--- /dev/null
- saveDependency(node, context);
+/*
+ * SonarQube, open source software quality management tool.
+ * Copyright (C) 2008-2014 SonarSource
+ * mailto:contact AT sonarsource DOT com
+ *
+ * SonarQube is free software; you can redistribute it and/or
+ * modify it under the terms of the GNU Lesser General Public
+ * License as published by the Free Software Foundation; either
+ * version 3 of the License, or (at your option) any later version.
+ *
+ * SonarQube is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ * Lesser General Public License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with this program; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
+ */
+package org.sonar.batch.design;
+
+import com.google.gson.Gson;
+import com.google.gson.GsonBuilder;
+import com.google.gson.JsonArray;
+import com.google.gson.JsonDeserializationContext;
+import com.google.gson.JsonDeserializer;
+import com.google.gson.JsonElement;
+import com.google.gson.JsonObject;
+import com.google.gson.reflect.TypeToken;
+import org.apache.maven.artifact.Artifact;
+import org.apache.maven.artifact.factory.ArtifactFactory;
+import org.apache.maven.artifact.metadata.ArtifactMetadataSource;
+import org.apache.maven.artifact.repository.ArtifactRepository;
+import org.apache.maven.artifact.resolver.ArtifactCollector;
+import org.apache.maven.shared.dependency.tree.DependencyNode;
+import org.apache.maven.shared.dependency.tree.DependencyTreeBuilder;
+import org.apache.maven.shared.dependency.tree.DependencyTreeBuilderException;
+import org.apache.maven.shared.dependency.tree.filter.AncestorOrSelfDependencyNodeFilter;
+import org.apache.maven.shared.dependency.tree.filter.DependencyNodeFilter;
+import org.apache.maven.shared.dependency.tree.filter.StateDependencyNodeFilter;
+import org.apache.maven.shared.dependency.tree.traversal.BuildingDependencyNodeVisitor;
+import org.apache.maven.shared.dependency.tree.traversal.CollectingDependencyNodeVisitor;
+import org.apache.maven.shared.dependency.tree.traversal.DependencyNodeVisitor;
+import org.apache.maven.shared.dependency.tree.traversal.FilteringDependencyNodeVisitor;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.sonar.api.batch.Sensor;
+import org.sonar.api.batch.SensorContext;
+import org.sonar.api.batch.SonarIndex;
+import org.sonar.api.batch.SupportedEnvironment;
+import org.sonar.api.config.Settings;
+import org.sonar.api.design.Dependency;
+import org.sonar.api.resources.Library;
+import org.sonar.api.resources.Project;
+import org.sonar.api.resources.Resource;
+import org.sonar.api.utils.SonarException;
+
+import java.lang.reflect.Type;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.List;
+
+@SupportedEnvironment("maven")
+public class MavenDependenciesSensor implements Sensor {
+
+ private static final String SONAR_MAVEN_PROJECT_DEPENDENCY = "sonar.maven.projectDependencies";
+
+ private static final Logger LOG = LoggerFactory.getLogger(MavenDependenciesSensor.class);
+
+ private ArtifactRepository localRepository;
+ private ArtifactFactory artifactFactory;
+ private ArtifactMetadataSource artifactMetadataSource;
+ private ArtifactCollector artifactCollector;
+ private DependencyTreeBuilder treeBuilder;
+ private SonarIndex index;
+ private Settings settings;
+
+ public MavenDependenciesSensor(Settings settings, ArtifactRepository localRepository, ArtifactFactory artifactFactory, ArtifactMetadataSource artifactMetadataSource,
+ ArtifactCollector artifactCollector, DependencyTreeBuilder treeBuilder, SonarIndex index) {
+ this.settings = settings;
+ this.localRepository = localRepository;
+ this.artifactFactory = artifactFactory;
+ this.artifactMetadataSource = artifactMetadataSource;
+ this.artifactCollector = artifactCollector;
+ this.index = index;
+ this.treeBuilder = treeBuilder;
+ }
+
+ /**
+ * Used with SQ Maven plugin 2.5+
+ */
+ public MavenDependenciesSensor(Settings settings, SonarIndex index) {
+ this.settings = settings;
+ this.index = index;
+ }
+
+ public boolean shouldExecuteOnProject(Project project) {
+ return true;
+ }
+
+ private static class InputDependency {
+
+ private final String key;
+
+ private final String version;
+
+ private String scope;
+
+ List<InputDependency> dependencies = new ArrayList<InputDependency>();
+
+ public InputDependency(String key, String version) {
+ this.key = key;
+ this.version = version;
+ }
+
+ public String key() {
+ return key;
+ }
+
+ public String version() {
+ return version;
+ }
+
+ public String scope() {
+ return scope;
+ }
+
+ public InputDependency setScope(String scope) {
+ this.scope = scope;
+ return this;
+ }
+
+ public List<InputDependency> dependencies() {
+ return dependencies;
+ }
+ }
+
+ private static class DependencyDeserializer implements JsonDeserializer<InputDependency> {
+
+ @Override
+ public InputDependency deserialize(JsonElement json, Type typeOfT, JsonDeserializationContext context) {
+
+ JsonObject dep = json.getAsJsonObject();
+ String key = dep.get("k").getAsString();
+ String version = dep.get("v").getAsString();
+ InputDependency result = new InputDependency(key, version);
+ result.setScope(dep.get("s").getAsString());
+ JsonElement subDeps = dep.get("d");
+ if (subDeps != null) {
