mirrors
/
sonarqube
mirror of https://github.com/SonarSource/sonarqube.git
Watch 1
Star 0
Fork 0
Code Issues 0 Releases 237 Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
36371 Commits
59 Branches
Tree: ce849ff5f2
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'ce849ff5f2'
${ noResults }
sonarqube/sonar-scanner-engine/src/main/java/org/sonar/scanner/http/ScannerWsClientProvider.java

ScannerWsClientProvider.java 8.3KB
Raw Blame History

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152 
  1. /*

  2.  * SonarQube

  3.  * Copyright (C) 2009-2024 SonarSource SA

  4.  * mailto:info AT sonarsource DOT com

  5.  *

  6.  * This program is free software; you can redistribute it and/or

  7.  * modify it under the terms of the GNU Lesser General Public

  8.  * License as published by the Free Software Foundation; either

  9.  * version 3 of the License, or (at your option) any later version.

  10.  *

  11.  * This program is distributed in the hope that it will be useful,

  12.  * but WITHOUT ANY WARRANTY; without even the implied warranty of

  13.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU

  14.  * Lesser General Public License for more details.

  15.  *

  16.  * You should have received a copy of the GNU Lesser General Public License

  17.  * along with this program; if not, write to the Free Software Foundation,

  18.  * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.

  19.  */

  20. package org.sonar.scanner.http;

  21. 

  22. import java.net.InetSocketAddress;

  23. import java.net.Proxy;

  24. import java.nio.file.Files;

  25. import java.nio.file.Path;

  26. import java.time.Duration;

  27. import java.time.format.DateTimeParseException;

  28. import nl.altindag.ssl.SSLFactory;

  29. import org.sonar.api.CoreProperties;

  30. import org.sonar.api.notifications.AnalysisWarnings;

  31. import org.sonar.api.utils.System2;

  32. import org.sonar.batch.bootstrapper.EnvironmentInformation;

  33. import org.sonar.scanner.bootstrap.GlobalAnalysisMode;

  34. import org.sonar.scanner.bootstrap.ScannerProperties;

  35. import org.sonar.scanner.bootstrap.SonarUserHome;

  36. import org.sonar.scanner.http.ssl.CertificateStore;

  37. import org.sonar.scanner.http.ssl.SslConfig;

  38. import org.sonarqube.ws.client.HttpConnector;

  39. import org.sonarqube.ws.client.WsClientFactories;

  40. import org.springframework.context.annotation.Bean;

  41. 

  42. import static java.lang.Integer.parseInt;

  43. import static java.lang.String.valueOf;

  44. import static org.apache.commons.lang3.StringUtils.defaultIfBlank;

  45. import static org.apache.commons.lang3.StringUtils.isNotBlank;

  46. import static org.sonar.core.config.ProxyProperties.HTTP_PROXY_PASSWORD;

  47. import static org.sonar.core.config.ProxyProperties.HTTP_PROXY_USER;

  48. 

  49. public class ScannerWsClientProvider {

  50.   static final int DEFAULT_CONNECT_TIMEOUT = 5;

  51.   static final int DEFAULT_RESPONSE_TIMEOUT = 0;

  52.   static final String READ_TIMEOUT_SEC_PROPERTY = "sonar.ws.timeout";

  53.   public static final String TOKEN_PROPERTY = "sonar.token";

  54.   private static final String TOKEN_ENV_VARIABLE = "SONAR_TOKEN";

  55.   static final int DEFAULT_READ_TIMEOUT_SEC = 60;

  56.   public static final String SONAR_SCANNER_PROXY_PORT = "sonar.scanner.proxyPort";

  57.   public static final String SONAR_SCANNER_CONNECT_TIMEOUT = "sonar.scanner.connectTimeout";

  58.   public static final String SONAR_SCANNER_SOCKET_TIMEOUT = "sonar.scanner.socketTimeout";

  59.   public static final String SONAR_SCANNER_RESPONSE_TIMEOUT = "sonar.scanner.responseTimeout";

  60. 

  61.   @Bean("DefaultScannerWsClient")

  62.   public DefaultScannerWsClient provide(ScannerProperties scannerProps, EnvironmentInformation env, GlobalAnalysisMode globalMode,

  63.     System2 system, AnalysisWarnings analysisWarnings, SonarUserHome sonarUserHome) {

  64.     String url = defaultIfBlank(scannerProps.property("sonar.host.url"), "http://localhost:9000");

  65.     HttpConnector.Builder connectorBuilder = HttpConnector.newBuilder().acceptGzip(true);

  66. 

  67.     String oldSocketTimeout = defaultIfBlank(scannerProps.property(READ_TIMEOUT_SEC_PROPERTY), valueOf(DEFAULT_READ_TIMEOUT_SEC));

  68.     String socketTimeout = defaultIfBlank(scannerProps.property(SONAR_SCANNER_SOCKET_TIMEOUT), oldSocketTimeout);

  69.     String connectTimeout = defaultIfBlank(scannerProps.property(SONAR_SCANNER_CONNECT_TIMEOUT), valueOf(DEFAULT_CONNECT_TIMEOUT));

  70.     String responseTimeout = defaultIfBlank(scannerProps.property(SONAR_SCANNER_RESPONSE_TIMEOUT), valueOf(DEFAULT_RESPONSE_TIMEOUT));

  71.     String envVarToken = defaultIfBlank(system.envVariable(TOKEN_ENV_VARIABLE), null);

  72.     String token = defaultIfBlank(scannerProps.property(TOKEN_PROPERTY), envVarToken);

  73.     String login = defaultIfBlank(scannerProps.property(CoreProperties.LOGIN), token);

  74.     var sslContext = configureSsl(parseSslConfig(scannerProps, sonarUserHome), system);

