Merge branch 'release/V3.3.0'

Author: gquerret

Jenkinsfile

@@ -8,9 +8,10 @@ pipeline {
   }
 
   stages {
-    stage ('Build OpenEdge plugin') {
+    stage ('👷 Build') {
       environment {
-        MAVEN_GPG_PASSPHRASE=credentials('GPG_KEY')
+        OP_CLI_PATH = '/usr/local/bin/'
+        MAVEN_GPG_PASSPHRASE = 'op://Jenkins/GPG/password'
       }
       steps {
         checkout([$class: 'GitSCM', branches: scm.branches, extensions: scm.extensions + [[$class: 'CleanCheckout']], userRemoteConfigs: scm.userRemoteConfigs])
@@ -19,7 +20,11 @@ pipeline {
         script {
           withEnv(["MVN_HOME=${tool name: 'Maven 3', type: 'maven'}", "JAVA_HOME=${tool name: 'JDK17', type: 'jdk'}"]) {
             if ("main" == env.BRANCH_NAME) {
-              sh "$MVN_HOME/bin/mvn -P release clean deploy -Dgit.commit=\$(git rev-parse --short HEAD)"
+              withSecrets() {
+                configFileProvider([configFile(fileId: 'MvnSettingsRSSW', variable: 'MAVEN_SETTINGS')]) {
+                  sh '$MVN_HOME/bin/mvn -s ${MAVEN_SETTINGS} -P release clean deploy -Dgit.commit=\$(git rev-parse --short HEAD)'
+                }
+              }
               mail body: "https://central.sonatype.com/publishing/deployments", to: "[email protected]", subject: "sonar-openedge - Publish artifact on Central"
             } else if ("develop" == env.BRANCH_NAME) {
               sh "$MVN_HOME/bin/mvn clean javadoc:javadoc deploy -Dmaven.test.failure.ignore=true -Dgit.commit=\$(git rev-parse --short HEAD)"
@@ -35,7 +40,7 @@ pipeline {
       }
     }
 
-    stage ('SonarQube analysis') {
+    stage ('🔍 SonarQube analysis') {
       steps {
         script {
           withEnv(["MVN_HOME=${tool name: 'Maven 3', type: 'maven'}", "JAVA_HOME=${tool name: 'JDK17', type: 'jdk'}"]) {

coverage-report/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>eu.rssw</groupId>
     <artifactId>sonar-openedge</artifactId>
-    <version>3.2.0</version>
+    <version>3.3.0</version>
   </parent>
   <groupId>eu.rssw.openedge.parsers</groupId>
   <artifactId>coverage-report</artifactId>
@@ -21,37 +21,37 @@
     <dependency>
       <groupId>eu.rssw.openedge.rcode</groupId>
       <artifactId>rcode-reader</artifactId>
-      <version>3.2.0</version>
+      <version>3.3.0</version>
     </dependency>
     <dependency>
       <groupId>eu.rssw.sonar.openedge</groupId>
       <artifactId>sonar-openedge-plugin</artifactId>
-      <version>3.2.0</version>
+      <version>3.3.0</version>
     </dependency>
     <dependency>
       <groupId>eu.rssw.openedge.parsers</groupId>
       <artifactId>proparse</artifactId>
-      <version>3.2.0</version>
+      <version>3.3.0</version>
     </dependency>
     <dependency>
       <groupId>eu.rssw.openedge.parsers</groupId>
       <artifactId>profiler-parser</artifactId>
-      <version>3.2.0</version>
+      <version>3.3.0</version>
     </dependency>
     <dependency>
       <groupId>eu.rssw.openedge.parsers</groupId>
       <artifactId>database-parser</artifactId>
-      <version>3.2.0</version>
+      <version>3.3.0</version>
     </dependency>
     <dependency>
       <groupId>eu.rssw.openedge.parsers</groupId>
       <artifactId>listing-parser</artifactId>
-      <version>3.2.0</version>
+      <version>3.3.0</version>
     </dependency>
     <dependency>
       <groupId>eu.rssw.openedge.checks</groupId>
       <artifactId>openedge-checks</artifactId>
-      <version>3.2.0</version>
+      <version>3.3.0</version>
     </dependency>
   </dependencies>
 

database-parser/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>eu.rssw</groupId>
     <artifactId>sonar-openedge</artifactId>
-    <version>3.2.0</version>
+    <version>3.3.0</version>
   </parent>
   <groupId>eu.rssw.openedge.parsers</groupId>
   <artifactId>database-parser</artifactId>

