mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
33538 Commits
59 Branches
Tree: 2d60913db1
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '2d60913db1'
${ noResults }
sonarqube/server/sonar-webserver-core/src/main/java/org/sonar/server/telemetry/TelemetryDataLoaderImpl.java

TelemetryDataLoaderImpl.java 16KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2023 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.server.telemetry;

  21. 

  22. import com.google.common.annotations.VisibleForTesting;

  23. import java.sql.DatabaseMetaData;

  24. import java.sql.SQLException;

  25. import java.util.ArrayList;

  26. import java.util.Collection;

  27. import java.util.Collections;

  28. import java.util.HashMap;

  29. import java.util.List;

  30. import java.util.Map;

  31. import java.util.Optional;

  32. import java.util.Set;

  33. import java.util.function.Function;

  34. import java.util.stream.Collectors;

  35. import javax.inject.Inject;

  36. import org.sonar.api.config.Configuration;

  37. import org.sonar.api.platform.Server;

  38. import org.sonar.api.server.ServerSide;

  39. import org.sonar.core.platform.PlatformEditionProvider;

  40. import org.sonar.core.platform.PluginInfo;

  41. import org.sonar.core.platform.PluginRepository;

  42. import org.sonar.core.util.stream.MoreCollectors;

  43. import org.sonar.db.DbClient;

  44. import org.sonar.db.DbSession;

  45. import org.sonar.db.alm.setting.ALM;

  46. import org.sonar.db.alm.setting.ProjectAlmKeyAndProject;

  47. import org.sonar.db.component.AnalysisPropertyValuePerProject;

  48. import org.sonar.db.component.PrBranchAnalyzedLanguageCountByProjectDto;

  49. import org.sonar.db.measure.LiveMeasureDto;

  50. import org.sonar.db.measure.ProjectMeasureDto;

  51. import org.sonar.db.metric.MetricDto;

  52. import org.sonar.db.qualitygate.ProjectQgateAssociationDto;

  53. import org.sonar.db.qualitygate.QualityGateDto;

  54. import org.sonar.server.platform.DockerSupport;

  55. import org.sonar.server.property.InternalProperties;

  56. import org.sonar.server.qualitygate.QualityGateCaycChecker;

  57. import org.sonar.server.qualitygate.QualityGateFinder;

  58. import org.sonar.server.telemetry.TelemetryData.Database;

  59. 

  60. import static java.util.Arrays.asList;

  61. import static java.util.Optional.ofNullable;

  62. import static java.util.stream.Collectors.groupingBy;

  63. import static java.util.stream.Collectors.toMap;

  64. import static org.sonar.api.internal.apachecommons.lang.StringUtils.startsWithIgnoreCase;

  65. import static org.sonar.api.measures.CoreMetrics.BUGS_KEY;

  66. import static org.sonar.api.measures.CoreMetrics.DEVELOPMENT_COST_KEY;

  67. import static org.sonar.api.measures.CoreMetrics.NCLOC_LANGUAGE_DISTRIBUTION_KEY;

  68. import static org.sonar.api.measures.CoreMetrics.SECURITY_HOTSPOTS_KEY;

  69. import static org.sonar.api.measures.CoreMetrics.TECHNICAL_DEBT_KEY;

  70. import static org.sonar.api.measures.CoreMetrics.VULNERABILITIES_KEY;

  71. import static org.sonar.core.config.CorePropertyDefinitions.SONAR_ANALYSIS_DETECTEDCI;

  72. import static org.sonar.core.config.CorePropertyDefinitions.SONAR_ANALYSIS_DETECTEDSCM;

  73. import static org.sonar.core.platform.EditionProvider.Edition.COMMUNITY;

  74. import static org.sonar.core.platform.EditionProvider.Edition.DATACENTER;

  75. import static org.sonar.core.platform.EditionProvider.Edition.ENTERPRISE;

  76. import static org.sonar.server.metric.UnanalyzedLanguageMetrics.UNANALYZED_CPP_KEY;

  77. import static org.sonar.server.metric.UnanalyzedLanguageMetrics.UNANALYZED_C_KEY;

  78. import static org.sonar.server.telemetry.TelemetryDaemon.I_PROP_MESSAGE_SEQUENCE;

  79. 

