Add phpstan analyzer.

Author: limpidsa

analyzer-phpstan/src/main/java/io/codety/scanner/analyzer/phpstan/PhpstanCodeAnalyzer.java

@@ -9,14 +9,20 @@
 import io.codety.scanner.service.dto.AnalyzerRequest;
 import io.codety.scanner.util.CodetyConsoleLogger;
 import io.codety.scanner.util.RuntimeExecUtil;
-import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.stereotype.Service;
 
 import java.util.ArrayList;
 import java.util.List;
 
 @Service
 public class PhpstanCodeAnalyzer implements CodeAnalyzerInterface {
+
+    private static final long memoryLimit = 1024000000;
+
+    @Value("${codety.phpstan.path}")
+    String phpstanBinPath;
+
     @Override
     public List<CodeAnalysisResultDto> analyzeCode(AnalyzerConfigurationDetailDto runnerConfiguration, AnalyzerRequest request) {
 
@@ -26,11 +32,13 @@ public List<CodeAnalysisResultDto> analyzeCode(AnalyzerConfigurationDetailDto ru
         String[] command;
         String localGitRepoPath = request.getLocalGitRepoPath();
         //./vendor/bin/phpstan --memory-limit=1024000000  --no-interaction --no-progress  --error-format=json  analyse
+
+        String phpstanPath = phpstanBinPath + "phpstan";
         if(runnerConfiguration.getPayload() == null || runnerConfiguration.getPayload().isEmpty()){
-            command = new String[]{"./vendor/bin/phpsta", "--memory-limit=1024000000", "--no-interaction", "--no-progress", "--error-format=json", "analyse", localGitRepoPath};
+            command = new String[]{phpstanPath, "--memory-limit=" + memoryLimit, "--no-interaction", "--no-progress", "--error-format=json", "analyse", localGitRepoPath};
         }else{
             //Use multiple rules: --check CKV_GCP_33,CKV_GCP_34,CKV_GCP_35 ...
-            command = new String[]{"./vendor/bin/phpsta", "--memory-limit=1024000000", "--no-interaction", "--no-progress", "--error-format=json", "analyse", localGitRepoPath};
+            command = new String[]{phpstanPath, "--memory-limit=" + memoryLimit, "--no-interaction", "--no-progress", "--error-format=json", "analyse", localGitRepoPath};
         }
         try {
             RuntimeExecUtil.RuntimeExecResult runtimeExecResult = RuntimeExecUtil.exec(command, "/", 60, false, null);

analyzer-phpstan/src/main/java/io/codety/scanner/analyzer/phpstan/PhpstanConverter.java

@@ -2,6 +2,7 @@
 
 import com.fasterxml.jackson.core.JsonProcessingException;
 import io.codety.scanner.analyzer.phpstan.dto.PhpstanIssueDto;
+import io.codety.scanner.analyzer.phpstan.dto.PhpstanMessage;
 import io.codety.scanner.analyzer.phpstan.dto.PhpstanRoot;
 import io.codety.scanner.reporter.dto.CodeAnalysisIssueDto;
 import io.codety.scanner.util.JsonFactoryUtil;
@@ -11,19 +12,38 @@
 import java.util.Map;
 
 public class PhpstanConverter {
+
+    private static final int defaultPriority = 3;
+
     public static List<CodeAnalysisIssueDto> convertResult(String successOutput, String localGitRepoPath) throws JsonProcessingException {
         List<CodeAnalysisIssueDto> result = new ArrayList<>();
         PhpstanRoot phpstanRoot = JsonFactoryUtil.objectMapper.readValue(successOutput, PhpstanRoot.class);
 
         Map<String, PhpstanIssueDto> files = phpstanRoot.getFiles();
         for(String file : files.keySet()){
-            if(file.startsWith(localGitRepoPath)){
-
+            String filePath = file;
+            if(filePath.startsWith(localGitRepoPath)){
+                filePath = filePath.substring(localGitRepoPath.length()+1);
+            }
+            PhpstanIssueDto phpstanIssueDto = files.get(file);
+            ArrayList<PhpstanMessage> messages = phpstanIssueDto.getMessages();
+            if(messages== null){
+                continue;
+            }
+            for(PhpstanMessage phpstanMessage : messages){
+                String message = phpstanMessage.getTip();
+                CodeAnalysisIssueDto issueDto = new CodeAnalysisIssueDto();
+                issueDto.setFilePath(filePath);
+                issueDto.setStartLineNumber(phpstanMessage.getLine());
+                String identifier = phpstanMessage.getIdentifier();
+                issueDto.setIssueCategory(identifier);
+                issueDto.setDescription(message);
+                issueDto.setIssueCode(identifier);
+                issueDto.setPriority(defaultPriority);
+                result.add(issueDto);
             }
-
         }
 
-
         return result;
     }
 }

analyzer-phpstan/src/test/java/io/codety/scanner/analyzer/phpstan/PhpstanCodeAnalyzerTest.java

