mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32801 Commits
59 Branches
Tree: 1125e9dd13
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '1125e9dd13'
${ noResults }
sonarqube/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/TrackerRawInputFactory.java

TrackerRawInputFactory.java 14KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2022 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.ce.task.projectanalysis.issue;

  21. 

  22. import java.util.ArrayList;

  23. import java.util.Collections;

  24. import java.util.HashMap;

  25. import java.util.List;

  26. import java.util.Map;

  27. import java.util.Optional;

  28. import javax.annotation.Nullable;

  29. import org.sonar.api.rule.RuleKey;

  30. import org.sonar.api.rules.RuleType;

  31. import org.sonar.api.utils.Duration;

  32. import org.sonar.api.utils.log.Loggers;

  33. import org.sonar.ce.task.projectanalysis.batch.BatchReportReader;

  34. import org.sonar.ce.task.projectanalysis.component.Component;

  35. import org.sonar.ce.task.projectanalysis.component.TreeRootHolder;

  36. import org.sonar.ce.task.projectanalysis.issue.commonrule.CommonRuleEngine;

  37. import org.sonar.ce.task.projectanalysis.issue.filter.IssueFilter;

  38. import org.sonar.ce.task.projectanalysis.qualityprofile.ActiveRulesHolder;

  39. import org.sonar.ce.task.projectanalysis.source.SourceLinesHashRepository;

  40. import org.sonar.core.issue.DefaultIssue;

  41. import org.sonar.core.issue.tracking.Input;

  42. import org.sonar.core.issue.tracking.LazyInput;

  43. import org.sonar.core.issue.tracking.LineHashSequence;

  44. import org.sonar.core.util.CloseableIterator;

  45. import org.sonar.db.protobuf.DbCommons;

  46. import org.sonar.db.protobuf.DbIssues;

  47. import org.sonar.scanner.protocol.Constants.Severity;

  48. import org.sonar.scanner.protocol.output.ScannerReport;

  49. import org.sonar.scanner.protocol.output.ScannerReport.IssueType;

  50. import org.sonar.server.rule.CommonRuleKeys;

  51. 

  52. import static org.apache.commons.lang.StringUtils.isNotEmpty;

  53. import static org.sonar.api.issue.Issue.STATUS_OPEN;

  54. import static org.sonar.api.issue.Issue.STATUS_TO_REVIEW;

  55. 

  56. public class TrackerRawInputFactory {

  57.   private static final long DEFAULT_EXTERNAL_ISSUE_EFFORT = 0L;

  58.   private final TreeRootHolder treeRootHolder;

  59.   private final BatchReportReader reportReader;

  60.   private final CommonRuleEngine commonRuleEngine;

  61.   private final IssueFilter issueFilter;

  62.   private final SourceLinesHashRepository sourceLinesHash;

  63.   private final RuleRepository ruleRepository;

  64.   private final ActiveRulesHolder activeRulesHolder;

  65. 

  66.   public TrackerRawInputFactory(TreeRootHolder treeRootHolder, BatchReportReader reportReader, SourceLinesHashRepository sourceLinesHash, CommonRuleEngine commonRuleEngine,

  67.     IssueFilter issueFilter, RuleRepository ruleRepository, ActiveRulesHolder activeRulesHolder) {

  68.     this.treeRootHolder = treeRootHolder;

  69.     this.reportReader = reportReader;

  70.     this.sourceLinesHash = sourceLinesHash;

  71.     this.commonRuleEngine = commonRuleEngine;

  72.     this.issueFilter = issueFilter;

  73.     this.ruleRepository = ruleRepository;

  74.     this.activeRulesHolder = activeRulesHolder;

  75.   }

  76. 

  77.   public Input<DefaultIssue> create(Component component) {

  78.     return new RawLazyInput(component);

  79.   }

  80. 

  81.   private class RawLazyInput extends LazyInput<DefaultIssue> {

  82.     private final Component component;

  83. 

  84.     private RawLazyInput(Component component) {

  85.       this.component = component;

  86.     }

  87. 

  88.     @Override

  89.     protected LineHashSequence loadLineHashSequence() {

  90.       if (component.getType() == Component.Type.FILE) {

  91.         return new LineHashSequence(sourceLinesHash.getLineHashesMatchingDBVersion(component));

  92.       } else {

  93.         return new LineHashSequence(Collections.emptyList());

  94.       }

  95.     }

  96. 

