Sonar scan

.github/actions/scan-with-blackduck/action.yaml

@@ -44,7 +44,7 @@ runs:
     - name: BlackDuck Scan
       uses: SAP/project-piper-action@main
       with:
-        command: detectExecuteScan
+        step-name: detectExecuteScan
         flags: \
           --githubToken=$GITHUB_token \
           --version=${{ steps.get-major-version.outputs.REVISION }}

.github/actions/scan-with-sonar/action.yaml

@@ -0,0 +1,52 @@
+name: Scan with SonarQube
+description: Scans the project with SonarQube
+
+inputs:
+  sonarq-token:
+    description: The token to use for SonarQube authentication
+    required: true
+  github-token:
+    description: The token to use for GitHub authentication
+    required: true
+  java-version:
+    description: The version of Java to use
+    default: '17'
+    required: false
+  maven-version:
+    description: The version of Maven to use
+    required: true
+
+runs:
+  using: composite
+  steps:
+    - name: Set up Java ${{ inputs.java-version }}
+      uses: actions/setup-java@v4
+      with:
+        java-version: ${{ inputs.java-version }}
+        distribution: sapmachine
+        cache: maven
+
+    - name: Set up Maven ${{ inputs.maven-version }}
+      uses: stCarolas/setup-maven@v5
+      with:
+        maven-version: ${{ inputs.maven-version }}
+
+    - name: Get Revision
+      id: get-revision
+      run: |
+        echo "REVISION=$(mvn help:evaluate -Dexpression=revision -q -DforceStdout)" >> $GITHUB_OUTPUT
+      shell: bash
+
+    - name: Print Revision
+      run: echo "${{ steps.get-revision.outputs.REVISION }}"
+      shell: bash
+
+    - name: SonarQube Scan
+      uses: SAP/project-piper-action@main
+      with:
+        step-name: sonarExecuteScan
+        flags: \
+          --token=${{ inputs.sonarq-token }} \
+          --githubToken=${{ inputs.github-token }} \
+          --version=${{ steps.get-revision.outputs.REVISION }} \
+          --inferJavaBinaries=true

.github/workflows/main-build.yml

@@ -25,6 +25,15 @@ jobs:
           java-version: ${{ matrix.java-version }}
           maven-version: ${{ env.MAVEN_VERSION }}
 
+      - name: SonarQube Scan
+        uses: ./.github/actions/scan-with-sonar
+        if: ${{ matrix.java-version == 17 }}
+        with:
+          java-version: ${{ matrix.java-version }}
+          maven-version: ${{ env.MAVEN_VERSION }}
+          sonarq-token: ${{ secrets.SONARQ_TOKEN }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}
+
   scan:
     name: Blackduck Scan
     runs-on: ubuntu-latest

.github/workflows/pull-request-build.yml

@@ -25,3 +25,12 @@ jobs:
         with:
           java-version: ${{ matrix.java-version }}
           maven-version: ${{ env.MAVEN_VERSION }}
+
+      - name: SonarQube Scan
+        uses: ./.github/actions/scan-with-sonar
+        if: ${{ matrix.java-version == 17 }}
+        with:
+          java-version: ${{ matrix.java-version }}
+          maven-version: ${{ env.MAVEN_VERSION }}
+          sonarq-token: ${{ secrets.SONARQ_TOKEN }}
+          github-token: ${{ secrets.GITHUB_TOKEN }}

.pipeline/config.yml

@@ -27,3 +27,16 @@ steps:
     # https://www.project-piper.io/steps/detectExecuteScan/#dockerimage
     # If empty, Docker is not used and the command is executed directly on the Jenkins system.
     dockerImage: ''
+
+  sonarExecuteScan:
+    serverUrl: https://sonar.tools.sap
+    projectKey: cds-feature-attachments
+    # https://www.project-piper.io/steps/sonarExecuteScan/#dockerimage
+    # If empty, Docker is not used and the command is executed directly on the Jenkins system.
+    dockerImage: ''
+    options:
+      - sonar.qualitygate.wait=true
+      - sonar.java.source=17
+      - sonar.exclusions=**/node_modules/**,**/target/**
+      - sonar.coverage.jacoco.xmlReportPaths=cds-feature-attachments/target/site/jacoco/jacoco.xml
+      - sonar.coverage.exclusions=cds-feature-attachments/src/test/**,cds-feature-attachments/src/gen/**,integration-tests/**

cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/configuration/RegistrationTest.java

@@ -69,7 +69,7 @@ void serviceIsRegistered() {
 		var services = serviceArgumentCaptor.getAllValues();
 		assertThat(services).hasSize(1);
 
-		var attachmentServiceFound = services.stream().anyMatch(service -> service instanceof AttachmentService);
+		var attachmentServiceFound = services.stream().anyMatch(AttachmentService.class::isInstance);
 
 		assertThat(attachmentServiceFound).isTrue();
 	}

cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/handler/applicationservice/processor/modifyevents/DefaultModifyAttachmentEventFactoryTest.java

@@ -105,18 +105,6 @@ void contentIdNotPresentAndExistingNotNullReturnsDeleteEvent(String contentId) {
 		assertThat(event).isEqualTo(deleteContentEvent);
 	}
 
