mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
30606 Commits
59 Branches
Tree: 9cb17b6dbc
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from '9cb17b6dbc'
${ noResults }
sonarqube/sonar-scanner-engine/src/test/java/org/sonar/scanner/report/AnalysisContextReportPublis...

AnalysisContextReportPublisherTest.java 10KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2021 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.scanner.report;

  21. 

  22. import com.google.common.collect.ImmutableMap;

  23. import java.io.File;

  24. import java.nio.charset.StandardCharsets;

  25. import java.util.Arrays;

  26. import java.util.List;

  27. import java.util.Properties;

  28. import org.apache.commons.io.FileUtils;

  29. import org.apache.commons.lang.StringUtils;

  30. import org.junit.Before;

  31. import org.junit.Rule;

  32. import org.junit.Test;

  33. import org.junit.rules.TemporaryFolder;

  34. import org.sonar.api.batch.bootstrap.ProjectDefinition;

  35. import org.sonar.api.utils.System2;

  36. import org.sonar.api.utils.log.LogTester;

  37. import org.sonar.api.utils.log.LoggerLevel;

  38. import org.sonar.core.platform.PluginInfo;

  39. import org.sonar.scanner.bootstrap.GlobalServerSettings;

  40. import org.sonar.scanner.bootstrap.ScannerPluginRepository;

  41. import org.sonar.api.batch.fs.internal.DefaultInputModule;

  42. import org.sonar.scanner.fs.InputModuleHierarchy;

  43. import org.sonar.scanner.protocol.output.ScannerReportWriter;

  44. import org.sonar.scanner.scan.ProjectServerSettings;

  45. import org.sonar.scanner.scan.filesystem.InputComponentStore;

  46. import org.sonar.updatecenter.common.Version;

  47. 

  48. import static java.util.Collections.singletonList;

  49. import static org.assertj.core.api.Assertions.assertThat;

  50. import static org.mockito.Mockito.mock;

  51. import static org.mockito.Mockito.verifyZeroInteractions;

  52. import static org.mockito.Mockito.when;

  53. 

  54. public class AnalysisContextReportPublisherTest {

  55. 

  56.   private static final String BIZ = "BIZ";

  57.   private static final String FOO = "FOO";

  58.   private static final String SONAR_SKIP = "sonar.skip";

  59.   private static final String COM_FOO = "com.foo";

  60. 

  61.   @Rule

  62.   public LogTester logTester = new LogTester();

  63. 

  64.   @Rule

  65.   public TemporaryFolder temp = new TemporaryFolder();

  66. 

  67.   private ScannerPluginRepository pluginRepo = mock(ScannerPluginRepository.class);

  68.   private AnalysisContextReportPublisher publisher;

  69.   private System2 system2;

  70.   private GlobalServerSettings globalServerSettings;

  71.   private InputModuleHierarchy hierarchy;

  72.   private InputComponentStore store;

  73.   private ProjectServerSettings projectServerSettings;

  74. 

  75.   @Before

  76.   public void prepare() {

  77.     logTester.setLevel(LoggerLevel.INFO);

  78.     system2 = mock(System2.class);

  79.     when(system2.properties()).thenReturn(new Properties());

  80.     globalServerSettings = mock(GlobalServerSettings.class);

  81.     hierarchy = mock(InputModuleHierarchy.class);

  82.     store = mock(InputComponentStore.class);

  83.     projectServerSettings = mock(ProjectServerSettings.class);

  84.     publisher = new AnalysisContextReportPublisher(projectServerSettings, pluginRepo, system2, globalServerSettings, hierarchy, store);

  85.   }

  86. 

  87.   @Test

  88.   public void shouldOnlyDumpPluginsByDefault() throws Exception {

  89.     when(pluginRepo.getPluginInfos()).thenReturn(singletonList(new PluginInfo("xoo").setName("Xoo").setVersion(Version.create("1.0"))));

  90. 

  91.     ScannerReportWriter writer = new ScannerReportWriter(temp.newFolder());

  92.     DefaultInputModule rootModule = new DefaultInputModule(ProjectDefinition.create()

  93.       .setBaseDir(temp.newFolder())

  94.       .setWorkDir(temp.newFolder()));

  95.     when(store.allModules()).thenReturn(singletonList(rootModule));

  96.     when(hierarchy.root()).thenReturn(rootModule);

  97.     publisher.init(writer);

  98. 

