Merge pull request #98 from sonatype-nexus-community/develop

Merge develop into main for release 98

get-metrics/build.gradle

@@ -1,7 +1,7 @@
 import org.apache.tools.ant.filters.ReplaceTokens
 
 plugins {
-	id 'org.springframework.boot' version '2.6.6'
+	id 'org.springframework.boot' version '2.6.12'
 	id 'io.spring.dependency-management' version '1.0.11.RELEASE'
 }
 
@@ -16,7 +16,7 @@ dependencies {
 	implementation 'org.apache.tomcat:tomcat-util:9.0.16'
 	implementation 'org.glassfish:javax.json:1.1'
 
-	implementation 'org.apache.tomcat:tomcat-coyote:8.5.72'
+	implementation 'org.apache.tomcat:tomcat-coyote:9.0.67'
 
 	implementation 'org.apache.commons:commons-csv:1.5'
 	implementation 'com.opencsv:opencsv:5.2'

get-metrics/src/main/java/org/sonatype/cs/getmetrics/GetMetricsApplication.java

@@ -110,7 +110,7 @@ public void run(String... args) throws Exception {
             log.info(
                     "To disable security certificate checking please specify"
                             + " '--insecure.ssl=true'");
-            throw (e);
+            throw e;
         }
     }
 }

get-metrics/src/main/java/org/sonatype/cs/getmetrics/reports/ApplicationEvaluations.java

@@ -27,14 +27,15 @@ public void makeCsvFile(FileIoService f, JsonReader reader) {
 
     static List<String[]> getApplicationInfoFromData(JsonReader reader) {
         List<String[]> data = new ArrayList<>();
-        data.add(FilenameInfo.applicationEvaluationsFileHeader);
+        data.add(new String[] {"applicationName", "evaluationDate", "stage"});
         JsonArray results = reader.readArray();
 
         for (JsonObject result : results.getValuesAs(JsonObject.class)) {
             String stage = result.getString("stage");
             String evaluationDate = result.getString("evaluationDate");
             String reportDataUrl = result.getString("reportDataUrl");
-            String applicationName = reportDataUrl.split("/")[3];
+            @SuppressWarnings("StringSplitter")
+            String applicationName = reportDataUrl.split("/", -1)[3];
 
             String[] line = {applicationName, evaluationDate, stage};
             data.add(line);

get-metrics/src/main/java/org/sonatype/cs/getmetrics/reports/AutoReleasedFromQuarantineComponents.java

@@ -35,7 +35,18 @@ public void makeCsvFile(FileIoService f, JsonObject dataObject) {
 
     static List<String[]> getQuarantinedComponentsFromData(JsonObject dataObject) {
         List<String[]> data = new ArrayList<>();
-        data.add(FilenameInfo.autoReleasedFromQuarantineComponentsFileHeader);
+        data.add(
+                new String[] {
+                    "repository",
+                    "quarantineDate",
+                    "dateCleared",
+                    "displayName",
+                    "format",
+                    "quarantined",
+                    "policyName",
+                    "threatLevel",
+                    "reason"
+                });
 
         JsonArray results = dataObject.getJsonArray("results");
 

get-metrics/src/main/java/org/sonatype/cs/getmetrics/reports/AutoReleasedFromQuarantineConfig.java

@@ -29,7 +29,7 @@ public void makeCsvFile(FileIoService f, JsonReader reader) {
 
     static List<String[]> getQuarantinedConfigFromData(JsonReader reader) {
         List<String[]> data = new ArrayList<>();
-        data.add(FilenameInfo.autoReleasedFromQuarantineConfigFileHeader);
+        data.add(new String[] {"id", "name", "autoReleaseQuarantineEnabled"});
 
         JsonArray results = reader.readArray();
 

get-metrics/src/main/java/org/sonatype/cs/getmetrics/reports/AutoReleasedFromQuarantineSummary.java

