Skip to content
This repository has been archived by the owner on Jan 22, 2025. It is now read-only.

Commit

Permalink
add plugins to codyze configuration
Browse files Browse the repository at this point in the history
  • Loading branch information
CodingDepot committed Jan 10, 2024
1 parent 6c20d1f commit e1f89b7
Show file tree
Hide file tree
Showing 10 changed files with 90 additions and 7 deletions.
1 change: 1 addition & 0 deletions codyze-cli/build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ dependencies {
implementation(projects.codyzeCore)
implementation(projects.codyzeBackends.cpg)
implementation(projects.codyzeSpecificationLanguages.coko.cokoDsl)
implementation(projects.codyzePlugins)

implementation(libs.clikt)
implementation(libs.koin)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -19,15 +19,23 @@ import com.github.ajalt.clikt.parameters.groups.OptionGroup
import com.github.ajalt.clikt.parameters.options.default
import com.github.ajalt.clikt.parameters.options.flag
import com.github.ajalt.clikt.parameters.options.option
import com.github.ajalt.clikt.parameters.options.convert
import com.github.ajalt.clikt.parameters.options.multiple
import com.github.ajalt.clikt.parameters.options.unique
import com.github.ajalt.clikt.parameters.types.choice
import com.github.ajalt.clikt.parameters.types.path
import de.fraunhofer.aisec.codyze.core.config.Configuration
import de.fraunhofer.aisec.codyze.core.output.OutputBuilder
import de.fraunhofer.aisec.codyze.core.output.SarifBuilder
import de.fraunhofer.aisec.codyze.plugin.plugins.EmptyPlugin
import de.fraunhofer.aisec.codyze.plugin.plugins.Plugin
import io.github.oshai.kotlinlogging.KotlinLogging
import org.koin.java.KoinJavaComponent.getKoin
import java.nio.file.Path
import kotlin.io.path.Path

private val logger = KotlinLogging.logger {}

@Suppress("UNUSED")
class CodyzeOptionGroup : OptionGroup(name = null) {
val output: Path by option("-o", "--output", help = "Write results to file. Use - for stdout.")
Expand All @@ -41,6 +49,20 @@ class CodyzeOptionGroup : OptionGroup(name = null) {
.choice(getKoin().getAll<OutputBuilder>().associateBy { it.cliName }, ignoreCase = true)
.default(SarifBuilder(), defaultForHelp = "sarif")

val plugins: Set<Plugin> by option(
"--plugin",
help = "Plugin to be used for the analysis."
)
.convert { name ->
val pluginMap = getKoin().getAll<Plugin>().associateBy { it.cliName.lowercase() }
pluginMap[name.lowercase()] ?: run {
logger.warn { "Plugin \"$name\" could not be resolved." }
EmptyPlugin()
}
}
.multiple(default = listOf(), required = false)
.unique()

val goodFindings: Boolean by option(
"--good-findings",
help =
Expand All @@ -65,6 +87,7 @@ class CodyzeOptionGroup : OptionGroup(name = null) {
fun asConfiguration() = Configuration(
output = output,
outputBuilder = outputBuilder,
plugins = plugins,
goodFindings = goodFindings,
pedantic = pedantic
)
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,9 @@ import de.fraunhofer.aisec.codyze.core.executor.Executor
import de.fraunhofer.aisec.codyze.core.executor.ExecutorCommand
import de.fraunhofer.aisec.codyze.core.output.OutputBuilder
import de.fraunhofer.aisec.codyze.core.output.SarifBuilder
import de.fraunhofer.aisec.codyze.plugin.plugins.FindSecBugsPlugin
import de.fraunhofer.aisec.codyze.plugin.plugins.PMDPlugin
import de.fraunhofer.aisec.codyze.plugin.plugins.Plugin
import de.fraunhofer.aisec.codyze.specificationLanguages.coko.dsl.cli.CokoSubcommand
import org.koin.core.module.dsl.factoryOf
import org.koin.dsl.bind
Expand All @@ -49,3 +52,11 @@ val executorCommands = module {
val outputBuilders = module {
factoryOf(::SarifBuilder) bind(OutputBuilder::class)
}

/**
* List all available [Plugin]s. They use external tools to extend the analysis.
*/
val plugins = module {
factoryOf(::FindSecBugsPlugin) bind(Plugin::class)
factoryOf(::PMDPlugin) bind(Plugin::class)
}

Check warning

Code scanning / detekt

Checks whether files end with a line separator. Warning

The file /home/runner/work/codyze/codyze/codyze-cli/src/main/kotlin/de/fraunhofer/aisec/codyze/cli/KoinModules.kt is not ending with a new line.
Original file line number Diff line number Diff line change
Expand Up @@ -31,7 +31,7 @@ fun main(args: Array<String>) {
// use Koin logger
printLogger()
// declare modules
modules(executorCommands, backendCommands, outputBuilders)
modules(executorCommands, backendCommands, outputBuilders, plugins)
}

// parse the CMD arguments
Expand Down Expand Up @@ -66,4 +66,14 @@ fun main(args: Array<String>) {

// use the chosen [OutputBuilder] to convert the SARIF format (a SARIF RUN) from the executor to the chosen format
codyzeConfiguration.outputBuilder.toFile(run, codyzeConfiguration.output)

