SONARPY-3188 Implement a way to provide information about project aws lambda handlers to a rule (#398)

GitOrigin-RevId: 1bd7c5c7ff85ad4e8409e340363ea06511380455

Author: maksim-grebeniuk-sonarsource

python-checks-testkit/src/main/java/org/sonar/python/checks/utils/PythonCheckVerifier.java

@@ -27,6 +27,7 @@
 import org.sonar.plugins.python.api.PythonCheck.PreciseIssue;
 import org.sonar.plugins.python.api.PythonSubscriptionCheck;
 import org.sonar.plugins.python.api.PythonVisitorContext;
+import org.sonar.plugins.python.api.project.configuration.ProjectConfiguration;
 import org.sonar.plugins.python.api.tree.Token;
 import org.sonar.plugins.python.api.tree.Trivia;
 import org.sonar.python.SubscriptionVisitor;
@@ -57,42 +58,59 @@ public static void verify(String path, PythonCheck check) {
 
   public static void verifyNoIssue(String path, PythonCheck check) {
     File file = new File(path);
-    createVerifier(Collections.singletonList(file), check, ProjectLevelSymbolTable.empty(), null).assertNoIssues();
+    createVerifier(Collections.singletonList(file), check, ProjectLevelSymbolTable.empty(), null, new ProjectConfiguration())
+      .assertNoIssues();
   }
 
   public static void verify(List<String> paths, PythonCheck check) {
+    verify(paths, check, new ProjectConfiguration());
+  }
+
+  public static void verify(List<String> paths, PythonCheck check, ProjectConfiguration projectConfiguration) {
     List<File> files = paths.stream().map(File::new).toList();
     File baseDirFile = new File(files.get(0).getParent());
     ProjectLevelSymbolTable projectLevelSymbolTable = TestPythonVisitorRunner.globalSymbols(files, baseDirFile);
-    createVerifier(files, check, projectLevelSymbolTable, baseDirFile).assertOneOrMoreIssues();
+    createVerifier(files, check, projectLevelSymbolTable, baseDirFile, projectConfiguration).assertOneOrMoreIssues();
   }
 
   public static void verifyNoIssue(List<String> paths, PythonCheck check) {
     List<File> files = paths.stream().map(File::new).toList();
     File baseDirFile = new File(files.get(0).getParent());
     ProjectLevelSymbolTable projectLevelSymbolTable = TestPythonVisitorRunner.globalSymbols(files, baseDirFile);
-    createVerifier(files, check, projectLevelSymbolTable, baseDirFile).assertNoIssues();
+    createVerifier(files, check, projectLevelSymbolTable, baseDirFile, new ProjectConfiguration()).assertNoIssues();
   }
 
   public static List<PreciseIssue> issues(String path, PythonCheck check) {
     File file = new File(path);
-    PythonVisitorContext context = createContext(file, ProjectLevelSymbolTable.empty(), null);
+    PythonVisitorContext context = createContext(file, ProjectLevelSymbolTable.empty(), new ProjectConfiguration(), null);
     return scanFileForIssues(check, context);
   }
 
-  private static MultiFileVerifier createVerifier(List<File> files, PythonCheck check, ProjectLevelSymbolTable projectLevelSymbolTable, @Nullable File baseDir) {
+  private static MultiFileVerifier createVerifier(List<File> files,
+    PythonCheck check,
+    ProjectLevelSymbolTable projectLevelSymbolTable,
+    @Nullable File baseDir,
+    ProjectConfiguration projectConfiguration) {
     MultiFileVerifier multiFileVerifier = MultiFileVerifier.create(files.get(0).toPath(), UTF_8);
     for (File file : files) {
-      PythonVisitorContext context = createContext(file, projectLevelSymbolTable, baseDir);
+      PythonVisitorContext context = createContext(file, projectLevelSymbolTable, projectConfiguration, baseDir);
       addFileIssues(check, multiFileVerifier, file, context);
     }
     return multiFileVerifier;
   }
 
-  private static PythonVisitorContext createContext(File file, ProjectLevelSymbolTable projectLevelSymbolTable, @Nullable File baseDir) {
+  private static PythonVisitorContext createContext(File file,
+    ProjectLevelSymbolTable projectLevelSymbolTable,
+    ProjectConfiguration projectConfiguration,
+    @Nullable File baseDir) {
     return baseDir != null
-      ? TestPythonVisitorRunner.createContext(file, null, pythonPackageName(file, baseDir.getAbsolutePath()), projectLevelSymbolTable, CacheContextImpl.dummyCache())
-      : TestPythonVisitorRunner.createContext(file);
+      ? TestPythonVisitorRunner.createContext(file,
+      null,
+      pythonPackageName(file, baseDir.getAbsolutePath()),
+      projectLevelSymbolTable,
+      CacheContextImpl.dummyCache(),
+      projectConfiguration)
+      : TestPythonVisitorRunner.createContext(file, null, projectConfiguration);
   }
 
   private static void addFileIssues(PythonCheck check, MultiFileVerifier multiFileVerifier, File file, PythonVisitorContext context) {

python-checks/src/main/java/org/sonar/python/checks/utils/AwsLambdaChecksUtils.java

