SONAR-11555 Exclude Security Hotspot from issue count metrics

author: Benoit <43733395+benoit-sns@users.noreply.github.com> 2018-12-07 14:18:44 +0000
committer: SonarTech <sonartech@sonarsource.com> 2018-12-07 20:21:04 +0100
commit: fc10db309e0ef2124b2c3c1469bea606642bcf69 (patch)
tree: 7b6b9ae8bdb4855d0382a6fab0a7b8d9a2a078cf
parent: e15c71be10498ee7bd72913d8214f2f07da3b1c5 (diff)
download: sonarqube-fc10db309e0ef2124b2c3c1469bea606642bcf69.tar.gz
sonarqube-fc10db309e0ef2124b2c3c1469bea606642bcf69.zip
4 files changed, 29 insertions, 13 deletions
diff --git a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/IssueCounter.java b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/IssueCounter.java
index 92e5c4bedb6..f583d92791e 100644
--- a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/IssueCounter.java
+++ b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/issue/IssueCounter.java
@@ -133,6 +133,10 @@ public class IssueCounter extends IssueVisitor {
 
   @Override
   public void onIssue(Component component, DefaultIssue issue) {
+    if (issue.type() == RuleType.SECURITY_HOTSPOT) {
+      return;
+    }
+
     currentCounters.add(issue);
     if (!periodHolder.hasPeriod()) {
       return;
@@ -278,9 +282,7 @@ public class IssueCounter extends IssueVisitor {
     }
 
     void addOnPeriod(DefaultIssue issue) {
-      if (issue.type() != RuleType.SECURITY_HOTSPOT) {
-        counterForPeriod.add(issue);
-      }
+      counterForPeriod.add(issue);
     }
 
     void add(DefaultIssue issue) {
diff --git a/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/issue/IssueCounterTest.java b/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/issue/IssueCounterTest.java
index 0794d75dea3..051bb4b864b 100644
--- a/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/issue/IssueCounterTest.java
+++ b/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/issue/IssueCounterTest.java
@@ -331,7 +331,7 @@ public class IssueCounterTest {
     underTest.afterComponent(FILE1);
 
     underTest.beforeComponent(FILE2);
-    underTest.onIssue(FILE1, createSecurityHotspot());
+    underTest.onIssue(FILE2, createSecurityHotspot());
     underTest.afterComponent(FILE2);
 
     underTest.beforeComponent(FILE3);
@@ -340,18 +340,18 @@ public class IssueCounterTest {
     underTest.beforeComponent(PROJECT);
     underTest.afterComponent(PROJECT);
 
-    assertThat(measureRepository.getRawMeasure(FILE1, ISSUES_METRIC).get().getIntValue()).isEqualTo(2);
-    assertThat(measureRepository.getRawMeasure(FILE1, OPEN_ISSUES_METRIC).get().getIntValue()).isEqualTo(2);
+    assertThat(measureRepository.getRawMeasure(FILE1, ISSUES_METRIC).get().getIntValue()).isEqualTo(0);
+    assertThat(measureRepository.getRawMeasure(FILE1, OPEN_ISSUES_METRIC).get().getIntValue()).isEqualTo(0);
     assertThat(measureRepository.getRawMeasure(FILE1, CONFIRMED_ISSUES_METRIC).get().getIntValue()).isEqualTo(0);
 
-    assertThat(measureRepository.getRawMeasure(FILE2, ISSUES_METRIC).get().getIntValue()).isEqualTo(1);
-    assertThat(measureRepository.getRawMeasure(FILE2, OPEN_ISSUES_METRIC).get().getIntValue()).isEqualTo(1);
+    assertThat(measureRepository.getRawMeasure(FILE2, ISSUES_METRIC).get().getIntValue()).isEqualTo(0);
+    assertThat(measureRepository.getRawMeasure(FILE2, OPEN_ISSUES_METRIC).get().getIntValue()).isEqualTo(0);
     assertThat(measureRepository.getRawMeasure(FILE2, CONFIRMED_ISSUES_METRIC).get().getIntValue()).isEqualTo(0);
 
     assertThat(measureRepository.getRawMeasure(FILE3, ISSUES_METRIC).get().getIntValue()).isEqualTo(0);
 
-    assertThat(measureRepository.getRawMeasure(PROJECT, ISSUES_METRIC).get().getIntValue()).isEqualTo(3);
-    assertThat(measureRepository.getRawMeasure(PROJECT, OPEN_ISSUES_METRIC).get().getIntValue()).isEqualTo(3);
+    assertThat(measureRepository.getRawMeasure(PROJECT, ISSUES_METRIC).get().getIntValue()).isEqualTo(0);
+    assertThat(measureRepository.getRawMeasure(PROJECT, OPEN_ISSUES_METRIC).get().getIntValue()).isEqualTo(0);
     assertThat(measureRepository.getRawMeasure(PROJECT, CONFIRMED_ISSUES_METRIC).get().getIntValue()).isEqualTo(0);
   }
 
diff --git a/server/sonar-server/src/main/java/org/sonar/server/measure/live/IssueCounter.java b/server/sonar-server/src/main/java/org/sonar/server/measure/live/IssueCounter.java
index 09e1e57a768..91f53d00d13 100644
--- a/server/sonar-server/src/main/java/org/sonar/server/measure/live/IssueCounter.java
+++ b/server/sonar-server/src/main/java/org/sonar/server/measure/live/IssueCounter.java
@@ -30,6 +30,8 @@ import org.sonar.api.rules.RuleType;
 import org.sonar.db.issue.IssueGroupDto;
 import org.sonar.db.rule.SeverityUtil;
 