  80. @ServerSide

  81. public class TelemetryDataLoaderImpl implements TelemetryDataLoader {

  82.   @VisibleForTesting

  83.   static final String SCIM_PROPERTY_ENABLED = "sonar.scim.enabled";

  84.   private static final String UNDETECTED = "undetected";

  85. 

  86.   private static final Map<String, String> LANGUAGES_BY_SECURITY_JSON_PROPERTY_MAP = Map.of(

  87.     "sonar.security.config.javasecurity", "java",

  88.     "sonar.security.config.phpsecurity", "php",

  89.     "sonar.security.config.pythonsecurity", "python",

  90.     "sonar.security.config.roslyn.sonaranalyzer.security.cs", "csharp");

  91. 

  92.   private final Server server;

  93.   private final DbClient dbClient;

  94.   private final PluginRepository pluginRepository;

  95.   private final PlatformEditionProvider editionProvider;

  96.   private final Configuration configuration;

  97.   private final InternalProperties internalProperties;

  98.   private final DockerSupport dockerSupport;

  99.   private final QualityGateCaycChecker qualityGateCaycChecker;

  100.   private final QualityGateFinder qualityGateFinder;

  101. 

  102.   @Inject

  103.   public TelemetryDataLoaderImpl(Server server, DbClient dbClient, PluginRepository pluginRepository,

  104.     PlatformEditionProvider editionProvider, InternalProperties internalProperties, Configuration configuration,

  105.     DockerSupport dockerSupport, QualityGateCaycChecker qualityGateCaycChecker, QualityGateFinder qualityGateFinder) {

  106.     this.server = server;

  107.     this.dbClient = dbClient;

  108.     this.pluginRepository = pluginRepository;

  109.     this.editionProvider = editionProvider;

  110.     this.internalProperties = internalProperties;

  111.     this.configuration = configuration;

  112.     this.dockerSupport = dockerSupport;

  113.     this.qualityGateCaycChecker = qualityGateCaycChecker;

  114.     this.qualityGateFinder = qualityGateFinder;

  115.   }

  116. 

  117.   private static Database loadDatabaseMetadata(DbSession dbSession) {

  118.     try {

  119.       DatabaseMetaData metadata = dbSession.getConnection().getMetaData();

  120.       return new Database(metadata.getDatabaseProductName(), metadata.getDatabaseProductVersion());

  121.     } catch (SQLException e) {

  122.       throw new IllegalStateException("Fail to get DB metadata", e);

  123.     }

  124.   }

  125. 

  126.   @Override

  127.   public TelemetryData load() {

  128.     TelemetryData.Builder data = TelemetryData.builder();

  129. 

  130.     data.setMessageSequenceNumber(retrieveCurrentMessageSequenceNumber() + 1);

  131.     data.setServerId(server.getId());

  132.     data.setVersion(server.getVersion());

  133.     data.setEdition(editionProvider.get().orElse(null));

  134.     Function<PluginInfo, String> getVersion = plugin -> plugin.getVersion() == null ? "undefined" : plugin.getVersion().getName();

  135.     Map<String, String> plugins = pluginRepository.getPluginInfos().stream().collect(MoreCollectors.uniqueIndex(PluginInfo::getKey,

  136.       getVersion));

  137.     data.setPlugins(plugins);

  138.     try (DbSession dbSession = dbClient.openSession(false)) {

  139.       data.setDatabase(loadDatabaseMetadata(dbSession));

  140. 

  141.       String defaultQualityGateUuid = qualityGateFinder.getDefault(dbSession).getUuid();

  142. 

  143.       data.setDefaultQualityGate(defaultQualityGateUuid);

  144.       resolveUnanalyzedLanguageCode(data, dbSession);

  145.       resolveProjectStatistics(data, dbSession, defaultQualityGateUuid);

  146.       resolveProjects(data, dbSession);

  147.       resolveQualityGates(data, dbSession);

  148.       resolveUsers(data, dbSession);

  149.     }

  150. 

  151.     setSecurityCustomConfigIfPresent(data);

  152. 

