNERABILITY;
80 * For each component, computes the measures related to number of issues:
82 * <li>issues per status (open, reopen, confirmed)</li>
83 * <li>issues per resolution (unresolved, false-positives, won't fix)</li>
84 * <li>issues per severity (from info to blocker)</li>
85 * <li>issues per type (code smell, bug, vulnerability, security hotspots)</li>
87 * For each value, the variation on configured periods is also computed.
89 public class IssueCounter extends IssueVisitor {
91 private static final Map<String, String> SEVERITY_TO_METRIC_KEY = ImmutableMap.of(
92 BLOCKER, BLOCKER_VIOLATIONS_KEY,
93 CRITICAL, CRITICAL_VIOLATIONS_KEY,
94 MAJOR, MAJOR_VIOLATIONS_KEY,
95 MINOR, MINOR_VIOLATIONS_KEY,
96 INFO, INFO_VIOLATIONS_KEY);
98 private static final Map<String, String> SEVERITY_TO_NEW_METRIC_KEY = ImmutableMap.of(
99 BLOCKER, NEW_BLOCKER_VIOLATIONS_KEY,
100 CRITICAL, NEW_CRITICAL_VIOLATIONS_KEY,
101 MAJOR, NEW_MAJOR_VIOLATIONS_KEY,
102 MINOR, NEW_MINOR_VIOLATIONS_KEY,
103 INFO, NEW_INFO_VIOLATIONS_KEY);
105 private static final Map<RuleType, String> TYPE_TO_METRIC_KEY = ImmutableMap.<RuleType, String>builder()
106 .put(CODE_SMELL, CODE_SMELLS_KEY)
108 .put(VULNERABILITY, VULNERABILITIES_KEY)
109 .put(SECURITY_HOTSPOT, SECURITY_HOTSPOTS_KEY)
111 private static final Map<RuleType, String> TYPE_TO_NEW_METRIC_KEY = ImmutableMap.<RuleType, String>builder()
112 .put(CODE_SMELL, NEW_CODE_SMELLS_KEY)
113 .put(BUG, NEW_BUGS_KEY)
114 .put(VULNERABILITY, NEW_VULNERABILITIES_KEY)
115 .put(SECURITY_HOTSPOT, NEW_SECURITY_HOTSPOTS_KEY)
118 private final MetricRepository metricRepository;
119 private final MeasureRepository measureRepository;
120 private final NewIssueClassifier newIssueClassifier;
121 private final Map<String, Counters> countersByComponentUuid = new HashMap<>();
123 private Counters currentCounters;
125 public IssueCounter(MetricRepository metricRepository, MeasureRepository measureRepository, NewIssueClassifier newIssueClassifier) {
126 this.metricRepository = metricRepository;
127 this.measureRepository = measureRepository;
128 this.newIssueClassifier = newIssueClassifier;
132 public void beforeComponent(Component component) {
133 currentCounters = new Counters();
134 countersByComponentUuid.put(component.getUuid(), currentCounters);
136 // aggregate children counters
137 for (Component child : component.getChildren()) {
138 Counters childCounters = countersByComponentUuid.remove(child.getUuid());
139 currentCounters.add(childCounters);
144 public void onIssue(Component component, DefaultIssue issue) {
145 currentCounters.add(issue);
146 if (newIssueClassifier.isNew(component, issue)) {
147 currentCounters.addOnPeriod(issue);
152 public void afterComponent(Component component) {
153 addMeasuresBySeverity(component);
154 addMeasuresByStatus(component);
155 addMeasuresByType(component);
156 addNewMeasures(component);
157 currentCounters = null;
160 private void addMeasuresBySeverity(Component component) {
161 for (Map.Entry<String, String> entry : SEVERITY_TO_METRIC_KEY.entrySet()) {
162 String severity = entry.getKey();
163 String metricKey = entry.getValue();
164 addMeasure(component, metricKey, currentCounters.counter().severityBag.count(severity));
168 private void addMeasuresByStatus(Component component) {
169 addMeasure(component, VIOLATIONS_KEY, currentCounters.counter().unresolved);
170 addMeasure(component, OPEN_ISSUES_KEY, currentCounters.counter().open);
171 addMeasure(component, REOPENED_ISSUES_KEY, currentCounters.counter().reopened);
172 addMeasure(component, CONFIRMED_ISSUES_KEY, currentCounters.counter().confirmed);
173 addMeasure(component, FALSE_POSITIVE_ISSUES_KEY, currentCounters.counter().falsePositives);
174 addMeasure(component, ACCEPTED_ISSUES_KEY, currentCounters.counter().accepted);
175 addMeasure(component, HIGH_IMPACT_ACCEPTED_ISSUES_KEY, currentCounters.counter().highImpactAccepted);
