aboutsummaryrefslogtreecommitdiffstats
path: root/sonar-scanner-engine
diff options
context:
space:
mode:
Diffstat (limited to 'sonar-scanner-engine')
-rw-r--r--sonar-scanner-engine/src/main/java/org/sonar/scanner/bootstrap/ScannerWsClientProvider.java7
-rw-r--r--sonar-scanner-engine/src/main/java/org/sonar/scanner/report/AnalysisContextReportPublisher.java22
-rw-r--r--sonar-scanner-engine/src/test/java/org/sonar/scanner/bootstrap/ScannerWsClientProviderTest.java12
3 files changed, 29 insertions, 12 deletions
diff --git a/sonar-scanner-engine/src/main/java/org/sonar/scanner/bootstrap/ScannerWsClientProvider.java b/sonar-scanner-engine/src/main/java/org/sonar/scanner/bootstrap/ScannerWsClientProvider.java
index 7101bfd96bf..67fe816a83f 100644
--- a/sonar-scanner-engine/src/main/java/org/sonar/scanner/bootstrap/ScannerWsClientProvider.java
+++ b/sonar-scanner-engine/src/main/java/org/sonar/scanner/bootstrap/ScannerWsClientProvider.java
@@ -22,6 +22,7 @@ package org.sonar.scanner.bootstrap;
import org.picocontainer.injectors.ProviderAdapter;
import org.sonar.api.CoreProperties;
import org.sonar.api.batch.ScannerSide;
+import org.sonar.api.utils.System2;
import org.sonar.batch.bootstrapper.EnvironmentInformation;
import org.sonarqube.ws.client.HttpConnector;
import org.sonarqube.ws.client.WsClientFactories;
@@ -39,13 +40,15 @@ public class ScannerWsClientProvider extends ProviderAdapter {
private ScannerWsClient wsClient;
- public synchronized ScannerWsClient provide(final GlobalProperties settings, final EnvironmentInformation env, GlobalAnalysisMode globalMode) {
+ public synchronized ScannerWsClient provide(final GlobalProperties settings, final EnvironmentInformation env,
+ GlobalAnalysisMode globalMode, System2 system) {
if (wsClient == null) {
String url = defaultIfBlank(settings.property("sonar.host.url"), CoreProperties.SERVER_BASE_URL_DEFAULT_VALUE);
HttpConnector.Builder connectorBuilder = HttpConnector.newBuilder();
String timeoutSec = defaultIfBlank(settings.property(READ_TIMEOUT_SEC_PROPERTY), valueOf(DEFAULT_READ_TIMEOUT_SEC));
- String login = defaultIfBlank(settings.property(CoreProperties.LOGIN), null);
+ String token = defaultIfBlank(system.envVariable("SONAR_TOKEN"), null);
+ String login = defaultIfBlank(settings.property(CoreProperties.LOGIN), token);
connectorBuilder
.readTimeoutMilliseconds(parseInt(timeoutSec) * 1_000)
.connectTimeoutMilliseconds(CONNECT_TIMEOUT_MS)
diff --git a/sonar-scanner-engine/src/main/java/org/sonar/scanner/report/AnalysisContextReportPublisher.java b/sonar-scanner-engine/src/main/java/org/sonar/scanner/report/AnalysisContextReportPublisher.java
index 237ad54f65d..8badd6715df 100644
--- a/sonar-scanner-engine/src/main/java/org/sonar/scanner/report/AnalysisContextReportPublisher.java
+++ b/sonar-scanner-engine/src/main/java/org/sonar/scanner/report/AnalysisContextReportPublisher.java
@@ -112,9 +112,15 @@ public class AnalysisContextReportPublisher {
private void writeEnvVariables(BufferedWriter fileWriter) throws IOException {
fileWriter.append("Environment variables:\n");
Map<String, String> envVariables = system.envVariables();
- for (String env : new TreeSet<>(envVariables.keySet())) {
- fileWriter.append(String.format(KEY_VALUE_FORMAT, env, envVariables.get(env))).append('\n');
- }
+ new TreeSet<>(envVariables.keySet())
+ .forEach(envKey -> {
+ try {
+ String envValue = isSensitiveEnvVariable(envKey) ? "******" : envVariables.get(envKey);
+ fileWriter.append(String.format(KEY_VALUE_FORMAT, envKey, envValue)).append('\n');
+ } catch (IOException e) {
+ throw new IllegalStateException(e);
+ }
+ });
}
private void writeGlobalSettings(BufferedWriter fileWriter) throws IOException {
@@ -146,7 +152,7 @@ public class AnalysisContextReportPublisher {
}
private static void dumpPropIfNotSensitive(BufferedWriter fileWriter, String prop, String value) throws IOException {