  153.     Optional<String> installationDateProperty = internalProperties.read(InternalProperties.INSTALLATION_DATE);

  154.     installationDateProperty.ifPresent(s -> data.setInstallationDate(Long.valueOf(s)));

  155.     Optional<String> installationVersionProperty = internalProperties.read(InternalProperties.INSTALLATION_VERSION);

  156. 

  157.     return data

  158.       .setInstallationVersion(installationVersionProperty.orElse(null))

  159.       .setInDocker(dockerSupport.isRunningInDocker())

  160.       .setIsScimEnabled(isScimEnabled())

  161.       .build();

  162.   }

  163. 

  164.   private void resolveUnanalyzedLanguageCode(TelemetryData.Builder data, DbSession dbSession) {

  165.     long numberOfUnanalyzedCMeasures = dbClient.liveMeasureDao().countProjectsHavingMeasure(dbSession, UNANALYZED_C_KEY);

  166.     long numberOfUnanalyzedCppMeasures = dbClient.liveMeasureDao().countProjectsHavingMeasure(dbSession, UNANALYZED_CPP_KEY);

  167.     editionProvider.get()

  168.       .filter(edition -> edition.equals(COMMUNITY))

  169.       .ifPresent(edition -> {

  170.         data.setHasUnanalyzedC(numberOfUnanalyzedCMeasures > 0);

  171.         data.setHasUnanalyzedCpp(numberOfUnanalyzedCppMeasures > 0);

  172.       });

  173.   }

  174. 

  175.   private Long retrieveCurrentMessageSequenceNumber() {

  176.     return internalProperties.read(I_PROP_MESSAGE_SEQUENCE).map(Long::parseLong).orElse(0L);

  177.   }

  178. 

  179.   private void resolveProjectStatistics(TelemetryData.Builder data, DbSession dbSession, String defaultQualityGateUuid) {

  180.     List<String> projectUuids = dbClient.projectDao().selectAllProjectUuids(dbSession);

  181.     Map<String, String> scmByProject = getAnalysisPropertyByProject(dbSession, SONAR_ANALYSIS_DETECTEDSCM);

  182.     Map<String, String> ciByProject = getAnalysisPropertyByProject(dbSession, SONAR_ANALYSIS_DETECTEDCI);

  183.     Map<String, ProjectAlmKeyAndProject> almAndUrlByProject = getAlmAndUrlByProject(dbSession);

  184.     Map<String, PrBranchAnalyzedLanguageCountByProjectDto> prAndBranchCountByProject =

  185.       dbClient.branchDao().countPrBranchAnalyzedLanguageByProjectUuid(dbSession)

  186.         .stream().collect(toMap(PrBranchAnalyzedLanguageCountByProjectDto::getProjectUuid, Function.identity()));

  187.     Map<String, String> qgatesByProject = getProjectQgatesMap(dbSession);

  188.     Map<String, Map<String, Number>> metricsByProject =

  189.       getProjectMetricsByMetricKeys(dbSession, TECHNICAL_DEBT_KEY, DEVELOPMENT_COST_KEY, SECURITY_HOTSPOTS_KEY, VULNERABILITIES_KEY,

  190.         BUGS_KEY);

  191. 

  192.     List<TelemetryData.ProjectStatistics> projectStatistics = new ArrayList<>();

  193.     for (String projectUuid : projectUuids) {

  194.       Map<String, Number> metrics = metricsByProject.getOrDefault(projectUuid, Collections.emptyMap());

  195.       Optional<PrBranchAnalyzedLanguageCountByProjectDto> counts = ofNullable(prAndBranchCountByProject.get(projectUuid));

  196. 

