mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36240 Commits
59 Branches
Tree: 494316d9f2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '494316d9f2'
${ noResults }
sonarqube/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/IssueCounter.java

IssueCounter.java 16KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2024 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.ce.task.projectanalysis.issue;

  21. 

  22. import com.google.common.collect.EnumMultiset;

  23. import com.google.common.collect.HashMultiset;

  24. import com.google.common.collect.ImmutableMap;

  25. import com.google.common.collect.Multiset;

  26. import java.util.HashMap;

  27. import java.util.Map;

  28. import javax.annotation.Nullable;

  29. import org.sonar.api.issue.IssueStatus;

  30. import org.sonar.api.issue.impact.Severity;

  31. import org.sonar.api.issue.impact.SoftwareQuality;

  32. import org.sonar.api.rules.RuleType;

  33. import org.sonar.ce.task.projectanalysis.component.Component;

  34. import org.sonar.ce.task.projectanalysis.measure.Measure;

  35. import org.sonar.ce.task.projectanalysis.measure.MeasureRepository;

  36. import org.sonar.ce.task.projectanalysis.metric.Metric;

  37. import org.sonar.ce.task.projectanalysis.metric.MetricRepository;

  38. import org.sonar.core.issue.DefaultIssue;

  39. import org.sonar.server.measure.ImpactMeasureBuilder;

  40. 

  41. import static org.sonar.api.issue.Issue.STATUS_CONFIRMED;

  42. import static org.sonar.api.issue.Issue.STATUS_OPEN;

  43. import static org.sonar.api.issue.Issue.STATUS_REOPENED;

  44. import static org.sonar.api.measures.CoreMetrics.ACCEPTED_ISSUES_KEY;

  45. import static org.sonar.api.measures.CoreMetrics.BLOCKER_VIOLATIONS_KEY;

  46. import static org.sonar.api.measures.CoreMetrics.BUGS_KEY;

  47. import static org.sonar.api.measures.CoreMetrics.CODE_SMELLS_KEY;

  48. import static org.sonar.api.measures.CoreMetrics.CONFIRMED_ISSUES_KEY;

  49. import static org.sonar.api.measures.CoreMetrics.CRITICAL_VIOLATIONS_KEY;

  50. import static org.sonar.api.measures.CoreMetrics.FALSE_POSITIVE_ISSUES_KEY;

  51. import static org.sonar.api.measures.CoreMetrics.HIGH_IMPACT_ACCEPTED_ISSUES_KEY;

  52. import static org.sonar.api.measures.CoreMetrics.INFO_VIOLATIONS_KEY;

  53. import static org.sonar.api.measures.CoreMetrics.MAINTAINABILITY_ISSUES_KEY;

  54. import static org.sonar.api.measures.CoreMetrics.MAJOR_VIOLATIONS_KEY;

  55. import static org.sonar.api.measures.CoreMetrics.MINOR_VIOLATIONS_KEY;

  56. import static org.sonar.api.measures.CoreMetrics.NEW_ACCEPTED_ISSUES_KEY;

  57. import static org.sonar.api.measures.CoreMetrics.NEW_BLOCKER_VIOLATIONS_KEY;

  58. import static org.sonar.api.measures.CoreMetrics.NEW_BUGS_KEY;

  59. import static org.sonar.api.measures.CoreMetrics.NEW_CODE_SMELLS_KEY;

  60. import static org.sonar.api.measures.CoreMetrics.NEW_CRITICAL_VIOLATIONS_KEY;

  61. import static org.sonar.api.measures.CoreMetrics.NEW_INFO_VIOLATIONS_KEY;

  62. import static org.sonar.api.measures.CoreMetrics.NEW_MAINTAINABILITY_ISSUES_KEY;

  63. import static org.sonar.api.measures.CoreMetrics.NEW_MAJOR_VIOLATIONS_KEY;

  64. import static org.sonar.api.measures.CoreMetrics.NEW_MINOR_VIOLATIONS_KEY;

  65. import static org.sonar.api.measures.CoreMetrics.NEW_RELIABILITY_ISSUES_KEY;

  66. import static org.sonar.api.measures.CoreMetrics.NEW_SECURITY_HOTSPOTS_KEY;