@@ -28,7 +28,7 @@ public void makeCsvFile(FileIoService f, JsonReader reader) {
 
     static List<String[]> getQuarantinedSummaryFromData(JsonReader reader) {
         List<String[]> data = new ArrayList<>();
-        data.add(FilenameInfo.autoReleasedFromQuarantineSummaryFileHeader);
+        data.add(new String[] {"MTD", "YTD"});
 
         JsonObject dataObj = reader.readObject();
 

get-metrics/src/main/java/org/sonatype/cs/getmetrics/reports/PolicyViolations.java

@@ -38,7 +38,16 @@ public void makeCsvFile(FileIoService f, JsonReader reader) {
 
     static List<String[]> getPolicyViolationsFromData(JsonReader reader) {
         List<String[]> data = new ArrayList<>();
-        data.add(FilenameInfo.policyViolationsFileHeader);
+        data.add(
+                new String[] {
+                    "policyName",
+                    "reason",
+                    "applicationName",
+                    "openTime",
+                    "component",
+                    "stage",
+                    "threatLevel"
+                });
 
         JsonObject obj = reader.readObject();
         JsonArray results = obj.getJsonArray("applicationViolations");

get-metrics/src/main/java/org/sonatype/cs/getmetrics/reports/QuarantinedComponents.java

@@ -34,7 +34,18 @@ public void makeCsvFile(FileIoService f, JsonObject dataObject) {
 
     static List<String[]> getQuarentinedComponentsFromData(JsonObject dataObject) {
         List<String[]> data = new ArrayList<>();
-        data.add(FilenameInfo.quarantinedComponentsFileHeader);
+        data.add(
+                new String[] {
+                    "repository",
+                    "quarantineDate",
+                    "dateCleared",
+                    "displayName",
+                    "format",
+                    "quarantined",
+                    "policyName",
+                    "threatLevel",
+                    "reason"
+                });
 
         JsonArray results = dataObject.getJsonArray("results");
 

get-metrics/src/main/java/org/sonatype/cs/getmetrics/reports/QuarantinedComponentsSummary.java

@@ -27,7 +27,14 @@ public void makeCsvFile(FileIoService f, JsonReader reader) {
 
     static List<String[]> getQuarantinedComponentsSummaryFromData(JsonReader reader) {
         List<String[]> data = new ArrayList<>();
-        data.add(FilenameInfo.quarantinedComponentsSummaryFileHeader);
+        data.add(
+                new String[] {
+                    "repositoryCount",
+                    "quarantineEnabledCount",
+                    "quarantineEnabled",
+                    "totalComponentCount",
+                    "quarantinedComponentCount"
+                });
 
         JsonObject dataObj = reader.readObject();
 

get-metrics/src/main/java/org/sonatype/cs/getmetrics/reports/Waivers.java

@@ -13,6 +13,9 @@
 import javax.json.JsonArray;
 import javax.json.JsonObject;
 import javax.json.JsonReader;
+import javax.json.JsonString;
+import javax.json.JsonStructure;
+import javax.json.JsonValue;
 
 public class Waivers implements CsvFileService {
     private static final Logger log = LoggerFactory.getLogger(Waivers.class);
@@ -28,7 +31,17 @@ public void makeCsvFile(FileIoService f, JsonReader reader) {
 
     static List<String[]> getWaiversInformationFromData(JsonReader reader) {
         List<String[]> data = new ArrayList<>();
-        data.add(FilenameInfo.waiversFileHeader);
+        data.add(
+                new String[] {
+                    "applicationName",
+                    "stage",
+                    "packageUrl",
+                    "policyName",
+                    "threatLevel",
+                    "comment",
+                    "createDate",
+                    "expiryTime"
+                });
 
         JsonObject obj = reader.readObject();
 