  197.       TelemetryData.ProjectStatistics stats = new TelemetryData.ProjectStatistics.Builder()

  198.         .setProjectUuid(projectUuid)

  199.         .setBranchCount(counts.map(PrBranchAnalyzedLanguageCountByProjectDto::getBranch).orElse(0L))

  200.         .setPRCount(counts.map(PrBranchAnalyzedLanguageCountByProjectDto::getPullRequest).orElse(0L))

  201.         .setQG(qgatesByProject.getOrDefault(projectUuid, defaultQualityGateUuid))

  202.         .setScm(Optional.ofNullable(scmByProject.get(projectUuid)).orElse(UNDETECTED))

  203.         .setCi(Optional.ofNullable(ciByProject.get(projectUuid)).orElse(UNDETECTED))

  204.         .setDevops(resolveDevopsPlatform(almAndUrlByProject, projectUuid))

  205.         .setBugs(metrics.getOrDefault("bugs", null))

  206.         .setDevelopmentCost(metrics.getOrDefault("development_cost", null))

  207.         .setVulnerabilities(metrics.getOrDefault("vulnerabilities", null))

  208.         .setSecurityHotspots(metrics.getOrDefault("security_hotspots", null))

  209.         .setTechnicalDebt(metrics.getOrDefault("sqale_index", null))

  210.         .build();

  211.       projectStatistics.add(stats);

  212.     }

  213.     data.setProjectStatistics(projectStatistics);

  214.   }

  215. 

  216.   private static String resolveDevopsPlatform(Map<String, ProjectAlmKeyAndProject> almAndUrlByProject, String projectUuid) {

  217.     if (almAndUrlByProject.containsKey(projectUuid)) {

  218.       ProjectAlmKeyAndProject projectAlmKeyAndProject = almAndUrlByProject.get(projectUuid);

  219.       return getAlmName(projectAlmKeyAndProject.getAlmId(), projectAlmKeyAndProject.getUrl());

  220.     }

  221.     return UNDETECTED;

  222.   }

  223. 

  224.   private void resolveProjects(TelemetryData.Builder data, DbSession dbSession) {

  225.     List<ProjectMeasureDto> measures = dbClient.measureDao().selectLastMeasureForAllProjects(dbSession, NCLOC_LANGUAGE_DISTRIBUTION_KEY);

  226.     List<TelemetryData.Project> projects = new ArrayList<>();

  227.     for (ProjectMeasureDto measure : measures) {

  228.       for (String measureTextValue : measure.getTextValue().split(";")) {

  229.         String[] languageAndLoc = measureTextValue.split("=");

  230.         String language = languageAndLoc[0];

  231.         Long loc = Long.parseLong(languageAndLoc[1]);

  232.         projects.add(new TelemetryData.Project(measure.getProjectUuid(), measure.getLastAnalysis(), language, loc));

  233.       }

  234.     }

  235.     data.setProjects(projects);

  236.   }

  237. 

  238.   private void resolveQualityGates(TelemetryData.Builder data, DbSession dbSession) {

  239.     List<TelemetryData.QualityGate> qualityGates = new ArrayList<>();

  240.     Collection<QualityGateDto> qualityGateDtos = dbClient.qualityGateDao().selectAll(dbSession);

  241.     for (QualityGateDto qualityGateDto : qualityGateDtos) {

  242.       qualityGates.add(

  243.         new TelemetryData.QualityGate(qualityGateDto.getUuid(), qualityGateCaycChecker.checkCaycCompliant(dbSession,

  244.           qualityGateDto.getUuid()).toString())

  245.       );

  246.     }

  247. 

  248.     data.setQualityGates(qualityGates);

  249.   }

  250. 

  251.   private void resolveUsers(TelemetryData.Builder data, DbSession dbSession) {

  252.     data.setUsers(dbClient.userDao().selectUsersForTelemetry(dbSession));

  253.   }

  254. 

  255.   private void setSecurityCustomConfigIfPresent(TelemetryData.Builder data) {

  256.     editionProvider.get()

  257.       .filter(edition -> asList(ENTERPRISE, DATACENTER).contains(edition))

  258.       .ifPresent(edition -> data.setCustomSecurityConfigs(getCustomerSecurityConfigurations()));

  259.   }

  260. 

  261.   private Map<String, String> getAnalysisPropertyByProject(DbSession dbSession, String analysisPropertyKey) {

  262.     return dbClient.analysisPropertiesDao()

  263.       .selectAnalysisPropertyValueInLastAnalysisPerProject(dbSession, analysisPropertyKey)

  264.       .stream()

  265.       .collect(toMap(AnalysisPropertyValuePerProject::getProjectUuid, AnalysisPropertyValuePerProject::getPropertyValue));

  266.   }

  267. 

