public void SonarScanner_SensitiveArgsPassedOnCommandLine() { // Check that sensitive arguments from the config are passed on the command line // Arrange var logger = new TestLogger(); var testDir = TestUtils.CreateTestSpecificFolder(TestContext); var exePath = CreateDummarySonarScannerBatchFile(); var propertiesFilePath = CreateDummySonarScannerPropertiesFile(); var userArgs = new string[] { "-Dxxx=yyy", "-Dsonar.password=cmdline.password" }; // Create a config file containing sensitive arguments var fileSettings = new AnalysisProperties { new Property() { Id = SonarProperties.DbPassword, Value = "file db pwd" }, new Property() { Id = SonarProperties.SonarPassword, Value = "file.password - should not be returned" }, new Property() { Id = "file.not.sensitive.key", Value = "not sensitive value" } }; var settingsFilePath = Path.Combine(testDir, "fileSettings.txt"); fileSettings.Save(settingsFilePath); var config = new AnalysisConfig() { SonarScannerWorkingDirectory = TestContext.DeploymentDirectory }; config.SetSettingsFilePath(settingsFilePath); // Act var success = SonarScannerWrapper.ExecuteJavaRunner(config, userArgs, logger, exePath, propertiesFilePath); // Assert VerifyProcessRunOutcome(logger, TestContext.DeploymentDirectory, success, true); var actualCmdLineArgs = CheckStandardArgsPassed(logger, propertiesFilePath); // Non-sensitive values from the file should not be passed on the command line CheckArgDoesNotExist("file.not.sensitive.key", actualCmdLineArgs); var dbPwdIndex = CheckArgExists("-Dsonar.jdbc.password=file db pwd", actualCmdLineArgs); // sensitive value from file var userPwdIndex = CheckArgExists("-Dsonar.password=cmdline.password", actualCmdLineArgs); // sensitive value from cmd line: overrides file value var propertiesFileIndex = CheckArgExists(SonarScannerWrapper.ProjectSettingsFileArgName, actualCmdLineArgs); Assert.IsTrue(dbPwdIndex < propertiesFileIndex, "User arguments should appear first"); Assert.IsTrue(userPwdIndex < propertiesFileIndex, "User arguments should appear first"); }
public void SonarRunner_SensitiveArgsPassedOnCommandLine() { // Check that sensitive arguments from the config are passed on the command line // Arrange TestLogger logger = new TestLogger(); string testDir = TestUtils.CreateTestSpecificFolder(this.TestContext); string exePath = CreateDummarySonarRunnerBatchFile(); string propertiesFilePath = CreateDummySonarRunnerPropertiesFile(); string[] userArgs = new string[] { "-Dxxx=yyy", "-Dsonar.password=cmdline.password" }; // Create a config file containing sensitive arguments AnalysisProperties fileSettings = new AnalysisProperties(); fileSettings.Add(new Property() { Id = SonarProperties.DbPassword, Value = "file db pwd" }); fileSettings.Add(new Property() { Id = SonarProperties.SonarPassword, Value = "file.password - should not be returned" }); fileSettings.Add(new Property() { Id = "file.not.sensitive.key", Value = "not sensitive value" }); string settingsFilePath = Path.Combine(testDir, "fileSettings.txt"); fileSettings.Save(settingsFilePath); AnalysisConfig config = new AnalysisConfig() { SonarRunnerWorkingDirectory = this.TestContext.DeploymentDirectory }; config.SetSettingsFilePath(settingsFilePath); // Act bool success = SonarRunnerWrapper.ExecuteJavaRunner(config, userArgs, logger, exePath, propertiesFilePath); // Assert VerifySuccessfullRun(logger, success, this.TestContext.DeploymentDirectory); string actualCmdLineArgs = CheckStandardArgsPassed(logger, propertiesFilePath); // Non-sensitive values from the file should not be passed on the command line CheckArgDoesNotExist("file.not.sensitive.key", actualCmdLineArgs); int dbPwdIndex = CheckArgExists("-Dsonar.jdbc.password=\"file db pwd\"", actualCmdLineArgs); // sensitive value from file int userPwdIndex = CheckArgExists("-Dsonar.password=cmdline.password", actualCmdLineArgs); // sensitive value from cmd line: overrides file value int standardArgsIndex = CheckArgExists(SonarRunnerWrapper.StandardAdditionalRunnerArguments, actualCmdLineArgs); int propertiesFileIndex = CheckArgExists(SonarRunnerWrapper.ProjectSettingsFileArgName, actualCmdLineArgs); Assert.IsTrue(dbPwdIndex < standardArgsIndex && dbPwdIndex < propertiesFileIndex, "User arguments should appear first"); Assert.IsTrue(userPwdIndex < standardArgsIndex && userPwdIndex < propertiesFileIndex, "User arguments should appear first"); }
