View Javadoc
1   /*
2    * Cloudformation Plugin for SonarQube
3    * Copyright (C) 2019 James Pether Sörling
4    * james@hack23.com
5    *
6    * This program is free software; you can redistribute it and/or
7    * modify it under the terms of the GNU Lesser General Public
8    * License as published by the Free Software Foundation; either
9    * version 3 of the License, or (at your option) any later version.
10   *
11   * This program is distributed in the hope that it will be useful,
12   * but WITHOUT ANY WARRANTY; without even the implied warranty of
13   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
14   * Lesser General Public License for more details.
15   *
16   * You should have received a copy of the GNU Lesser General Public License
17   * along with this program; if not, write to the Free Software Foundation,
18   * Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301, USA.
19   */
20  package com.hack23.sonar.cloudformation;
21  
22  import java.io.IOException;
23  
24  import org.sonar.api.batch.fs.FileSystem;
25  import org.sonar.api.batch.sensor.Sensor;
26  import org.sonar.api.batch.sensor.SensorContext;
27  import org.sonar.api.batch.sensor.SensorDescriptor;
28  import org.sonar.api.scan.filesystem.PathResolver;
29  import org.sonar.api.utils.log.Logger;
30  import org.sonar.api.utils.log.Loggers;
31  import org.sonar.api.utils.log.Profiler;
32  
33  import com.hack23.sonar.cloudformation.reports.process.CfnNagProcessReports;
34  import com.hack23.sonar.cloudformation.reports.process.CheckovProcessReports;
35  
36  /**
37   * The Class CloudformationSensor.
38   */
39  public final class CloudformationSensor implements Sensor {
40  
41  	/** The Constant SENSOR_NAME. */
42  	public static final String SENSOR_NAME = "Cloudformation Check";
43  
44  	/** The Constant LOGGER. */
45  	private static final Logger LOGGER = Loggers.get(CloudformationSensor.class);
46  
47  	/** The cfn nag process reports. */
48  	private final CfnNagProcessReports cfnNagProcessReports;
49  
50  	/** The checkov process reports. */
51  	private final CheckovProcessReports checkovProcessReports;
52  
53  	/** The configuration. */
54  	private final CloudformationSensorConfiguration configuration;
55  
56  	/**
57  	 * Instantiates a new cloudformation sensor.
58  	 *
59  	 * @param configuration the configuration
60  	 * @param fileSystem the file system
61  	 * @param pathResolver the path resolver
62  	 */
63  	public CloudformationSensor(final CloudformationSensorConfiguration configuration, final FileSystem fileSystem,
64  			final PathResolver pathResolver) {
65  		super();
66  		this.configuration = configuration;
67  		this.cfnNagProcessReports = new CfnNagProcessReports(fileSystem, pathResolver);
68  		this.checkovProcessReports = new CheckovProcessReports(fileSystem, pathResolver);
69  	}
70  
71  	/**
72  	 * Describe.
73  	 *
74  	 * @param descriptor the descriptor
75  	 */
76  	@Override
77  	public void describe(final SensorDescriptor descriptor) {
78  		descriptor.name(SENSOR_NAME);
79  
80  	}
81  
82  	/**
83  	 * Execute.
84  	 *
85  	 * @param context the context
86  	 */
87  	@Override
88  	public void execute(final SensorContext context) {
89  		final Profiler profiler = Profiler.create(LOGGER);
90  		profiler.startInfo("Process iac reports");
91  
92  		try {
93  			cfnNagProcessReports.processCfnNagReport(context,configuration.getCfnNagReportFiles());
94  			checkovProcessReports.processCheckovReport(context,configuration.getCheckovReportFiles());
95  		} catch (final IOException e) {
96  			throw new RuntimeException("Can not process iac reports.", e);
97  		} finally {
98  			profiler.stopInfo();
99  		}
100 	}
101 
102 }