@@ -0,0 +1,37 @@
+/*
+ * SonarQube Python Plugin
+ * Copyright (C) 2011-2025 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the Sonar Source-Available License Version 1, as published by SonarSource SA.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the Sonar Source-Available License for more details.
+ *
+ * You should have received a copy of the Sonar Source-Available License
+ * along with this program; if not, see https://sonarsource.com/license/ssal/
+ */
+package org.sonar.python.checks.utils;
+
+import org.sonar.plugins.python.api.project.configuration.ProjectConfiguration;
+import org.sonar.plugins.python.api.tree.FunctionDef;
+import org.sonar.plugins.python.api.types.v2.FunctionType;
+
+public class AwsLambdaChecksUtils {
+
+  private AwsLambdaChecksUtils() {
+  }
+
+  public static boolean isLambdaHandler(ProjectConfiguration projectConfiguration, FunctionDef functionDef) {
+    return functionDef.name().typeV2() instanceof FunctionType functionType
+           && projectConfiguration.awsProjectConfiguration()
+             .awsLambdaHandlers()
+             .stream()
+             .anyMatch(handler -> handler.fullyQualifiedName().equals(functionType.fullyQualifiedName()));
+  }
+
+
+}

python-checks/src/test/java/org/sonar/python/checks/utils/AwsLambdaCheckUtilsTest.java

@@ -0,0 +1,54 @@
+/*
+ * SonarQube Python Plugin
+ * Copyright (C) 2011-2025 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the Sonar Source-Available License Version 1, as published by SonarSource SA.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the Sonar Source-Available License for more details.
+ *
+ * You should have received a copy of the Sonar Source-Available License
+ * along with this program; if not, see https://sonarsource.com/license/ssal/
+ */
+package org.sonar.python.checks.utils;
+
+import org.junit.jupiter.api.Test;
+import org.mockito.Mockito;
+import org.sonar.plugins.python.api.project.configuration.AwsLambdaHandlerInfo;
+import org.sonar.plugins.python.api.project.configuration.ProjectConfiguration;
+import org.sonar.plugins.python.api.tree.FunctionDef;
+import org.sonar.plugins.python.api.tree.Name;
+import org.sonar.plugins.python.api.types.v2.FunctionType;
+import org.sonar.plugins.python.api.types.v2.PythonType;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+class AwsLambdaCheckUtilsTest {
+
+
+  @Test
+  void isLambdaHandlerTest() {
+    var projectConfiguration = new ProjectConfiguration();
+
+    var functionNameType = Mockito.mock(FunctionType.class);
+    var functionName = Mockito.mock(Name.class);
+    var functionDef = Mockito.mock(FunctionDef.class);
+
+    Mockito.when(functionNameType.fullyQualifiedName()).thenReturn("a.b.c");
+    Mockito.when(functionName.typeV2()).thenReturn(functionNameType);
+    Mockito.when(functionDef.name()).thenReturn(functionName);
+
+    assertThat(AwsLambdaChecksUtils.isLambdaHandler(projectConfiguration, functionDef)).isFalse();
+
+    projectConfiguration.awsProjectConfiguration().awsLambdaHandlers().add(new AwsLambdaHandlerInfo("a.b.c"));
+    assertThat(AwsLambdaChecksUtils.isLambdaHandler(projectConfiguration, functionDef)).isTrue();
+
+    Mockito.when(functionName.typeV2()).thenReturn(PythonType.UNKNOWN);
+    assertThat(AwsLambdaChecksUtils.isLambdaHandler(projectConfiguration, functionDef)).isFalse();
+  }
+
+}

python-frontend/src/main/java/org/sonar/plugins/python/api/PythonVisitorContext.java

