diff --git a/analyzer-phpstan/src/main/java/io/codety/scanner/analyzer/phpstan/PhpstanCodeAnalyzer.java b/analyzer-phpstan/src/main/java/io/codety/scanner/analyzer/phpstan/PhpstanCodeAnalyzer.java new file mode 100644 index 0000000..56ff3d1 --- /dev/null +++ b/analyzer-phpstan/src/main/java/io/codety/scanner/analyzer/phpstan/PhpstanCodeAnalyzer.java @@ -0,0 +1,61 @@ +package io.codety.scanner.analyzer.phpstan; + +import io.codety.common.dto.CodeAnalyzerType; +import io.codety.common.dto.LanguageType; +import io.codety.scanner.analyzer.CodeAnalyzerInterface; +import io.codety.scanner.analyzer.dto.AnalyzerConfigurationDetailDto; +import io.codety.scanner.reporter.dto.CodeAnalysisIssueDto; +import io.codety.scanner.reporter.dto.CodeAnalysisResultDto; +import io.codety.scanner.service.dto.AnalyzerRequest; +import io.codety.scanner.util.CodetyConsoleLogger; +import io.codety.scanner.util.RuntimeExecUtil; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import java.util.ArrayList; +import java.util.List; + +@Service +public class PhpstanCodeAnalyzer implements CodeAnalyzerInterface { + @Override + public List analyzeCode(AnalyzerConfigurationDetailDto runnerConfiguration, AnalyzerRequest request) { + + CodetyConsoleLogger.info("Scanning "+runnerConfiguration.getLanguage()+" code via "+runnerConfiguration.getCodeAnalyzerType().name()+"..."); + ArrayList list = new ArrayList(); + + String[] command; + String localGitRepoPath = request.getLocalGitRepoPath(); + //./vendor/bin/phpstan --memory-limit=1024000000 --no-interaction --no-progress --error-format=json analyse + if(runnerConfiguration.getPayload() == null || runnerConfiguration.getPayload().isEmpty()){ + command = new String[]{"./vendor/bin/phpsta", "--memory-limit=1024000000", "--no-interaction", "--no-progress", "--error-format=json", "analyse", localGitRepoPath}; + }else{ + //Use multiple rules: --check CKV_GCP_33,CKV_GCP_34,CKV_GCP_35 ... + command = new String[]{"./vendor/bin/phpsta", "--memory-limit=1024000000", "--no-interaction", "--no-progress", "--error-format=json", "analyse", localGitRepoPath}; + } + try { + RuntimeExecUtil.RuntimeExecResult runtimeExecResult = RuntimeExecUtil.exec(command, "/", 60, false, null); + + String errorOutput = runtimeExecResult.getErrorOutput(); + String successOutput = runtimeExecResult.getSuccessOutput(); + + List codeAnalysisIssueDtoList = PhpstanConverter.convertResult(successOutput, localGitRepoPath); + + CodeAnalysisResultDto resultDto = new CodeAnalysisResultDto(runnerConfiguration.getLanguage(), runnerConfiguration.getCodeAnalyzerType()); + resultDto.setDisplayTitle("IaC"); + resultDto.addIssues(codeAnalysisIssueDtoList); + list.add(resultDto); + + } catch (Exception e) { + CodetyConsoleLogger.info("Skip checkov analyzer due to exceptions"); + CodetyConsoleLogger.debug("Skip checkov analyzer due to exceptions " + e.getMessage(), e); + } + + return list; + + } + + @Override + public List analyzeCode(AnalyzerRequest request) { + return analyzeCode(new AnalyzerConfigurationDetailDto(LanguageType.php, CodeAnalyzerType.phpstan), request); + } +} diff --git a/analyzer-phpstan/src/main/java/io/codety/scanner/analyzer/phpstan/PhpstanConverter.java b/analyzer-phpstan/src/main/java/io/codety/scanner/analyzer/phpstan/PhpstanConverter.java new file mode 100644 index 0000000..483e441 --- /dev/null +++ b/analyzer-phpstan/src/main/java/io/codety/scanner/analyzer/phpstan/PhpstanConverter.java @@ -0,0 +1,29 @@ +package io.codety.scanner.analyzer.phpstan; + +import com.fasterxml.jackson.core.JsonProcessingException; +import io.codety.scanner.analyzer.phpstan.dto.PhpstanIssueDto; +import io.codety.scanner.analyzer.phpstan.dto.PhpstanRoot; +import io.codety.scanner.reporter.dto.CodeAnalysisIssueDto; +import io.codety.scanner.util.JsonFactoryUtil; + +import java.util.ArrayList; +import java.util.List; +import java.util.Map; + +public class PhpstanConverter { + public static List convertResult(String successOutput, String localGitRepoPath) throws JsonProcessingException { + List result = new ArrayList<>(); + PhpstanRoot phpstanRoot = JsonFactoryUtil.objectMapper.readValue(successOutput, PhpstanRoot.class); + + Map files = phpstanRoot.getFiles(); + for(String file : files.keySet()){ + if(file.startsWith(localGitRepoPath)){ + + } + + } + + + return result; + } +} diff --git a/image/publish_image.sh b/image/publish_image.sh index 5dac33b..27093d6 100755 --- a/image/publish_image.sh +++ b/image/publish_image.sh @@ -25,12 +25,14 @@ if [ $? -ne 0 ]; then echo "Failed to build multi-platform container, create a new builder may fix the issue: '$> docker buildx create --name mybuilder --use ' " exit 1; fi - +echo " ========= Build and publish images end ========": git tag -a "$DOCKER_BUILD_VERSION" -m "tag version $DOCKER_BUILD_VERSION" git push origin "$DOCKER_BUILD_VERSION" -echo " ========= Build and publish images end ========": +#echo " ========= Publish release start ========": +#gh release upload "$DOCKER_BUILD_VERSION" scanner/build/libs/app.jar +#echo " ========= Publish release end ========": echo "====User below command to test the container: =====" echo "docker run -v $(pwd):/src codetyio/codety:$1" diff --git a/scanner-common/src/main/java/io/codety/common/dto/CodeAnalyzerType.java b/scanner-common/src/main/java/io/codety/common/dto/CodeAnalyzerType.java index 1d3fcf0..a3580fc 100644 --- a/scanner-common/src/main/java/io/codety/common/dto/CodeAnalyzerType.java +++ b/scanner-common/src/main/java/io/codety/common/dto/CodeAnalyzerType.java @@ -16,6 +16,7 @@ public enum CodeAnalyzerType { , rubocop(40) , stylelint(50) , shellcheck(60) + , phpstan(70) ; public final int codeAnalyzerType;