  67. import static org.sonar.api.measures.CoreMetrics.NEW_SECURITY_ISSUES_KEY;

  68. import static org.sonar.api.measures.CoreMetrics.NEW_VIOLATIONS_KEY;

  69. import static org.sonar.api.measures.CoreMetrics.NEW_VULNERABILITIES_KEY;

  70. import static org.sonar.api.measures.CoreMetrics.OPEN_ISSUES_KEY;

  71. import static org.sonar.api.measures.CoreMetrics.RELIABILITY_ISSUES_KEY;

  72. import static org.sonar.api.measures.CoreMetrics.REOPENED_ISSUES_KEY;

  73. import static org.sonar.api.measures.CoreMetrics.SECURITY_HOTSPOTS_KEY;

  74. import static org.sonar.api.measures.CoreMetrics.SECURITY_ISSUES_KEY;

  75. import static org.sonar.api.measures.CoreMetrics.VIOLATIONS_KEY;

  76. import static org.sonar.api.measures.CoreMetrics.VULNERABILITIES_KEY;

  77. import static org.sonar.api.rule.Severity.BLOCKER;

  78. import static org.sonar.api.rule.Severity.CRITICAL;

  79. import static org.sonar.api.rule.Severity.INFO;

  80. import static org.sonar.api.rule.Severity.MAJOR;

  81. import static org.sonar.api.rule.Severity.MINOR;

  82. import static org.sonar.api.rules.RuleType.BUG;

  83. import static org.sonar.api.rules.RuleType.CODE_SMELL;

  84. import static org.sonar.api.rules.RuleType.SECURITY_HOTSPOT;

  85. import static org.sonar.api.rules.RuleType.VULNERABILITY;

  86. 

  87. /**

  88.  * For each component, computes the measures related to number of issues:

  89.  * <ul>

  90.  * <li>issues per status (open, reopen, confirmed)</li>

  91.  * <li>issues per resolution (unresolved, false-positives, won't fix)</li>

  92.  * <li>issues per severity (from info to blocker)</li>

  93.  * <li>issues per type (code smell, bug, vulnerability, security hotspots)</li>

  94.  * <li>issues per impact</li>

  95.  * </ul>

  96.  * For each value, the variation on configured periods is also computed.

  97.  */

  98. public class IssueCounter extends IssueVisitor {

  99. 

  100.   private static final Map<String, String> SEVERITY_TO_METRIC_KEY = ImmutableMap.of(

  101.     BLOCKER, BLOCKER_VIOLATIONS_KEY,

  102.     CRITICAL, CRITICAL_VIOLATIONS_KEY,

  103.     MAJOR, MAJOR_VIOLATIONS_KEY,

  104.     MINOR, MINOR_VIOLATIONS_KEY,

  105.     INFO, INFO_VIOLATIONS_KEY);

  106. 

  107.   private static final Map<String, String> SEVERITY_TO_NEW_METRIC_KEY = ImmutableMap.of(

  108.     BLOCKER, NEW_BLOCKER_VIOLATIONS_KEY,

  109.     CRITICAL, NEW_CRITICAL_VIOLATIONS_KEY,

  110.     MAJOR, NEW_MAJOR_VIOLATIONS_KEY,

  111.     MINOR, NEW_MINOR_VIOLATIONS_KEY,

  112.     INFO, NEW_INFO_VIOLATIONS_KEY);

  113. 

  114.   static final Map<String, String> IMPACT_TO_METRIC_KEY = Map.of(

  115.     SoftwareQuality.SECURITY.name(), SECURITY_ISSUES_KEY,

  116.     SoftwareQuality.RELIABILITY.name(), RELIABILITY_ISSUES_KEY,

  117.     SoftwareQuality.MAINTAINABILITY.name(), MAINTAINABILITY_ISSUES_KEY);

  118. 

  119.   static final Map<String, String> IMPACT_TO_NEW_METRIC_KEY = Map.of(

  120.     SoftwareQuality.SECURITY.name(), NEW_SECURITY_ISSUES_KEY,

  121.     SoftwareQuality.RELIABILITY.name(), NEW_RELIABILITY_ISSUES_KEY,

  122.     SoftwareQuality.MAINTAINABILITY.name(), NEW_MAINTAINABILITY_ISSUES_KEY);

  123. 

