Skip to content

Handle comma-separated filename inputs for Sonar issues JSON and Sonar hotspots JSON #365

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
carlosu7 merged 7 commits into from
May 13, 2024
Merged

Handle comma-separated filename inputs for Sonar issues JSON and Sonar hotspots JSON #365

carlosu7 merged 7 commits into from
May 13, 2024

Conversation

@carlosu7
Copy link
Contributor

@carlosu7 carlosu7 commented May 7, 2024
edited
Loading

Issue: #364

Example of running a list of sonar findings files:


./gradlew :core-codemods:run --args='--output /Users/iwa/Documents/GitHub/WebGoat_12_23/WebGoat_12_23.codetf --verbose --sonar-issues-json /Users/iwa/Desktop/sonar1.json,/Users/iwa/Desktop/sonar2.json --log-format human /Users/iwa/Documents/GitHub/WebGoat_12_23/'

Sonar hotspot CLI input was the only update since there's no implementation for it yet

@carlosu7 carlosu7 marked this pull request as draft May 7, 2024 23:02
@carlosu7 carlosu7 changed the title refactor sonar issues json path to list Handle comma-separated filename inputs for Sonar issues JSON and Sonar hotspots JSON May 8, 2024
@carlosu7 carlosu7 requested a review from drdavella May 8, 2024 18:30
@carlosu7 carlosu7 marked this pull request as ready for review May 8, 2024 18:31
drdavella
drdavella requested changes May 8, 2024
View reviewed changes
Copy link
Member

@drdavella drdavella left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good overall. Even though --sonar-hotspots-json is just a pass-thru without implementation I think we should also update the help message to indicate a comma-separated input.

drdavella
drdavella reviewed May 9, 2024
View reviewed changes
plugins/codemodder-plugin-sonar/src/main/java/io/codemodder/providers/sonar/SonarModule.java
} catch (IOException e) {
throw new UncheckedIOException("Problem reading Sonar issues JSON file", e);
}
if (issuesFiles != null) {
Copy link
Member

@drdavella drdavella May 9, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This code makes sense to me but I also want to be careful that we don't introduce any regressions here. Would you be able to add a unit test or do you feel like this is sufficiently covered by existing tests?

Copy link
Contributor Author

@carlosu7 carlosu7 May 9, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@drdavella
When we run a codemod test that is not a sonar codemod, this sonar module is being executed because all modules (defectdojo, semgrep, codeql, sonar, etc) are being configured at CodemodLoader.java. So, in when the non-sonar codemod test is being executed, this sonar module handles the empty/null issuesFiles because they're not required for that codemod (defectdojo, semgrep, etc).

So yes, this case is already covered.

Copy link
Contributor Author

@carlosu7 carlosu7 May 10, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@drdavella In this commit be04cc0 I have updated our tests to support multiple sonar issues json files and refactor one existing sonar test

@sonarqubecloud
Copy link

sonarqubecloud bot commented May 10, 2024

Quality Gate Passed Quality Gate passed

Issues
1 New issue
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

@carlosu7 carlosu7 requested a review from drdavella May 10, 2024 00:41
drdavella
drdavella reviewed May 13, 2024
View reviewed changes
framework/codemodder-testutils/src/main/java/io/codemodder/testutils/CodemodTestMixin.java
.collect(Collectors.toList());

if (sonarJsonsPaths.isEmpty()) {
Path defaultPath = testResourceDir.resolve("sonar-issues.json");
Copy link
Member

@drdavella drdavella May 13, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sorry, I thought I left this comment before but I don't see it. Shouldn't it be this now?

Suggested change
Path defaultPath = testResourceDir.resolve("sonar-issues.json");
Path defaultPath = testResourceDir.resolve("sonar-issues_1.json");

Copy link
Contributor Author

@carlosu7 carlosu7 May 13, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@drdavella no, default sonar issues filename remains the same as it previously was, otherwise, i will have to rename all other sonar codemod test json files
Screenshot 2024-05-13 at 12 51 17 p m

Copy link
Member

@drdavella drdavella May 13, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Oh okay, I'm sorry. I missed that the one you renamed was for a specific test.

Copy link
Contributor Author

@carlosu7 carlosu7 May 13, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

yes

@carlosu7 carlosu7 merged commit 494ad1a into main May 13, 2024
@carlosu7 carlosu7 deleted the handle-comma-separated-filename-inputs branch May 13, 2024 19:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@drdavella drdavella drdavella approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@carlosu7 @drdavella