-	@ParameterizedTest
-	@ValueSource(strings = {"some document Id"})
-	@EmptySource
-	void contentIdPresentAndExistingNotNullButDifferentReturnsDeleteEvent(String contentId) {
-		var data = CdsData.create();
-		data.put(Attachments.CONTENT_ID, "someValue");
-
-		var event = cut.getEvent(null, contentId, data);
-
-		assertThat(event).isEqualTo(deleteContentEvent);
-	}
-
 	@Test
 	void contentIdPresentAndExistingIdIsNullReturnsNothingToDo() {
 		var event = cut.getEvent(mock(InputStream.class), "test", CdsData.create());

cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/handler/helper/RuntimeHelper.java

@@ -6,15 +6,18 @@
 
 public class RuntimeHelper {
 
-	public static final String CSN_FILE_PATH = "gen/src/main/resources/edmx/csn.json";
+	private static final String CSN_FILE_PATH = "gen/src/main/resources/edmx/csn.json";
 	public static final CdsRuntime runtime = prepareRuntime();
 
 	private static CdsRuntime prepareRuntime() {
 		var runtime = CdsRuntimeConfigurer.create().cdsModel(CSN_FILE_PATH).serviceConfigurations()
 				.eventHandlerConfigurations().complete();
-		runtime.getServiceCatalog().getServices(ApplicationLifecycleService.class).forEach(
-				ApplicationLifecycleService::applicationPrepared);
+		runtime.getServiceCatalog().getServices(ApplicationLifecycleService.class)
+				.forEach(ApplicationLifecycleService::applicationPrepared);
 		return runtime;
 	}
 
+	private RuntimeHelper() {
+		// avoid instantiation
+	}
 }

cds-feature-attachments/src/test/java/com/sap/cds/feature/attachments/service/malware/client/DefaultMalwareScanClientTest.java

@@ -1,8 +1,13 @@
 package com.sap.cds.feature.attachments.service.malware.client;
 
 import static org.assertj.core.api.Assertions.assertThat;
-import static org.junit.jupiter.api.Assertions.*;
-import static org.mockito.Mockito.*;
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.never;
+import static org.mockito.Mockito.verify;
+import static org.mockito.Mockito.when;
 
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
@@ -179,15 +184,15 @@ private HttpClient mockHttpResponse(int httpStatus, boolean malwareDetected, boo
 	private String getJsonResponse(boolean malwareDetected, boolean encryptedContentDetected) {
 		return """
 				{
-						"malwareDetected": %s,
-						"encryptedContentDetected": %s,
-						"scanSize": 0,
-						"finding": "Win.Test.EICAR_HDB-1",
-						"mimeType": "text/plain",
-						"SHA256": "275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f",
-						"extensions": [
-							"txt"
-						]
+				\t"malwareDetected": %s,
+				\t"encryptedContentDetected": %s,
+				\t"scanSize": 0,
+				\t"finding": "Win.Test.EICAR_HDB-1",
+				\t"mimeType": "text/plain",
+				\t"SHA256": "275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f",
+				\t"extensions": [
+				\t\t"txt"
+				\t]
 				}""".formatted(malwareDetected, encryptedContentDetected);
 	}
 

integration-tests/srv/src/test/java/com/sap/cds/feature/attachments/integrationtests/common/JsonToCapMapperTestHelper.java

@@ -16,8 +16,7 @@ class JsonToCapMapperTestHelper {
 	private ObjectMapper objectMapper;
 
 	public CdsData mapResponseToSingleResult(String resultBody) throws Exception {
-		var map = new HashMap<String, Object>();
-		return Struct.access(objectMapper.readValue(resultBody, map.getClass())).as(CdsData.class);
+		return Struct.access(objectMapper.readValue(resultBody, HashMap.class)).as(CdsData.class);
 	}
 
 }

integration-tests/srv/src/test/java/com/sap/cds/feature/attachments/integrationtests/common/MalwareScanResultProvider.java

@@ -8,15 +8,15 @@ public class MalwareScanResultProvider {
 	public String buildMalwareScanResult(boolean malware) {
 		return """
 				{
-					"malwareDetected": %s,
-					"encryptedContentDetected": false,
-					"scanSize": 68,
-					"finding": "Win.Test.EICAR_HDB-1",
-					"mimeType": "text/plain",
-					"SHA256": "275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f",
-					"extensions": [
-						"txt"
-					]
+				\t"malwareDetected": %s,
+				\t"encryptedContentDetected": false,
+				\t"scanSize": 68,
+				\t"finding": "Win.Test.EICAR_HDB-1",
+				\t"mimeType": "text/plain",
+				\t"SHA256": "275a021bbfb6489e54d471899f7db9d1663fc695ec2fe2a2c4538aabf651fd0f",
+				\t"extensions": [
+				\t\t"txt"
+				\t]
 				}
 				""".formatted(malware);
 	}

integration-tests/srv/src/test/java/com/sap/cds/feature/attachments/integrationtests/draftservice/DraftOdataRequestValidationWithTestHandlerTest.java

@@ -50,9 +50,7 @@ protected void clearServiceHandlerContext() {
 
 	@Override
 	protected void verifyEventContextEmptyForEvent(String... events) {
-		Arrays.stream(events).forEach(event -> {
-			assertThat(serviceHandler.getEventContextForEvent(event)).isEmpty();
-		});
+		Arrays.stream(events).forEach(event -> assertThat(serviceHandler.getEventContextForEvent(event)).isEmpty());
 	}
 
 	@Override