  124.   private static final Map<RuleType, String> TYPE_TO_METRIC_KEY = ImmutableMap.<RuleType, String>builder()

  125.     .put(CODE_SMELL, CODE_SMELLS_KEY)

  126.     .put(BUG, BUGS_KEY)

  127.     .put(VULNERABILITY, VULNERABILITIES_KEY)

  128.     .put(SECURITY_HOTSPOT, SECURITY_HOTSPOTS_KEY)

  129.     .build();

  130.   private static final Map<RuleType, String> TYPE_TO_NEW_METRIC_KEY = ImmutableMap.<RuleType, String>builder()

  131.     .put(CODE_SMELL, NEW_CODE_SMELLS_KEY)

  132.     .put(BUG, NEW_BUGS_KEY)

  133.     .put(VULNERABILITY, NEW_VULNERABILITIES_KEY)

  134.     .put(SECURITY_HOTSPOT, NEW_SECURITY_HOTSPOTS_KEY)

  135.     .build();

  136. 

  137.   private final MetricRepository metricRepository;

  138.   private final MeasureRepository measureRepository;

  139.   private final NewIssueClassifier newIssueClassifier;

  140.   private final Map<String, Counters> countersByComponentUuid = new HashMap<>();

  141. 

  142.   private Counters currentCounters;

  143. 

  144.   public IssueCounter(MetricRepository metricRepository, MeasureRepository measureRepository, NewIssueClassifier newIssueClassifier) {

  145.     this.metricRepository = metricRepository;

  146.     this.measureRepository = measureRepository;

  147.     this.newIssueClassifier = newIssueClassifier;

  148.   }

  149. 

  150.   @Override

  151.   public void beforeComponent(Component component) {

  152.     currentCounters = new Counters();

  153.     countersByComponentUuid.put(component.getUuid(), currentCounters);

  154. 

  155.     // aggregate children counters

  156.     for (Component child : component.getChildren()) {

  157.       Counters childCounters = countersByComponentUuid.remove(child.getUuid());

  158.       currentCounters.add(childCounters);

  159.     }

  160.   }

  161. 

  162.   @Override

  163.   public void onIssue(Component component, DefaultIssue issue) {

  164.     currentCounters.add(issue);

  165.     if (newIssueClassifier.isNew(component, issue)) {

  166.       currentCounters.addOnPeriod(issue);

  167.     }

  168.   }

  169. 

  170.   @Override

  171.   public void afterComponent(Component component) {

  172.     addMeasuresBySeverity(component);

  173.     addMeasuresByStatus(component);

  174.     addMeasuresByType(component);

  175.     addMeasuresByImpact(component);

  176.     addNewMeasures(component);

  177.     currentCounters = null;

  178.   }

  179. 

  180.   private void addMeasuresBySeverity(Component component) {

  181.     for (Map.Entry<String, String> entry : SEVERITY_TO_METRIC_KEY.entrySet()) {

  182.       String severity = entry.getKey();

  183.       String metricKey = entry.getValue();

  184.       addMeasure(component, metricKey, currentCounters.counter().severityBag.count(severity));

  185.     }

  186.   }

  187. 

  188.   private void addMeasuresByStatus(Component component) {

  189.     addMeasure(component, VIOLATIONS_KEY, currentCounters.counter().unresolved);

  190.     addMeasure(component, OPEN_ISSUES_KEY, currentCounters.counter().open);

  191.     addMeasure(component, REOPENED_ISSUES_KEY, currentCounters.counter().reopened);

  192.     addMeasure(component, CONFIRMED_ISSUES_KEY, currentCounters.counter().confirmed);

  193.     addMeasure(component, FALSE_POSITIVE_ISSUES_KEY, currentCounters.counter().falsePositives);

  194.     addMeasure(component, ACCEPTED_ISSUES_KEY, currentCounters.counter().accepted);

  195.     addMeasure(component, HIGH_IMPACT_ACCEPTED_ISSUES_KEY, currentCounters.counter().highImpactAccepted);

  196.   }

  197. 