  99.     assertThat(writer.getFileStructure().analysisLog()).exists();

  100.     assertThat(FileUtils.readFileToString(writer.getFileStructure().analysisLog(), StandardCharsets.UTF_8)).contains("Xoo 1.0 (xoo)");

  101. 

  102.     verifyZeroInteractions(system2);

  103.   }

  104. 

  105.   @Test

  106.   public void dumpServerSideGlobalProps() throws Exception {

  107.     logTester.setLevel(LoggerLevel.DEBUG);

  108.     ScannerReportWriter writer = new ScannerReportWriter(temp.newFolder());

  109.     when(globalServerSettings.properties()).thenReturn(ImmutableMap.of(COM_FOO, "bar", SONAR_SKIP, "true"));

  110.     DefaultInputModule rootModule = new DefaultInputModule(ProjectDefinition.create()

  111.       .setBaseDir(temp.newFolder())

  112.       .setWorkDir(temp.newFolder())

  113.       .setProperty("sonar.projectKey", "foo"));

  114.     when(store.allModules()).thenReturn(singletonList(rootModule));

  115.     when(hierarchy.root()).thenReturn(rootModule);

  116.     publisher.init(writer);

  117. 

  118.     String content = FileUtils.readFileToString(writer.getFileStructure().analysisLog(), StandardCharsets.UTF_8);

  119.     assertThat(content).containsOnlyOnce(COM_FOO);

  120.     assertThat(content).containsOnlyOnce(SONAR_SKIP);

  121.   }

  122. 

  123.   @Test

  124.   public void dumpServerSideProjectProps() throws Exception {

  125.     logTester.setLevel(LoggerLevel.DEBUG);

  126.     ScannerReportWriter writer = new ScannerReportWriter(temp.newFolder());

  127. 

  128.     DefaultInputModule rootModule = new DefaultInputModule(ProjectDefinition.create()

  129.       .setBaseDir(temp.newFolder())

  130.       .setWorkDir(temp.newFolder())

  131.       .setProperty("sonar.projectKey", "foo"));

  132.     when(store.allModules()).thenReturn(singletonList(rootModule));

  133.     when(hierarchy.root()).thenReturn(rootModule);

  134. 

  135.     when(projectServerSettings.properties()).thenReturn(ImmutableMap.of(COM_FOO, "bar", SONAR_SKIP, "true"));

  136. 

  137.     publisher.init(writer);

  138. 

  139.     List<String> lines = FileUtils.readLines(writer.getFileStructure().analysisLog(), StandardCharsets.UTF_8);

  140.     assertThat(lines).containsExactly(

  141.       "SonarQube plugins:",

  142.       "Global server settings:",

  143.       "Project server settings:",

  144.       "  - com.foo=bar",

  145.       "  - sonar.skip=true",

  146.       "Project scanner properties:",

  147.       "  - sonar.projectKey=foo");

  148.   }

  149. 

  150.   @Test

  151.   public void shouldNotDumpSensitiveModuleProperties() throws Exception {

  152.     ScannerReportWriter writer = new ScannerReportWriter(temp.newFolder());

  153.     DefaultInputModule rootModule = new DefaultInputModule(ProjectDefinition.create()

  154.       .setBaseDir(temp.newFolder())

  155.       .setWorkDir(temp.newFolder())

  156.       .setProperty("sonar.projectKey", "foo")

  157.       .setProperty("sonar.projectKey", "foo")

  158.       .setProperty("sonar.login", "my_token")

  159.       .setProperty("sonar.password", "azerty")

  160.       .setProperty("sonar.cpp.license.secured", "AZERTY"));

  161.     when(store.allModules()).thenReturn(singletonList(rootModule));

  162.     when(hierarchy.root()).thenReturn(rootModule);

  163.     publisher.init(writer);

  164. 

  165.     assertThat(writer.getFileStructure().analysisLog()).exists();

  166. 

  167.     assertThat(FileUtils.readFileToString(writer.getFileStructure().analysisLog(), StandardCharsets.UTF_8)).containsSubsequence(

  168.       "sonar.cpp.license.secured=******",

  169.       "sonar.login=******",

  170.       "sonar.password=******",

  171.       "sonar.projectKey=foo");

  172.   }

  173. 