listing-parser/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>eu.rssw</groupId>
     <artifactId>sonar-openedge</artifactId>
-    <version>3.2.0</version>
+    <version>3.3.0</version>
   </parent>
   <groupId>eu.rssw.openedge.parsers</groupId>
   <artifactId>listing-parser</artifactId>

openedge-checks/pom.xml

@@ -5,7 +5,7 @@
   <parent>
     <groupId>eu.rssw</groupId>
     <artifactId>sonar-openedge</artifactId>
-    <version>3.2.0</version>
+    <version>3.3.0</version>
   </parent>
   <groupId>eu.rssw.openedge.checks</groupId>
   <artifactId>openedge-checks</artifactId>
@@ -23,12 +23,18 @@
     <dependency>
       <groupId>eu.rssw.openedge.parsers</groupId>
       <artifactId>database-parser</artifactId>
-      <version>3.2.0</version>
+      <version>3.3.0</version>
     </dependency>
     <dependency>
       <groupId>eu.rssw.openedge.parsers</groupId>
       <artifactId>proparse</artifactId>
-      <version>3.2.0</version>
+      <version>3.3.0</version>
+    </dependency>
+    <dependency>
+      <groupId>org.sonarsource.sonarqube</groupId>
+      <artifactId>sonar-plugin-api-impl</artifactId>
+      <version>10.7.0.96327</version>
+      <scope>test</scope>
     </dependency>
     <dependency>
       <groupId>org.testng</groupId>

openedge-checks/src/main/java/org/sonar/plugins/openedge/api/AnnotationBasedRulesDefinition.java

@@ -19,14 +19,24 @@
  */
 package org.sonar.plugins.openedge.api;
 
+import java.io.IOException;
 import java.lang.annotation.Annotation;
+import java.nio.charset.StandardCharsets;
 import java.util.List;
+import java.util.Locale;
 import java.util.Set;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import javax.annotation.Nullable;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.sonar.api.SonarRuntime;
 import org.sonar.api.rules.RuleType;
+import org.sonar.api.server.rule.Context;
+import org.sonar.api.server.rule.RuleDescriptionSection;
+import org.sonar.api.server.rule.RuleDescriptionSectionBuilder;
 import org.sonar.api.server.rule.RulesDefinition;
 import org.sonar.api.server.rule.RulesDefinition.NewRepository;
 import org.sonar.api.server.rule.RulesDefinition.NewRule;
@@ -55,6 +65,11 @@
 import com.google.common.collect.Lists;
 import com.google.common.collect.Sets;
 
+import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.HOW_TO_FIX_SECTION_KEY;
+import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.INTRODUCTION_SECTION_KEY;
+import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.RESOURCES_SECTION_KEY;
+import static org.sonar.api.server.rule.RuleDescriptionSection.RuleDescriptionSectionKeys.ROOT_CAUSE_SECTION_KEY;
+
 /**
  * Utility class which helps setting up an implementation of {@link RulesDefinition} with a list of rule classes
  * annotated with {@link Rule}, {@link RuleProperty} and one of:
@@ -74,14 +89,21 @@
 public class AnnotationBasedRulesDefinition {
   private static final Logger LOGGER = LoggerFactory.getLogger(AnnotationBasedRulesDefinition.class);
 
+  private static final String CODE_EXAMPLES_HEADER = "<h3>Code examples</h3>";
+  private static final String WHY_SECTION_HEADER = "<h2>Why is this an issue\\?</h2>";
+  private static final String HOW_TO_FIX_SECTION_HEADER = "<h2>How to fix it</h2>";
+  private static final String RESOURCES_SECTION_HEADER = "<h2>Resources</h2>";
+  private static final String HOW_TO_FIX_FRAMEWORK_SECTION_REGEX = "<h2>How to fix it in (?:(?:an|a|the)\\s)?(?<displayName>.*)</h2>";
+  private static final Pattern HOW_TO_FIX_SECTION_PATTERN = Pattern.compile(HOW_TO_FIX_SECTION_HEADER);
+  private static final Pattern HOW_TO_FIX_FRAMEWORK_SECTION_PATTERN = Pattern.compile(HOW_TO_FIX_FRAMEWORK_SECTION_REGEX);
+
   private final NewRepository repository;
-  private final ExternalDescriptionLoader externalDescriptionLoader;
+  private final String basePath;
   private final SonarRuntime runtime;
 
   public AnnotationBasedRulesDefinition(NewRepository repository, String languageKey, SonarRuntime runtime) {
     this.repository = repository;
-    String externalDescriptionBasePath = String.format("/rules/%s/%s/", languageKey, repository.key());
-    this.externalDescriptionLoader = new ExternalDescriptionLoader(externalDescriptionBasePath);
+    this.basePath = String.format("/rules/%s/%s/", languageKey, repository.key());
     this.runtime = runtime;
   }
 