@@ -108,9 +121,24 @@ static List<String[]> doWaivers(String waiverType, JsonArray waivers) {
     }
 
     private static String getFieldStringFromJsonObject(JsonObject policyWaiver, String field) {
-        if (policyWaiver.get(field) == null) {
-            return "";
+        String result = "";
+        if (log.isDebugEnabled()) {
+            log.debug("getFieldStringFromJsonObject called for " + field);
         }
-        return String.valueOf(policyWaiver.getString(field));
+        if (policyWaiver.get(field) != null) {
+            JsonValue value = policyWaiver.get(field);
+            if (value instanceof JsonString) {
+                result = ((JsonString) value).getString();
+            } else if (value instanceof JsonStructure) {
+                // this happens when override key is present without a value
+                result = "";
+            } else {
+                result = value.toString();
+            }
+        }
+        if (result.equals("{}")) {
+            result = "";
+        }
+        return result;
     }
 }

get-metrics/src/main/java/org/sonatype/cs/getmetrics/service/FileIoService.java

@@ -1,5 +1,7 @@
 package org.sonatype.cs.getmetrics.service;
 
+import com.opencsv.CSVWriter;
+
 import org.apache.tomcat.util.http.fileupload.FileUtils;
 import org.apache.tomcat.util.http.fileupload.IOUtils;
 import org.slf4j.Logger;
@@ -16,7 +18,6 @@
 import java.nio.file.Path;
 import java.nio.file.Paths;
 import java.nio.file.StandardCopyOption;
-import java.util.Arrays;
 import java.util.List;
 import java.util.stream.Stream;
 
@@ -35,12 +36,13 @@ public void writeCsvFile(String filename, List<String[]> data) {
         String metricsFile = metricsDir + "/" + filename;
 
         try (BufferedWriter writer = Files.newBufferedWriter(Paths.get(metricsFile))) {
-            for (String[] array : data) {
-                writer.write(String.join(",", Arrays.asList(array)));
-                writer.newLine();
-            }
+            CSVWriter csvWriter = new CSVWriter(writer);
+            csvWriter.writeAll(data);
+            csvWriter.flush();
+            csvWriter.close();
         } catch (IOException e) {
-            e.printStackTrace();
+            log.error("Error writing file", e);
+            System.exit(1);
         }
 
         log.info("Created file: {}", metricsFile);
@@ -66,21 +68,16 @@ public void writeSuccessMetricsFile(InputStream content) throws IOException {
         java.nio.file.Files.copy(content, outputFile.toPath(), StandardCopyOption.REPLACE_EXISTING);
         IOUtils.closeQuietly(content);
         log.info("Created file: {}", outputFile.toPath());
-        Stream<String> stream = null;
-        try {
-            stream = java.nio.file.Files.lines(outputFile.toPath());
+        try (Stream<String> stream = java.nio.file.Files.lines(outputFile.toPath())) {
             if (stream.count() <= 1) {
                 log.warn(
                         "The file {} contains no data, either there is no data to fetch or the user"
                                 + " doesn't have the appropriate permissions to fetch it.",
                         outputFile.toPath());
             }
         } catch (IOException e) {
-            e.printStackTrace();
-        } finally {
-            if (stream != null) {
-                stream.close();
-            }
+            log.error("Error writing file", e);
+            System.exit(1);
         }
     }
 }

get-metrics/src/main/java/org/sonatype/cs/getmetrics/service/NexusIQSuccessMetrics.java

@@ -115,7 +115,8 @@ private String[] getIds(String endPointName, String namesStr)
         String apiEndpoint = iqApi + "/" + endPointName;
         String content = getIqData(apiEndpoint);
 
