Add sonar-php

Author: filipesperandio

Dockerfile

@@ -0,0 +1,42 @@
+FROM java:8-jdk-alpine
+
+MAINTAINER Code Climate
+
+RUN adduser -u 9000 -D app
+VOLUME /code
+
+# Increase Java memory limits
+ENV JAVA_OPTS="-XX:+UseParNewGC -XX:MinHeapFreeRatio=5 -XX:MaxHeapFreeRatio=10 -Xss4096k"
+
+ENV GRADLE_VERSION=4.2.1
+ENV GRADLE_HOME=/opt/gradle
+ENV GRADLE_FOLDER=$GRADLE_HOME
+ENV GRADLE_USER_HOME=$GRADLE_HOME
+ENV PATH=$GRADLE_HOME/bin:$PATH
+
+RUN mkdir -p $GRADLE_USER_HOME && \
+      chown -R app:app $GRADLE_USER_HOME && \
+      chmod g+s $GRADLE_USER_HOME && \
+      apk update && \
+      apk add --virtual .build-dependencies ca-certificates wget && \
+      update-ca-certificates && \
+      wget https://downloads.gradle.org/distributions/gradle-${GRADLE_VERSION}-bin.zip && \
+      unzip gradle-${GRADLE_VERSION}-bin.zip -d /opt && \
+      mv /opt/gradle-${GRADLE_VERSION}/* $GRADLE_HOME && \
+      rm -f gradle-${GRADLE_VERSION}-bin.zip && \
+      apk del .build-dependencies
+
+WORKDIR /usr/src/app
+
+# Cache dependencies
+COPY build.gradle ./
+RUN gradle infra
+
+COPY . ./
+RUN chown -R app:app ./
+
+RUN gradle clean build -x test
+
+USER app
+WORKDIR /code
+CMD ["/usr/src/app/build/codeclimate-sonar", "/code", "/config.json"]

Makefile

@@ -0,0 +1,9 @@
+.PHONY: image test
+
+IMAGE_NAME ?= codeclimate/codeclimate-sonar-php
+
+image:
+	docker build --rm -t $(IMAGE_NAME) .
+
+test: image
+	docker run --rm -ti -w /usr/src/app -u root $(IMAGE_NAME) gradle clean test

bin/codeclimate-sonar

@@ -0,0 +1,20 @@
+#!/usr/bin/env sh
+
+BUILD_DIR=$(dirname $0)
+APP=$(find ${BUILD_DIR}/libs -name "codeclimate-sonar-php.jar" | head -n1)
+WRAPPER=$(find ${BUILD_DIR}/libs -name "sonar-wrapper*.jar" | head -n1)
+CORE=$(find ${BUILD_DIR}/libs -name "sonarlint-core*.jar" -or -name "sonarlint-client-api*.jar" | tr "\n" ":")
+LIBS=$(find ${BUILD_DIR}/libs -name "*.jar" | tr "\n" ":")
+
+CODE_DIR=$1; shift
+CONFIG_FILE=$1; shift
+
+java \
+  -noverify \
+  -cp ${APP}:${WRAPPER}:${CORE}:${LIBS} \
+  -Djava.awt.headless=true  \
+  -Dsonarlint.home="${BUILD_DIR}"  \
+  -Dproject.home="${CODE_DIR}"  \
+  -Dconfig="${CONFIG_FILE}"  \
+  -Dorg.freemarker.loggerLibrary=none  \
+  cc.App $@

build.gradle

@@ -1,28 +1,61 @@
-/*
- * This build file was generated by the Gradle 'init' task.
- *
- * This generated file contains a sample Java Library project to get you started.
- * For more details take a look at the Java Libraries chapter in the Gradle
- * user guide available at https://docs.gradle.org/4.2.1/userguide/java_library_plugin.html
- */
-
-// Apply the java-library plugin to add support for Java Library
-apply plugin: 'java-library'
-
-// In this section you declare where to find the dependencies of your project
+apply plugin: "java"
+apply plugin: "idea"
+
+idea {
+    module {
+
+        downloadJavadoc = false
+        downloadSources = false
+    }
+}
+
 repositories {
-    // Use jcenter for resolving your dependencies.
-    // You can declare any Maven/Ivy/file repository here.
     jcenter()
+    maven { url 'https://jitpack.io' }
+}
+
+task copyLibs(type: Copy) {
+    into "${buildDir}/libs"
+    from configurations.runtime
+    exclude "sonar-*-plugin*.jar"
+}
+
+task copyTestLibs(type: Copy) {
+    into "${buildDir}/test"
+    from configurations.testCompile
 }
 
+task copyPlugins(type: Copy) {
+    into "${buildDir}/plugins"
+    from configurations.testCompile
+    include "sonar-*-plugin*.jar"
+}
+
+task copyRunnable(type: Copy) {
+    into "${buildDir}"
+    from "bin/codeclimate-sonar"
+}
+
+task infra(dependsOn: ["copyPlugins", "copyLibs", "copyTestLibs", "copyRunnable", "jar"])
+
+build.dependsOn(infra)
+test.dependsOn(infra)
+
 dependencies {
-    // This dependency is exported to consumers, that is to say found on their compile classpath.
-    api 'org.apache.commons:commons-math3:3.6.1'
+    compile("com.github.codeclimate:sonar-wrapper:master-SNAPSHOT")
 
-    // This dependency is used internally, and not exposed to consumers on their own compile classpath.
-    implementation 'com.google.guava:guava:22.0'
+    // Plugins
+    compile("org.sonarsource.php:sonar-php-plugin:2.10.0.2087")
+
+    testCompile("org.assertj:assertj-core:2.8.0")
+    testCompile("org.skyscreamer:jsonassert:1.5.0")
+    testCompile("junit:junit:4.12")
+}
 