@@ -97,7 +119,7 @@ public void addRuleClasses(boolean failIfNoExplicitKey, Iterable<Class> ruleClas
     for (Class<?> ruleClass : ruleClasses) {
       NewRule rule = newRule(ruleClass, failIfNoExplicitKey);
       rule.setTemplate(AnnotationUtils.getAnnotation(ruleClass, RuleTemplate.class) != null);
-      externalDescriptionLoader.addHtmlDescription(rule, ruleClass);
+      setupDocumentation(rule, ruleClass);
       setupSecurityModel(rule, ruleClass);
       if (runtime.getApiVersion().isGreaterThanOrEqual(Version.create(10, 1)))
         setupCleanCode(rule, ruleClass);
@@ -135,8 +157,6 @@ private void setupSecurityModel(NewRule rule, Class<?> ruleClass) {
     var hotspotAnnotation = AnnotationUtils.getAnnotation(ruleClass, SecurityHotspot.class);
     if (hotspotAnnotation != null) {
       rule.setType(RuleType.SECURITY_HOTSPOT);
-      setOwasp(rule, OwaspTop10Version.Y2017, hotspotAnnotation.owasp());
-      setCwe(rule, hotspotAnnotation.cwe());
     }
     var cweAnnotation = AnnotationUtils.getAnnotation(ruleClass, CWE.class);
     if (cweAnnotation != null)
@@ -208,23 +228,96 @@ private void setupSqaleModel(NewRule rule, Class<?> ruleClass) {
     }
   }
 
-  private class ExternalDescriptionLoader {
-    private final String resourceBasePath;
+  private void setupDocumentation(NewRule rule, Class<?> clz) {
+    var url01 = clz.getResource(basePath + rule.key().replace('.', '/') + ".html");
+    var url02 = clz.getResource(basePath + rule.key().replace('.', '/') + ".sections.html");
+    if (url02 != null) {
+      try (var in = url02.openStream()) {
+        var desc = new String(in.readAllBytes(), StandardCharsets.UTF_8);
+        rule.setHtmlDescription(desc); // Compatibility with old versions of SonarQube
+        setupEducationDocumentation(rule, desc);
+      } catch (IOException caught) {
+        rule.setHtmlDescription("<p>Invalid description</p>");
+      }
+    } else if (url01 != null) {
+      rule.setHtmlDescription(url01);
+    } else {
+      rule.setHtmlDescription("<p>No description</p>");
+      LOGGER.warn("No HTML description found for rule {}", rule.key());
+    }
+  }
+
+  // Adapted from org.sonarsource.analyzer.commons.EducationRuleLoader
+  private void setupEducationDocumentation(NewRule rule, String description) {
+    // The "Why is this an issue?" section is expected.
+    var split = description.split(WHY_SECTION_HEADER);
+
+    // Adding the introduction section if not empty.
+    addSection(rule, INTRODUCTION_SECTION_KEY, split[0]);
+    split = split[1].split(RESOURCES_SECTION_HEADER);
 
