Initial doSonarAPI common rules

Author: adrian-palanques-cloudappi

.gitignore

@@ -0,0 +1,11 @@
+target/
+.idea/
+*.iml
+.project
+.settings/
+# vim temp file
+*~
+.sonar/
+.settings/
+.classpath
+settings.json

.scripts/clean.sh

@@ -0,0 +1,7 @@
+if [ -z "$1" ]
+  then
+    echo "No argument supplied. Correct use: clean.sh <path>"
+else
+  find $1 -type f -name "*.yaml" -exec sed -i "/^\s*$/d" {} \;
+fi
+

LICENSE

@@ -0,0 +1,76 @@
+<p align="center">
+	<a href="https://apiaddicts.org/">
+	  <img src="https://apiaddicts-web.s3.eu-west-1.amazonaws.com/wp-content/uploads/2022/03/17155736/cropped-APIAddicts-logotipo_rojo-2048x523.png">
+	</a>
+</p>
+
+## Contributors
+### CloudAPPi
+CloudAppi is one leader in APIs in global word. See the [CloudAPPi Services](https://cloudappi.net) 
+
+### Madrid Digital
+Madrid Digital is a public administration in Spain. See the [Comunidad de Madrid website](https://www.comunidad.madrid/)
+
+## Configure scanner
+
+### Maven plugin
+
+#### Configure properties
+
+In `pom.xml` configure:
+
+````xml
+    <properties>
+        <!-- Optional, When is set only the language specified is analyzed -->
+        <sonar.language>openapi</sonar.language>
+        <!-- Optional, Default value is src/main,pom.xml -->
+        <sonar.sources>.</sonar.sources>
+    </properties>
+````
+
+#### Run scanner
+
+`mvn sonar:sonar -Dsonar.host.url=<HOST> -Dsonar.login=<KEY>`
+
+### External `sonar-scanner`
+
+#### Install `sonar-scanner`
+
+Download the `sonar-scanner` from https://docs.sonarqube.org/latest/analysis/scan/sonarscanner/ and make it accessible.
+
+#### Configure properties
+
+In `sonar-project.properties` (file in root project folder) configure:
+
+````properties
+# must be unique in a given SonarQube instance
+sonar.projectKey=test:test
+# this is the name and version displayed in the SonarQube UI. Was mandatory prior to SonarQube 6.1.
+sonar.projectName=OpenAPI plugin tests
+sonar.projectVersion=1.0-SNAPSHOT
+
+# Path is relative to the sonar-project.properties file. Replace "\" by "/" on Windows.
+# This property is optional if sonar.modules is set.
+sonar.sources=.
+
+# Encoding of the source code. Default is default system encoding
+sonar.sourceEncoding=UTF-8
+# Select the language to use for analysis
+sonar.language=openapi
+````
+
+#### Run scanner
+
+`sonar-scanner -Dsonar.host.url=<HOST> -Dsonar.login=<KEY>`
+
+## Compatibility
+
+This plugin is supported by SonarQube versions greater or equal to `6.7.4`
+
+### Explicit compatibility versions tested
+
+| Version |
+|---------|
+| `6.7.4` |
+| `7.9-community` |
+| `8.3-community` |

