diff options
| author | Léo Geoffroy <99647462+leo-geoffroy-sonarsource@users.noreply.github.com> | 2023-01-12 16:50:19 +0100 |
|---|---|---|
| committer | sonartech <sonartech@sonarsource.com> | 2023-01-12 20:02:51 +0000 |
| commit | e3100a5030d09dc7df418d58c1ca5946fa4b965f (patch) | |
| tree | fbcfc77aa7a9cd900e5655fb765b3a9519523337 | |
| parent | 0f55e111adee440a6d75d3a10ade68d15d339cfe (diff) | |
| download | sonarqube-e3100a5030d09dc7df418d58c1ca5946fa4b965f.tar.gz sonarqube-e3100a5030d09dc7df418d58c1ca5946fa4b965f.zip | |
SONAR-17176 Change folder for saving score matrix to fix security hotspot
2 files changed, 11 insertions, 3 deletions
diff --git a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/filemove/ScoreMatrixDumperImpl.java b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/filemove/ScoreMatrixDumperImpl.java index f2562a9f640..605f9b42cf5 100644 --- a/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/filemove/ScoreMatrixDumperImpl.java +++ b/server/sonar-ce-task-projectanalysis/src/main/java/org/sonar/ce/task/projectanalysis/filemove/ScoreMatrixDumperImpl.java @@ -27,6 +27,7 @@ import org.sonar.api.config.Configuration; import org.sonar.api.utils.log.Logger; import org.sonar.api.utils.log.Loggers; import org.sonar.ce.task.CeTask; +import org.sonar.server.platform.ServerFileSystem; import static java.nio.charset.StandardCharsets.UTF_8; @@ -35,17 +36,20 @@ public class ScoreMatrixDumperImpl implements ScoreMatrixDumper { private final Configuration configuration; private final CeTask ceTask; + private final ServerFileSystem fs; - public ScoreMatrixDumperImpl(Configuration configuration, CeTask ceTask) { + public ScoreMatrixDumperImpl(Configuration configuration, CeTask ceTask, ServerFileSystem fs) { this.configuration = configuration; this.ceTask = ceTask; + this.fs = fs; } @Override public void dumpAsCsv(ScoreMatrix scoreMatrix) { if (configuration.getBoolean("sonar.filemove.dumpCsv").orElse(false)) { try { - Path tempFile = Files.createTempFile(String.format("score-matrix-%s", ceTask.getUuid()), ".csv"); + Path tempFile = fs.getTempDir().toPath() + .resolve(String.format("score-matrix-%s.csv", ceTask.getUuid())); try (BufferedWriter writer = Files.newBufferedWriter(tempFile, UTF_8)) { writer.write(scoreMatrix.toCsv(';')); } diff --git a/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/filemove/ScoreMatrixDumperImplTest.java b/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/filemove/ScoreMatrixDumperImplTest.java index e2c33912948..bda1cfce233 100644 --- a/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/filemove/ScoreMatrixDumperImplTest.java +++ b/server/sonar-ce-task-projectanalysis/src/test/java/org/sonar/ce/task/projectanalysis/filemove/ScoreMatrixDumperImplTest.java @@ -36,6 +36,7 @@ import org.sonar.api.config.Configuration; import org.sonar.api.config.internal.MapSettings; import org.sonar.ce.task.CeTask; import org.sonar.ce.task.projectanalysis.filemove.ScoreMatrix.ScoreFile; +import org.sonar.server.platform.ServerFileSystem; import static org.apache.commons.lang.RandomStringUtils.randomAlphabetic; import static org.assertj.core.api.Assertions.assertThat; @@ -52,7 +53,9 @@ public class ScoreMatrixDumperImplTest { private MapSettings settings = new MapSettings(); private Configuration configuration = settings.asConfig(); private CeTask ceTask = mock(CeTask.class); - private ScoreMatrixDumper underTest = new ScoreMatrixDumperImpl(configuration, ceTask); + + private ServerFileSystem serverFileSystem = mock(ServerFileSystem.class); + private ScoreMatrixDumper underTest = new ScoreMatrixDumperImpl(configuration, ceTask, serverFileSystem); private Path tempDir; @Before @@ -60,6 +63,7 @@ public class ScoreMatrixDumperImplTest { Path tempFile = Files.createTempFile("a", "b"); Files.delete(tempFile); tempDir = tempFile.getParent(); + when(serverFileSystem.getTempDir()).thenReturn(tempDir.toFile()); } @After |