  97.     @Override

  98.     protected List<DefaultIssue> loadIssues() {

  99.       List<DefaultIssue> result = new ArrayList<>();

  100. 

  101.       for (DefaultIssue commonRuleIssue : commonRuleEngine.process(component)) {

  102.         if (issueFilter.accept(commonRuleIssue, component)) {

  103.           result.add(init(commonRuleIssue, STATUS_OPEN));

  104.         }

  105.       }

  106. 

  107.       if (component.getReportAttributes().getRef() == null) {

  108.         return result;

  109.       }

  110. 

  111.       try (CloseableIterator<ScannerReport.Issue> reportIssues = reportReader.readComponentIssues(component.getReportAttributes().getRef())) {

  112.         // optimization - do not load line hashes if there are no issues -> getLineHashSequence() is executed

  113.         // as late as possible

  114.         while (reportIssues.hasNext()) {

  115.           ScannerReport.Issue reportIssue = reportIssues.next();

  116.           if (isOnInactiveRule(reportIssue)) {

  117.             continue;

  118.           }

  119.           if (!isIssueOnUnsupportedCommonRule(reportIssue)) {

  120.             Loggers.get(getClass()).debug("Ignored issue from analysis report on rule {}:{}", reportIssue.getRuleRepository(), reportIssue.getRuleKey());

  121.             continue;

  122.           }

  123.           DefaultIssue issue = toIssue(getLineHashSequence(), reportIssue);

  124.           if (issueFilter.accept(issue, component)) {

  125.             result.add(issue);

  126.           }

  127.         }

  128.       }

  129. 

  130.       Map<RuleKey, ScannerReport.AdHocRule> adHocRuleMap = new HashMap<>();

  131.       try (CloseableIterator<ScannerReport.AdHocRule> reportAdHocRule = reportReader.readAdHocRules()) {

  132.         while (reportAdHocRule.hasNext()) {

  133.           ScannerReport.AdHocRule adHocRule = reportAdHocRule.next();

  134.           adHocRuleMap.put(RuleKey.of(RuleKey.EXTERNAL_RULE_REPO_PREFIX + adHocRule.getEngineId(), adHocRule.getRuleId()), adHocRule);

  135.         }

  136.       }

  137. 

  138.       try (CloseableIterator<ScannerReport.ExternalIssue> reportExternalIssues = reportReader.readComponentExternalIssues(component.getReportAttributes().getRef())) {

  139.         // optimization - do not load line hashes if there are no issues -> getLineHashSequence() is executed

  140.         // as late as possible

  141.         while (reportExternalIssues.hasNext()) {

  142.           ScannerReport.ExternalIssue reportExternalIssue = reportExternalIssues.next();

  143.           result.add(toExternalIssue(getLineHashSequence(), reportExternalIssue, adHocRuleMap));

  144.         }

  145.       }

  146. 

  147.       return result;

  148.     }

  149. 

  150.     private boolean isOnInactiveRule(ScannerReport.Issue reportIssue) {

  151.       RuleKey ruleKey = RuleKey.of(reportIssue.getRuleRepository(), reportIssue.getRuleKey());

  152.       return !activeRulesHolder.get(ruleKey).isPresent();

  153.     }

  154. 

  155.     private boolean isIssueOnUnsupportedCommonRule(ScannerReport.Issue issue) {

  156.       // issues on batch common rules are ignored. This feature

  157.       // is natively supported by compute engine since 5.2.

  158.       return !issue.getRuleRepository().startsWith(CommonRuleKeys.REPOSITORY_PREFIX);

  159.     }

  160. 

  161.     private DefaultIssue toIssue(LineHashSequence lineHashSeq, ScannerReport.Issue reportIssue) {

  162.       DefaultIssue issue = new DefaultIssue();

  163.       init(issue, STATUS_OPEN);

  164.       RuleKey ruleKey = RuleKey.of(reportIssue.getRuleRepository(), reportIssue.getRuleKey());

  165.       issue.setRuleKey(ruleKey);

  166.       if (reportIssue.hasTextRange()) {

  167.         int startLine = reportIssue.getTextRange().getStartLine();

  168.         issue.setLine(startLine);

  169.         issue.setChecksum(lineHashSeq.getHashForLine(startLine));

  170.       } else {

  171.         issue.setChecksum("");

  172.       }

  173.       if (isNotEmpty(reportIssue.getMsg())) {

  174.         issue.setMessage(reportIssue.getMsg());