+import static org.sonar.api.rules.RuleType.SECURITY_HOTSPOT;
+
 class IssueCounter {
 
   private final Map<RuleType, HighestSeverity> highestSeverityOfUnresolved = new EnumMap<>(RuleType.class);
@@ -115,9 +117,11 @@ class IssueCounter {
     private long leak = 0L;
 
     void add(IssueGroupDto group) {
-      absolute += group.getCount();
-      if (group.isInLeak()) {
-        leak += group.getCount();
+      if (group.getRuleType() != SECURITY_HOTSPOT.getDbConstant()) {
+        absolute += group.getCount();
+        if (group.isInLeak()) {
+          leak += group.getCount();
+        }
       }
     }
   }
diff --git a/server/sonar-server/src/test/java/org/sonar/server/measure/live/IssueMetricFormulaFactoryImplTest.java b/server/sonar-server/src/test/java/org/sonar/server/measure/live/IssueMetricFormulaFactoryImplTest.java
index 5de939987ab..14ed1d59e0e 100644
--- a/server/sonar-server/src/test/java/org/sonar/server/measure/live/IssueMetricFormulaFactoryImplTest.java
+++ b/server/sonar-server/src/test/java/org/sonar/server/measure/live/IssueMetricFormulaFactoryImplTest.java
@@ -124,6 +124,8 @@ public class IssueMetricFormulaFactoryImplTest {
       newGroup(RuleType.BUG).setSeverity(Severity.MAJOR).setCount(5),
       newGroup(RuleType.BUG).setSeverity(Severity.CRITICAL).setCount(7),
       newGroup(RuleType.CODE_SMELL).setSeverity(Severity.BLOCKER).setCount(11),
+      // exclude security hotspot
+      newGroup(RuleType.SECURITY_HOTSPOT).setSeverity(Severity.CRITICAL).setCount(15),
       // include leak
       newGroup(RuleType.CODE_SMELL).setSeverity(Severity.BLOCKER).setInLeak(true).setCount(13),
       // exclude resolved
@@ -148,6 +150,8 @@ public class IssueMetricFormulaFactoryImplTest {
       newResolvedGroup(Issue.RESOLUTION_WONT_FIX, Issue.STATUS_CLOSED).setSeverity(Severity.MAJOR).setCount(7),
       newResolvedGroup(Issue.RESOLUTION_WONT_FIX, Issue.STATUS_CLOSED).setSeverity(Severity.BLOCKER).setCount(11),
       newResolvedGroup(Issue.RESOLUTION_REMOVED, Issue.STATUS_CLOSED).setCount(13),
+      // exclude security hotspot
+      newResolvedGroup(Issue.RESOLUTION_WONT_FIX, Issue.STATUS_RESOLVED).setCount(15).setRuleType(RuleType.SECURITY_HOTSPOT.getDbConstant()),
       // exclude unresolved
       newGroup(RuleType.VULNERABILITY).setCount(17),
       newGroup(RuleType.BUG).setCount(19))
@@ -168,6 +172,8 @@ public class IssueMetricFormulaFactoryImplTest {
       newGroup().setStatus(Issue.STATUS_REOPENED).setCount(7),
       newGroup(RuleType.CODE_SMELL).setStatus(Issue.STATUS_OPEN).setCount(9),
       newGroup(RuleType.BUG).setStatus(Issue.STATUS_OPEN).setCount(11),
+      // exclude security hotspot
+      newGroup(RuleType.SECURITY_HOTSPOT).setStatus(Issue.STATUS_OPEN).setCount(12),
       newResolvedGroup(Issue.RESOLUTION_FALSE_POSITIVE, Issue.STATUS_CLOSED).setCount(13))
         .assertThatValueIs(CoreMetrics.CONFIRMED_ISSUES, 3 + 5)
         .assertThatValueIs(CoreMetrics.OPEN_ISSUES, 9 + 11)
@@ -181,6 +187,9 @@ public class IssueMetricFormulaFactoryImplTest {
     with(
       newGroup(RuleType.CODE_SMELL).setEffort(3.0).setInLeak(false),
       newGroup(RuleType.CODE_SMELL).setEffort(5.0).setInLeak(true),
+      // exclude security hotspot
+      newGroup(RuleType.SECURITY_HOTSPOT).setEffort(9).setInLeak(true),
+      newGroup(RuleType.SECURITY_HOTSPOT).setEffort(11).setInLeak(false),
       // not code smells
       newGroup(RuleType.BUG).setEffort(7.0),
       // exclude resolved
@@ -522,6 +531,7 @@ public class IssueMetricFormulaFactoryImplTest {
       // not in leak
       newGroup(RuleType.CODE_SMELL).setEffort(5.0).setInLeak(false),
       // not code smells
+      newGroup(RuleType.SECURITY_HOTSPOT).setEffort(9.0).setInLeak(true),
       newGroup(RuleType.BUG).setEffort(7.0).setInLeak(true),
       // exclude resolved
       newResolvedGroup(RuleType.CODE_SMELL).setEffort(17.0).setInLeak(true))
author	Benoit <43733395+benoit-sns@users.noreply.github.com>	2018-12-07 14:18:44 +0000
committer	SonarTech <sonartech@sonarsource.com>	2018-12-07 20:21:04 +0100
commit	fc10db309e0ef2124b2c3c1469bea606642bcf69 (patch)
tree	7b6b9ae8bdb4855d0382a6fab0a7b8d9a2a078cf
parent	e15c71be10498ee7bd72913d8214f2f07da3b1c5 (diff)
download	sonarqube-fc10db309e0ef2124b2c3c1469bea606642bcf69.tar.gz sonarqube-fc10db309e0ef2124b2c3c1469bea606642bcf69.zip