Merge pull request #31 from stepstone-tech/sonar-9.0

release version 2.2.0

.github/workflows/ci.yml

@@ -5,22 +5,37 @@ name: CI
 
 on:
   push:
-    branches: [ master, sonar-9 ]
+    branches: [ master, sonar-9, sonar-9.0 ]
   pull_request:
-    branches: [ master ]
+      types: [opened, synchronize, reopened]
 
 jobs:
   build:
 
     runs-on: ubuntu-latest
-
     steps:
     - uses: actions/checkout@v2
-    - name: Set up JDK 8
+      with:
+        fetch-depth: 0
+    - name: Set up JDK 11
       uses: actions/setup-java@v2
       with:
-        java-version: '8'
         distribution: 'adopt'
-        cache: maven
-    - name: Build with Maven
-      run: mvn -B package --file pom.xml
+        java-version: '11'
+    - name: Cache SonarCloud packages
+      uses: actions/cache@v1
+      with:
+        path: ~/.sonar/cache
+        key: ${{ runner.os }}-sonar
+        restore-keys: ${{ runner.os }}-sonar
+    - name: Cache Maven packages
+      uses: actions/cache@v1
+      with:
+        path: ~/.m2
+        key: ${{ runner.os }}-m2-${{ hashFiles('**/pom.xml') }}
+        restore-keys: ${{ runner.os }}-m2
+    - name: Build and analyze
+      env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      run: mvn -B verify org.sonarsource.scanner.maven:sonar-maven-plugin:sonar -Psonar

README.md

@@ -13,7 +13,8 @@ A [SonarQube plugin](http://www.sonarqube.org/) for analyzing ColdFusion code, b
 
 SonarQube Version | Plugin Version
 ------------------|---------------
-7.6 - 8.9         | 2.2.1
+9.0 - 9.1         | 2.2.0
+7.6 - 8.9         | 2.1.1
 5.6 - 7.5         | 1.5.0
 
 ## Running

pom.xml

@@ -6,7 +6,7 @@
     <groupId>com.stepstone.sonar.plugin</groupId>
     <artifactId>sonar-coldfusion-plugin</artifactId>
     <packaging>sonar-plugin</packaging>
-    <version>2.1.1</version>
+    <version>2.2.0</version>
 
     <name>SonarQube Coldfusion Plugin</name>
     <description>Enables scanning of ColdFusion source files</description>
@@ -37,17 +37,18 @@
 
     <properties>
         <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-        <maven.compiler.source>1.8</maven.compiler.source>
-        <maven.compiler.target>1.8</maven.compiler.target>
-        <sonar.version>7.6</sonar.version>
+        <maven.compiler.source>11</maven.compiler.source>
+        <maven.compiler.target>11</maven.compiler.target>
+        <sonar.version>9.0.0.45539</sonar.version>
         <cflint.version>1.5.0</cflint.version>
+        <sonar-analyzer-commons.version>1.16.0.719</sonar-analyzer-commons.version>
     </properties>
 
     <dependencies>
         <dependency>
             <groupId>junit</groupId>
             <artifactId>junit</artifactId>
-            <version>4.13.1</version>
+            <version>4.13.2</version>
             <scope>test</scope>
         </dependency>
         <dependency>
@@ -60,36 +61,50 @@
         <dependency>
             <groupId>org.assertj</groupId>
             <artifactId>assertj-core</artifactId>
-            <version>3.11.1</version>
+            <version>3.21.0</version>
             <scope>test</scope>
         </dependency>
 