-    // Use JUnit test framework
-    testImplementation 'junit:junit:4.12'
+test {
+    outputs.upToDateWhen { false }
+    testLogging {
+        events "passed", "skipped", "failed", "standardOut", "standardError"
+        exceptionFormat "full"
+    }
 }

fixtures/app/config.json

@@ -0,0 +1,6 @@
+{
+  "enabled": true,
+  "include_paths": [
+    "main.php"
+  ]
+}

fixtures/app/main.php

@@ -0,0 +1,10 @@
+<?php
+
+class Clazz {
+  public static $name=NULL;
+
+  public static function foo(){
+    if ($this->name != NULL) {
+    }
+  }
+}

src/test/java/integration/SanityCheckTest.java

@@ -0,0 +1,27 @@
+package integration;
+
+import org.assertj.core.util.Strings;
+import org.junit.Test;
+import org.skyscreamer.jsonassert.JSONAssert;
+import support.File;
+import support.Shell;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+
+public class SanityCheckTest {
+    @Test
+    public void executeJavaLibFixture() throws Exception {
+        String expectedOutput = File.read("src/test/resources/sanity_check_expected_issues.json");
+
+        Shell.Process process = Shell.execute("build/codeclimate-sonar fixtures/app fixtures/app/config.json");
+
+        assertThat(process.exitCode).isEqualTo(0);
+        assertThat(process.stdout)
+                .withFailMessage("Issues must be split by a NULL (\\0) character")
+                .contains("\0");
+
+        String stdoutAsJson = "[" + Strings.join(process.stdout.split("\0")).with(",") + "]";
+        JSONAssert.assertEquals(expectedOutput, stdoutAsJson, false);
+    }
+}

src/test/java/support/File.java

@@ -0,0 +1,11 @@
+package support;
+
+import java.io.*;
+import java.nio.file.Files;
+import java.nio.file.Paths;
+
+public class File {
+    public static String read(String fileNmae) throws IOException {
+        return new String(Files.readAllBytes(Paths.get(fileNmae)));
+    }
+}

src/test/java/support/Shell.java

@@ -0,0 +1,44 @@
+package support;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+
+public class Shell {
+    public static Process execute(String command) throws IOException, InterruptedException {
+        java.lang.Process process = Runtime.getRuntime().exec(command);
+        StringBuilder stdout = consumeBuffer(process.getInputStream());
+        StringBuilder stderr = consumeBuffer(process.getErrorStream());
+
+        process.waitFor();
+
+        Process localProcess = new Process(process.exitValue(), stdout.toString(), stderr.toString());
+        if (localProcess.exitCode != 0) {
+            System.err.println(localProcess.stderr);
+        }
+        return localProcess;
+    }
+
+    private static StringBuilder consumeBuffer(InputStream stream) throws IOException {
+        StringBuilder stdout = new StringBuilder();
+        BufferedReader in = new BufferedReader(new InputStreamReader(stream));
+        String line;
+        while ((line = in.readLine()) != null) {
+            stdout.append(line);
+        }
+        return stdout;
+    }
+
+    public static class Process {
+        public final int exitCode;
+        public final String stdout;
+        public final String stderr;
+
+        public Process(int exitCode, String stdout, String stderr) {
+            this.exitCode = exitCode;
+            this.stdout = stdout;
+            this.stderr = stderr;
+        }
+    }
+}

src/test/resources/sanity_check_expected_issues.json

@@ -0,0 +1,40 @@
+[
+  {
+    "type": "issue",
+    "check_name": "php:S108",
+    "severity": "major",
+    "description": "Either remove or fill this block of code.",
+    "content": {
+      "body": "<p>Most of the time a block of code is empty when a piece of code is really missing. So such empty block must be either filled or removed.</p>\n<h2>Noncompliant Code Example</h2>\n<pre>\nfor ($i = 0; $i &lt; 42; $i++){}  // Empty on purpose or missing piece of code ?\n</pre>\n<h2>Exceptions</h2>\n<p>When a block contains a comment, this block is not considered to be empty.</p>"
+    },
+    "location": {
+      "path": "main.php",
+      "lines": {
+        "begin": 7,
+        "end": 8
+      }
+    },
+    "categories": [
+      "Bug Risk"
+    ]
+  },
+  {
+    "type": "issue",
+    "check_name": "php:S2014",
+    "severity": "blocker",
+    "description": "Remove this use of \"$this\".",
+    "content": {
+      "body": "<p><code>$this</code> refers to the current class instance. But static methods can be accessed without instantiating the class, and <code>$this</code>\nis not available to them. Using <code>$this</code> in a static context will result in a fatal error at runtime.</p>\n<h2>Noncompliant Code Example</h2>\n<pre>\nclass Clazz {\n  $name=NULL;  // instance variable\n\n  public static function foo(){\n    if ($this-&gt;name != NULL) {\n      // ...\n    }\n  }\n}\n</pre>\n<h2>Compliant Solution</h2>\n<pre>\nclass Clazz {\n  $name=NULL;  // instance variable\n\n  public static function foo($nameParam){\n    if ($nameParam != NULL) {\n      // ...\n    }\n  }\n}\n</pre>"
+    },
+    "location": {
+      "path": "main.php",
+      "lines": {
+        "begin": 7,
+        "end": 7
+      }
+    },
+    "categories": [
+      "Bug Risk"
+    ]
+  }
+]