README.md

@@ -0,0 +1,162 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+
+  <groupId>org.sonar.samples.openapi</groupId>
+  <artifactId>dosonarapi-community</artifactId>
+  <version>1.0.3-SNAPSHOT</version>
+  <packaging>sonar-plugin</packaging>
+
+  <name>SonarQube OpenAPI Custom Rules Example</name>
+  <description>OpenAPI Custom Rules Example for SonarQube</description>
+  <inceptionYear>2018</inceptionYear>
+
+  <properties>
+
+    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+
+    <sonar.version>8.7.0.41497</sonar.version>
+    <sonarQubeMinVersion>6.7</sonarQubeMinVersion>
+    <sonaropenapi.version>1.0.1</sonaropenapi.version>
+    <sonaranalyzer.version>1.22.0.848</sonaranalyzer.version>
+    <orgjson.version>20220320</orgjson.version>
+    <junit.version>4.13.2</junit.version>
+    <assertj.version>3.22.0</assertj.version>
+
+    <jacoco.maven.plugin.version>0.8.6</jacoco.maven.plugin.version>
+    <sonar.maven.plugin.version>3.7.0.1746</sonar.maven.plugin.version>
+    <sonar.java.coveragePlugin>jacoco</sonar.java.coveragePlugin>
+    <sonar.jacoco.reportPaths>${project.basedir}/../target/jacoco.exec</sonar.jacoco.reportPaths>
+    <sonar.language>java</sonar.language>
+  </properties>
+
+
+  <dependencies>
+    <dependency>
+      <groupId>org.apiaddicts.apitools.dosonarapi</groupId>
+      <artifactId>openapi-front-end</artifactId>
+      <version>${sonaropenapi.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>org.sonarsource.sonarqube</groupId>
+      <artifactId>sonar-plugin-api</artifactId>
+      <version>${sonar.version}</version>
+      <scope>provided</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.sonarsource.analyzer-commons</groupId>
+      <artifactId>sonar-analyzer-commons</artifactId>
+      <version>${sonaranalyzer.version}</version>
+    </dependency>
+    <!-- https://mvnrepository.com/artifact/org.json/json -->
+    <dependency>
+      <groupId>org.json</groupId>
+      <artifactId>json</artifactId>
+      <version>${orgjson.version}</version>
+    </dependency>
+
+    <!-- test dependencies -->
+    <dependency>
+      <groupId>org.apiaddicts.apitools.dosonarapi</groupId>
+      <artifactId>openapi-test-tools</artifactId>
+      <version>${sonaropenapi.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>junit</groupId>
+      <artifactId>junit</artifactId>
+      <version>${junit.version}</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.assertj</groupId>
+      <artifactId>assertj-core</artifactId>
+      <version>${assertj.version}</version>
+      <scope>test</scope>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <plugins>
+      <plugin>
+        <groupId>org.sonarsource.sonar-packaging-maven-plugin</groupId>
+        <artifactId>sonar-packaging-maven-plugin</artifactId>
+        <version>1.17</version>
+        <extensions>true</extensions>
+        <configuration>
+          <pluginKey>openapi-custom</pluginKey>
+          <pluginName>OpenAPI Custom</pluginName>
+          <pluginClass>org.sonar.samples.openapi.OpenAPICustomPlugin</pluginClass>
+          <skipDependenciesPackaging>true</skipDependenciesPackaging>
+          <sonarLintSupported>true</sonarLintSupported>
+          <sonarQubeMinVersion>${sonarQubeMinVersion}</sonarQubeMinVersion>
+          <basePlugin>openapi</basePlugin>
+        </configuration>
+      </plugin>
+
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-compiler-plugin</artifactId>
+        <version>3.6.0</version>
+        <configuration>
+          <source>1.8</source>
+          <target>1.8</target>
+        </configuration>
+      </plugin>
+
+      <plugin>
+        <artifactId>maven-shade-plugin</artifactId>
+        <version>3.2.4</version>
+        <executions>
+          <execution>
+            <phase>package</phase>
+            <goals>
+              <goal>shade</goal>
+            </goals>
+            <configuration>
+              <shadedArtifactAttached>false</shadedArtifactAttached>
+              <createDependencyReducedPom>false</createDependencyReducedPom>
+              <minimizeJar>true</minimizeJar>
+              <filters>
+                <filter>
+                  <artifact>jaxen:jaxen</artifact>
+                  <includes>
+                    <include>**</include>
+                  </includes>
+                </filter>
+                <filter>
+                  <artifact>*:*</artifact>
+                  <excludes>
+                    <exclude>META-INF/LICENSE*</exclude>
+                    <exclude>META-INF/NOTICE*</exclude>
+                    <exclude>META-INF/*.RSA</exclude>
+                    <exclude>META-INF/*.SF</exclude>
+                    <exclude>LICENSE*</exclude>
+                    <exclude>NOTICE*</exclude>
+                  </excludes>
+                </filter>
+              </filters>
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+
+      <plugin>
+        <groupId>org.jacoco</groupId>
+        <artifactId>jacoco-maven-plugin</artifactId>
+        <version>${jacoco.maven.plugin.version}</version>
+        <configuration>
+          <destFile>${sonar.jacoco.reportPaths}</destFile>
+          <append>true</append>
+        </configuration>
+        <executions>
+          <execution>
+            <id>agent</id>
+            <goals>
+              <goal>prepare-agent</goal>
+            </goals>
+          </execution>
+        </executions>
+      </plugin>
+    </plugins>
+  </build>
+</project>