+ JsonArray arrayOfSubDeps = subDeps.getAsJsonArray();
+ for (JsonElement e : arrayOfSubDeps) {
+ result.dependencies().add(deserialize(e, typeOfT, context));
+ }
+ }
+ return result;
+ }
+
+ }
+
+ public void analyse(final Project project, final SensorContext context) {
+ if (settings.hasKey(SONAR_MAVEN_PROJECT_DEPENDENCY)) {
+ LOG.debug("Using dependency provided by property " + SONAR_MAVEN_PROJECT_DEPENDENCY);
+ String depsAsJson = settings.getString(SONAR_MAVEN_PROJECT_DEPENDENCY);
+ Collection<InputDependency> deps;
+ try {
+ GsonBuilder gsonBuilder = new GsonBuilder();
+ gsonBuilder.registerTypeAdapter(InputDependency.class, new DependencyDeserializer());
+ Gson gson = gsonBuilder.create();
+
+ Type collectionType = new TypeToken<Collection<InputDependency>>() {
+ }.getType();
+ deps = gson.fromJson(depsAsJson, collectionType);
+ saveDependencies(project, deps, context);
+ } catch (Exception e) {
+ throw new IllegalStateException("Unable to deserialize dependency information: " + depsAsJson, e);
+ }
+ } else if (treeBuilder != null) {
+ computeDependencyTree(project, context);
+ }
+ }
+
+ private void computeDependencyTree(final Project project, final SensorContext context) {
+ LOG.warn("Computation of Maven dependencies by SonarQube is deprecated. Please update the version of SonarQube Maven plugin to 2.5+");
+ try {
+ DependencyNode root = treeBuilder.buildDependencyTree(project.getPom(), localRepository, artifactFactory, artifactMetadataSource, null, artifactCollector);
+
+ DependencyNodeVisitor visitor = new BuildingDependencyNodeVisitor(new DependencyNodeVisitor() {
+ public boolean visit(DependencyNode node) {
+ return true;
+ }
+
+ public boolean endVisit(DependencyNode node) {
+ if (node.getParent() != null && node.getParent() != node) {
- protected void saveDependency(DependencyNode node, SensorContext context) {
- Resource from = (node.getParent().getParent() == null) ? index.getProject() : toResource(node.getParent().getArtifact(), context);
- Resource to = toResource(node.getArtifact(), context);
++ saveDependency(project, node, context);
+ }
+ return true;
+ }
+ });
+
+ // mode verbose OFF : do not show the same lib many times
+ DependencyNodeFilter filter = StateDependencyNodeFilter.INCLUDED;
+
+ CollectingDependencyNodeVisitor collectingVisitor = new CollectingDependencyNodeVisitor();
+ DependencyNodeVisitor firstPassVisitor = new FilteringDependencyNodeVisitor(collectingVisitor, filter);
+ root.accept(firstPassVisitor);
+
+ DependencyNodeFilter secondPassFilter = new AncestorOrSelfDependencyNodeFilter(collectingVisitor.getNodes());
+ visitor = new FilteringDependencyNodeVisitor(visitor, secondPassFilter);
+
+ root.accept(visitor);
+
+ } catch (DependencyTreeBuilderException e) {
+ throw new SonarException("Can not load the graph of dependencies of the project " + project.getKey(), e);
+ }
+ }
+
+ private void saveDependencies(Resource from, Collection<InputDependency> deps, SensorContext context) {
+ for (InputDependency inputDep : deps) {
+ Resource to = toResource(inputDep, context);
+ Dependency dependency = new Dependency(from, to);
+ dependency.setUsage(inputDep.scope());
+ dependency.setWeight(1);
+ context.saveDependency(dependency);
+ if (!inputDep.dependencies().isEmpty()) {
+ saveDependencies(to, inputDep.dependencies(), context);
+ }
+ }
+ }
+
+ private Resource toResource(InputDependency dependency, SensorContext context) {
+ Project project = new Project(dependency.key());
+ Resource result = context.getResource(project);
+ if (result == null || !((Project) result).getAnalysisVersion().equals(dependency.version())) {
+ Library lib = new Library(project.getKey(), dependency.version());
+ context.saveResource(lib);
+ result = context.getResource(lib);
+ }
+ return result;
+ }
+
- protected static Resource toResource(Artifact artifact, SensorContext context) {
- Project project = Project.createFromMavenIds(artifact.getGroupId(), artifact.getArtifactId());
- Resource result = context.getResource(project);
++ protected void saveDependency(final Project project, DependencyNode node, SensorContext context) {
++ Resource from = (node.getParent().getParent() == null) ? index.getProject() : toResource(project, node.getParent().getArtifact(), context);
++ Resource to = toResource(project, node.getArtifact(), context);
+ Dependency dependency = new Dependency(from, to);
+ dependency.setUsage(node.getArtifact().getScope());
+ dependency.setWeight(1);
+ context.saveDependency(dependency);
+ }
+
- Library lib = new Library(project.getKey(), artifact.getBaseVersion());
++ protected static Resource toResource(final Project project, Artifact artifact, SensorContext context) {
++ Project depWithBranch = Project.createFromMavenIds(artifact.getGroupId(), artifact.getArtifactId(), project.getBranch());
++ Resource result = context.getResource(depWithBranch);
+ if (result == null || !((Project) result).getAnalysisVersion().equals(artifact.getBaseVersion())) {
++ Library lib = Library.createFromMavenIds(artifact.getGroupId(), artifact.getArtifactId(), artifact.getBaseVersion());
+ context.saveResource(lib);
+ result = context.getResource(lib);
+ }
+ return result;
+ }
+
+ @Override
+ public String toString() {
+ return "Maven dependencies";
+ }
+}