  75.     connectorBuilder

  76.       .readTimeoutMilliseconds(parseDurationProperty(socketTimeout, SONAR_SCANNER_SOCKET_TIMEOUT))

  77.       .connectTimeoutMilliseconds(parseDurationProperty(connectTimeout, SONAR_SCANNER_CONNECT_TIMEOUT))

  78.       .responseTimeoutMilliseconds(parseDurationProperty(responseTimeout, SONAR_SCANNER_RESPONSE_TIMEOUT))

  79.       .userAgent(env.toString())

  80.       .url(url)

  81.       .credentials(login, scannerProps.property(CoreProperties.PASSWORD))

  82.       .setSSLSocketFactory(sslContext.getSslSocketFactory())

  83.       .setTrustManager(sslContext.getTrustManager().orElseThrow());

  84. 

  85.     // OkHttp detects 'http.proxyHost' java property already, so just focus on sonar properties

  86.     String proxyHost = defaultIfBlank(scannerProps.property("sonar.scanner.proxyHost"), null);

  87.     if (proxyHost != null) {

  88.       String proxyPortStr = defaultIfBlank(scannerProps.property(SONAR_SCANNER_PROXY_PORT), url.startsWith("https") ? "443" : "80");

  89.       var proxyPort = parseIntProperty(proxyPortStr, SONAR_SCANNER_PROXY_PORT);

  90.       connectorBuilder.proxy(new Proxy(Proxy.Type.HTTP, new InetSocketAddress(proxyHost, proxyPort)));

  91.     }

  92. 

  93.     var scannerProxyUser = scannerProps.property("sonar.scanner.proxyUser");

  94.     String proxyUser = scannerProxyUser != null ? scannerProxyUser : system.properties().getProperty(HTTP_PROXY_USER, "");

  95.     if (isNotBlank(proxyUser)) {

  96.       var scannerProxyPwd = scannerProps.property("sonar.scanner.proxyPassword");

  97.       String proxyPassword = scannerProxyPwd != null ? scannerProxyPwd : system.properties().getProperty(HTTP_PROXY_PASSWORD, "");

  98.       connectorBuilder.proxyCredentials(proxyUser, proxyPassword);

  99.     }

  100. 

  101.     return new DefaultScannerWsClient(WsClientFactories.getDefault().newClient(connectorBuilder.build()), login != null, globalMode, analysisWarnings);

  102.   }

  103. 

  104.   private static int parseIntProperty(String propValue, String propKey) {

  105.     try {

  106.       return parseInt(propValue);

  107.     } catch (NumberFormatException e) {

  108.       throw new IllegalArgumentException(propKey + " is not a valid integer: " + propValue, e);

  109.     }

  110.   }

  111. 

  112.   /**

  113.    * For testing, we can accept timeouts that are smaller than a second, expressed using ISO-8601 format for durations.

  114.    * If we can't parse as ISO-8601, then fallback to the official format that is simply the number of seconds

  115.    */

  116.   private static int parseDurationProperty(String propValue, String propKey) {

  117.     try {

  118.       return (int) Duration.parse(propValue).toMillis();

  119.     } catch (DateTimeParseException e) {

  120.       return parseIntProperty(propValue, propKey) * 1_000;

  121.     }

  122.   }

  123. 

  124.   private static SslConfig parseSslConfig(ScannerProperties scannerProperties, SonarUserHome sonarUserHome) {

  125.     var keyStorePath = defaultIfBlank(scannerProperties.property("sonar.scanner.keystorePath"), sonarUserHome.getPath().resolve("ssl/keystore.p12").toString());

  126.     var keyStorePassword = defaultIfBlank(scannerProperties.property("sonar.scanner.keystorePassword"), CertificateStore.DEFAULT_PASSWORD);

  127.     var trustStorePath = defaultIfBlank(scannerProperties.property("sonar.scanner.truststorePath"), sonarUserHome.getPath().resolve("ssl/truststore.p12").toString());

  128.     var trustStorePassword = defaultIfBlank(scannerProperties.property("sonar.scanner.truststorePassword"), CertificateStore.DEFAULT_PASSWORD);

  129.     var keyStore = new CertificateStore(Path.of(keyStorePath), keyStorePassword);

  130.     var trustStore = new CertificateStore(Path.of(trustStorePath), trustStorePassword);

  131.     return new SslConfig(keyStore, trustStore);

  132.   }

  133. 

  134.   private static SSLFactory configureSsl(SslConfig sslConfig, System2 system2) {

  135.     var sslFactoryBuilder = SSLFactory.builder()

  136.       .withDefaultTrustMaterial()

  137.       .withSystemTrustMaterial();

  138.     if (system2.properties().containsKey("javax.net.ssl.keyStore")) {

  139.       sslFactoryBuilder.withSystemPropertyDerivedIdentityMaterial();

  140.     }

  141.     var keyStore = sslConfig.getKeyStore();

  142.     if (keyStore != null && Files.exists(keyStore.getPath())) {

  143.       sslFactoryBuilder.withIdentityMaterial(keyStore.getPath(), keyStore.getKeyStorePassword().toCharArray(), keyStore.getKeyStoreType());

  144.     }

  145.     var trustStore = sslConfig.getTrustStore();

  146.     if (trustStore != null && Files.exists(trustStore.getPath())) {

  147.       sslFactoryBuilder.withTrustMaterial(trustStore.getPath(), trustStore.getKeyStorePassword().toCharArray(), trustStore.getKeyStoreType());

  148.     }

  149.     return sslFactoryBuilder.build();

  150.   }

  151. 

  152. }