  198.   private void addMeasuresByImpact(Component component) {

  199.     for (Map.Entry<String, Map<String, Long>> impactEntry : currentCounters.counter().impactsBag.entrySet()) {

  200.       String json = ImpactMeasureBuilder.fromMap(impactEntry.getValue()).buildAsString();

  201.       addMeasure(component, IMPACT_TO_METRIC_KEY.get(impactEntry.getKey()), json);

  202.     }

  203.   }

  204. 

  205.   private void addMeasuresByType(Component component) {

  206.     for (Map.Entry<RuleType, String> entry : TYPE_TO_METRIC_KEY.entrySet()) {

  207.       addMeasure(component, entry.getValue(), currentCounters.counter().typeBag.count(entry.getKey()));

  208.     }

  209.   }

  210. 

  211.   private void addMeasure(Component component, String metricKey, int value) {

  212.     Metric metric = metricRepository.getByKey(metricKey);

  213.     measureRepository.add(component, metric, Measure.newMeasureBuilder().create(value));

  214.   }

  215. 

  216.   private void addMeasure(Component component, String metricKey, String data) {

  217.     Metric metric = metricRepository.getByKey(metricKey);

  218.     measureRepository.add(component, metric, Measure.newMeasureBuilder().create(data));

  219.   }

  220. 

  221.   private void addNewMeasures(Component component) {

  222.     if (!newIssueClassifier.isEnabled()) {

  223.       return;

  224.     }

  225.     int unresolved = currentCounters.counterForPeriod().unresolved;

  226.     measureRepository.add(component, metricRepository.getByKey(NEW_VIOLATIONS_KEY), Measure.newMeasureBuilder()

  227.       .create(unresolved));

  228. 

  229.     for (Map.Entry<String, String> entry : SEVERITY_TO_NEW_METRIC_KEY.entrySet()) {

  230.       String severity = entry.getKey();

  231.       String metricKey = entry.getValue();

  232.       Multiset<String> bag = currentCounters.counterForPeriod().severityBag;

  233.       addMeasure(component, metricKey, bag.count(severity));

  234.     }

  235. 

  236.     // waiting for Java 8 lambda in order to factor this loop with the previous one

  237.     // (see call currentCounters.counterForPeriod(period.getIndex()).xxx with xxx as severityBag or typeBag)

  238.     for (Map.Entry<RuleType, String> entry : TYPE_TO_NEW_METRIC_KEY.entrySet()) {

  239.       RuleType type = entry.getKey();

  240.       String metricKey = entry.getValue();

  241.       Multiset<RuleType> bag = currentCounters.counterForPeriod().typeBag;

  242.       addMeasure(component, metricKey, bag.count(type));

  243.     }

  244. 

  245.     for (Map.Entry<String, Map<String, Long>> impactEntry : currentCounters.counterForPeriod().impactsBag.entrySet()) {

  246.       String json = ImpactMeasureBuilder.fromMap(impactEntry.getValue()).buildAsString();

  247.       addMeasure(component, IMPACT_TO_NEW_METRIC_KEY.get(impactEntry.getKey()), json);

  248.     }

  249. 

  250.     addMeasure(component, NEW_ACCEPTED_ISSUES_KEY, currentCounters.counterForPeriod().accepted);

  251.   }

  252. 

  253.   /**

  254.    * Count issues by status, resolutions, rules, impacts and severities

  255.    */

  256.   private static class Counter {

  257.     private int unresolved = 0;

  258.     private int open = 0;

  259.     private int reopened = 0;

  260.     private int confirmed = 0;

  261.     private int falsePositives = 0;

  262.     private int accepted = 0;

  263.     private int highImpactAccepted = 0;

  264.     private final Multiset<String> severityBag = HashMultiset.create();

  265.     /**

  266.      * This map contains the number of issues per software quality along with their distribution based on (new) severity.

  267.      */

  268.     private final Map<String, Map<String, Long>> impactsBag = new HashMap<>();

  269.     private final EnumMultiset<RuleType> typeBag = EnumMultiset.create(RuleType.class);

  270. 

  271.     public Counter() {

  272.       initImpactsBag();

  273.     }

  274. 

