diff --git a/.github/actions/scan-with-blackduck/action.yaml b/.github/actions/scan-with-blackduck/action.yaml index 1dc56a14..76be691e 100644 --- a/.github/actions/scan-with-blackduck/action.yaml +++ b/.github/actions/scan-with-blackduck/action.yaml @@ -44,7 +44,7 @@ runs: - name: BlackDuck Scan uses: SAP/project-piper-action@main with: - command: detectExecuteScan + step-name: detectExecuteScan flags: \ --githubToken=$GITHUB_token \ --version=${{ steps.get-major-version.outputs.REVISION }} diff --git a/.github/actions/scan-with-sonar/action.yaml b/.github/actions/scan-with-sonar/action.yaml new file mode 100644 index 00000000..26fd663a --- /dev/null +++ b/.github/actions/scan-with-sonar/action.yaml @@ -0,0 +1,52 @@ +name: Scan with SonarQube +description: Scans the project with SonarQube + +inputs: + sonarq-token: + description: The token to use for SonarQube authentication + required: true + github-token: + description: The token to use for GitHub authentication + required: true + java-version: + description: The version of Java to use + default: '17' + required: false + maven-version: + description: The version of Maven to use + required: true + +runs: + using: composite + steps: + - name: Set up Java ${{ inputs.java-version }} + uses: actions/setup-java@v4 + with: + java-version: ${{ inputs.java-version }} + distribution: sapmachine + cache: maven + + - name: Set up Maven ${{ inputs.maven-version }} + uses: stCarolas/setup-maven@v5 + with: + maven-version: ${{ inputs.maven-version }} + + - name: Get Revision + id: get-revision + run: | + echo "REVISION=$(mvn help:evaluate -Dexpression=revision -q -DforceStdout)" >> $GITHUB_OUTPUT + shell: bash + + - name: Print Revision + run: echo "${{ steps.get-revision.outputs.REVISION }}" + shell: bash + + - name: SonarQube Scan + uses: SAP/project-piper-action@main + with: + step-name: sonarExecuteScan + flags: \ + --token=${{ inputs.sonarq-token }} \ + --githubToken=${{ inputs.github-token }} \ + --version=${{ steps.get-revision.outputs.REVISION }} \ + --inferJavaBinaries=true diff --git a/.github/workflows/main-build.yml b/.github/workflows/main-build.yml index 4955bb9b..398e5e0d 100644 --- a/.github/workflows/main-build.yml +++ b/.github/workflows/main-build.yml @@ -25,6 +25,15 @@ jobs: java-version: ${{ matrix.java-version }} maven-version: ${{ env.MAVEN_VERSION }} + - name: SonarQube Scan + uses: ./.github/actions/scan-with-sonar + if: ${{ matrix.java-version == 17 }} + with: + java-version: ${{ matrix.java-version }} + maven-version: ${{ env.MAVEN_VERSION }} + sonarq-token: ${{ secrets.SONARQ_TOKEN }} + github-token: ${{ secrets.GITHUB_TOKEN }} + scan: name: Blackduck Scan runs-on: ubuntu-latest diff --git a/.github/workflows/pull-request-build.yml b/.github/workflows/pull-request-build.yml index 13f5270f..9d5aedd4 100644 --- a/.github/workflows/pull-request-build.yml +++ b/.github/workflows/pull-request-build.yml @@ -25,3 +25,12 @@ jobs: with: java-version: ${{ matrix.java-version }} maven-version: ${{ env.MAVEN_VERSION }} + + - name: SonarQube Scan + uses: ./.github/actions/scan-with-sonar + if: ${{ matrix.java-version == 17 }} + with: + java-version: ${{ matrix.java-version }} + maven-version: ${{ env.MAVEN_VERSION }} + sonarq-token: ${{ secrets.SONARQ_TOKEN }} + github-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.pipeline/config.yml b/.pipeline/config.yml index 875a04c0..cd6b5ba5 100644 --- a/.pipeline/config.yml +++ b/.pipeline/config.yml @@ -27,3 +27,16 @@ steps: # https://www.project-piper.io/steps/detectExecuteScan/#dockerimage # If empty, Docker is not used and the command is executed directly on the Jenkins system. dockerImage: '' + + sonarExecuteScan: + serverUrl: https://sonar.tools.sap + projectKey: cds-feature-attachments + # https://www.project-piper.io/steps/sonarExecuteScan/#dockerimage + # If empty, Docker is not used and the command is executed directly on the Jenkins system. + dockerImage: '' + options: + - sonar.qualitygate.wait=true + - sonar.java.source=17 + - sonar.exclusions=**/node_modules/**,**/target/** + - sonar.coverage.jacoco.xmlReportPaths=cds-feature-attachments/target/site/jacoco/jacoco.xml + - sonar.coverage.exclusions=cds-feature-attachments/src/test/**,cds-feature-attachments/src/gen/**,integration-tests/** diff --git a/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/configuration/RegistrationTest.java b/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/configuration/RegistrationTest.java index 6236714a..b7f83661 100644 --- a/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/configuration/RegistrationTest.java +++ b/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/configuration/RegistrationTest.java @@ -69,7 +69,7 @@ void serviceIsRegistered() { var services = serviceArgumentCaptor.getAllValues(); assertThat(services).hasSize(1); - var attachmentServiceFound = services.stream().anyMatch(service -> service instanceof AttachmentService); + var attachmentServiceFound = services.stream().anyMatch(AttachmentService.class::isInstance); assertThat(attachmentServiceFound).isTrue(); } diff --git a/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/handler/applicationservice/processor/modifyevents/DefaultModifyAttachmentEventFactoryTest.java b/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/handler/applicationservice/processor/modifyevents/DefaultModifyAttachmentEventFactoryTest.java index 39d80f07..d7c31e9c 100644 --- a/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/handler/applicationservice/processor/modifyevents/DefaultModifyAttachmentEventFactoryTest.java +++ b/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/handler/applicationservice/processor/modifyevents/DefaultModifyAttachmentEventFactoryTest.java @@ -105,18 +105,6 @@ void contentIdNotPresentAndExistingNotNullReturnsDeleteEvent(String contentId) { assertThat(event).isEqualTo(deleteContentEvent); } - @ParameterizedTest - @ValueSource(strings = {"some document Id"}) - @EmptySource - void contentIdPresentAndExistingNotNullButDifferentReturnsDeleteEvent(String contentId) { - var data = CdsData.create(); - data.put(Attachments.CONTENT_ID, "someValue"); - - var event = cut.getEvent(null, contentId, data); - - assertThat(event).isEqualTo(deleteContentEvent); - } - @Test void contentIdPresentAndExistingIdIsNullReturnsNothingToDo() { var event = cut.getEvent(mock(InputStream.class), "test", CdsData.create()); diff --git a/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/handler/helper/RuntimeHelper.java b/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/handler/helper/RuntimeHelper.java index 23ba2949..47d13960 100644 --- a/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/handler/helper/RuntimeHelper.java +++ b/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/handler/helper/RuntimeHelper.java @@ -6,15 +6,18 @@ public class RuntimeHelper { - public static final String CSN_FILE_PATH = "gen/src/main/resources/edmx/csn.json"; + private static final String CSN_FILE_PATH = "gen/src/main/resources/edmx/csn.json"; public static final CdsRuntime runtime = prepareRuntime(); private static CdsRuntime prepareRuntime() { var runtime = CdsRuntimeConfigurer.create().cdsModel(CSN_FILE_PATH).serviceConfigurations() .eventHandlerConfigurations().complete(); - runtime.getServiceCatalog().getServices(ApplicationLifecycleService.class).forEach( - ApplicationLifecycleService::applicationPrepared); + runtime.getServiceCatalog().getServices(ApplicationLifecycleService.class) + .forEach(ApplicationLifecycleService::applicationPrepared); return runtime; } + private RuntimeHelper() { + // avoid instantiation + } } diff --git a/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/service/malware/client/DefaultMalwareScanClientTest.java b/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/service/malware/client/DefaultMalwareScanClientTest.java index c90ffedd..dab1d0a5 100644 --- a/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/service/malware/client/DefaultMalwareScanClientTest.java +++ b/cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/service/malware/client/DefaultMalwareScanClientTest.java @@ -1,8 +1,13 @@ package com.sap.cds.feature.attachments.service.malware.client; import static org.assertj.core.api.Assertions.assertThat; -import static org.junit.jupiter.api.Assertions.*; -import static org.mockito.Mockito.