         <dependency>
             <groupId>org.sonarsource.sslr-squid-bridge</groupId>
             <artifactId>sslr-squid-bridge</artifactId>
-            <version>2.7.0.377</version>
+            <version>2.7.1.392</version>
             <exclusions>
                 <exclusion>
                     <artifactId>sonar-plugin-api</artifactId>
                     <groupId>org.sonarsource.sonarqube</groupId>
                 </exclusion>
             </exclusions>
         </dependency>
+
+        <dependency>
+            <groupId>org.sonarsource.analyzer-commons</groupId>
+            <artifactId>sonar-analyzer-commons</artifactId>
+            <version>${sonar-analyzer-commons.version}</version>
+        </dependency>
+
         <!-- This will be the server API-->
         <dependency>
             <groupId>org.sonarsource.sonarqube</groupId>
             <artifactId>sonar-plugin-api</artifactId>
             <version>${sonar.version}</version>
             <scope>provided</scope>
         </dependency>
+
+        <dependency>
+            <groupId>org.sonarsource.sonarqube</groupId>
+            <artifactId>sonar-plugin-api-impl</artifactId>
+            <version>${sonar.version}</version>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
     <build>
         <plugins>
             <plugin>
                 <groupId>org.sonarsource.sonar-packaging-maven-plugin</groupId>
                 <artifactId>sonar-packaging-maven-plugin</artifactId>
-                <version>1.18.0.372</version>
+                <version>1.20.0.405</version>
                 <extensions>true</extensions>
                 <configuration>
                     <pluginClass>com.stepstone.sonar.plugin.coldfusion.ColdFusionPlugin</pluginClass>
@@ -127,7 +142,7 @@
             <plugin>
                 <groupId>de.jutzig</groupId>
                 <artifactId>github-release-plugin</artifactId>
-                <version>1.3.0</version>
+                <version>1.4.0</version>
                 <configuration>
                     <description>Sonarqube Coldfusion Plugin release</description>
                     <releaseName>${project.version}</releaseName>
@@ -158,12 +173,12 @@
                         <plugin>
                             <groupId>org.sonarsource.scanner.maven</groupId>
                             <artifactId>sonar-maven-plugin</artifactId>
-                            <version>3.6.0.1398</version>
+                            <version>3.9.0.2155</version>
                         </plugin>
-                    <plugin>
-                        <groupId>org.jacoco</groupId>
-                        <artifactId>jacoco-maven-plugin</artifactId>
-                        <version>0.8.3</version>
+                        <plugin>
+                            <groupId>org.jacoco</groupId>
+                            <artifactId>jacoco-maven-plugin</artifactId>
+                            <version>0.8.7</version>
                         </plugin>
                     </plugins>
                 </pluginManagement>
@@ -182,6 +197,11 @@
                     <goals>
                     <goal>report</goal>
                     </goals>
+                    <configuration>
+                        <excludes>
+                            <exclude>META-INF/runner/cflint.jar</exclude>
+                        </excludes>
+                    </configuration>
                 </execution>
                 </executions>
             </plugin>

src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionPlugin.java

@@ -17,7 +17,7 @@
 package com.stepstone.sonar.plugin.coldfusion;
 
 import com.stepstone.sonar.plugin.coldfusion.profile.ColdFusionProfileExporter;
-import com.stepstone.sonar.plugin.coldfusion.profile.ColdFusionSonarWayProfileImporter;
+import com.stepstone.sonar.plugin.coldfusion.profile.ColdFusionSonarWayProfile;
 import com.stepstone.sonar.plugin.coldfusion.rules.ColdFusionSonarRulesDefinition;
 
 import org.sonar.api.Plugin;
@@ -71,7 +71,7 @@ public void define(Context context) {
                 ColdFusion.class,
                 ColdFusionSensor.class,
                 ColdFusionSonarRulesDefinition.class,
-                ColdFusionSonarWayProfileImporter.class,
+                ColdFusionSonarWayProfile.class,
                 ColdFusionProfileExporter.class
         );
 

src/main/java/com/stepstone/sonar/plugin/coldfusion/ColdFusionSensor.java

@@ -37,14 +37,15 @@
 import java.io.InputStreamReader;
 import java.nio.file.Files;
 import java.util.ArrayList;
-import java.util.List;
 import java.util.Collection;
+import java.util.List;
 import java.util.concurrent.Callable;
 import java.util.concurrent.ExecutorService;
 import java.util.concurrent.Executors;
 import java.util.concurrent.TimeUnit;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
+import java.util.stream.Collectors;
 
 public class ColdFusionSensor implements Sensor {
 
@@ -90,7 +91,9 @@ private void analyze(SensorContext context) throws IOException, XMLStreamExcepti
 
     private File generateCflintConfig() throws IOException, XMLStreamException {
         final File configFile = new File(fs.workDir(), "cflint-config.xml");
-        new CFLintConfigExporter(ruleProfile.findByRepository(ColdFusionPlugin.REPOSITORY_KEY)).save(configFile);
+        Collection<String> ruleKeys = ruleProfile.findByRepository(ColdFusionPlugin.REPOSITORY_KEY)
+            .stream().map(rule -> rule.ruleKey().toString()).collect(Collectors.toList());
+        new CFLintConfigExporter(ruleKeys).save(configFile);
         return configFile;
     }
 

src/main/java/com/stepstone/sonar/plugin/coldfusion/cflint/CFLintConfigExporter.java

@@ -16,9 +16,6 @@
 
 package com.stepstone.sonar.plugin.coldfusion.cflint;
 