// run each plugin
for (plugin in codyzeConfiguration.plugins) {
logger.info { "Executing Plugin \"${plugin.cliName}\"" }
TODO("run all plugins - both source and compiled")
//plugin.execute()

Check warning

Code scanning / detekt

Checks if comments have the right spacing Warning

Missing space after //
}

// aggregate into one SARIF
TODO("take the separate sarif files and aggregate them")
}
2 changes: 2 additions & 0 deletions codyze-core/build.gradle.kts
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,8 @@ dependencies {
implementation(libs.koin)

implementation(libs.bundles.sarif)

implementation(projects.codyzePlugins)
}

publishing {
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,7 @@
package de.fraunhofer.aisec.codyze.core.config

import de.fraunhofer.aisec.codyze.core.output.OutputBuilder
import de.fraunhofer.aisec.codyze.plugin.plugins.Plugin
import io.github.oshai.kotlinlogging.KotlinLogging
import java.nio.file.Path

Expand All @@ -33,6 +34,7 @@ private val logger = KotlinLogging.logger {}
data class Configuration(
val output: Path,
val outputBuilder: OutputBuilder,
val plugins: Set<Plugin>,
val goodFindings: Boolean,
val pedantic: Boolean,
)
Original file line number Diff line number Diff line change
@@ -0,0 +1,15 @@
package de.fraunhofer.aisec.codyze.plugin.plugins

Check warning

Code scanning / detekt

License text is absent or incorrect. Warning

Expected license not found or incorrect in the file: /home/runner/work/codyze/codyze/codyze-plugins/src/main/kotlin/de/fraunhofer/aisec/codyze/plugin/plugins/EmptyPlugin.kt.

Check warning

Code scanning / detekt

Detects missing final newlines Warning

File must end with a newline (\n)

import java.io.File
import java.nio.file.Path

/**
* This class is mapped to unresolved plugin parameters in the [CodyzeOptionGroup].
* It should not do anything and just exist so the mapping can succeed
*/
class EmptyPlugin : Plugin() {
override val cliName: String = "none"
override fun execute(target: List<Path>, output: File) {
return
}
}

Check warning

Code scanning / detekt

Checks whether files end with a line separator. Warning

The file /home/runner/work/codyze/codyze/codyze-plugins/src/main/kotlin/de/fraunhofer/aisec/codyze/plugin/plugins/EmptyPlugin.kt is not ending with a new line.
Original file line number Diff line number Diff line change
Expand Up @@ -28,8 +28,7 @@ import java.nio.file.Files
import java.nio.file.Path
import kotlin.io.path.absolute

// FIXME: copy-paste from SpotBugs-Executor with added FindSecBugs-Plugin
class FindSecBugsPlugin: de.fraunhofer.aisec.codyze.plugin.plugins.Plugin {
class FindSecBugsPlugin: de.fraunhofer.aisec.codyze.plugin.plugins.Plugin() {

Check warning

Code scanning / detekt

Reports spaces around colons Warning

Missing spacing before ":"
override val cliName = "findsecbugs"
val pluginFile = File("src/main/resources/spotbugs-plugins/findsecbugs-plugin-1.12.0.jar")

Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ import java.nio.file.Path
import net.sourceforge.pmd.PMDConfiguration
import net.sourceforge.pmd.PmdAnalysis

class PMDPlugin: Plugin {
class PMDPlugin: Plugin() {

Check warning

Code scanning / detekt

Reports spaces around colons Warning

Missing spacing before ":"
override val cliName = "pmd"
override fun execute(target: List<Path>, output: File) {
val config = PMDConfiguration()
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,14 +18,34 @@ package de.fraunhofer.aisec.codyze.plugin.plugins
import java.io.File
import java.nio.file.Path

interface Plugin {
/**
* Plugins perform a standalone analysis independent of the Codyze Executors.
* They usually use already developed libraries from open-source analysis tools.
* When developing a new Plugin, do not forget to add it to the respective [KoinModules],
* otherwise it will not be selectable in the configuration.
*/
abstract class Plugin {
/** the name this output format has in the codyze-cli. */
val cliName: String
abstract val cliName: String

/**
* Executes the respective analysis tool.
* @param target The files to be analyzed
* @param output The location of the results
*/
fun execute(target: List<Path>, output: File = File("$cliName.sarif"))
abstract fun execute(target: List<Path>, output: File = File("$cliName.sarif"))

/**
* Define two plugins as equal if they are of the same type and therefore have the same CLI name.
* This is necessary to filter out duplicate Plugins when parsing the cli arguments
*/
override fun equals(other: Any?): Boolean {
if (other is Plugin)
return this.cliName == other.cliName

Check warning

Code scanning / detekt

Detects multiline if-else statements without braces Warning

Missing { ... }
return false
}

override fun hashCode(): Int {
return cliName.hashCode()
}
}

Check warning

Code scanning / detekt

Checks whether files end with a line separator. Warning

The file /home/runner/work/codyze/codyze/codyze-plugins/src/main/kotlin/de/fraunhofer/aisec/codyze/plugin/plugins/Plugin.kt is not ending with a new line.

0 comments on commit e1f89b7

Please sign in to comment.