178 private void addMeasuresByType(Component component) {
179 for (Map.Entry<RuleType, String> entry : TYPE_TO_METRIC_KEY.entrySet()) {
180 addMeasure(component, entry.getValue(), currentCounters.counter().typeBag.count(entry.getKey()));
184 private void addMeasure(Component component, String metricKey, int value) {
185 Metric metric = metricRepository.getByKey(metricKey);
186 measureRepository.add(component, metric, Measure.newMeasureBuilder().create(value));
189 private void addNewMeasures(Component component) {
190 if (!newIssueClassifier.isEnabled()) {
193 int unresolved = currentCounters.counterForPeriod().unresolved;
194 measureRepository.add(component, metricRepository.getByKey(NEW_VIOLATIONS_KEY), Measure.newMeasureBuilder()
195 .create(unresolved));
197 for (Map.Entry<String, String> entry : SEVERITY_TO_NEW_METRIC_KEY.entrySet()) {
198 String severity = entry.getKey();
199 String metricKey = entry.getValue();
200 Multiset<String> bag = currentCounters.counterForPeriod().severityBag;
201 Metric metric = metricRepository.getByKey(metricKey);
202 measureRepository.add(component, metric, Measure.newMeasureBuilder()
203 .create(bag.count(severity)));
206 // waiting for Java 8 lambda in order to factor this loop with the previous one
207 // (see call currentCounters.counterForPeriod(period.getIndex()).xxx with xxx as severityBag or typeBag)
208 for (Map.Entry<RuleType, String> entry : TYPE_TO_NEW_METRIC_KEY.entrySet()) {
209 RuleType type = entry.getKey();
210 String metricKey = entry.getValue();
211 Multiset<RuleType> bag = currentCounters.counterForPeriod().typeBag;
212 Metric metric = metricRepository.getByKey(metricKey);
213 measureRepository.add(component, metric, Measure.newMeasureBuilder()
214 .create(bag.count(type)));
217 addMeasure(component, NEW_ACCEPTED_ISSUES_KEY, currentCounters.counterForPeriod().accepted);
221 * Count issues by status, resolutions, rules and severities
223 private static class Counter {
224 private int unresolved = 0;
225 private int open = 0;
226 private int reopened = 0;
227 private int confirmed = 0;
228 private int falsePositives = 0;
229 private int accepted = 0;
230 private int highImpactAccepted = 0;
231 private final Multiset<String> severityBag = HashMultiset.create();
232 private final EnumMultiset<RuleType> typeBag = EnumMultiset.create(RuleType.class);
234 void add(Counter counter) {
235 unresolved += counter.unresolved;
236 open += counter.open;
237 reopened += counter.reopened;
238 confirmed += counter.confirmed;
239 falsePositives += counter.falsePositives;
240 accepted += counter.accepted;
241 highImpactAccepted += counter.highImpactAccepted;
242 severityBag.addAll(counter.severityBag);
243 typeBag.addAll(counter.typeBag);
246 void add(DefaultIssue issue) {
247 if (issue.type() == SECURITY_HOTSPOT) {
248 if (issue.resolution() == null) {
249 typeBag.add(SECURITY_HOTSPOT);
253 if (issue.resolution() == null) {
255 typeBag.add(issue.type());
256 severityBag.add(issue.severity());
257 } else if (IssueStatus.FALSE_POSITIVE.equals(issue.issueStatus())) {
259 } else if (IssueStatus.ACCEPTED.equals(issue.issueStatus())) {
261 if (issue.impacts().values().stream().anyMatch(severity -> severity == Severity.HIGH)) {
262 highImpactAccepted++;
265 switch (issue.status()) {
269 case STATUS_REOPENED:
272 case STATUS_CONFIRMED:
276 // Other statuses are ignored
282 * List of {@link Counter} for regular value and period.
284 private static class Counters {
285 private final Counter counter = new Counter();
286 private final Counter counterForPeriod = new Counter();
288 void add(@Nullable Counters other) {
290 counter.add(other.counter);
291 counterForPeriod.add(other.counterForPeriod);
295 void addOnPeriod(DefaultIssue issue) {
296 counterForPeriod.add(issue);
299 void add(DefaultIssue issue) {
307 Counter counterForPeriod() {
308 return counterForPeriod;