  174.   @Test

  175.   public void shouldShortenModuleProperties() throws Exception {

  176.     File baseDir = temp.newFolder();

  177.     ScannerReportWriter writer = new ScannerReportWriter(temp.newFolder());

  178.     DefaultInputModule rootModule = new DefaultInputModule(ProjectDefinition.create()

  179.       .setBaseDir(baseDir)

  180.       .setWorkDir(temp.newFolder())

  181.       .setProperty("sonar.projectKey", "foo")

  182.       .setProperty("sonar.projectBaseDir", baseDir.toString())

  183.       .setProperty("sonar.aVeryLongProp", StringUtils.repeat("abcde", 1000)));

  184.     when(store.allModules()).thenReturn(singletonList(rootModule));

  185.     when(hierarchy.root()).thenReturn(rootModule);

  186.     publisher.init(writer);

  187. 

  188.     assertThat(writer.getFileStructure().analysisLog()).exists();

  189. 

  190.     assertThat(FileUtils.readFileToString(writer.getFileStructure().analysisLog(), StandardCharsets.UTF_8)).containsSubsequence(

  191.       "sonar.aVeryLongProp=" + StringUtils.repeat("abcde", 199) + "ab...",

  192.       "sonar.projectBaseDir=" + baseDir.toString(),

  193.       "sonar.projectKey=foo");

  194.   }

  195. 

  196.   // SONAR-7598

  197.   @Test

  198.   public void shouldNotDumpSensitiveGlobalProperties() throws Exception {

  199.     ScannerReportWriter writer = new ScannerReportWriter(temp.newFolder());

  200.     when(globalServerSettings.properties()).thenReturn(ImmutableMap.of("sonar.login", "my_token", "sonar.password", "azerty", "sonar.cpp.license.secured", "AZERTY"));

  201.     DefaultInputModule rootModule = new DefaultInputModule(ProjectDefinition.create()

  202.       .setBaseDir(temp.newFolder())

  203.       .setWorkDir(temp.newFolder())

  204.       .setProperty("sonar.projectKey", "foo"));

  205.     when(store.allModules()).thenReturn(singletonList(rootModule));

  206.     when(hierarchy.root()).thenReturn(rootModule);

  207.     publisher.init(writer);

  208. 

  209.     assertThat(FileUtils.readFileToString(writer.getFileStructure().analysisLog(), StandardCharsets.UTF_8)).containsSubsequence(

  210.       "sonar.cpp.license.secured=******",

  211.       "sonar.login=******",

  212.       "sonar.password=******");

  213.   }

  214. 

  215.   // SONAR-7371

  216.   @Test

  217.   public void dontDumpParentProps() throws Exception {

  218.     logTester.setLevel(LoggerLevel.DEBUG);

  219.     ScannerReportWriter writer = new ScannerReportWriter(temp.newFolder());

  220. 

  221.     DefaultInputModule module = new DefaultInputModule(ProjectDefinition.create()

  222.       .setBaseDir(temp.newFolder())

  223.       .setWorkDir(temp.newFolder())

  224.       .setProperty("sonar.projectKey", "foo")

  225.       .setProperty(SONAR_SKIP, "true"));

  226. 

  227.     DefaultInputModule parent = new DefaultInputModule(ProjectDefinition.create()

  228.       .setBaseDir(temp.newFolder())

  229.       .setWorkDir(temp.newFolder())

  230.       .setProperty("sonar.projectKey", "parent")

  231.       .setProperty(SONAR_SKIP, "true"));

  232. 

  233.     when(hierarchy.parent(module)).thenReturn(parent);

  234.     when(store.allModules()).thenReturn(Arrays.asList(parent, module));

  235.     when(hierarchy.root()).thenReturn(parent);

  236. 

  237.     publisher.init(writer);

  238. 

  239.     List<String> lines = FileUtils.readLines(writer.getFileStructure().analysisLog(), StandardCharsets.UTF_8);

  240.     assertThat(lines).containsExactly(

  241.       "SonarQube plugins:",

  242.       "Global server settings:",

  243.       "Project server settings:",

  244.       "Project scanner properties:",

  245.       "  - sonar.projectKey=parent",

  246.       "  - sonar.skip=true",

  247.       "Scanner properties of module: foo",

  248.       "  - sonar.projectKey=foo"

  249.     );

  250.   }

  251. }