@@ -0,0 +1,53 @@
+package io.codety.scanner.analyzer.phpstan;
+
+import io.codety.common.dto.CodeAnalyzerType;
+import io.codety.scanner.analyzer.dto.AnalyzerConfigurationDetailDto;
+import io.codety.scanner.reporter.dto.CodeAnalysisIssueDto;
+import io.codety.scanner.reporter.dto.CodeAnalysisResultDto;
+import io.codety.scanner.service.dto.AnalyzerRequest;
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.context.SpringBootTest;
+
+import java.nio.file.Paths;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+@SpringBootTest
+public class PhpstanCodeAnalyzerTest {
+
+    @Autowired
+    PhpstanCodeAnalyzer phpstanCodeAnalyzer;
+
+    @Test
+    void testCodeAnalyze(){
+        String path = Paths.get("../","code-issue-examples", "php").toFile().getAbsoluteFile().getPath();
+
+        String language = "java";
+        AnalyzerConfigurationDetailDto runnerConfiguration = new AnalyzerConfigurationDetailDto(language, CodeAnalyzerType.trivy);
+        Map<String, String> env = new HashMap<>();
+        AnalyzerRequest analyzerRequest = AnalyzerRequest.processSystemVariablesToRequest(env, new String[]{path});
+        List<CodeAnalysisResultDto> codeAnalysisResultDtos = phpstanCodeAnalyzer.analyzeCode(runnerConfiguration, analyzerRequest);
+        Assertions.assertTrue(codeAnalysisResultDtos.size() > 0);
+
+        CodeAnalysisResultDto resultDto = codeAnalysisResultDtos.get(0);
+        Assertions.assertEquals(resultDto.getLanguage(), language);
+        Map<String, List<CodeAnalysisIssueDto>> issuesByFile = resultDto.getIssuesByFile();
+        Assertions.assertTrue(issuesByFile.size()>0);
+        for(String file : issuesByFile.keySet()) {
+            List<CodeAnalysisIssueDto> issues = issuesByFile.get(file);
+            Assertions.assertTrue(issues.size() > 0);
+            for (CodeAnalysisIssueDto issueDto : issues) {
+                Assertions.assertTrue(issueDto.getStartLineNumber() > 0);
+                Assertions.assertTrue(issueDto.getIssueCode().length() > 0);
+                Assertions.assertTrue(issueDto.getPriority() > 0);
+                Assertions.assertTrue(issueDto.getIssueCategory().length() > 0);
+                Assertions.assertTrue(issueDto.getDescription().length() > 10);
+                Assertions.assertTrue(issueDto.getFilePath().length() > 10);
+            }
+        }
+    }
+
+}

analyzer-phpstan/src/test/resources/application.properties

@@ -0,0 +1,3 @@
+codety.phpstan.path=/Users/user/git/runnerDockerDownloads/vendor/bin/
+
+logging.level.root=WARN

scanner/src/main/java/io/codety/scanner/service/ScannerService.java

@@ -2,6 +2,7 @@
 
 import io.codety.scanner.analyzer.checkov.CheckovCodeAnalyzer;
 import io.codety.scanner.analyzer.golangcilint.GolangcilintCodeAnalyzer;
+import io.codety.scanner.analyzer.phpstan.PhpstanCodeAnalyzer;
 import io.codety.scanner.analyzer.rubocop.RubocopCodeAnalyzer;
 import io.codety.scanner.analyzer.scalastyle.ScalastyleCodeAnalyzer;
 import io.codety.scanner.analyzer.shellcheck.ShellcheckCodeAnalyzer;
@@ -65,6 +66,9 @@ public class ScannerService {
     @Autowired
     ShellcheckCodeAnalyzer shellcheckCodeAnalyzer;
 
+    @Autowired
+    PhpstanCodeAnalyzer phpstanCodeAnalyzer;
+
     @Autowired
     CodetyRegexCodeAnalyzer codetyRegexCodeAnalyzer;
 
@@ -129,6 +133,7 @@ private CodeAnalysisResultSetDto runDefaultCodeAnalysis(AnalyzerRequest request)
         codeAnalysisResultSetDto.getCodeAnalysisResultDtoList().addAll(rubocopCodeAnalyzer.analyzeCode(request));
         codeAnalysisResultSetDto.getCodeAnalysisResultDtoList().addAll(stylelintCodeAnalyzer.analyzeCode(request));
         codeAnalysisResultSetDto.getCodeAnalysisResultDtoList().addAll(shellcheckCodeAnalyzer.analyzeCode(request));
+//        codeAnalysisResultSetDto.getCodeAnalysisResultDtoList().addAll(phpstanCodeAnalyzer.analyzeCode(request));
 
         return codeAnalysisResultSetDto;
     }

scanner/src/main/resources/application-dev.properties

@@ -3,5 +3,6 @@ codety.analyzer.java.ruleset.path=tools/pmd-default
 codety.base.path=tools/
 codety.eslint.path=/Users/user/dev/
 codety.stylelint.path=/Users/user/dev/
+codety.phpstan.path=/vendor/bin/
 
 logging.level.root=WARN

scanner/src/main/resources/application-prod.properties

@@ -3,5 +3,6 @@ codety.analyzer.java.ruleset.path=/tools/pmd-default
 codety.base.path=/tools/
 codety.eslint.path=/usr/local/
 codety.stylelint.path=/usr/local/stylelint/
+codety.phpstan.path=/vendor/bin/
 
 logging.level.root=WARN

scanner/src/main/resources/application.properties

@@ -5,6 +5,7 @@ codety.analyzer.java.ruleset.path=tools/pmd-default
 codety.base.path=tools/
 codety.eslint.path=/Users/user/dev/
 codety.stylelint.path=/Users/user/dev/
+codety.phpstan.path=/vendor/bin/
 
 logging.level.root=WARN
 logging.level.io.codety=WARN