SONAR-19160 handle missing locations in SARIF import. (#8476)

diff --git a/sonar-core/src/main/java/org/sonar/core/sarif/Result.java b/sonar-core/src/main/java/org/sonar/core/sarif/Result.java
index 180c1cd71092b7eb86046811832985c7d8b1a518..3cc37d258ce73369955fb18aefeb7b8833639963 100644 (file)
--- a/sonar-core/src/main/java/org/sonar/core/sarif/Result.java
+++ b/sonar-core/src/main/java/org/sonar/core/sarif/Result.java
@@ -40,7 +40,7 @@ public class Result {
   @SerializedName("level")
   private final String level;
 
-  private Result(String ruleId, String message, LinkedHashSet<Location> locations,
+  private Result(String ruleId, String message, @Nullable LinkedHashSet<Location> locations,
     @Nullable String primaryLocationLineHash, @Nullable List<CodeFlow> codeFlows, @Nullable String level) {
     this.ruleId = ruleId;
     this.message = WrappedText.of(message);
@@ -58,6 +58,7 @@ public class Result {
     return message;
   }
 
+  @CheckForNull
   public Set<Location> getLocations() {
     return locations;
   }

diff --git a/sonar-scanner-engine/src/main/java/org/sonar/scanner/externalissue/sarif/ResultMapper.java b/sonar-scanner-engine/src/main/java/org/sonar/scanner/externalissue/sarif/ResultMapper.java
index 213b03c36349b1d11630087ff132588f59359421..7668c477b57378dfe2209d7b2c1224201916215c 100644 (file)
--- a/sonar-scanner-engine/src/main/java/org/sonar/scanner/externalissue/sarif/ResultMapper.java
+++ b/sonar-scanner-engine/src/main/java/org/sonar/scanner/externalissue/sarif/ResultMapper.java
@@ -22,6 +22,7 @@ package org.sonar.scanner.externalissue.sarif;
 import com.google.common.collect.ImmutableMap;
 import java.util.Map;
 import java.util.Optional;
+import java.util.Set;
 import javax.annotation.Nullable;
 import org.sonar.api.batch.rule.Severity;
 import org.sonar.api.batch.sensor.SensorContext;
@@ -72,10 +73,11 @@ public class ResultMapper {
 
   private void mapLocations(Result result, NewExternalIssue newExternalIssue) {
     NewIssueLocation newIssueLocation = newExternalIssue.newLocation();
-    if (result.getLocations().isEmpty()) {
+    Set<Location> locations = result.getLocations();
+    if (locations == null || locations.isEmpty()) {
       newExternalIssue.at(locationMapper.fillIssueInProjectLocation(result, newIssueLocation));
     } else {
-      Location firstLocation = result.getLocations().iterator().next();
+      Location firstLocation = locations.iterator().next();
       NewIssueLocation primaryLocation = fillFileOrProjectLocation(result, newIssueLocation, firstLocation);
       newExternalIssue.at(primaryLocation);
     }

diff --git a/sonar-scanner-engine/src/test/java/org/sonar/scanner/externalissue/sarif/ResultMapperTest.java b/sonar-scanner-engine/src/test/java/org/sonar/scanner/externalissue/sarif/ResultMapperTest.java
index c6eaed7f5568a8eabef3e0cb87831096e01e8f49..309a8ed95038d3ce212ef5e30b6015bac3fd9232 100644 (file)
--- a/sonar-scanner-engine/src/test/java/org/sonar/scanner/externalissue/sarif/ResultMapperTest.java
+++ b/sonar-scanner-engine/src/test/java/org/sonar/scanner/externalissue/sarif/ResultMapperTest.java
@@ -129,7 +129,19 @@ public class ResultMapperTest {
   }
 
   @Test
-  public void mapResult_whenLocationNotFound_createsProjectLocation() {
+  public void mapResult_whenLocationsIsEmpty_createsProjectLocation() {
+    NewExternalIssue newExternalIssue = resultMapper.mapResult(DRIVER_NAME, WARNING, result);
+
+    verify(locationMapper).fillIssueInProjectLocation(result, newExternalIssueLocation);
+    verifyNoMoreInteractions(locationMapper);
+    verify(newExternalIssue).at(newExternalIssueLocation);
+    verify(newExternalIssue, never()).addLocation(any());
+    verify(newExternalIssue, never()).addFlow(any());
+  }
+
+  @Test
+  public void mapResult_whenLocationsIsNull_createsProjectLocation() {
+    when(result.getLocations()).thenReturn(null);
     NewExternalIssue newExternalIssue = resultMapper.mapResult(DRIVER_NAME, WARNING, result);
 
     verify(locationMapper).fillIssueInProjectLocation(result, newExternalIssueLocation);