danger-warnings 0.0.1

data/lib/danger_plugin.rb

@@ -0,0 +1 @@
+require 'warnings/plugin'

data/lib/danger_warnings.rb

@@ -0,0 +1 @@
+require 'warnings/gem_version'

data/lib/warnings/gem_version.rb

@@ -0,0 +1,3 @@
+module Warnings
+  VERSION = '0.0.1'.freeze
+end

data/lib/warnings/issue.rb

@@ -0,0 +1,31 @@
+module Warnings
+  # An issue definition to be used for reports.
+  class Issue
+    # The name of the file this issue targets.
+    #
+    # @return [String]
+    attr_accessor :file_name
+    # The issue id the linter tool provides.
+    #
+    # @return [String]
+    attr_accessor :id
+    # The line this issue targets.
+    #
+    # @return [Integer]
+    attr_accessor :line
+    # The severity level of this issue.
+    # Possible values are `low` `medium` `high`.
+    #
+    # @return [Symbol]
+    attr_accessor :severity
+    # The text message describe this issue.
+    #
+    # @return [String]
+    attr_accessor :message
+
+    # The name of the issue id.
+    #
+    # @return [String]
+    attr_accessor :name
+  end
+end

data/lib/warnings/markdown_util.rb

@@ -0,0 +1,61 @@
+require_relative 'issue'
+
+module Warnings
+  # Utility class to write the markdown report.
+  module MarkdownUtil
+    TABLE_HEADER = 'Severity|File|Message'.freeze
+    COLUMN_SEPARATOR = '|'.freeze
+    TABLE_SEPARATOR = "---#{COLUMN_SEPARATOR}---#{COLUMN_SEPARATOR}---".freeze
+    LINE_SEPARATOR = "\n".freeze
+
+    module_function
+
+    # Generate a markdown text message listing all issues as table.
+    #
+    # @param name [String] The name of the report to be printed.
+    # @param issues [Array<Issue>] List of parsed issues.
+    # @return [String] String in danger markdown format.
+    def generate(name, issues)
+      result = header_name(name)
+      result << header
+      result << issues(issues)
+    end
+
+    # Create the report name string.
+    #
+    # @param report_name [String] The name of the report.
+    # @return [String] Text containing header name of the report.
+    def header_name(report_name)
+      "# #{report_name}#{LINE_SEPARATOR}"
+    end
+
+    # Create the base table header line.
+    #
+    # @return [String] String containing a markdown table header line.
+    def header
+      result = TABLE_HEADER.dup
+      result << LINE_SEPARATOR
+      result << TABLE_SEPARATOR
+      result << LINE_SEPARATOR
+    end
+
+    # Create a string containing all issues prepared to be used in a markdown table.
+    #
+    # @param issues [Array<Issue>] List of parsed issues.
+    # @return [String] String containing all issues.
+    # rubocop:disable Metrics/AbcSize
+    def issues(issues)
+      result = ''
+      issues.each do |issue|
+        result << issue.severity.to_s.capitalize
+        result << COLUMN_SEPARATOR
+        result << "#{issue.file_name}:#{issue.line}"
+        result << COLUMN_SEPARATOR
+        result << "[#{issue.id}-#{issue.name}] #{issue.message}"
+        result << LINE_SEPARATOR
+      end
+      # rubocop:enable Metrics/AbcSize
+      result
+    end
+  end
+end

data/lib/warnings/parser/bandit_parser.rb

@@ -0,0 +1,45 @@
+require_relative 'parser'
+require_relative '../issue'
+
+module Warnings
+  # Parser class for bandit generated json files.
+  class BanditParser < Parser
+    RESULTS_KEY = 'results'.freeze
+    FILE_TYPES = %i(json).freeze
+    NAME = 'Bandit'.freeze
+    ERROR_MISSING_KEY = "Missing bandit key '#{RESULTS_KEY}'.".freeze
+
+    def file_types
+      FILE_TYPES
+    end
+
+    def parse(file)
+      json_hash = json(file)
+      results_hash = json_hash[RESULTS_KEY]
+      raise(ERROR_MISSING_KEY) if results_hash.nil?
+
+      results_hash.each(&method(:store_issue))
+    end
+
+    def name
+      NAME
+    end
+
+    private
+
+    def store_issue(hash)
+      issue = Issue.new
+      issue.file_name = hash['filename']
+      issue.severity = to_severity(hash['issue_severity'])
+      issue.message = hash['issue_text']
+      issue.line = hash['line_number']
+      issue.id = hash['test_id']
+      issue.name = hash['test_name']
+      @issues << issue
+    end
+
+    def to_severity(severity)
+      severity.downcase.to_sym
+    end
+  end
+end