  175.       } else {

  176.         Rule rule = ruleRepository.getByKey(ruleKey);

  177.         issue.setMessage(rule.getName());

  178.       }

  179.       if (reportIssue.getSeverity() != Severity.UNSET_SEVERITY) {

  180.         issue.setSeverity(reportIssue.getSeverity().name());

  181.       }

  182.       if (Double.compare(reportIssue.getGap(), 0D) != 0) {

  183.         issue.setGap(reportIssue.getGap());

  184.       }

  185.       DbIssues.Locations.Builder dbLocationsBuilder = DbIssues.Locations.newBuilder();

  186.       if (reportIssue.hasTextRange()) {

  187.         dbLocationsBuilder.setTextRange(convertTextRange(reportIssue.getTextRange()));

  188.       }

  189.       for (ScannerReport.Flow flow : reportIssue.getFlowList()) {

  190.         if (flow.getLocationCount() > 0) {

  191.           DbIssues.Flow.Builder dbFlowBuilder = convertLocations(flow);

  192.           dbLocationsBuilder.addFlow(dbFlowBuilder);

  193.         }

  194.       }

  195.       issue.setIsFromExternalRuleEngine(false);

  196.       issue.setLocations(dbLocationsBuilder.build());

  197.       issue.setQuickFixAvailable(reportIssue.getQuickFixAvailable());

  198.       issue.setRuleDescriptionContextKey(reportIssue.hasRuleDescriptionContextKey() ? reportIssue.getRuleDescriptionContextKey() : null);

  199.       return issue;

  200.     }

  201. 

  202.     private DbIssues.Flow.Builder convertLocations(ScannerReport.Flow flow) {

  203.       DbIssues.Flow.Builder dbFlowBuilder = DbIssues.Flow.newBuilder();

  204.       for (ScannerReport.IssueLocation location : flow.getLocationList()) {

  205.         convertLocation(location).ifPresent(dbFlowBuilder::addLocation);

  206.       }

  207.       if (isNotEmpty(flow.getDescription())) {

  208.         dbFlowBuilder.setDescription(flow.getDescription());

  209.       }

  210.       toFlowType(flow.getType()).ifPresent(dbFlowBuilder::setType);

  211.       return dbFlowBuilder;

  212.     }

  213. 

  214.     private DefaultIssue toExternalIssue(LineHashSequence lineHashSeq, ScannerReport.ExternalIssue reportExternalIssue, Map<RuleKey, ScannerReport.AdHocRule> adHocRuleMap) {

  215.       DefaultIssue issue = new DefaultIssue();

  216.       RuleType type = toRuleType(reportExternalIssue.getType());

  217.       init(issue, type == RuleType.SECURITY_HOTSPOT ? STATUS_TO_REVIEW : STATUS_OPEN);

  218. 

  219.       RuleKey ruleKey = RuleKey.of(RuleKey.EXTERNAL_RULE_REPO_PREFIX + reportExternalIssue.getEngineId(), reportExternalIssue.getRuleId());

  220.       issue.setRuleKey(ruleKey);

  221.       if (reportExternalIssue.hasTextRange()) {

  222.         int startLine = reportExternalIssue.getTextRange().getStartLine();

  223.         issue.setLine(startLine);

  224.         issue.setChecksum(lineHashSeq.getHashForLine(startLine));

  225.       } else {

  226.         issue.setChecksum("");

  227.       }

  228.       if (isNotEmpty(reportExternalIssue.getMsg())) {

  229.         issue.setMessage(reportExternalIssue.getMsg());

  230.       }

  231.       if (reportExternalIssue.getSeverity() != Severity.UNSET_SEVERITY) {

  232.         issue.setSeverity(reportExternalIssue.getSeverity().name());

  233.       }

  234.       issue.setEffort(Duration.create(reportExternalIssue.getEffort() != 0 ? reportExternalIssue.getEffort() : DEFAULT_EXTERNAL_ISSUE_EFFORT));

  235.       DbIssues.Locations.Builder dbLocationsBuilder = DbIssues.Locations.newBuilder();

  236.       if (reportExternalIssue.hasTextRange()) {

  237.         dbLocationsBuilder.setTextRange(convertTextRange(reportExternalIssue.getTextRange()));

  238.       }

  239.       for (ScannerReport.Flow flow : reportExternalIssue.getFlowList()) {

  240.         if (flow.getLocationCount() > 0) {

  241.           DbIssues.Flow.Builder dbFlowBuilder = convertLocations(flow);

  242.           dbLocationsBuilder.addFlow(dbFlowBuilder);

  243.         }

  244.       }

  245.       issue.setIsFromExternalRuleEngine(true);

  246.       issue.setLocations(dbLocationsBuilder.build());

  247.       issue.setType(type);

  248. 