  275.     private void initImpactsBag() {

  276.       for (SoftwareQuality quality : SoftwareQuality.values()) {

  277.         impactsBag.put(quality.name(), ImpactMeasureBuilder.createEmpty().buildAsMap());

  278.       }

  279.     }

  280. 

  281.     void add(Counter counter) {

  282.       unresolved += counter.unresolved;

  283.       open += counter.open;

  284.       reopened += counter.reopened;

  285.       confirmed += counter.confirmed;

  286.       falsePositives += counter.falsePositives;

  287.       accepted += counter.accepted;

  288.       highImpactAccepted += counter.highImpactAccepted;

  289.       severityBag.addAll(counter.severityBag);

  290.       typeBag.addAll(counter.typeBag);

  291. 

  292.       // Add impacts

  293.       for (Map.Entry<String, Map<String, Long>> impactEntry : counter.impactsBag.entrySet()) {

  294.         Map<String, Long> severityMap = impactsBag.get(impactEntry.getKey());

  295.         for (Map.Entry<String, Long> severityEntry : impactEntry.getValue().entrySet()) {

  296.           severityMap.compute(severityEntry.getKey(), (key, value) -> value + severityEntry.getValue());

  297.         }

  298.       }

  299.     }

  300. 

  301.     void add(DefaultIssue issue) {

  302.       if (issue.type() == SECURITY_HOTSPOT) {

  303.         if (issue.resolution() == null) {

  304.           typeBag.add(SECURITY_HOTSPOT);

  305.         }

  306.         return;

  307.       }

  308.       if (issue.resolution() == null) {

  309.         unresolved++;

  310.         typeBag.add(issue.type());

  311.         severityBag.add(issue.severity());

  312.       } else if (IssueStatus.FALSE_POSITIVE.equals(issue.issueStatus())) {

  313.         falsePositives++;

  314.       } else if (IssueStatus.ACCEPTED.equals(issue.issueStatus())) {

  315.         accepted++;

  316.         if (issue.impacts().values().stream().anyMatch(severity -> severity == Severity.HIGH)) {

  317.           highImpactAccepted++;

  318.         }

  319.       }

  320.       switch (issue.status()) {

  321.         case STATUS_OPEN:

  322.           open++;

  323.           break;

  324.         case STATUS_REOPENED:

  325.           reopened++;

  326.           break;

  327.         case STATUS_CONFIRMED:

  328.           confirmed++;

  329.           break;

  330.         default:

  331.           // Other statuses are ignored

  332.       }

  333.       addIssueToImpactsBag(issue);

  334.     }

  335. 

  336.     private void addIssueToImpactsBag(DefaultIssue issue) {

  337.       if (IssueStatus.OPEN == issue.issueStatus() || IssueStatus.CONFIRMED == issue.issueStatus()) {

  338.         for (Map.Entry<SoftwareQuality, Severity> impact : issue.impacts().entrySet()) {

  339.           impactsBag.compute(impact.getKey().name(), (key, value) -> {

  340.             value.compute(impact.getValue().name(), (severity, count) -> count == null ? 1 : count + 1);

  341.             value.compute(ImpactMeasureBuilder.TOTAL_KEY, (total, count) -> count == null ? 1 : count + 1);

  342.             return value;

  343.           });

  344.         }

  345.       }

  346.     }

  347.   }

  348. 

  349.   /**

  350.    * List of {@link Counter} for regular value and period.

  351.    */

  352.   private static class Counters {

  353.     private final Counter counter = new Counter();

  354.     private final Counter counterForPeriod = new Counter();

  355. 

  356.     void add(@Nullable Counters other) {

  357.       if (other != null) {

  358.         counter.add(other.counter);

  359.         counterForPeriod.add(other.counterForPeriod);

  360.       }

  361.     }

  362. 

  363.     void addOnPeriod(DefaultIssue issue) {

  364.       counterForPeriod.add(issue);

  365.     }

  366. 

  367.     void add(DefaultIssue issue) {

  368.       counter.add(issue);

  369.     }

  370. 

  371.     Counter counter() {

  372.       return counter;

  373.     }

  374. 

  375.     Counter counterForPeriod() {

  376.       return counterForPeriod;

  377.     }

  378.   }

  379. }