checkov cleanup

pethers · pethers · commit f647ad7b338b · 2021-11-09T20:37:53.000+01:00
diff --git a/src/main/java/com/hack23/sonar/cloudformation/CloudformationQualityProfile.java b/src/main/java/com/hack23/sonar/cloudformation/CloudformationQualityProfile.java
@@ -23,8 +23,6 @@
 import org.sonar.api.server.rule.RulesDefinition.Repository;
 import org.sonar.api.server.rule.RulesDefinition.Rule;
 
-import com.hack23.sonar.cloudformation.reports.process.CfnNagProcessReports;
-
 /**
  * The Class CloudformationQualityProfile.
  */
@@ -94,15 +92,10 @@ private void createIacQualityProfile(final Context context, final String languag
 		for (final Repository repository : cloudformationRulesDefinition.getContext().repositories()) {
 			if (repository.key().contains(CFN_RULE_PREFIX + language)) {
 				for (final Rule rule : repository.rules()) {
-					if (rule.tags().contains(CHECKOV)) {
 						iacProfile.activateRule(CFN_RULE_PREFIX + language, rule.key());
-					}
 				}
 			}
 		}
-		for (final String ruleKey : CfnNagProcessReports.SUPPORTED_RULES) {
-			iacProfile.activateRule(CFN_RULE_PREFIX + language, ruleKey);
-		}
 		iacProfile.done();
 	}
 
@@ -118,15 +111,12 @@ private void createCloudformationQualityProfile(final Context context, final Str
 		for (final Repository repository : cloudformationRulesDefinition.getContext().repositories()) {
 			if (repository.key().contains(CFN_RULE_PREFIX + language)) {
 				for (final Rule rule : repository.rules()) {
-					if (rule.tags().contains(CHECKOV) && (rule.tags().contains(CLOUDFORMATION) || rule.tags().contains(SERVERLESS))) {
+					if (rule.tags().contains(CLOUDFORMATION) || rule.tags().contains(SERVERLESS) || rule.tags().contains("cfn-nag")) {
 						cloudFormationprofile.activateRule(CFN_RULE_PREFIX + language, rule.key());
 					} 
 				}
 			}
 		}
-		for (final String ruleKey : CfnNagProcessReports.SUPPORTED_RULES) {
-			cloudFormationprofile.activateRule(CFN_RULE_PREFIX + language, ruleKey);
-		}
 		cloudFormationprofile.done();
 	}
 }
diff --git a/src/main/java/com/hack23/sonar/cloudformation/reports/process/CfnNagProcessReports.java b/src/main/java/com/hack23/sonar/cloudformation/reports/process/CfnNagProcessReports.java
@@ -22,14 +22,13 @@
 import java.io.File;
 import java.io.IOException;
 import java.nio.file.Files;
-import java.util.HashSet;
 import java.util.List;
 import java.util.Optional;
-import java.util.Set;
 
 import org.apache.commons.lang3.StringUtils;
 import org.sonar.api.batch.fs.FileSystem;
 import org.sonar.api.batch.fs.InputFile;
+import org.sonar.api.batch.rule.ActiveRules;
 import org.sonar.api.batch.sensor.SensorContext;
 import org.sonar.api.batch.sensor.issue.internal.DefaultIssueLocation;
 import org.sonar.api.rule.RuleKey;
@@ -45,9 +44,6 @@
  */
 public final class CfnNagProcessReports extends AbstractProcessReports {
 
-	/** The Constant SUPPORTED_RULES. */
-	public static final Set<String> SUPPORTED_RULES = new HashSet<>();
-
 	/** The Constant UNDEFINED_FAILURE. */
 	public static final String UNDEFINED_FAILURE = "FUNDEFINED";
 
@@ -66,180 +62,6 @@ public final class CfnNagProcessReports extends AbstractProcessReports {
 	/** The file system. */
 	private final FileSystem fileSystem;
 