-import com.stepstone.sonar.plugin.coldfusion.ColdFusionPlugin;
-import org.sonar.api.batch.rule.ActiveRule;
-
 import javax.xml.stream.XMLOutputFactory;
 import javax.xml.stream.XMLStreamException;
 import javax.xml.stream.XMLStreamWriter;
@@ -30,16 +27,9 @@
 
 public class CFLintConfigExporter {
 
-    private final Collection<ActiveRule> ruleProfiles;
-    private final String repositoryKey;
-
-    public CFLintConfigExporter(Collection ruleProfile) {
-        this(ruleProfile, ColdFusionPlugin.REPOSITORY_KEY);
-    }
-
-    public CFLintConfigExporter(Collection ruleProfile, String repositoryKey) {
-        this.ruleProfiles = ruleProfile;
-        this.repositoryKey = repositoryKey;
+    private final Collection<String> ruleKeys;
+    public CFLintConfigExporter(Collection<String> ruleKeys) {
+        this.ruleKeys = ruleKeys;
     }
 
     public void save(File configFile) throws IOException, XMLStreamException {
@@ -57,9 +47,9 @@ public void save(Writer writer) throws IOException, XMLStreamException {
             xtw.writeStartDocument();
             xtw.writeStartElement("config");
 
-            for (ActiveRule activeRule : ruleProfiles) {
+            for (String ruleKey: ruleKeys) {
                 xtw.writeStartElement("includes");
-                xtw.writeAttribute("code", activeRule.ruleKey().toString());
+                xtw.writeAttribute("code", ruleKey);
                 xtw.writeEndElement();
             }
 

src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionProfileExporter.java

@@ -20,12 +20,13 @@
 import com.stepstone.sonar.plugin.coldfusion.ColdFusionPlugin;
 import com.stepstone.sonar.plugin.coldfusion.cflint.CFLintConfigExporter;
 import org.sonar.api.profiles.ProfileExporter;
-import org.sonar.api.batch.rule.ActiveRules;
 import org.sonar.api.profiles.RulesProfile;
 
 import javax.xml.stream.XMLStreamException;
 import java.io.IOException;
 import java.io.Writer;
+import java.util.Collection;
+import java.util.stream.Collectors;
 
 public class ColdFusionProfileExporter extends ProfileExporter {
 
@@ -37,19 +38,13 @@ public ColdFusionProfileExporter() {
     @Override
     public void exportProfile(RulesProfile ruleProfile, Writer writer) {
         try {
-            new CFLintConfigExporter(ruleProfile.getActiveRulesByRepository(ColdFusionPlugin.REPOSITORY_KEY)).save(writer);
+            Collection<String> ruleKeys = ruleProfile.getActiveRulesByRepository(ColdFusionPlugin.REPOSITORY_KEY)
+                .stream().map(rule -> rule.getRule().ruleKey().rule())
+                .collect(Collectors.toList());
+            new CFLintConfigExporter(ruleKeys).save(writer);
         } catch (IOException | XMLStreamException e) {
             Throwables.propagate(e);
         }
     }
 
-    public void exportProfile(ActiveRules activeRules, Writer writer) {
-        try {
-            new CFLintConfigExporter(activeRules.findByRepository(ColdFusionPlugin.REPOSITORY_KEY)).save(writer);
-        } catch (IOException | XMLStreamException e) {
-            Throwables.propagate(e);
-        }
-
-    }
-
 }

src/main/java/com/stepstone/sonar/plugin/coldfusion/profile/ColdFusionSonarWayProfile.java

@@ -0,0 +1,34 @@
+/*
+Copyright 2016 StepStone GmbH
+
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+
+    http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package com.stepstone.sonar.plugin.coldfusion.profile;
+
+import com.stepstone.sonar.plugin.coldfusion.ColdFusionPlugin;
+import org.sonar.api.server.profile.BuiltInQualityProfilesDefinition;
+import org.sonarsource.analyzer.commons.BuiltInQualityProfileJsonLoader;
+
+public class ColdFusionSonarWayProfile implements BuiltInQualityProfilesDefinition {
+
+    private static final String PROFILE_NAME = "Sonar way";
+    private static final String DEFAULT_PROFILE_PATH = "com/stepstone/sonar/plugin/coldfusion/profile.json";
+
+    @Override
+    public void define(Context context) {
+        NewBuiltInQualityProfile profile = context.createBuiltInQualityProfile(PROFILE_NAME, ColdFusionPlugin.LANGUAGE_KEY);
+        BuiltInQualityProfileJsonLoader.load(profile, ColdFusionPlugin.REPOSITORY_KEY, DEFAULT_PROFILE_PATH);
+        profile.done();
+    }
+}