public void SonarScanner_SensitiveArgsPassedOnCommandLine() { // Check that sensitive arguments from the config are passed on the command line // Arrange var logger = new TestLogger(); var mockRunner = new MockProcessRunner(executeResult: true); var userArgs = new string[] { "-Dxxx=yyy", "-Dsonar.password=cmdline.password" }; // Create a config file containing sensitive arguments var fileSettings = new AnalysisProperties { new Property() { Id = SonarProperties.DbPassword, Value = "file db pwd" }, new Property() { Id = SonarProperties.SonarPassword, Value = "file.password - should not be returned" }, new Property() { Id = "file.not.sensitive.key", Value = "not sensitive value" } }; var testDir = TestUtils.CreateTestSpecificFolderWithSubPaths(TestContext); var settingsFilePath = Path.Combine(testDir, "fileSettings.txt"); fileSettings.Save(settingsFilePath); var config = new AnalysisConfig() { SonarScannerWorkingDirectory = testDir }; config.SetSettingsFilePath(settingsFilePath); // Act var success = ExecuteJavaRunnerIgnoringAsserts(config, userArgs, logger, "c:\\foo.exe", "c:\\foo.props", mockRunner); // Assert VerifyProcessRunOutcome(mockRunner, logger, testDir, success, true); CheckStandardArgsPassed(mockRunner, "c:\\foo.props"); // Non-sensitive values from the file should not be passed on the command line CheckArgDoesNotExist("file.not.sensitive.key", mockRunner); var dbPwdIndex = CheckArgExists("-Dsonar.jdbc.password=file db pwd", mockRunner); // sensitive value from file var userPwdIndex = CheckArgExists("-Dsonar.password=cmdline.password", mockRunner); // sensitive value from cmd line: overrides file value var propertiesFileIndex = CheckArgExists(SonarScannerWrapper.ProjectSettingsFileArgName, mockRunner); propertiesFileIndex.Should().BeGreaterThan(dbPwdIndex, "User arguments should appear first"); propertiesFileIndex.Should().BeGreaterThan(userPwdIndex, "User arguments should appear first"); }
public static AnalysisConfig GenerateFile(ProcessedArgs args, TeamBuildSettings settings, IDictionary <string, string> serverProperties, ILogger logger) { if (args == null) { throw new ArgumentNullException("args"); } if (settings == null) { throw new ArgumentNullException("settings"); } if (serverProperties == null) { throw new ArgumentNullException("serverProperties"); } if (logger == null) { throw new ArgumentNullException("logger"); } AnalysisConfig config = new AnalysisConfig(); config.SonarProjectKey = args.ProjectKey; config.SonarProjectName = args.ProjectName; config.SonarProjectVersion = args.ProjectVersion; config.SonarQubeHostUrl = args.GetSetting(SonarProperties.HostUrl); config.SetBuildUri(settings.BuildUri); config.SetTfsUri(settings.TfsUri); config.SonarConfigDir = settings.SonarConfigDirectory; config.SonarOutputDir = settings.SonarOutputDirectory; config.SonarBinDir = settings.SonarBinDirectory; config.SonarRunnerWorkingDirectory = settings.SonarRunnerWorkingDirectory; // Add the server properties to the config config.ServerSettings = new AnalysisProperties(); foreach (var property in serverProperties) { AddSetting(config.ServerSettings, property.Key, property.Value); } // Add command line arguments config.LocalSettings = new AnalysisProperties(); foreach (var property in args.LocalProperties.GetAllProperties()) { AddSetting(config.LocalSettings, property.Id, property.Value); } // Set the pointer to the properties file if (args.PropertiesFileName != null) { config.SetSettingsFilePath(args.PropertiesFileName); } config.Save(settings.AnalysisConfigFilePath); return(config); }