-	static {
-		SUPPORTED_RULES.add("F1");
-		SUPPORTED_RULES.add("F2");
-		SUPPORTED_RULES.add("F3");
-		SUPPORTED_RULES.add("F4");
-		SUPPORTED_RULES.add("F5");
-		SUPPORTED_RULES.add("F6");
-		SUPPORTED_RULES.add("F7");
-		SUPPORTED_RULES.add("F8");
-		SUPPORTED_RULES.add("F9");
-		SUPPORTED_RULES.add("F10");
-		SUPPORTED_RULES.add("F11");
-		SUPPORTED_RULES.add("F12");
-		SUPPORTED_RULES.add("F13");
-		SUPPORTED_RULES.add("F14");
-		SUPPORTED_RULES.add("F15");
-		SUPPORTED_RULES.add("F16");
-		SUPPORTED_RULES.add("F18");
-		SUPPORTED_RULES.add("F19");
-		SUPPORTED_RULES.add("F20");
-		SUPPORTED_RULES.add("F21");
-		SUPPORTED_RULES.add("F22");
-		SUPPORTED_RULES.add("F23");
-		SUPPORTED_RULES.add("F24");
-		SUPPORTED_RULES.add("F25");
-		SUPPORTED_RULES.add("F26");
-		SUPPORTED_RULES.add("F27");
-		SUPPORTED_RULES.add("F28");
-		SUPPORTED_RULES.add("F29");
-		SUPPORTED_RULES.add("F30");
-		SUPPORTED_RULES.add("F31");
-		SUPPORTED_RULES.add("F32");
-		SUPPORTED_RULES.add("F33");
-		SUPPORTED_RULES.add("F34");
-		SUPPORTED_RULES.add("F35");
-		SUPPORTED_RULES.add("F36");
-		SUPPORTED_RULES.add("F37");
-		SUPPORTED_RULES.add("F38");
-		SUPPORTED_RULES.add("F39");
-		SUPPORTED_RULES.add("F40");
-		SUPPORTED_RULES.add("F41");
-		SUPPORTED_RULES.add("F42");
-		SUPPORTED_RULES.add("F43");
-		SUPPORTED_RULES.add("F44");
-		SUPPORTED_RULES.add("F45");
-		SUPPORTED_RULES.add("F46");
-		SUPPORTED_RULES.add("F47");
-		SUPPORTED_RULES.add("F48");
-		SUPPORTED_RULES.add("F49");
-		SUPPORTED_RULES.add("F50");
-		SUPPORTED_RULES.add("F51");
-		SUPPORTED_RULES.add("F52");
-		SUPPORTED_RULES.add("F53");
-		SUPPORTED_RULES.add("F54");
-		SUPPORTED_RULES.add("F55");
-		SUPPORTED_RULES.add("F56");
-		SUPPORTED_RULES.add("F57");
-		SUPPORTED_RULES.add("F58");
-		SUPPORTED_RULES.add("F60");
-		SUPPORTED_RULES.add("F61");
-		SUPPORTED_RULES.add("F62");
-		SUPPORTED_RULES.add("F63");
-		SUPPORTED_RULES.add("F64");
-		SUPPORTED_RULES.add("F65");
-		SUPPORTED_RULES.add("F66");
-		SUPPORTED_RULES.add("F67");
-		SUPPORTED_RULES.add("F68");
-		SUPPORTED_RULES.add("F69");
-		SUPPORTED_RULES.add("F70");
-		SUPPORTED_RULES.add("F71");
-		SUPPORTED_RULES.add("F74");
-		SUPPORTED_RULES.add("F75");
-		SUPPORTED_RULES.add("F76");
-		SUPPORTED_RULES.add("F77");
-		SUPPORTED_RULES.add("F78");
-		SUPPORTED_RULES.add("F79");
-		SUPPORTED_RULES.add("F80");
-
-		SUPPORTED_RULES.add("F665");
-		SUPPORTED_RULES.add("F1000");
-		SUPPORTED_RULES.add("F2000");
-
-		SUPPORTED_RULES.add("W1");
-		SUPPORTED_RULES.add("W2");
-		SUPPORTED_RULES.add("W5");
-		SUPPORTED_RULES.add("W9");
-		SUPPORTED_RULES.add("W10");