-    public ExternalDescriptionLoader(String resourceBasePath) {
-      this.resourceBasePath = resourceBasePath;
+    // Filtering out the "<h3>Code examples</h3>" title.
+    var rootCauseAndHowToFixItSections = split[0].replace(CODE_EXAMPLES_HEADER, "");
+
+    // Either the generic "How to fix it" section or at least one framework specific "How to fix it in <framework_name>"
+    // section is expected.
+    var frameworkSpecificHowToFixItSectionMatcher = HOW_TO_FIX_FRAMEWORK_SECTION_PATTERN.matcher(
+        rootCauseAndHowToFixItSections);
+    var hasFrameworkSpecificHowToFixItSection = frameworkSpecificHowToFixItSectionMatcher.find();
+    var hasGenericHowToFixItSection = HOW_TO_FIX_SECTION_PATTERN.matcher(rootCauseAndHowToFixItSections).find();
+    if (hasGenericHowToFixItSection && hasFrameworkSpecificHowToFixItSection) {
+      throw new IllegalStateException(String.format(
+          "Invalid education rule format for '%s', rule description has both generic and framework-specific 'How to fix it' sections",
+          rule.key()));
+    } else if (hasFrameworkSpecificHowToFixItSection) {
+      // Splitting by the "How to fix in <displayName>" will return an array where each element after the first is the
+      // content related to a given framework.
+      var innerSplit = rootCauseAndHowToFixItSections.split(HOW_TO_FIX_FRAMEWORK_SECTION_REGEX);
+      addSection(rule, ROOT_CAUSE_SECTION_KEY, innerSplit[0]);
+      addContextSpecificHowToFixItSection(rule, innerSplit, frameworkSpecificHowToFixItSectionMatcher);
+    } else if (hasGenericHowToFixItSection) {
+      // Rule has the generic "How to fix it" section.
+      var innerSplit = rootCauseAndHowToFixItSections.split(HOW_TO_FIX_SECTION_HEADER);
+      addSection(rule, ROOT_CAUSE_SECTION_KEY, innerSplit[0]);
+      addSection(rule, HOW_TO_FIX_SECTION_KEY, innerSplit[1]);
+    } else {
+      // No "How to fix it" section for the rule, the only section present is "Why is it an issue".
+      addSection(rule, ROOT_CAUSE_SECTION_KEY, rootCauseAndHowToFixItSections);
     }
 
-    public void addHtmlDescription(NewRule rule, Class<?> clz) {
-      var path = resourceBasePath + rule.key().replace('.', '/') + ".html";
-      var url = clz.getResource(path);
-      if (url != null) {
-        rule.setHtmlDescription(url);
-      } else {
-        rule.setHtmlDescription("<p>No description</p>");
-        LOGGER.warn("No HTML description found in path {} for rule {}", path, rule.key());
-      }
+    // "Resources" section is optional.
+    if (split.length > 1) {
+      addSection(rule, RESOURCES_SECTION_KEY, split[1]);
     }
   }
 
+  private static void addContextSpecificHowToFixItSection(NewRule rule, String[] split, Matcher m) {
+    var match = true;
+    var splitIndex = 1;
+    while (match) {
+      var displayName = m.group("displayName").trim();
+      var contextSpecificContent = split[splitIndex];
+      var key = displayName.toLowerCase(Locale.ROOT).replaceAll("[^a-z0-9]", "_");
+      addSection(rule, HOW_TO_FIX_SECTION_KEY, contextSpecificContent, new Context(key, displayName));
+      match = m.find();
+      splitIndex++;
+    }
+  }
+
+  private static void addSection(NewRule rule, String sectionKey, String content) {
+    addSection(rule, sectionKey, content, null);
+  }
+
+  private static void addSection(NewRule rule, String sectionKey, String content, @Nullable Context context) {
+    if (content.isBlank())
+      return;
+
+    RuleDescriptionSectionBuilder sectionBuilder = RuleDescriptionSection.builder() //
+      .sectionKey(sectionKey) //
+      .htmlContent(content.trim()) //
+      .context(context);
+
+    rule.addDescriptionSection(sectionBuilder.build());
+  }
+
 }

openedge-checks/src/main/java/org/sonar/plugins/openedge/api/Constants.java

@@ -39,10 +39,12 @@ public class Constants {
   public static final String SKIP_COGNITIVE_COMPLEXITY = "sonar.oe.skipCognitiveComplexity";
   public static final String USE_SIMPLE_CPD = "sonar.oe.simplecpd";
   public static final String PROPARSE_DEBUG = "sonar.oe.proparse.debug";
+  public static final String PROPARSE_DEBUG_INCLUDES = "sonar.oe.proparse.debug.includes";
   public static final String PROPARSE_ERROR_STACKTRACE = "sonar.oe.proparse.error.stacktrace";
   public static final String BINARIES = "sonar.oe.binaries";
   public static final String DOTPCT = "sonar.oe.dotpct";
   public static final String SLINT_XREF = "sonar.oe.lint.xref";
+  public static final String SLINT_XREF_DIRS = "sonar.oe.lint.xrefdirs";
   public static final String DLC = "sonar.oe.dlc";
   public static final String PROPATH = "sonar.oe.propath";
   public static final String PROPATH_DLC = "sonar.oe.propath.dlc";