-        String[] names = namesStr.split(",");
+        @SuppressWarnings("StringSplitter")
+        String[] names = namesStr.split(",", -1);
         String[] ids = new String[names.length];
 
         for (int i = 0; i < names.length; i++) {

get-metrics/src/main/java/org/sonatype/cs/getmetrics/service/UtilService.java

@@ -15,7 +15,7 @@ public class UtilService {
     private UtilService() {}
 
     public static String removeLastChar(String s) {
-        return (s == null || s.length() == 0) ? null : (s.substring(0, s.length() - 1));
+        return (s == null || s.length() == 0) ? null : s.substring(0, s.length() - 1);
     }
 
     public static String lastChar(String s) {
@@ -38,7 +38,7 @@ public static void writeCsvDataToBufferedWriter(List<String[]> data, BufferedWri
 
     public static String removeQuotesFromString(String inputString) {
         if (inputString == null) {
-            return null;
+            return "";
         }
         if (inputString.startsWith("\"") && inputString.endsWith("\"")) {
             return inputString.substring(1, inputString.length() - 1);

get-metrics/src/main/java/org/sonatype/cs/getmetrics/util/FilenameInfo.java

@@ -8,73 +8,24 @@ public class FilenameInfo {
     public static final String successMetricsCsvFile = "successmetrics.csv";
 
     public static final String applicationEvaluationsCsvFile = "application_evaluations.csv";
-    public static final String[] applicationEvaluationsFileHeader = {
-        "applicationName", "evaluationDate", "stage"
-    };
 
     public static final String policyViolationsCsvFile = "policy_violations.csv";
-    public static final String[] policyViolationsFileHeader = {
-        "policyName", "reason", "applicationName", "openTime", "component", "stage", "threatLevel"
-    };
 
     public static final String waiversCsvFile = "waivers.csv";
-    public static final String[] waiversFileHeader = {
-        "applicationName",
-        "stage",
-        "packageUrl",
-        "policyName",
-        "threatLevel",
-        "comment",
-        "createDate",
-        "expiryTime"
-    };
 
     public static final String quarantinedComponentsCsvFile = "quarantined_components.csv";
-    public static final String[] quarantinedComponentsFileHeader = {
-        "repository",
-        "quarantineDate",
-        "dateCleared",
-        "displayName",
-        "format",
-        "quarantined",
-        "policyName",
-        "threatLevel",
-        "reason"
-    };
 
     public static final String quarantinedComponentsSummaryCsvFile =
             "quarantined_components_summary.csv";
-    public static final String[] quarantinedComponentsSummaryFileHeader = {
-        "repositoryCount",
-        "quarantineEnabledCount",
-        "quarantineEnabled",
-        "totalComponentCount",
-        "quarantinedComponentCount"
-    };
 
     public static final String autoReleasedFromQuarantineComponentsCsvFile =
             "autoreleased_from_quarantine_components.csv";
-    public static final String[] autoReleasedFromQuarantineComponentsFileHeader = {
-        "repository",
-        "quarantineDate",
-        "dateCleared",
-        "displayName",
-        "format",
-        "quarantined",
-        "policyName",
-        "threatLevel",
-        "reason"
-    };
 
     public static final String autoReleasedFromQuarantineSummaryCsvFile =
             "autoreleased_from_quarantine_components_summary.csv";
-    public static final String[] autoReleasedFromQuarantineSummaryFileHeader = {"MTD", "YTD"};
 
     public static final String autoReleasedFromQuarantineConfigCsvFile =
             "autoreleased_from_quarantine_config.csv";
-    public static final String[] autoReleasedFromQuarantineConfigFileHeader = {
-        "id", "name", "autoReleaseQuarantineEnabled"
-    };
 
     private FilenameInfo() {
         /* empty since this is a utility class */

get-metrics/src/test/java/org/sonatype/cs/getmetrics/util/UtilServiceTest.java

@@ -57,6 +57,6 @@ void testRemoveQuotesFromString() {
         Assertions.assertEquals("\"abc", UtilService.removeQuotesFromString("\"abc"));
         Assertions.assertEquals("abc\"", UtilService.removeQuotesFromString("abc\""));
         Assertions.assertEquals("", UtilService.removeQuotesFromString("\"\""));
-        Assertions.assertEquals(null, UtilService.removeQuotesFromString(null));
+        Assertions.assertEquals("", UtilService.removeQuotesFromString(null));
     }
 }