  249.       ruleRepository.addOrUpdateAddHocRuleIfNeeded(ruleKey, () -> toAdHocRule(reportExternalIssue, adHocRuleMap.get(issue.ruleKey())));

  250.       return issue;

  251.     }

  252. 

  253.     private NewAdHocRule toAdHocRule(ScannerReport.ExternalIssue reportIssue, @Nullable ScannerReport.AdHocRule adHocRule) {

  254.       if (adHocRule != null) {

  255.         return new NewAdHocRule(adHocRule);

  256.       }

  257.       return new NewAdHocRule(reportIssue);

  258.     }

  259. 

  260.     private Optional<DbIssues.FlowType> toFlowType(ScannerReport.FlowType flowType) {

  261.       switch (flowType) {

  262.         case DATA:

  263.           return Optional.of(DbIssues.FlowType.DATA);

  264.         case EXECUTION:

  265.           return Optional.of(DbIssues.FlowType.EXECUTION);

  266.         case UNDEFINED:

  267.           return Optional.empty();

  268.         default:

  269.           throw new IllegalArgumentException("Unrecognized type: " + flowType);

  270.       }

  271.     }

  272. 

  273.     private RuleType toRuleType(IssueType type) {

  274.       switch (type) {

  275.         case BUG:

  276.           return RuleType.BUG;

  277.         case CODE_SMELL:

  278.           return RuleType.CODE_SMELL;

  279.         case VULNERABILITY:

  280.           return RuleType.VULNERABILITY;

  281.         case SECURITY_HOTSPOT:

  282.           return RuleType.SECURITY_HOTSPOT;

  283.         case UNRECOGNIZED:

  284.         default:

  285.           throw new IllegalStateException("Invalid issue type: " + type);

  286.       }

  287.     }

  288. 

  289.     private DefaultIssue init(DefaultIssue issue, String initialStatus) {

  290.       issue.setStatus(initialStatus);

  291.       issue.setResolution(null);

  292.       issue.setComponentUuid(component.getUuid());

  293.       issue.setComponentKey(component.getKey());

  294.       issue.setProjectUuid(treeRootHolder.getRoot().getUuid());

  295.       issue.setProjectKey(treeRootHolder.getRoot().getKey());

  296.       return issue;

  297.     }

  298. 

  299.     private Optional<DbIssues.Location> convertLocation(ScannerReport.IssueLocation source) {

  300.       DbIssues.Location.Builder target = DbIssues.Location.newBuilder();

  301.       if (source.getComponentRef() != 0 && source.getComponentRef() != component.getReportAttributes().getRef()) {

  302.         // SONAR-10781 Component might not exist because on PR, only changed components are included in the report

  303.         Optional<Component> optionalComponent = treeRootHolder.getOptionalComponentByRef(source.getComponentRef());

  304.         if (!optionalComponent.isPresent()) {

  305.           return Optional.empty();

  306.         }

  307.         target.setComponentId(optionalComponent.get().getUuid());

  308.       }

  309.       if (isNotEmpty(source.getMsg())) {

  310.         target.setMsg(source.getMsg());

  311.       }

  312.       if (source.hasTextRange()) {

  313.         ScannerReport.TextRange sourceRange = source.getTextRange();

  314.         DbCommons.TextRange.Builder targetRange = convertTextRange(sourceRange);

  315.         target.setTextRange(targetRange);

  316.       }

  317.       return Optional.of(target.build());

  318.     }

  319. 

  320.     private DbCommons.TextRange.Builder convertTextRange(ScannerReport.TextRange sourceRange) {

  321.       DbCommons.TextRange.Builder targetRange = DbCommons.TextRange.newBuilder();

  322.       targetRange.setStartLine(sourceRange.getStartLine());

  323.       targetRange.setStartOffset(sourceRange.getStartOffset());

  324.       targetRange.setEndLine(sourceRange.getEndLine());

  325.       targetRange.setEndOffset(sourceRange.getEndOffset());

  326.       return targetRange;

  327.     }

  328.   }

  329. }