  268.   private Map<String, ProjectAlmKeyAndProject> getAlmAndUrlByProject(DbSession dbSession) {

  269.     List<ProjectAlmKeyAndProject> projectAlmKeyAndProjects = dbClient.projectAlmSettingDao().selectAlmTypeAndUrlByProject(dbSession);

  270.     return projectAlmKeyAndProjects.stream().collect(toMap(ProjectAlmKeyAndProject::getProjectUuid, Function.identity()));

  271.   }

  272. 

  273.   private static String getAlmName(String alm, String url) {

  274.     if (checkIfCloudAlm(alm, ALM.GITHUB.getId(), url, "https://api.github.com")) {

  275.       return "github_cloud";

  276.     }

  277. 

  278.     if (checkIfCloudAlm(alm, ALM.GITLAB.getId(), url, "https://gitlab.com/api/v4")) {

  279.       return "gitlab_cloud";

  280.     }

  281. 

  282.     if (checkIfCloudAlm(alm, ALM.AZURE_DEVOPS.getId(), url, "https://dev.azure.com")) {

  283.       return "azure_devops_cloud";

  284.     }

  285. 

  286.     if (ALM.BITBUCKET_CLOUD.getId().equals(alm)) {

  287.       return alm;

  288.     }

  289. 

  290.     return alm + "_server";

  291.   }

  292. 

  293.   private Map<String, String> getProjectQgatesMap(DbSession dbSession) {

  294.     return dbClient.projectQgateAssociationDao().selectAll(dbSession)

  295.       .stream()

  296.       .collect(toMap(ProjectQgateAssociationDto::getUuid, p -> Optional.ofNullable(p.getGateUuid()).orElse("")));

  297.   }

  298. 

  299.   private Map<String, Map<String, Number>> getProjectMetricsByMetricKeys(DbSession dbSession, String... metricKeys) {

  300.     Map<String, String> metricNamesByUuid = dbClient.metricDao().selectByKeys(dbSession, asList(metricKeys))

  301.       .stream()

  302.       .collect(toMap(MetricDto::getUuid, MetricDto::getKey));

  303. 

  304.     // metrics can be empty for un-analyzed projects

  305.     if (metricNamesByUuid.isEmpty()) {

  306.       return Collections.emptyMap();

  307.     }

  308. 

  309.     return dbClient.liveMeasureDao().selectForProjectsByMetricUuids(dbSession, metricNamesByUuid.keySet())

  310.       .stream()

  311.       .collect(groupingBy(LiveMeasureDto::getProjectUuid,

  312.         toMap(lmDto -> metricNamesByUuid.get(lmDto.getMetricUuid()),

  313.           lmDto -> Optional.ofNullable(lmDto.getValue()).orElseGet(() -> Double.valueOf(lmDto.getTextValue())),

  314.           (oldValue, newValue) -> newValue, HashMap::new)));

  315.   }

  316. 

  317.   private static boolean checkIfCloudAlm(String almRaw, String alm, String url, String cloudUrl) {

  318.     return alm.equals(almRaw) && startsWithIgnoreCase(url, cloudUrl);

  319.   }

  320. 

  321.   @Override

  322.   public String loadServerId() {

  323.     return server.getId();

  324.   }

  325. 

  326.   private Set<String> getCustomerSecurityConfigurations() {

  327.     return LANGUAGES_BY_SECURITY_JSON_PROPERTY_MAP.keySet().stream()

  328.       .filter(this::isPropertyPresentInConfiguration)

  329.       .map(LANGUAGES_BY_SECURITY_JSON_PROPERTY_MAP::get)

  330.       .collect(Collectors.toSet());

  331.   }

  332. 

  333.   private boolean isPropertyPresentInConfiguration(String property) {

  334.     return configuration.get(property).isPresent();

  335.   }

  336. 

  337.   private boolean isScimEnabled() {

  338.     return this.configuration.getBoolean(SCIM_PROPERTY_ENABLED).orElse(false);

  339.   }

  340. }