pom.xml

@@ -0,0 +1,25 @@
+package org.sonar.samples.openapi;
+
+public class I18nContext {
+
+    private I18nContext() {
+        // Intentional blank
+    }
+
+    private static final String DEFAULT_LANG = "en";
+
+    private static String lang;
+
+    public static String getLang() {
+        return lang == null ? DEFAULT_LANG : lang;
+    }
+
+    public static void initializeFromUserLanguage() {
+        if (lang == null) setLang(System.getProperty("user.language"));
+    }
+
+    public static void setLang(String lang) {
+        I18nContext.lang = lang;
+    }
+
+}

src/main/java/org/sonar/samples/openapi/I18nContext.java

@@ -0,0 +1,21 @@
+package org.sonar.samples.openapi;
+
+import org.sonar.api.Plugin;
+
+/**
+ * Entry point of your plugin containing your custom rules.
+ */
+public class OpenAPICustomPlugin implements Plugin {
+
+	@Override
+	public void define(Context context) {
+		context.addExtensions(
+				// server extensions -> objects are instantiated during server start
+				OpenAPICustomProfileDefinition.class,
+				OpenAPICustomRulesDefinition.class,
+				// batch extensions -> objects are instantiated during code analysis
+				OpenAPICustomRuleRepository.class
+		);
+	}
+
+}

src/main/java/org/sonar/samples/openapi/OpenAPICustomPlugin.java

@@ -0,0 +1,41 @@
+package org.sonar.samples.openapi;
+
+import org.apiaddicts.apitools.dosonarapi.api.OpenApiCustomRuleRepository;
+import org.sonar.api.server.profile.BuiltInQualityProfilesDefinition;
+import org.sonar.api.utils.AnnotationUtils;
+import org.sonar.check.Rule;
+import org.sonar.samples.openapi.checks.RulesLists;
+
+import javax.annotation.Nullable;
+import java.util.List;
+
+/**
+ * Declare a new quality profile that comprises all the custom rules, plus the SonarOpenApi standard rules.
+ * <p>
+ * This allows to create a built-in profile that extends the Sonar Way profile, and that includes your rules.
+ * This profile will automatically inherit any new rule brought in by the core plugin.
+ */
+public class OpenAPICustomProfileDefinition implements BuiltInQualityProfilesDefinition {
+	public static final String MY_COMPANY_WAY = "Custom";
+
+	public OpenAPICustomProfileDefinition() {
+		this(null);
+	}
+
+	public OpenAPICustomProfileDefinition(@Nullable OpenApiCustomRuleRepository[] repositories) {
+	}
+
+	@Override
+	public void define(Context context) {
+		NewBuiltInQualityProfile profile = context.createBuiltInQualityProfile(MY_COMPANY_WAY, "openapi");
+		addRepositoryRules(profile, OpenAPICustomRulesDefinition.REPOSITORY_KEY, RulesLists.getAllChecks());
+		profile.done();
+	}
+
+	private void addRepositoryRules(NewBuiltInQualityProfile profile, String key, List<Class<?>> checks) {
+		for (Class<?> check : checks) {
+			Rule annotation = AnnotationUtils.getAnnotation(check, Rule.class);
+			profile.activateRule(key, annotation.key());
+		}
+	}
+}

src/main/java/org/sonar/samples/openapi/OpenAPICustomProfileDefinition.java

@@ -0,0 +1,32 @@
+package org.sonar.samples.openapi;
+
+import org.sonar.api.ExtensionPoint;
+import org.sonar.api.scanner.ScannerSide;
+import org.apiaddicts.apitools.dosonarapi.api.OpenApiCustomRuleRepository;
+import org.sonar.samples.openapi.checks.RulesLists;
+import org.sonarsource.api.sonarlint.SonarLintSide;
+
+import java.util.List;
+
+import static org.sonar.samples.openapi.OpenAPICustomRulesDefinition.REPOSITORY_KEY;
+
+/**
+ * Makes the rules visible to the OpenAPI scanner sensor,
+ * hence adds to the classes that are going to be executed during source code analysis.
+ * <p>
+ * This class is a batch extension by implementing the {@link OpenApiCustomRuleRepository}
+ */
+@SonarLintSide
+@ScannerSide
+@ExtensionPoint
+public class OpenAPICustomRuleRepository implements OpenApiCustomRuleRepository {
+	@Override
+	public String repositoryKey() {
+		return REPOSITORY_KEY;
+	}
+
+	@Override
+    public List<Class<?>> checkClasses() {
+		return RulesLists.getAllChecks();
+    }
+}