*; +import static org.junit.jupiter.api.Assertions.assertDoesNotThrow; +import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.mockito.ArgumentMatchers.any; +import static org.mockito.Mockito.mock; +import static org.mockito.Mockito.never; +import static org.mockito.Mockito.verify; +import static org.mockito.Mockito.when; import java.io.ByteArrayInputStream; import java.io.IOException; @@ -179,15 +184,15 @@ private HttpClient mockHttpResponse(int httpStatus, boolean malwareDetected, boo private String getJsonResponse(boolean malwareDetected, boolean encryptedContentDetected) { return """ { - "malwareDetected": %s, - "encryptedContentDetected": %s, - "scanSize": 0, - "finding": "Win.Test.EICAR_HDB-1", - "mimeType": "text/plain", - "SHA256": "275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f", - "extensions": [ - "txt" - ] + \t"malwareDetected": %s, + \t"encryptedContentDetected": %s, + \t"scanSize": 0, + \t"finding": "Win.Test.EICAR_HDB-1", + \t"mimeType": "text/plain", + \t"SHA256": "275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f", + \t"extensions": [ + \t\t"txt" + \t] }""".formatted(malwareDetected, encryptedContentDetected); } diff --git a/integration-tests/srv/src/test/java/com/sap/cds/feature/attachments/integrationtests/common/JsonToCapMapperTestHelper.java b/integration-tests/srv/src/test/java/com/sap/cds/feature/attachments/integrationtests/common/JsonToCapMapperTestHelper.java index 9972d8bf..6dd0595e 100644 --- a/integration-tests/srv/src/test/java/com/sap/cds/feature/attachments/integrationtests/common/JsonToCapMapperTestHelper.java +++ b/integration-tests/srv/src/test/java/com/sap/cds/feature/attachments/integrationtests/common/JsonToCapMapperTestHelper.java @@ -16,8 +16,7 @@ class JsonToCapMapperTestHelper { private ObjectMapper objectMapper; public CdsData mapResponseToSingleResult(String resultBody) throws Exception { - var map = new HashMap(); - return Struct.access(objectMapper.readValue(resultBody, map.getClass())).as(CdsData.class); + return Struct.access(objectMapper.readValue(resultBody, HashMap.class)).as(CdsData.class); } } diff --git a/integration-tests/srv/src/test/java/com/sap/cds/feature/attachments/integrationtests/common/MalwareScanResultProvider.java b/integration-tests/srv/src/test/java/com/sap/cds/feature/attachments/integrationtests/common/MalwareScanResultProvider.java index c33ee1e7..d325fac4 100644 --- a/integration-tests/srv/src/test/java/com/sap/cds/feature/attachments/integrationtests/common/MalwareScanResultProvider.java +++ b/integration-tests/srv/src/test/java/com/sap/cds/feature/attachments/integrationtests/common/MalwareScanResultProvider.java @@ -8,15 +8,15 @@ public class MalwareScanResultProvider { public String buildMalwareScanResult(boolean malware) { return """ { - "malwareDetected": %s, - "encryptedContentDetected": false, - "scanSize": 68, - "finding": "Win.Test.EICAR_HDB-1", - "mimeType": "text/plain", - "SHA256": "275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f", - "extensions": [ - "txt" - ] + \t"malwareDetected": %s, + \t"encryptedContentDetected": false, + \t"scanSize": 68, + \t"finding": "Win.Test.EICAR_HDB-1", + \t"mimeType": "text/plain", + \t"SHA256": "275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f", + \t"extensions": [ + \t\t"txt" + \t] } """.formatted(malware); } diff --git a/integration-tests/srv/src/test/java/com/sap/cds/feature/attachments/integrationtests/draftservice/DraftOdataRequestValidationWithTestHandlerTest.java b/integration-tests/srv/src/test/java/com/sap/cds/feature/attachments/integrationtests/draftservice/DraftOdataRequestValidationWithTestHandlerTest.java index 7bf23b18..7babe0e2 100644 --- a/integration-tests/srv/src/test/java/com/sap/cds/feature/attachments/integrationtests/draftservice/DraftOdataRequestValidationWithTestHandlerTest.java +++ b/integration-tests/srv/src/test/java/com/sap/cds/feature/attachments/integrationtests/draftservice/DraftOdataRequestValidationWithTestHandlerTest.java @@ -50,9 +50,7 @@ protected void clearServiceHandlerContext() { @Override protected void verifyEventContextEmptyForEvent(String... events) { - Arrays.stream(events).forEach(event -> { - assertThat(serviceHandler.getEventContextForEvent(event)).isEmpty(); - }); + Arrays.stream(events).forEach(event -> assertThat(serviceHandler.getEventContextForEvent(event)).isEmpty()); } @Override