-		SUPPORTED_RULES.add("W11");
-		SUPPORTED_RULES.add("W12");
-		SUPPORTED_RULES.add("W13");
-		SUPPORTED_RULES.add("W14");
-		SUPPORTED_RULES.add("W15");
-		SUPPORTED_RULES.add("W16");
-		SUPPORTED_RULES.add("W17");
-		SUPPORTED_RULES.add("W18");
-		SUPPORTED_RULES.add("W19");
-		SUPPORTED_RULES.add("W20");
-		SUPPORTED_RULES.add("W21");
-		SUPPORTED_RULES.add("W22");
-		SUPPORTED_RULES.add("W23");
-		SUPPORTED_RULES.add("W24");
-		SUPPORTED_RULES.add("W26");
-		SUPPORTED_RULES.add("W27");
-		SUPPORTED_RULES.add("W28");
-		SUPPORTED_RULES.add("W29");
-		SUPPORTED_RULES.add("W31");
-		SUPPORTED_RULES.add("W32");
-		SUPPORTED_RULES.add("W33");
-		SUPPORTED_RULES.add("W34");
-		SUPPORTED_RULES.add("W35");
-		SUPPORTED_RULES.add("W36");
-		SUPPORTED_RULES.add("W37");
-		SUPPORTED_RULES.add("W38");
-		SUPPORTED_RULES.add("W39");
-		SUPPORTED_RULES.add("W40");
-		SUPPORTED_RULES.add("W41");
-		SUPPORTED_RULES.add("W42");
-		SUPPORTED_RULES.add("W43");
-		SUPPORTED_RULES.add("W44");
-		SUPPORTED_RULES.add("W45");
-		SUPPORTED_RULES.add("W46");
-		SUPPORTED_RULES.add("W47");
-		SUPPORTED_RULES.add("W48");
-		SUPPORTED_RULES.add("W49");
-		SUPPORTED_RULES.add("W50");
-		SUPPORTED_RULES.add("W51");
-		SUPPORTED_RULES.add("W52");
-		SUPPORTED_RULES.add("W53");
-		SUPPORTED_RULES.add("W54");
-		SUPPORTED_RULES.add("W55");
-		SUPPORTED_RULES.add("W56");
-		SUPPORTED_RULES.add("W57");
-		SUPPORTED_RULES.add("W58");
-		SUPPORTED_RULES.add("W59");
-		SUPPORTED_RULES.add("W60");
-		SUPPORTED_RULES.add("W61");
-		SUPPORTED_RULES.add("W62");
-		SUPPORTED_RULES.add("W63");
-		SUPPORTED_RULES.add("W64");
-		SUPPORTED_RULES.add("W65");
-		SUPPORTED_RULES.add("W66");
-		SUPPORTED_RULES.add("W67");
-		SUPPORTED_RULES.add("W68");
-		SUPPORTED_RULES.add("W69");
-		SUPPORTED_RULES.add("W70");
-		SUPPORTED_RULES.add("W71");
-		SUPPORTED_RULES.add("W72");
-		SUPPORTED_RULES.add("W73");
-		SUPPORTED_RULES.add("W74");
-		SUPPORTED_RULES.add("W75");
-		SUPPORTED_RULES.add("W76");
-		SUPPORTED_RULES.add("W77");
-		SUPPORTED_RULES.add("W78");
-		SUPPORTED_RULES.add("W79");
-		SUPPORTED_RULES.add("W80");
-		SUPPORTED_RULES.add("W81");
-		SUPPORTED_RULES.add("W82");
-		SUPPORTED_RULES.add("W83");
-		SUPPORTED_RULES.add("W84");
-		SUPPORTED_RULES.add("W85");
-		SUPPORTED_RULES.add("W86");
-		SUPPORTED_RULES.add("W87");
-		SUPPORTED_RULES.add("W88");
-		SUPPORTED_RULES.add("W89");
-		SUPPORTED_RULES.add("W90");
-		SUPPORTED_RULES.add("W91");
-		SUPPORTED_RULES.add("W92");
-
-		SUPPORTED_RULES.add("W1200");
-		SUPPORTED_RULES.add("W1201");
-
-		SUPPORTED_RULES.add(UNDEFINED_FAILURE);
-		SUPPORTED_RULES.add(UNDEFINED_WARNING);
-	}
 