@@ -26,6 +26,7 @@
 import org.sonar.api.SonarProduct;
 import org.sonar.plugins.python.api.PythonCheck.PreciseIssue;
 import org.sonar.plugins.python.api.caching.CacheContext;
+import org.sonar.plugins.python.api.project.configuration.ProjectConfiguration;
 import org.sonar.plugins.python.api.tree.FileInput;
 import org.sonar.plugins.python.api.types.v2.ModuleType;
 import org.sonar.python.caching.CacheContextImpl;
@@ -43,8 +44,13 @@ public class PythonVisitorContext extends PythonInputFileContext {
   private final TypeChecker typeChecker;
   private ModuleType moduleType = null;
   private final List<PreciseIssue> issues;
+  private final ProjectConfiguration projectConfiguration;
 
   public PythonVisitorContext(FileInput rootTree, PythonFile pythonFile, @Nullable File workingDirectory, String packageName) {
+    this(rootTree, pythonFile, workingDirectory, packageName, new ProjectConfiguration());
+  }
+
+  public PythonVisitorContext(FileInput rootTree, PythonFile pythonFile, @Nullable File workingDirectory, String packageName, ProjectConfiguration projectConfiguration) {
     super(pythonFile, workingDirectory, CacheContextImpl.dummyCache(), ProjectLevelSymbolTable.empty());
     buildSymbols(rootTree, pythonFile, packageName);
     var symbolTable = new SymbolTableBuilderV2(rootTree).build();
@@ -54,11 +60,17 @@ public PythonVisitorContext(FileInput rootTree, PythonFile pythonFile, @Nullable
     this.parsingException = null;
     this.moduleType = new TypeInferenceV2(projectLevelTypeTable, pythonFile, symbolTable, packageName).inferModuleType(rootTree);
     this.typeChecker = new TypeChecker(projectLevelTypeTable);
+    this.projectConfiguration = projectConfiguration;
     this.issues = new ArrayList<>();
   }
 
   public PythonVisitorContext(FileInput rootTree, PythonFile pythonFile, @Nullable File workingDirectory, String packageName,
     ProjectLevelSymbolTable projectLevelSymbolTable, CacheContext cacheContext) {
+    this(rootTree, pythonFile, workingDirectory, packageName, projectLevelSymbolTable, cacheContext, new ProjectConfiguration());
+  }
+
+  public PythonVisitorContext(FileInput rootTree, PythonFile pythonFile, @Nullable File workingDirectory, String packageName,
+    ProjectLevelSymbolTable projectLevelSymbolTable, CacheContext cacheContext, ProjectConfiguration projectConfiguration) {
     super(pythonFile, workingDirectory, cacheContext, projectLevelSymbolTable);
 
     buildSymbols(rootTree, pythonFile, packageName, projectLevelSymbolTable);
@@ -69,6 +81,7 @@ public PythonVisitorContext(FileInput rootTree, PythonFile pythonFile, @Nullable
     this.parsingException = null;
     this.moduleType = new TypeInferenceV2(projectLevelTypeTable, pythonFile, symbolTable, packageName).inferModuleType(rootTree);
     this.typeChecker = new TypeChecker(projectLevelTypeTable);
+    this.projectConfiguration = projectConfiguration;
     this.issues = new ArrayList<>();
   }
 
@@ -81,6 +94,7 @@ public PythonVisitorContext(FileInput rootTree, PythonFile pythonFile, @Nullable
     var projectLevelTypeTable = new ProjectLevelTypeTable(projectLevelSymbolTable);
     this.moduleType = new TypeInferenceV2(projectLevelTypeTable, pythonFile, symbolTable, packageName).inferModuleType(rootTree);
     this.typeChecker = new TypeChecker(projectLevelTypeTable);
+    this.projectConfiguration = new ProjectConfiguration();
     this.rootTree = rootTree;
     this.parsingException = null;
     this.issues = new ArrayList<>();
@@ -100,6 +114,7 @@ public PythonVisitorContext(PythonFile pythonFile, RecognitionException parsingE
     this.rootTree = null;
     this.parsingException = parsingException;
     this.typeChecker = new TypeChecker(new ProjectLevelTypeTable(ProjectLevelSymbolTable.empty()));
+    this.projectConfiguration = new ProjectConfiguration();
     this.issues = new ArrayList<>();
   }
 
@@ -108,6 +123,7 @@ public PythonVisitorContext(PythonFile pythonFile, RecognitionException parsingE
     this.rootTree = null;
     this.parsingException = parsingException;
     this.typeChecker = new TypeChecker(new ProjectLevelTypeTable(ProjectLevelSymbolTable.empty()));
+    this.projectConfiguration = new ProjectConfiguration();
     this.issues = new ArrayList<>();
   }
 
@@ -136,4 +152,8 @@ public List<PreciseIssue> getIssues() {
   public ModuleType moduleType() {
     return moduleType;
   }
+
+  public ProjectConfiguration projectConfiguration() {
+    return projectConfiguration;
+  }
 }

python-frontend/src/main/java/org/sonar/plugins/python/api/SubscriptionContext.java