public void ConfigExt_GetAnalysisSettings_FileSettings() { // Check that file settings are always retrieved by GetAnalysisSettings // and that the file name config property is set and retrieved correctly // 0. Setup var testDir = TestUtils.CreateTestSpecificFolder(TestContext); var config = new AnalysisConfig(); // File settings var fileSettings = new AnalysisProperties { new Property() { Id = "file.1", Value = "file.value.1" }, new Property() { Id = "file.2", Value = "file.value.2" } }; var settingsFilePath = Path.Combine(testDir, "settings.txt"); fileSettings.Save(settingsFilePath); // 1. Get path when not set -> null Assert.IsNull(config.GetSettingsFilePath(), "Expecting the settings file path to be null"); // 2. Set and get config.SetSettingsFilePath(settingsFilePath); Assert.AreEqual(settingsFilePath, config.GetSettingsFilePath(), "Unexpected settings file path value returned"); // 3. Check file properties are retrieved var provider = config.GetAnalysisSettings(false); provider.AssertExpectedPropertyCount(2); provider.AssertExpectedPropertyValue("file.1", "file.value.1"); provider.AssertExpectedPropertyValue("file.2", "file.value.2"); }
public void ConfigExt_GetAnalysisSettings_Precedence() { // Expected precedence: local -> file -> server // 0. Setup var testDir = TestUtils.CreateTestSpecificFolder(TestContext); var config = new AnalysisConfig(); // File settings var fileSettings = new AnalysisProperties { new Property() { Id = "file.1", Value = "file.value.1" }, new Property() { Id = "shared.property", Value = "shared value from file - should never be returned" }, new Property() { Id = "shared.property2", Value = "shared value 2 from file" } }; var settingsFilePath = Path.Combine(testDir, "settings.txt"); fileSettings.Save(settingsFilePath); config.SetSettingsFilePath(settingsFilePath); // Local settings config.LocalSettings = new AnalysisProperties { new Property() { Id = "local.1", Value = "local.value.1" }, new Property() { Id = "local.2", Value = "local.value.2" }, new Property() { Id = "shared.property", Value = "shared value from local" } }; // Server settings config.ServerSettings = new AnalysisProperties { new Property() { Id = "server.1", Value = "server.value.1" }, new Property() { Id = "server.2", Value = "server.value.2" }, new Property() { Id = "shared.property", Value = "shared value from server - should never be returned" }, new Property() { Id = "shared.property2", Value = "shared value 2 from server - should never be returned" } }; // 1. Precedence - local should win over file var provider = config.GetAnalysisSettings(false); provider.AssertExpectedPropertyCount(5); provider.AssertExpectedPropertyValue("local.1", "local.value.1"); provider.AssertExpectedPropertyValue("local.2", "local.value.2"); provider.AssertExpectedPropertyValue("file.1", "file.value.1"); provider.AssertExpectedPropertyValue("shared.property", "shared value from local"); provider.AssertExpectedPropertyValue("shared.property2", "shared value 2 from file"); provider.AssertPropertyDoesNotExist("server.1"); provider.AssertPropertyDoesNotExist("server.2"); // 2. Server and non-server provider = config.GetAnalysisSettings(true); provider.AssertExpectedPropertyCount(7); provider.AssertExpectedPropertyValue("local.1", "local.value.1"); provider.AssertExpectedPropertyValue("local.2", "local.value.2"); provider.AssertExpectedPropertyValue("file.1", "file.value.1"); provider.AssertExpectedPropertyValue("shared.property", "shared value from local"); provider.AssertExpectedPropertyValue("shared.property2", "shared value 2 from file"); provider.AssertExpectedPropertyValue("server.1", "server.value.1"); provider.AssertExpectedPropertyValue("server.2", "server.value.2"); }
/// <summary> /// Combines the various configuration options into the AnalysisConfig file /// used by the build and post-processor. Saves the file and returns the config instance. /// </summary> /// <param name="localSettings">Processed local settings, including command line arguments supplied the user</param> /// <param name="buildSettings">Build environment settings</param> /// <param name="serverProperties">Analysis properties downloaded from the SonarQube server</param> /// <param name="analyzerSettings">Specifies the Roslyn analyzers to use. Can be empty</param> public static AnalysisConfig GenerateFile(ProcessedArgs localSettings, TeamBuildSettings buildSettings, IDictionary <string, string> serverProperties, List <AnalyzerSettings> analyzersSettings, ILogger logger) { if (localSettings == null) { throw new ArgumentNullException(nameof(localSettings)); } if (buildSettings == null) { throw new ArgumentNullException(nameof(buildSettings)); } if (serverProperties == null) { throw new ArgumentNullException(nameof(serverProperties)); } if (logger == null) { throw new ArgumentNullException(nameof(logger)); } var config = new AnalysisConfig { SonarProjectKey = localSettings.ProjectKey, SonarProjectName = localSettings.ProjectName, SonarProjectVersion = localSettings.ProjectVersion, SonarQubeHostUrl = localSettings.SonarQubeUrl }; config.SetBuildUri(buildSettings.BuildUri); config.SetTfsUri(buildSettings.TfsUri); config.SonarConfigDir = buildSettings.SonarConfigDirectory; config.SonarOutputDir = buildSettings.SonarOutputDirectory; config.SonarBinDir = buildSettings.SonarBinDirectory; config.SonarScannerWorkingDirectory = buildSettings.SonarScannerWorkingDirectory; config.SourcesDirectory = buildSettings.SourcesDirectory; // Add the server properties to the config config.ServerSettings = new AnalysisProperties(); foreach (var property in serverProperties) { if (!Utilities.IsSecuredServerProperty(property.Key)) { AddSetting(config.ServerSettings, property.Key, property.Value); } } config.LocalSettings = new AnalysisProperties(); // From the local settings, we only write the ones coming from the cmd line foreach (var property in localSettings.CmdLineProperties.GetAllProperties()) { AddSetting(config.LocalSettings, property.Id, property.Value); } if (!string.IsNullOrEmpty(localSettings.Organization)) { AddSetting(config.LocalSettings, SonarProperties.Organization, localSettings.Organization); } // Set the pointer to the properties file if (localSettings.PropertiesFileName != null) { config.SetSettingsFilePath(localSettings.PropertiesFileName); } config.AnalyzersSettings = analyzersSettings ?? throw new ArgumentNullException(nameof(analyzersSettings)); config.Save(buildSettings.AnalysisConfigFilePath); return(config); }
/// <summary> /// Combines the various configuration options into the AnalysisConfig file /// used by the build and post-processor. Saves the file and returns the config instance. /// </summary> /// <param name="args">Processed command line arguments supplied the user</param> /// <param name="buildSettings">Build environment settings</param> /// <param name="serverProperties">Analysis properties downloaded from the SonarQube server</param> /// <param name="analyzerSettings">Specifies the Roslyn analyzers to use</param> public static AnalysisConfig GenerateFile(ProcessedArgs args, TeamBuildSettings buildSettings, IDictionary <string, string> serverProperties, List <AnalyzerSettings> analyzersSettings, ILogger logger) { if (args == null) { throw new ArgumentNullException(nameof(args)); } if (buildSettings == null) { throw new ArgumentNullException(nameof(buildSettings)); } if (serverProperties == null) { throw new ArgumentNullException(nameof(serverProperties)); } if (analyzersSettings == null) { throw new ArgumentNullException(nameof(analyzersSettings)); } if (logger == null) { throw new ArgumentNullException(nameof(logger)); } AnalysisConfig config = new AnalysisConfig(); config.SonarProjectKey = args.ProjectKey; config.SonarProjectName = args.ProjectName; config.SonarProjectVersion = args.ProjectVersion; config.SonarQubeHostUrl = args.GetSetting(SonarProperties.HostUrl); config.SetBuildUri(buildSettings.BuildUri); config.SetTfsUri(buildSettings.TfsUri); config.SonarConfigDir = buildSettings.SonarConfigDirectory; config.SonarOutputDir = buildSettings.SonarOutputDirectory; config.SonarBinDir = buildSettings.SonarBinDirectory; config.SonarScannerWorkingDirectory = buildSettings.SonarScannerWorkingDirectory; config.SourcesDirectory = buildSettings.SourcesDirectory; // Add the server properties to the config config.ServerSettings = new AnalysisProperties(); foreach (var property in serverProperties) { if (!Utilities.IsSecuredServerProperty(property.Key)) { AddSetting(config.ServerSettings, property.Key, property.Value); } } config.LocalSettings = new AnalysisProperties(); foreach (var property in args.LocalProperties.GetAllProperties()) { AddSetting(config.LocalSettings, property.Id, property.Value); } // Set the pointer to the properties file if (args.PropertiesFileName != null) { config.SetSettingsFilePath(args.PropertiesFileName); } config.AnalyzersSettings = analyzersSettings; config.Save(buildSettings.AnalysisConfigFilePath); return(config); }
