新增语言:增加html检查支持

wuhaoyang
Guo XIn 10 months ago
parent 219eb4ab20
commit a4aa0ebff9
  1. 14
      sonar-keyware-plugins-java/pom.xml
  2. 15
      sonar-keyware-plugins-java/src/main/java/com/keyware/sonar/java/JavaSecurityDesignWayProfile.java
  3. 20
      sonar-keyware-plugins-java/src/main/java/com/keyware/sonar/java/rules/JavaFileCheckRegistrar.java
  4. 18
      sonar-keyware-plugins-java/src/main/java/com/keyware/sonar/java/rules/JavaSecurityDesignRulesRepository.java
  5. 44
      sonar-keyware-plugins-java/src/main/java/com/keyware/sonar/java/rules/RulesList.java
  6. 2
      sonar-keyware-plugins-java/src/test/java/com/keyware/sonar/java/rules/JavaFileCheckRegistrarTest.java
  7. 5
      sonar-keyware-plugins-java/src/test/java/com/keyware/sonar/java/rules/JavaSecurityDesignRulesRepositoryTest.java

@ -37,6 +37,13 @@
<type>sonar-plugin</type>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.sonarsource.html</groupId>
<artifactId>sonar-html-plugin</artifactId>
<version>${sonar.html.version}</version>
<!--<type>sonar-plugin</type>-->
<scope>compile</scope>
</dependency>
<dependency>
<groupId>org.sonarsource.analyzer-commons</groupId>
@ -86,6 +93,11 @@
<artifactId>junit-jupiter-migrationsupport</artifactId>
<scope>test</scope>
</dependency>
<dependency>
<groupId>org.sonarsource.sonarqube</groupId>
<artifactId>sonar-plugin-api-impl</artifactId>
<scope>test</scope>
</dependency>
</dependencies>
<build>
@ -101,7 +113,7 @@
<sonarLintSupported>true</sonarLintSupported>
<skipDependenciesPackaging>true</skipDependenciesPackaging>
<sonarQubeMinVersion>8.9</sonarQubeMinVersion>
<requirePlugins>java:${sonar.java.version}</requirePlugins>
<requirePlugins>java:${sonar.java.version},web:${sonar.html.version}</requirePlugins>
<jreMinVersion>11</jreMinVersion>
</configuration>
</plugin>

@ -7,7 +7,9 @@
package com.keyware.sonar.java;
import com.keyware.sonar.java.rules.JavaSecurityDesignRulesRepository;
import com.keyware.sonar.java.rules.RulesList;
import org.sonar.api.server.profile.BuiltInQualityProfilesDefinition;
import org.sonar.plugins.html.api.HtmlConstants;
import org.sonarsource.api.sonarlint.SonarLintSide;
/**
@ -21,11 +23,12 @@ public class JavaSecurityDesignWayProfile implements BuiltInQualityProfilesDefin
@Override
public void define(Context context) {
var way = context.createBuiltInQualityProfile("Java信息安全性设计准则", "java");
way.activateRule(JavaSecurityDesignRulesRepository.REPOSITORY_KEY, "ABCVarNameChecker");
way.activateRule(JavaSecurityDesignRulesRepository.REPOSITORY_KEY, "AbsolutePathDetectorChecker");
way.activateRule(JavaSecurityDesignRulesRepository.REPOSITORY_KEY, "DynamicCodeChecker");
way.activateRule(JavaSecurityDesignRulesRepository.REPOSITORY_KEY, "DynamicLibraryLoadChecker");
way.done();
var javaWay = context.createBuiltInQualityProfile("Java信息安全性设计准则", "java");
RulesList.getJavaRules().forEach(check -> javaWay.activateRule(JavaSecurityDesignRulesRepository.REPOSITORY_KEY, check.getSimpleName()));
javaWay.done();
var webWay = context.createBuiltInQualityProfile("Web信息安全性设计准则", HtmlConstants.LANGUAGE_KEY);
RulesList.getHtmlRules().forEach(check -> webWay.activateRule(JavaSecurityDesignRulesRepository.REPOSITORY_KEY + "-" + HtmlConstants.LANGUAGE_KEY, check.getSimpleName()));
webWay.done();
}
}

@ -6,11 +6,11 @@
*/
package com.keyware.sonar.java.rules;
import org.sonar.plugins.html.api.HtmlConstants;
import org.sonar.plugins.java.api.CheckRegistrar;
import org.sonar.plugins.java.api.JavaCheck;
import org.sonarsource.api.sonarlint.SonarLintSide;
import java.util.List;
import java.util.Collections;
/**
* 负责将java规则检查器注册到SonarQube中
@ -26,20 +26,8 @@ public class JavaFileCheckRegistrar implements CheckRegistrar {
@Override
public void register(RegistrarContext registrarContext) {
// 调用 registerClassesForRepository 以将类与正确的存储库密钥相关联
registrarContext.registerClassesForRepository(JavaSecurityDesignRulesRepository.REPOSITORY_KEY, checkClasses(), testCheckClasses());
registrarContext.registerClassesForRepository(JavaSecurityDesignRulesRepository.REPOSITORY_KEY, RulesList.getJavaRules(), Collections.emptyList());
registrarContext.registerClassesForRepository(JavaSecurityDesignRulesRepository.REPOSITORY_KEY + "-" + HtmlConstants.LANGUAGE_KEY, RulesList.getHtmlRules(), Collections.emptyList());
}
/**
* 列出插件提供的所有主检查器
*/
public static List<Class<? extends JavaCheck>> checkClasses() {
return RulesList.getJavaChecks();
}
/**
* 列出插件提供的所有测试检查器
*/
public static List<Class<? extends JavaCheck>> testCheckClasses() {
return RulesList.getJavaTestChecks();
}
}