data/lib/warnings/parser/parser.rb

@@ -0,0 +1,65 @@
+require 'json'
+require 'abstract_method'
+
+module Warnings
+  # Base parser class to define common methods.
+  class Parser
+    ERROR_FILE_NOT_EXIST = 'File \'%s\' does not exist.'.freeze
+    ERROR_EXT_NOT_SUPPORTED = 'File extension \'%s\' is not supported for parser %s.'.freeze
+    # All issues found by the parser.
+    #
+    # @return [Array<Issue>]
+    attr_accessor :issues
+    # Defines all supported file types for the parser.
+    #
+    # @return [Array<Symbol>] Array of file types.
+    abstract_method :file_types
+    # Execute the parser.
+    # Read the file and create an array of issues.
+    #
+    # @return [Array<Issue>] Array of issues.
+    abstract_method :parse
+    # Define a default name for the parser implementation.
+    #
+    # @return [String] Name of the parser implementation.
+    abstract_method :name
+
+    def initialize
+      @issues = []
+    end
+
+    protected
+
+    # Parse a file as json content.
+    #
+    # @param file_path [String] Path to a file to be read as json.
+    # @return [String] Hash of json values.
+    def json(file_path)
+      content = read_file(file_path)
+      JSON.parse(content)
+    end
+
+    private
+
+    # Evaluate and read the file into memory.
+    #
+    # @param file_path [String] Path to a file to be read.
+    # @raise If file does not exist or ist empty.
+    # @return [String] File content.
+    def read_file(file_path)
+      check_extname(file_path)
+      raise(format(ERROR_FILE_NOT_EXIST, file_path)) unless File.exist?(file_path)
+
+      File.read(file_path)
+    end
+
+    # Evaluate the files extension name.
+    #
+    # @param file_path [String] Path to a file to be evaluated.
+    # @raise If file extension is not supported by the current parser.
+    def check_extname(file_path)
+      ext = File.extname(file_path).delete('.')
+      raise(format(ERROR_EXT_NOT_SUPPORTED, ext, self.class.name)) unless file_types.include?(ext.to_sym)
+    end
+  end
+end

data/lib/warnings/parser/parser_factory.rb

@@ -0,0 +1,25 @@
+require_relative 'bandit_parser'
+
+module Warnings
+  # Factory class for supported parsers.
+  class ParserFactory
+    ERROR_NOT_SUPPORTED = 'Parser \'%s\' not supported.'.freeze
+    AVAILABLE_PARSERS = {
+      bandit: BanditParser
+    }.freeze
+
+    # Create a new parser implementation.
+    #
+    # @param type [Symbol] A key symbol / name to identify the parser.
+    # @raise If no implementation could be found for the key.
+    # @return [Parser] Implementation
+    def self.create(type)
+      key = type
+      key = key.to_sym if key.respond_to?(:to_sym)
+      parser = AVAILABLE_PARSERS[key]
+      raise(format(ERROR_NOT_SUPPORTED, key)) if parser.nil?
+
+      parser.new
+    end
+  end
+end

data/lib/warnings/plugin.rb

@@ -0,0 +1,82 @@
+require_relative 'reporter'
+
+module Danger
+  # Create uniform issue reports for different parser types.
+  # @example Create a basic bandit report.
+  #       warnings.report(
+  #         name: 'Bandit Report',
+  #         parser: :bandit,
+  #         file: report/bandit.json
+  #       )
+  #
+  # @example Create a bandit report and comment inline for all files.
+  #       warnings.report(
+  #         name: 'Bandit Report',
+  #         parser: :bandit,
+  #         file: report/bandit.json,
+  #         inline: true,
+  #         filter: false
+  #       )
+  #
+  # @see Kyaak/danger-warnings
+  # @tags warnings, danger, parser, issues, report
+  class DangerWarnings < Plugin
+    # Whether to comment as markdown report or do an inline comment on the file.
+    #
+    # This will be set as default for all reporters used in this danger run.
+    # It can still be overridden by setting the value when using #report.
+    #
+    # @return [Bool] Use inline comments.
+    attr_accessor :inline
+    # Whether to filter and report only for changes files.
+    # If this is set to false, all issues are of a report are included in the comment.
+    #
+    # This will be set as default for all reporters used in this danger run.
+    # It can still be overridden by setting the value when using #report.
+    #
+    # @return [Bool] Filter for changes files.
+    attr_accessor :filter
+    # Whether to fail the PR if any high issue is reported.
+    #
+    # This will be set as default for all reporters used in this danger run.
+    # It can still be overridden by setting the value when using #report.
+    #
+    # @return [Bool] Fail on high issues.
+    attr_accessor :fail_error
+
+    def initialize(dangerfile)
+      super(dangerfile)
+    end
+
+    # Create a report for given arguments.
+    #         name: 'Bandit Report',
+    #         parser: :bandit,
+    #         file: report/bandit.json,
+    #         inline: true,
+    #         filter: false
+    # @param args List of arguments to be used.
+    # @return [Reporter] The current reporter class which handles the issues.
+    def report(*args)
+      options = args.first
+      reporter = create_reporter(options)
+      reporter.report
+      reporter
+    end
+
+    private
+
+    # rubocop:disable Metrics/AbcSize
+    def create_reporter(options)
+      reporter = Warnings::Reporter.new(self)
+      reporter.parser = options[:parser]
+      reporter.name = options[:name]
+      reporter.file = options[:file]
+      reporter.baseline = options[:baseline]
+      reporter.inline = options[:inline] unless options[:inline].nil?
+      reporter.filter = options[:filter] unless options[:filter].nil?
+      reporter.fail_error = options[:fail_error] unless options[:fail_error].nil?
+      reporter
+      # rubocop:enable Metrics/AbcSize
+    end
+  end
+end