- fileWriter.append(String.format(KEY_VALUE_FORMAT, prop, sensitive(prop) ? "******" : StringUtils.abbreviate(value, MAX_WIDTH))).append('\n');
+ fileWriter.append(String.format(KEY_VALUE_FORMAT, prop, isSensitiveProperty(prop) ? "******" : StringUtils.abbreviate(value, MAX_WIDTH))).append('\n');
}
/**
@@ -183,7 +189,11 @@ public class AnalysisContextReportPublisher {
return propKey.startsWith(ENV_PROP_PREFIX) && system.envVariables().containsKey(propKey.substring(ENV_PROP_PREFIX.length()));
}
- private static boolean sensitive(String key) {
- return key.equals(CoreProperties.LOGIN) || key.contains(".password") || key.contains(".secured");
+ private static boolean isSensitiveEnvVariable(String key) {
+ return key.contains("_TOKEN") || key.contains("_PASSWORD") || key.contains("_SECURED");
+ }
+
+ private static boolean isSensitiveProperty(String key) {
+ return key.equals(CoreProperties.LOGIN) || key.contains(".password") || key.contains(".secured") || key.contains(".token");
}
}
diff --git a/sonar-scanner-engine/src/test/java/org/sonar/scanner/bootstrap/ScannerWsClientProviderTest.java b/sonar-scanner-engine/src/test/java/org/sonar/scanner/bootstrap/ScannerWsClientProviderTest.java
index c72c88f9031..804107b7886 100644
--- a/sonar-scanner-engine/src/test/java/org/sonar/scanner/bootstrap/ScannerWsClientProviderTest.java
+++ b/sonar-scanner-engine/src/test/java/org/sonar/scanner/bootstrap/ScannerWsClientProviderTest.java
@@ -23,10 +23,12 @@ import java.util.Collections;
import java.util.HashMap;
import java.util.Map;
import org.junit.Test;
+import org.sonar.api.utils.System2;
import org.sonar.batch.bootstrapper.EnvironmentInformation;
import org.sonarqube.ws.client.HttpConnector;
import static org.assertj.core.api.Assertions.assertThat;
+import static org.mockito.Mockito.mock;
public class ScannerWsClientProviderTest {
@@ -37,7 +39,7 @@ public class ScannerWsClientProviderTest {
public void provide_client_with_default_settings() {
GlobalProperties settings = new GlobalProperties(new HashMap<>());
- ScannerWsClient client = underTest.provide(settings, env, new GlobalAnalysisMode(new GlobalProperties(Collections.emptyMap())));
+ ScannerWsClient client = underTest.provide(settings, env, new GlobalAnalysisMode(new GlobalProperties(Collections.emptyMap())), mock(System2.class));
assertThat(client).isNotNull();
assertThat(client.baseUrl()).isEqualTo("http://localhost:9000/");
@@ -57,7 +59,7 @@ public class ScannerWsClientProviderTest {
props.put("sonar.ws.timeout", "42");
GlobalProperties settings = new GlobalProperties(props);
- ScannerWsClient client = underTest.provide(settings, env, new GlobalAnalysisMode(new GlobalProperties(Collections.emptyMap())));
+ ScannerWsClient client = underTest.provide(settings, env, new GlobalAnalysisMode(new GlobalProperties(Collections.emptyMap())), mock(System2.class));
assertThat(client).isNotNull();
HttpConnector httpConnector = (HttpConnector) client.wsConnector();
@@ -67,9 +69,11 @@ public class ScannerWsClientProviderTest {
@Test
public void build_singleton() {
+ System2 system = mock(System2.class);
+
GlobalProperties settings = new GlobalProperties(new HashMap<>());
- ScannerWsClient first = underTest.provide(settings, env, new GlobalAnalysisMode(new GlobalProperties(Collections.emptyMap())));
- ScannerWsClient second = underTest.provide(settings, env, new GlobalAnalysisMode(new GlobalProperties(Collections.emptyMap())));
+ ScannerWsClient first = underTest.provide(settings, env, new GlobalAnalysisMode(new GlobalProperties(Collections.emptyMap())), system);
+ ScannerWsClient second = underTest.provide(settings, env, new GlobalAnalysisMode(new GlobalProperties(Collections.emptyMap())), system);
assertThat(first).isSameAs(second);
}
}
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-20 07:30:46 +0000