@ -12,6 +12,7 @@ import org.sonar.api.SonarQubeSide;
import org.sonar.api.SonarRuntime;
import org.sonar.api.server.rule.RulesDefinition;
import org.sonar.api.utils.Version;
import org.sonar.plugins.html.api.HtmlConstants;
import org.sonarsource.analyzer.commons.RuleMetadataLoader;
import java.util.ArrayList;
@ -43,15 +44,16 @@ public class JavaSecurityDesignRulesRepository implements RulesDefinition {
@Override
public void define(RulesDefinition.Context context) {
RulesDefinition.NewRepository repository = context.createRepository(REPOSITORY_KEY, "java").setName(REPOSITORY_NAME);
RulesDefinition.NewRepository javaRepo = context.createRepository(REPOSITORY_KEY, "java").setName(REPOSITORY_NAME);
RuleMetadataLoader ruleMetadataLoader = new RuleMetadataLoader(RESOURCE_BASE_PATH, runtime);
ruleMetadataLoader.addRulesByAnnotatedClass(repository, new ArrayList<>(RulesList.getChecks()));
setTemplates(repository);
repository.done();
ruleMetadataLoader.addRulesByAnnotatedClass(javaRepo, new ArrayList<>(RulesList.getJavaRules()));
setTemplates(javaRepo);
javaRepo.done();
RulesDefinition.NewRepository htmlRepo = context.createRepository(REPOSITORY_KEY + "-" + HtmlConstants.LANGUAGE_KEY, HtmlConstants.LANGUAGE_KEY).setName(REPOSITORY_NAME);
ruleMetadataLoader.addRulesByAnnotatedClass(htmlRepo, new ArrayList<>(RulesList.getHtmlRules()));
setTemplates(htmlRepo);
htmlRepo.done();
}
private static void setTemplates(RulesDefinition.NewRepository repository) {

@ -9,43 +9,39 @@ package com.keyware.sonar.java.rules;
import com.keyware.sonar.java.rules.checkers.*;
import org.sonar.plugins.java.api.JavaCheck;
import java.util.ArrayList;
import java.util.Collections;
import java.util.List;
public final class RulesList {
private RulesList() {
}
public static List<Class<? extends JavaCheck>> getChecks() {
List<Class<? extends JavaCheck>> checks = new ArrayList<>();
checks.addAll(getJavaChecks());
checks.addAll(getJavaTestChecks());
return Collections.unmodifiableList(checks);
}
/**
* These rules are going to target MAIN code only
*/
public static List<Class<? extends JavaCheck>> getJavaChecks() {
public static List<Class<? extends JavaCheck>> getJavaRules() {
return List.of(
ABCVarNameChecker.class,
//ABCVarNameChecker.class,
AbsolutePathDetectorChecker.class,
PathAndKeywordCheck.class,
AvoidSensitiveInfoInLogsCheck.class,
CookieSensitiveParameterCheck.class,
DynamicCodeChecker.class,
DynamicLibraryLoadChecker.class,
FileCheck.class,
HashSaltPassWordChecker.class,
HttpInputDataChecker.class,
InputSQLVerifyChecker.class,
Md5PassWordVerifyChecker.class,
PasswordRegexCheck.class,
PathAndKeywordCheck.class,
RedirectUrlChecker.class,
RSAEncryptionChecker.class,
SecurityCookieChecker.class,
SystemFunctionChecker.class,
UploadFileVerifyChecker.class,
SecurityCookieChecker.class,
RedirectUrlChecker.class,
DynamicLibraryLoadChecker.class
UpperCycleLimitRuleChecker.class
);
}
/**
* These rules are going to target TEST code only
*/
public static List<Class<? extends JavaCheck>> getJavaTestChecks() {
return Collections.emptyList();
public static List<Class<? extends JavaCheck>> getHtmlRules() {
return List.of(
PasswordInputTagChecker.class
);
}
}

@ -27,7 +27,7 @@ public class JavaFileCheckRegistrarTest {
JavaFileCheckRegistrar registrar = new JavaFileCheckRegistrar();
registrar.register(context);
assertThat(context.checkClasses()).hasSize(9);
assertThat(context.checkClasses()).hasSize(1);
assertThat(context.testCheckClasses()).hasSize(0);
}

@ -7,9 +7,6 @@
package com.keyware.sonar.java.rules;
import org.junit.jupiter.api.Test;
import org.sonar.api.rules.RuleType;
import org.sonar.api.server.debt.DebtRemediationFunction;
import org.sonar.api.server.rule.RuleParamType;
import org.sonar.api.server.rule.RulesDefinition;
import static org.assertj.core.api.Assertions.assertThat;
@ -31,7 +28,7 @@ public class JavaSecurityDesignRulesRepositoryTest {
assertThat(repository.name()).isEqualTo(JavaSecurityDesignRulesRepository.REPOSITORY_NAME);
assertThat(repository.language()).isEqualTo("java");
assertThat(repository.rules()).hasSize(RulesList.getChecks().size());
assertThat(repository.rules()).hasSize(RulesList.getJavaRules().size());
assertThat(repository.rules().stream().filter(RulesDefinition.Rule::template)).isEmpty();
}

Loading…
Cancel
Save