data/lib/warnings/reporter.rb

@@ -0,0 +1,158 @@
+require_relative 'parser/parser_factory'
+require_relative 'markdown_util'
+require_relative 'severity'
+
+module Warnings
+  # Base reporter class to define attributes and common method to create a report.
+  class Reporter
+    DEFAULT_INLINE = false
+    DEFAULT_FILTER = true
+    DEFAULT_FAIL = false
+    DEFAULT_NAME = 'Report'.freeze
+    ERROR_PARSER_NOT_SET = 'Parser is not set.'.freeze
+    ERROR_FILE_NOT_SET = 'File is not set.'.freeze
+    ERROR_HIGH_SEVERITY = '%s has high severity errors.'.freeze
+
+    # The name of this reporter. It is used to identify your report in the comments.
+    attr_writer :name
+    # Whether to comment a markdown report or do an inline comment on the file.
+    #
+    # @return [Bool] Use inline comments.
+    attr_accessor :inline
+    # Whether to filter and report only for changes files.
+    # If this is set to false, all issues are of a report are included in the comment.
+    #
+    # @return [Bool] Filter for changes files.
+    attr_accessor :filter
+    # Whether to fail the PR if any high issue is reported.
+    #
+    # @return [Bool] Fail on high issues.
+    attr_accessor :fail_error
+    # The parser to be used to read issues out of the file.
+    #
+    # @return [Symbol] Name of the parser.
+    attr_reader :parser
+    # The file path to parse.
+    #
+    # @return [String] Path to file.
+    attr_accessor :file
+    # Defines the baseline of file paths if needed.
+    # @example src/main/java
+    #
+    # @return [String] Path baseline for git files.
+    attr_accessor :baseline
+    # The generated implementation of the :parser.
+    #
+    # @return [Parser] Parser implementation
+    attr_reader :parser_impl
+    attr_reader :issues
+
+    def initialize(danger)
+      @danger = danger
+      @inline = DEFAULT_INLINE
+      @filter = DEFAULT_FILTER
+      @fail_error = DEFAULT_FAIL
+      @issues = []
+    end
+
+    # Start generating the report.
+    # Evaluate, parse and comment the found issues.
+    def report
+      validate
+      parse
+      filter_issues
+      comment
+    end
+
+    # Define the parser to be used.
+    #
+    # @@raise If no implementation can be found for the symbol.
+    # @param value [Symbol] A symbol key to match a parser implementation.
+    def parser=(value)
+      @parser = value
+      @parser_impl = ParserFactory.create(value)
+    end
+
+    # Return the name of this reporter.
+    # The name can have 3 values:
+    #   - The name set using #name=
+    #   - If name is not set, the name of the parser
+    #   - If name and parser are not set, a DEFAULT_NAME
+    #
+    # @return [String] Name of the reporter.
+    def name
+      result = @name
+      result ||= "#{@parser_impl.name} #{DEFAULT_NAME}" if @parser_impl
+      result || DEFAULT_NAME
+    end
+
+    private
+
+    def filter_issues
+      return unless filter
+
+      git_files = @danger.git.modified_files + @danger.git.added_files
+      @issues.select! do |issue|
+        git_files.include?(issue_filename(issue))
+      end
+    end
+
+    def issue_filename(item)
+      result = ''
+      if baseline
+        result << baseline
+        result << '/' unless baseline.chars.last == '/'
+      end
+      result << item.file_name
+    end
+
+    def validate
+      raise ERROR_PARSER_NOT_SET if @parser_impl.nil?
+      raise ERROR_FILE_NOT_SET if @file.nil?
+    end
+
+    def parse
+      @parser_impl.parse(file)
+      @issues = @parser_impl.issues
+    end
+
+    def comment
+      return if @issues.empty?
+
+      inline ? inline_comment : markdown_comment
+    end
+
+    def inline_comment
+      @issues.each do |issue|
+        text = inline_text(issue)
+        if fail_error && high_issue?(issue)
+          @danger.fail(text, line: issue.line, file: issue.file_name)
+        else
+          @danger.warn(text, line: issue.line, file: issue.file_name)
+        end
+      end
+    end
+
+    def inline_text(issue)
+      "#{issue.severity.to_s.capitalize}\n[#{issue.id}-#{issue.name}]\n#{issue.message}"
+    end
+
+    def markdown_comment
+      text = MarkdownUtil.generate(name, @issues)
+      @danger.markdown(text)
+      @danger.fail(format(ERROR_HIGH_SEVERITY, name)) if fail_error && high_issues?
+    end
+
+    def high_issues?
+      result = false
+      @issues.each do |issue|
+        result = true if high_issue?(issue)
+      end
+      result
+    end
+
+    def high_issue?(issue)
+      issue.severity.eql?(:high)
+    end
+  end
+end