diff options
author | Julien Lancelot <julien.lancelot@sonarsource.com> | 2018-02-01 13:36:29 +0100 |
---|---|---|
committer | GitHub <noreply@github.com> | 2018-02-01 13:36:29 +0100 |
commit | e737a37b28a2504aa1a6387606841afd776f2fef (patch) | |
tree | 2ffc650ac5c2e4d3f22621a837db9e8304f1a04b /server/sonar-process/src | |
parent | 39f671dce022e19460606d9639f3727493a1faf2 (diff) | |
download | sonarqube-e737a37b28a2504aa1a6387606841afd776f2fef.tar.gz sonarqube-e737a37b28a2504aa1a6387606841afd776f2fef.zip |
SONAR-10300 Forbid system properties in api/settings
Diffstat (limited to 'server/sonar-process/src')
6 files changed, 138 insertions, 106 deletions
diff --git a/server/sonar-process/src/main/java/org/sonar/process/ProcessProperties.java b/server/sonar-process/src/main/java/org/sonar/process/ProcessProperties.java index 853729068bb..a2c62187550 100644 --- a/server/sonar-process/src/main/java/org/sonar/process/ProcessProperties.java +++ b/server/sonar-process/src/main/java/org/sonar/process/ProcessProperties.java @@ -21,9 +21,13 @@ package org.sonar.process; import java.net.InetAddress; import java.net.UnknownHostException; +import java.util.Arrays; import java.util.Map; +import java.util.Objects; import java.util.Properties; import java.util.UUID; +import java.util.stream.Collectors; +import javax.annotation.Nullable; /** * Constants shared by search, web server and app processes. @@ -31,61 +35,110 @@ import java.util.UUID; */ public class ProcessProperties { - public static final String JDBC_URL = "sonar.jdbc.url"; - public static final String JDBC_DRIVER_PATH = "sonar.jdbc.driverPath"; - public static final String JDBC_MAX_ACTIVE = "sonar.jdbc.maxActive"; - public static final String JDBC_MAX_IDLE = "sonar.jdbc.maxIdle"; - public static final String JDBC_MIN_IDLE = "sonar.jdbc.minIdle"; - public static final String JDBC_MAX_WAIT = "sonar.jdbc.maxWait"; - public static final String JDBC_MIN_EVICTABLE_IDLE_TIME_MILLIS = "sonar.jdbc.minEvictableIdleTimeMillis"; - public static final String JDBC_TIME_BETWEEN_EVICTION_RUNS_MILLIS = "sonar.jdbc.timeBetweenEvictionRunsMillis"; - public static final String JDBC_EMBEDDED_PORT = "sonar.embeddedDatabase.port"; - - public static final String PATH_DATA = "sonar.path.data"; - public static final String PATH_HOME = "sonar.path.home"; - public static final String PATH_LOGS = "sonar.path.logs"; - public static final String PATH_TEMP = "sonar.path.temp"; - public static final String PATH_WEB = "sonar.path.web"; - - public static final String SEARCH_HOST = "sonar.search.host"; - public static final String SEARCH_PORT = "sonar.search.port"; - public static final String SEARCH_HTTP_PORT = "sonar.search.httpPort"; - public static final String SEARCH_JAVA_OPTS = "sonar.search.javaOpts"; - public static final String SEARCH_JAVA_ADDITIONAL_OPTS = "sonar.search.javaAdditionalOpts"; - public static final String SEARCH_REPLICAS = "sonar.search.replicas"; - public static final String SEARCH_MINIMUM_MASTER_NODES = "sonar.search.minimumMasterNodes"; - public static final String SEARCH_INITIAL_STATE_TIMEOUT = "sonar.search.initialStateTimeout"; - - public static final String WEB_JAVA_OPTS = "sonar.web.javaOpts"; - public static final String WEB_JAVA_ADDITIONAL_OPTS = "sonar.web.javaAdditionalOpts"; - public static final String WEB_PORT = "sonar.web.port"; - public static final String AUTH_JWT_SECRET = "sonar.auth.jwtBase64Hs256Secret"; - - public static final String CE_JAVA_OPTS = "sonar.ce.javaOpts"; - public static final String CE_JAVA_ADDITIONAL_OPTS = "sonar.ce.javaAdditionalOpts"; - - /** - * Used by Orchestrator to ask for shutdown of monitor process - */ - public static final String ENABLE_STOP_COMMAND = "sonar.enableStopCommand"; - - public static final String HTTP_PROXY_HOST = "http.proxyHost"; - public static final String HTTPS_PROXY_HOST = "https.proxyHost"; - public static final String HTTP_PROXY_PORT = "http.proxyPort"; - public static final String HTTPS_PROXY_PORT = "https.proxyPort"; - public static final String HTTP_PROXY_USER = "http.proxyUser"; - public static final String HTTP_PROXY_PASSWORD = "http.proxyPassword"; - - public static final String CLUSTER_ENABLED = "sonar.cluster.enabled"; - public static final String CLUSTER_NODE_TYPE = "sonar.cluster.node.type"; - public static final String CLUSTER_SEARCH_HOSTS = "sonar.cluster.search.hosts"; - public static final String CLUSTER_HOSTS = "sonar.cluster.hosts"; - public static final String CLUSTER_NODE_PORT = "sonar.cluster.node.port"; - public static final int CLUSTER_NODE_PORT_DEFAULT_VALUE = 9003; - public static final String CLUSTER_NODE_HOST = "sonar.cluster.node.host"; - public static final String CLUSTER_NODE_NAME = "sonar.cluster.node.name"; - public static final String CLUSTER_NAME = "sonar.cluster.name"; - public static final String CLUSTER_WEB_STARTUP_LEADER = "sonar.cluster.web.startupLeader"; + public enum Property { + JDBC_URL("sonar.jdbc.url"), + JDBC_USERNAME("sonar.jdbc.username", ""), + JDBC_PASSWORD("sonar.jdbc.password", ""), + JDBC_DRIVER_PATH("sonar.jdbc.driverPath"), + JDBC_MAX_ACTIVE("sonar.jdbc.maxActive", "60"), + JDBC_MAX_IDLE("sonar.jdbc.maxIdle", "5"), + JDBC_MIN_IDLE("sonar.jdbc.minIdle", "2"), + JDBC_MAX_WAIT("sonar.jdbc.maxWait", "5000"), + JDBC_MIN_EVICTABLE_IDLE_TIME_MILLIS("sonar.jdbc.minEvictableIdleTimeMillis", "600000"), + JDBC_TIME_BETWEEN_EVICTION_RUNS_MILLIS("sonar.jdbc.timeBetweenEvictionRunsMillis", "30000"), + JDBC_EMBEDDED_PORT("sonar.embeddedDatabase.port"), + + PATH_DATA("sonar.path.data", "data"), + PATH_HOME("sonar.path.home"), + PATH_LOGS("sonar.path.logs", "logs"), + PATH_TEMP("sonar.path.temp", "temp"), + PATH_WEB("sonar.path.web", "web"), + + SEARCH_HOST("sonar.search.host", InetAddress.getLoopbackAddress().getHostAddress()), + SEARCH_PORT("sonar.search.port", "9001"), + SEARCH_HTTP_PORT("sonar.search.httpPort"), + SEARCH_JAVA_OPTS("sonar.search.javaOpts", "-Xms512m -Xmx512m -XX:+HeapDumpOnOutOfMemoryError"), + SEARCH_JAVA_ADDITIONAL_OPTS("sonar.search.javaAdditionalOpts", ""), + SEARCH_REPLICAS("sonar.search.replicas"), + SEARCH_MINIMUM_MASTER_NODES("sonar.search.minimumMasterNodes"), + SEARCH_INITIAL_STATE_TIMEOUT("sonar.search.initialStateTimeout"), + + WEB_JAVA_OPTS("sonar.web.javaOpts", "-Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError"), + WEB_JAVA_ADDITIONAL_OPTS("sonar.web.javaAdditionalOpts", ""), + WEB_PORT("sonar.web.port"), + + CE_JAVA_OPTS("sonar.ce.javaOpts", "-Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError"), + CE_JAVA_ADDITIONAL_OPTS("sonar.ce.javaAdditionalOpts", ""), + + HTTP_PROXY_HOST("http.proxyHost"), + HTTPS_PROXY_HOST("https.proxyHost"), + HTTP_PROXY_PORT("http.proxyPort"), + HTTPS_PROXY_PORT("https.proxyPort"), + HTTP_PROXY_USER("http.proxyUser"), + HTTP_PROXY_PASSWORD("http.proxyPassword"), + HTTP_NON_PROXY_HOSTS("http.nonProxyHosts"), + HTTP_AUTH_NLM_DOMAN("http.auth.ntlm.domain"), + SOCKS_PROXY_HOST("socksProxyHost"), + SOCKS_PROXY_PORT("socksProxyPort"), + + CLUSTER_ENABLED("sonar.cluster.enabled", "false"), + CLUSTER_NODE_TYPE("sonar.cluster.node.type"), + CLUSTER_SEARCH_HOSTS("sonar.cluster.search.hosts"), + CLUSTER_HOSTS("sonar.cluster.hosts"), + CLUSTER_NODE_PORT("sonar.cluster.node.port", "9003"), + CLUSTER_NODE_HOST("sonar.cluster.node.host"), + CLUSTER_NODE_NAME("sonar.cluster.node.name", "sonarqube-" + UUID.randomUUID().toString()), + CLUSTER_NAME("sonar.cluster.name", "sonarqube"), + CLUSTER_WEB_STARTUP_LEADER("sonar.cluster.web.startupLeader"), + + AUTH_JWT_SECRET("sonar.auth.jwtBase64Hs256Secret"), + SONAR_WEB_SSO_ENABLE("sonar.web.sso.enable", "false"), + SONAR_WEB_SSO_LOGIN_HEADER("sonar.web.sso.loginHeader", "X-Forwarded-Login"), + SONAR_WEB_SSO_NAME_HEADER("sonar.web.sso.nameHeader", "X-Forwarded-Name"), + SONAR_WEB_SSO_EMAIL_HEADER("sonar.web.sso.emailHeader", "X-Forwarded-Email"), + SONAR_WEB_SSO_GROUPS_HEADER("sonar.web.sso.groupsHeader", "X-Forwarded-Groups"), + SONAR_WEB_SSO_REFRESH_INTERVAL_IN_MINUTES("sonar.web.sso.refreshIntervalInMinutes", "5"), + SONAR_SECURITY_REALM("sonar.security.realm"), + SONAR_AUTHENTICATOR_IGNORE_STARTUP_FAILURE("sonar.authenticator.ignoreStartupFailure", "false"), + + SONAR_TELEMETRY_ENABLE("sonar.telemetry.enable", "true"), + SONAR_TELEMETRY_URL("sonar.telemetry.url", "https://telemetry.sonarsource.com/sonarqube"), + SONAR_TELEMETRY_FREQUENCY_IN_SECONDS("sonar.telemetry.frequencyInSeconds", "21600"), + + SONAR_UPDATECENTER_ACTIVATE("sonar.updatecenter.activate", "true"), + + SONARCLOUD_ENABLED("sonar.sonarcloud.enabled", "false"), + + /** + * Used by Orchestrator to ask for shutdown of monitor process + */ + ENABLE_STOP_COMMAND("sonar.enableStopCommand"); + + private final String key; + private final String defaultValue; + + Property(String key, @Nullable String defaultValue) { + this.key = key; + this.defaultValue = defaultValue; + } + + Property(String key) { + this(key, null); + } + + public String getKey() { + return key; + } + + public String getDefaultValue() { + Objects.requireNonNull(defaultValue, "There's no default value on this property"); + return defaultValue; + } + + public boolean hasDefaultValue() { + return defaultValue != null; + } + } private ProcessProperties() { // only static stuff @@ -97,37 +150,14 @@ public class ProcessProperties { props.setDefault(entry.getKey().toString(), entry.getValue().toString()); } - fixPortIfZero(props, SEARCH_HOST, SEARCH_PORT); + fixPortIfZero(props, Property.SEARCH_HOST.getKey(), Property.SEARCH_PORT.getKey()); } public static Properties defaults() { Properties defaults = new Properties(); - defaults.put(SEARCH_HOST, InetAddress.getLoopbackAddress().getHostAddress()); - defaults.put(SEARCH_PORT, "9001"); - defaults.put(SEARCH_JAVA_OPTS, "-Xms512m -Xmx512m -XX:+HeapDumpOnOutOfMemoryError"); - defaults.put(SEARCH_JAVA_ADDITIONAL_OPTS, ""); - - defaults.put(PATH_DATA, "data"); - defaults.put(PATH_LOGS, "logs"); - defaults.put(PATH_TEMP, "temp"); - defaults.put(PATH_WEB, "web"); - - defaults.put(WEB_JAVA_OPTS, "-Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError"); - defaults.put(WEB_JAVA_ADDITIONAL_OPTS, ""); - defaults.put(CE_JAVA_OPTS, "-Xmx512m -Xms128m -XX:+HeapDumpOnOutOfMemoryError"); - defaults.put(CE_JAVA_ADDITIONAL_OPTS, ""); - defaults.put(JDBC_MAX_ACTIVE, "60"); - defaults.put(JDBC_MAX_IDLE, "5"); - defaults.put(JDBC_MIN_IDLE, "2"); - defaults.put(JDBC_MAX_WAIT, "5000"); - defaults.put(JDBC_MIN_EVICTABLE_IDLE_TIME_MILLIS, "600000"); - defaults.put(JDBC_TIME_BETWEEN_EVICTION_RUNS_MILLIS, "30000"); - - defaults.put(CLUSTER_ENABLED, "false"); - defaults.put(CLUSTER_NAME, "sonarqube"); - defaults.put(CLUSTER_NODE_PORT, Integer.toString(CLUSTER_NODE_PORT_DEFAULT_VALUE)); - defaults.put(CLUSTER_NODE_NAME, "sonarqube-" + UUID.randomUUID().toString()); - + defaults.putAll(Arrays.stream(Property.values()) + .filter(Property::hasDefaultValue) + .collect(Collectors.toMap(Property::getKey, Property::getDefaultValue))); return defaults; } diff --git a/server/sonar-process/src/main/java/org/sonar/process/cluster/hz/HazelcastMemberBuilder.java b/server/sonar-process/src/main/java/org/sonar/process/cluster/hz/HazelcastMemberBuilder.java index c5ab026e05e..edcbd659b39 100644 --- a/server/sonar-process/src/main/java/org/sonar/process/cluster/hz/HazelcastMemberBuilder.java +++ b/server/sonar-process/src/main/java/org/sonar/process/cluster/hz/HazelcastMemberBuilder.java @@ -30,13 +30,13 @@ import java.util.List; import java.util.stream.Collectors; import javax.annotation.CheckForNull; import org.sonar.process.ProcessId; -import org.sonar.process.ProcessProperties; import org.sonar.process.cluster.NodeType; import org.sonar.process.cluster.hz.HazelcastMember.Attribute; import static java.lang.String.format; import static java.util.Collections.singletonList; import static java.util.Objects.requireNonNull; +import static org.sonar.process.ProcessProperties.Property.CLUSTER_NODE_PORT; public class HazelcastMemberBuilder { @@ -83,7 +83,7 @@ public class HazelcastMemberBuilder { */ public HazelcastMemberBuilder setMembers(Collection<String> c) { this.members = c.stream() - .map(host -> host.contains(":") ? host : format("%s:%d", host, ProcessProperties.CLUSTER_NODE_PORT_DEFAULT_VALUE)) + .map(host -> host.contains(":") ? host : format("%s:%s", host, CLUSTER_NODE_PORT.getDefaultValue())) .collect(Collectors.toList()); return this; } diff --git a/server/sonar-process/src/main/java/org/sonar/process/logging/LogbackHelper.java b/server/sonar-process/src/main/java/org/sonar/process/logging/LogbackHelper.java index 015db433519..f5e51f69b3f 100644 --- a/server/sonar-process/src/main/java/org/sonar/process/logging/LogbackHelper.java +++ b/server/sonar-process/src/main/java/org/sonar/process/logging/LogbackHelper.java @@ -45,11 +45,11 @@ import org.apache.commons.lang.StringUtils; import org.slf4j.LoggerFactory; import org.slf4j.bridge.SLF4JBridgeHandler; import org.sonar.process.MessageException; -import org.sonar.process.ProcessProperties; import org.sonar.process.Props; import static java.lang.String.format; import static org.slf4j.Logger.ROOT_LOGGER_NAME; +import static org.sonar.process.ProcessProperties.Property.PATH_LOGS; /** * Helps to configure Logback in a programmatic way, without using XML. @@ -241,7 +241,7 @@ public class LogbackHelper extends AbstractLogHelper { public RollingPolicy createRollingPolicy(Context ctx, Props props, String filenamePrefix) { String rollingPolicy = props.value(ROLLING_POLICY_PROPERTY, "time:yyyy-MM-dd"); int maxFiles = props.valueAsInt(MAX_FILES_PROPERTY, 7); - File logsDir = props.nonNullValueAsFile(ProcessProperties.PATH_LOGS); + File logsDir = props.nonNullValueAsFile(PATH_LOGS.getKey()); if (rollingPolicy.startsWith("time:")) { return new TimeRollingPolicy(ctx, filenamePrefix, logsDir, maxFiles, StringUtils.substringAfter(rollingPolicy, "time:")); diff --git a/server/sonar-process/src/test/java/org/sonar/process/ProcessPropertiesTest.java b/server/sonar-process/src/test/java/org/sonar/process/ProcessPropertiesTest.java index 1369a5e7e43..aa97effda75 100644 --- a/server/sonar-process/src/test/java/org/sonar/process/ProcessPropertiesTest.java +++ b/server/sonar-process/src/test/java/org/sonar/process/ProcessPropertiesTest.java @@ -35,6 +35,8 @@ public class ProcessPropertiesTest { assertThat(props.value("sonar.search.javaOpts")).contains("-Xmx"); assertThat(props.valueAsInt("sonar.jdbc.maxActive")).isEqualTo(60); + assertThat(props.valueAsBoolean("sonar.sonarcloud.enabled")).isEqualTo(false); + assertThat(props.valueAsBoolean("sonar.updatecenter.activate")).isEqualTo(true); } @Test diff --git a/server/sonar-process/src/test/java/org/sonar/process/cluster/hz/HazelcastMemberBuilderTest.java b/server/sonar-process/src/test/java/org/sonar/process/cluster/hz/HazelcastMemberBuilderTest.java index ef64fa8952c..b06d7dc3570 100644 --- a/server/sonar-process/src/test/java/org/sonar/process/cluster/hz/HazelcastMemberBuilderTest.java +++ b/server/sonar-process/src/test/java/org/sonar/process/cluster/hz/HazelcastMemberBuilderTest.java @@ -27,11 +27,11 @@ import org.junit.rules.TestRule; import org.junit.rules.Timeout; import org.sonar.process.NetworkUtilsImpl; import org.sonar.process.ProcessId; -import org.sonar.process.ProcessProperties; import org.sonar.process.cluster.NodeType; import static java.util.Arrays.asList; import static org.assertj.core.api.Assertions.assertThat; +import static org.sonar.process.ProcessProperties.Property.CLUSTER_NODE_PORT; public class HazelcastMemberBuilderTest { @@ -72,8 +72,8 @@ public class HazelcastMemberBuilderTest { underTest.setMembers(asList("foo", "bar:9100", "1.2.3.4")); assertThat(underTest.getMembers()).containsExactly( - "foo:" + ProcessProperties.CLUSTER_NODE_PORT_DEFAULT_VALUE, + "foo:" + CLUSTER_NODE_PORT.getDefaultValue(), "bar:9100", - "1.2.3.4:" + ProcessProperties.CLUSTER_NODE_PORT_DEFAULT_VALUE); + "1.2.3.4:" + CLUSTER_NODE_PORT.getDefaultValue()); } } diff --git a/server/sonar-process/src/test/java/org/sonar/process/logging/LogbackHelperTest.java b/server/sonar-process/src/test/java/org/sonar/process/logging/LogbackHelperTest.java index a7c4813b8de..612de83bf8e 100644 --- a/server/sonar-process/src/test/java/org/sonar/process/logging/LogbackHelperTest.java +++ b/server/sonar-process/src/test/java/org/sonar/process/logging/LogbackHelperTest.java @@ -52,13 +52,13 @@ import org.junit.rules.TemporaryFolder; import org.junit.runner.RunWith; import org.sonar.process.MessageException; import org.sonar.process.ProcessId; -import org.sonar.process.ProcessProperties; import org.sonar.process.Props; import static org.apache.commons.lang.RandomStringUtils.randomAlphanumeric; import