public void ConfigExt_GetAnalysisSettings_FileSettings() { // Check that file settings are always retrieved by GetAnalysisSettings // and that the file name config property is set and retrieved correctly // 0. Setup string testDir = TestUtils.CreateTestSpecificFolder(this.TestContext); AnalysisConfig config = new AnalysisConfig(); // File settings AnalysisProperties fileSettings = new AnalysisProperties(); fileSettings.Add(new Property() { Id = "file.1", Value = "file.value.1" }); fileSettings.Add(new Property() { Id = "file.2", Value = "file.value.2" }); string settingsFilePath = Path.Combine(testDir, "settings.txt"); fileSettings.Save(settingsFilePath); // 1. Get path when not set -> null Assert.IsNull(config.GetSettingsFilePath(), "Expecting the settings file path to be null"); // 2. Set and get config.SetSettingsFilePath(settingsFilePath); Assert.AreEqual(settingsFilePath, config.GetSettingsFilePath(), "Unexpected settings file path value returned"); // 3. Check file properties are retrieved IAnalysisPropertyProvider provider = config.GetAnalysisSettings(false); provider.AssertExpectedPropertyCount(2); provider.AssertExpectedPropertyValue("file.1", "file.value.1"); provider.AssertExpectedPropertyValue("file.2", "file.value.2"); }
public void ConfigExt_GetAnalysisSettings_Precedence() { // Expected precedence: local -> file -> server // 0. Setup string testDir = TestUtils.CreateTestSpecificFolder(this.TestContext); AnalysisConfig config = new AnalysisConfig(); // File settings AnalysisProperties fileSettings = new AnalysisProperties(); fileSettings.Add(new Property() { Id = "file.1", Value = "file.value.1" }); fileSettings.Add(new Property() { Id = "shared.property", Value = "shared value from file - should never be returned" }); fileSettings.Add(new Property() { Id = "shared.property2", Value = "shared value 2 from file" }); string settingsFilePath = Path.Combine(testDir, "settings.txt"); fileSettings.Save(settingsFilePath); config.SetSettingsFilePath(settingsFilePath); // Local settings config.LocalSettings = new AnalysisProperties(); config.LocalSettings.Add(new Property() { Id = "local.1", Value = "local.value.1" }); config.LocalSettings.Add(new Property() { Id = "local.2", Value = "local.value.2" }); config.LocalSettings.Add(new Property() { Id = "shared.property", Value = "shared value from local" }); // Server settings config.ServerSettings = new AnalysisProperties(); config.ServerSettings.Add(new Property() { Id = "server.1", Value = "server.value.1" }); config.ServerSettings.Add(new Property() { Id = "server.2", Value = "server.value.2" }); config.ServerSettings.Add(new Property() { Id = "shared.property", Value = "shared value from server - should never be returned" }); config.ServerSettings.Add(new Property() { Id = "shared.property2", Value = "shared value 2 from server - should never be returned" }); // 1. Precedence - local should win over file IAnalysisPropertyProvider provider = config.GetAnalysisSettings(false); provider.AssertExpectedPropertyCount(5); provider.AssertExpectedPropertyValue("local.1", "local.value.1"); provider.AssertExpectedPropertyValue("local.2", "local.value.2"); provider.AssertExpectedPropertyValue("file.1", "file.value.1"); provider.AssertExpectedPropertyValue("shared.property", "shared value from local"); provider.AssertExpectedPropertyValue("shared.property2", "shared value 2 from file"); provider.AssertPropertyDoesNotExist("server.1"); provider.AssertPropertyDoesNotExist("server.2"); // 2. Server and non-server provider = config.GetAnalysisSettings(true); provider.AssertExpectedPropertyCount(7); provider.AssertExpectedPropertyValue("local.1", "local.value.1"); provider.AssertExpectedPropertyValue("local.2", "local.value.2"); provider.AssertExpectedPropertyValue("file.1", "file.value.1"); provider.AssertExpectedPropertyValue("shared.property", "shared value from local"); provider.AssertExpectedPropertyValue("shared.property2", "shared value 2 from file"); provider.AssertExpectedPropertyValue("server.1", "server.value.1"); provider.AssertExpectedPropertyValue("server.2", "server.value.2"); }