 	/**
 	 * Instantiates a new cfn nag process reports.
@@ -254,16 +76,6 @@ public CfnNagProcessReports(final FileSystem fileSystem, final PathResolver path
 		this.pathResolver = pathResolver;
 	}
 
-	/**
-	 * Checks for rule.
-	 *
-	 * @param id the id
-	 * @return true, if successful
-	 */
-	public static boolean hasRule(final String id) {
-		return SUPPORTED_RULES.contains(id);
-	}
-
 	/**
 	 * Process cfn nag report.
 	 *
@@ -329,30 +141,32 @@ private void handleCfnNagScanReports(final SensorContext context, final String r
 	 */
 	private static void addIssue(final SensorContext context, final CfnNagViolation violation,
 			final InputFile templateInputFile) {
+		final ActiveRules activeRules = context.activeRules();
+
 		if (templateInputFile != null) {
 
 			if (violation.getLineNumbers().isEmpty()) {
-				context.newIssue().forRule(RuleKey.of("cfn-" + templateInputFile.language(), findRuleId(violation)))
+				context.newIssue().forRule(RuleKey.of("cfn-" + templateInputFile.language(), findRuleId(activeRules, violation)))
 						.at(new DefaultIssueLocation().on(templateInputFile).message(violation.getMessage())).save();
 			} else {
 				final List<Integer> lineNumbers = violation.getLineNumbers();
 				for (final Integer line : lineNumbers) {
 					if (line != null && line >= 0) {
 						context.newIssue()
-								.forRule(RuleKey.of("cfn-" + templateInputFile.language(), findRuleId(violation)))
+								.forRule(RuleKey.of("cfn-" + templateInputFile.language(), findRuleId(activeRules, violation)))
 								.at(new DefaultIssueLocation().on(templateInputFile).message(violation.getMessage())
 										.at(templateInputFile.selectLine(line)))
 								.save();
 					} else {
 						context.newIssue()
-								.forRule(RuleKey.of("cfn-" + templateInputFile.language(), findRuleId(violation)))
+								.forRule(RuleKey.of("cfn-" + templateInputFile.language(), findRuleId(activeRules, violation)))
 								.at(new DefaultIssueLocation().on(templateInputFile).message(violation.getMessage()))
 								.save();
 					}
 				}
 			}
 		} else {
-			context.newIssue().forRule(RuleKey.of("cfn-yaml", findRuleId(violation)))
+			context.newIssue().forRule(RuleKey.of("cfn-yaml", findRuleId(activeRules, violation)))
 					.at(new DefaultIssueLocation().on(context.project()).message(violation.getMessage())).save();
 		}
 	}
@@ -363,8 +177,11 @@ private static void addIssue(final SensorContext context, final CfnNagViolation
 	 * @param violation the violation
 	 * @return the string
 	 */
-	private static String findRuleId(final CfnNagViolation violation) {
-		if (hasRule(violation.getId())) {
+	private static String findRuleId(final ActiveRules activeRules, final CfnNagViolation violation) {
+		RuleKey ruleKeyYaml = RuleKey.of("cfn-yaml", violation.getId());
+		RuleKey ruleKeyJson = RuleKey.of("cfn-json", violation.getId());
+		
+		if (activeRules.find(ruleKeyYaml) != null || activeRules.find(ruleKeyJson) != null) {
 			return violation.getId();
 		} else {
 			if (violation.getId().startsWith("W")) {

Original file line number	Diff line number	Diff line change
`@@ -23,8 +23,6 @@`
`23`	`23`	`import org.sonar.api.server.rule.RulesDefinition.Repository;`
`24`	`24`	`import org.sonar.api.server.rule.RulesDefinition.Rule;`
`25`	`25`
`26`		`-import com.hack23.sonar.cloudformation.reports.process.CfnNagProcessReports;`
`27`		`-`
`28`	`26`	`/**`
`29`	`27`	`* The Class CloudformationQualityProfile.`
`30`	`28`	`*/`
`@@ -94,15 +92,10 @@ private void createIacQualityProfile(final Context context, final String languag`
`94`	`92`	`for (final Repository repository : cloudformationRulesDefinition.getContext().repositories()) {`
`95`	`93`	`if (repository.key().contains(CFN_RULE_PREFIX + language)) {`
`96`	`94`	`for (final Rule rule : repository.rules()) {`
`97`		`- if (rule.tags().contains(CHECKOV)) {`
`98`	`95`	`iacProfile.activateRule(CFN_RULE_PREFIX + language, rule.key());`
`99`		`- }`
`100`	`96`	`}`
`101`	`97`	`}`
`102`	`98`	`}`
`103`		`- for (final String ruleKey : CfnNagProcessReports.SUPPORTED_RULES) {`
`104`		`- iacProfile.activateRule(CFN_RULE_PREFIX + language, ruleKey);`
`105`		`- }`
`106`	`99`	`iacProfile.done();`
`107`	`100`	`}`
`108`	`101`
`@@ -118,15 +111,12 @@ private void createCloudformationQualityProfile(final Context context, final Str`
`118`	`111`	`for (final Repository repository : cloudformationRulesDefinition.getContext().repositories()) {`
`119`	`112`	`if (repository.key().contains(CFN_RULE_PREFIX + language)) {`
`120`	`113`	`for (final Rule rule : repository.rules()) {`
`121`		`- if (rule.tags().contains(CHECKOV) && (rule.tags().contains(CLOUDFORMATION) \|\| rule.tags().contains(SERVERLESS))) {`
	`114`	`+ if (rule.tags().contains(CLOUDFORMATION) \|\| rule.tags().contains(SERVERLESS) \|\| rule.tags().contains("cfn-nag")) {`
`122`	`115`	`cloudFormationprofile.activateRule(CFN_RULE_PREFIX + language, rule.key());`
`123`	`116`	`}`
`124`	`117`	`}`
`125`	`118`	`}`
`126`	`119`	`}`
`127`		`- for (final String ruleKey : CfnNagProcessReports.SUPPORTED_RULES) {`
`128`		`- cloudFormationprofile.activateRule(CFN_RULE_PREFIX + language, ruleKey);`
`129`		`- }`
`130`	`120`	`cloudFormationprofile.done();`
`131`	`121`	`}`
`132`	`122`	`}`