static org.assertj.core.api.Assertions.assertThat; import static org.junit.Assert.fail; import static org.slf4j.Logger.ROOT_LOGGER_NAME; +import static org.sonar.process.ProcessProperties.Property.PATH_LOGS; import static org.sonar.process.logging.RootLoggerConfig.newRootLoggerConfigBuilder; @RunWith(DataProviderRunner.class) @@ -75,7 +75,7 @@ public class LogbackHelperTest { @Before public void setUp() throws Exception { File dir = temp.newFolder(); - props.set(ProcessProperties.PATH_LOGS, dir.getAbsolutePath()); + props.set(PATH_LOGS.getKey(), dir.getAbsolutePath()); } @After @@ -88,12 +88,11 @@ public class LogbackHelperTest { assertThat(underTest.getRootContext()).isNotNull(); } - @Test public void buildLogPattern_puts_process_key_as_process_id() { String pattern = underTest.buildLogPattern(newRootLoggerConfigBuilder() - .setProcessId(ProcessId.ELASTICSEARCH) - .build()); + .setProcessId(ProcessId.ELASTICSEARCH) + .build()); assertThat(pattern).isEqualTo("%d{yyyy.MM.dd HH:mm:ss} %-5level es[][%logger{20}] %msg%n"); } @@ -102,10 +101,10 @@ public class LogbackHelperTest { public void buildLogPattern_puts_threadIdFieldPattern_from_RootLoggerConfig_non_null() { String threadIdFieldPattern = RandomStringUtils.randomAlphabetic(5); String pattern = underTest.buildLogPattern( - newRootLoggerConfigBuilder() - .setProcessId(ProcessId.APP) - .setThreadIdFieldPattern(threadIdFieldPattern) - .build()); + newRootLoggerConfigBuilder() + .setProcessId(ProcessId.APP) + .setThreadIdFieldPattern(threadIdFieldPattern) + .build()); assertThat(pattern).isEqualTo("%d{yyyy.MM.dd HH:mm:ss} %-5level app[" + threadIdFieldPattern + "][%logger{20}] %msg%n"); } @@ -113,9 +112,9 @@ public class LogbackHelperTest { @Test public void buildLogPattern_does_not_put_threadIdFieldPattern_from_RootLoggerConfig_is_null() { String pattern = underTest.buildLogPattern( - newRootLoggerConfigBuilder() - .setProcessId(ProcessId.COMPUTE_ENGINE) - .build()); + newRootLoggerConfigBuilder() + .setProcessId(ProcessId.COMPUTE_ENGINE) + .build()); assertThat(pattern).isEqualTo("%d{yyyy.MM.dd HH:mm:ss} %-5level ce[][%logger{20}] %msg%n"); } @@ -123,13 +122,14 @@ public class LogbackHelperTest { @Test public void buildLogPattern_does_not_put_threadIdFieldPattern_from_RootLoggerConfig_is_empty() { String pattern = underTest.buildLogPattern( - newRootLoggerConfigBuilder() - .setProcessId(ProcessId.WEB_SERVER) - .setThreadIdFieldPattern("") - .build()); + newRootLoggerConfigBuilder() + .setProcessId(ProcessId.WEB_SERVER) + .setThreadIdFieldPattern("") + .build()); assertThat(pattern).isEqualTo("%d{yyyy.MM.dd HH:mm:ss} %-5level web[][%logger{20}] %msg%n"); } + @Test public void enableJulChangePropagation() { LoggerContext ctx = underTest.getRootContext(); @@ -255,7 +255,7 @@ public class LogbackHelperTest { assertThat(rollingPolicy.getMaxIndex()).isEqualTo(20); assertThat(rollingPolicy.getFileNamePattern()).endsWith("sonar.%i.log"); SizeBasedTriggeringPolicy triggeringPolicy = (SizeBasedTriggeringPolicy) fileAppender.getTriggeringPolicy(); - FileSize maxFileSize = (FileSize)FieldUtils.readField(triggeringPolicy, "maxFileSize", true); + FileSize maxFileSize = (FileSize) FieldUtils.readField(triggeringPolicy, "maxFileSize", true); assertThat(maxFileSize.getSize()).isEqualTo(1024L * 1024); } |