@@ -23,6 +23,7 @@
 import javax.annotation.CheckForNull;
 import javax.annotation.Nullable;
 import org.sonar.plugins.python.api.caching.CacheContext;
+import org.sonar.plugins.python.api.project.configuration.ProjectConfiguration;
 import org.sonar.plugins.python.api.symbols.Symbol;
 import org.sonar.plugins.python.api.tree.Token;
 import org.sonar.plugins.python.api.tree.Tree;
@@ -67,4 +68,6 @@ public interface SubscriptionContext {
   CacheContext cacheContext();
 
   TypeChecker typeChecker();
+
+  ProjectConfiguration projectConfiguration();
 }

python-frontend/src/main/java/org/sonar/plugins/python/api/project/configuration/AwsLambdaHandlerInfo.java

@@ -0,0 +1,20 @@
+/*
+ * SonarQube Python Plugin
+ * Copyright (C) 2011-2025 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the Sonar Source-Available License Version 1, as published by SonarSource SA.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the Sonar Source-Available License for more details.
+ *
+ * You should have received a copy of the Sonar Source-Available License
+ * along with this program; if not, see https://sonarsource.com/license/ssal/
+ */
+package org.sonar.plugins.python.api.project.configuration;
+
+public record AwsLambdaHandlerInfo(String fullyQualifiedName) {
+}

python-frontend/src/main/java/org/sonar/plugins/python/api/project/configuration/AwsProjectConfiguration.java

@@ -0,0 +1,22 @@
+/*
+ * SonarQube Python Plugin
+ * Copyright (C) 2011-2025 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the Sonar Source-Available License Version 1, as published by SonarSource SA.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the Sonar Source-Available License for more details.
+ *
+ * You should have received a copy of the Sonar Source-Available License
+ * along with this program; if not, see https://sonarsource.com/license/ssal/
+ */
+package org.sonar.plugins.python.api.project.configuration;
+
+import java.util.Set;
+
+public record AwsProjectConfiguration(Set<AwsLambdaHandlerInfo> awsLambdaHandlers) {
+}

python-frontend/src/main/java/org/sonar/plugins/python/api/project/configuration/ProjectConfiguration.java

@@ -0,0 +1,26 @@
+/*
+ * SonarQube Python Plugin
+ * Copyright (C) 2011-2025 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the Sonar Source-Available License Version 1, as published by SonarSource SA.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the Sonar Source-Available License for more details.
+ *
+ * You should have received a copy of the Sonar Source-Available License
+ * along with this program; if not, see https://sonarsource.com/license/ssal/
+ */
+package org.sonar.plugins.python.api.project.configuration;
+
+import java.util.HashSet;
+
+public record ProjectConfiguration(AwsProjectConfiguration awsProjectConfiguration) {
+
+  public ProjectConfiguration() {
+    this(new AwsProjectConfiguration(new HashSet<>()));
+  }
+}

python-frontend/src/main/java/org/sonar/plugins/python/api/project/configuration/package-info.java

@@ -0,0 +1,21 @@
+/*
+ * SonarQube Python Plugin
+ * Copyright (C) 2011-2025 SonarSource SA
+ * mailto:info AT sonarsource DOT com
+ *
+ * This program is free software; you can redistribute it and/or
+ * modify it under the terms of the Sonar Source-Available License Version 1, as published by SonarSource SA.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+ * See the Sonar Source-Available License for more details.
+ *
+ * You should have received a copy of the Sonar Source-Available License
+ * along with this program; if not, see https://sonarsource.com/license/ssal/
+ */
+@ParametersAreNonnullByDefault
+package org.sonar.plugins.python.api.project.configuration;
+
+import javax.annotation.ParametersAreNonnullByDefault;
+

python-frontend/src/main/java/org/sonar/python/SubscriptionVisitor.java

@@ -31,6 +31,7 @@
 import javax.annotation.Nullable;
 import org.sonar.plugins.python.api.IssueLocation;
 import org.sonar.plugins.python.api.LocationInFile;
+import org.sonar.plugins.python.api.project.configuration.ProjectConfiguration;
 import org.sonar.plugins.python.api.ProjectPythonVersion;
 import org.sonar.plugins.python.api.PythonCheck;
 import org.sonar.plugins.python.api.PythonFile;
@@ -184,6 +185,11 @@ public TypeChecker typeChecker() {
       return pythonVisitorContext.typeChecker();
     }
 
+    @Override
+    public ProjectConfiguration projectConfiguration() {
+      return pythonVisitorContext.projectConfiguration();
+    }
+
     public RegexParseResult regexForStringElement(StringElement stringElement, FlagSet flagSet) {
       return regexCache.computeIfAbsent(stringElement.hashCode() + "-" + flagSet.getMask(),
         s -> new RegexParser(new PythonAnalyzerRegexSource(stringElement), flagSet).parse());