Add phpstan analyzer.

codetyio · Sep 19, 2024 · 554007d · 554007d
1 parent a08cb3b
commit 554007d
Show file tree

Hide file tree

Showing 4 changed files with 95 additions and 2 deletions.
diff --git a/analyzer-phpstan/src/main/java/io/codety/scanner/analyzer/phpstan/PhpstanCodeAnalyzer.java b/analyzer-phpstan/src/main/java/io/codety/scanner/analyzer/phpstan/PhpstanCodeAnalyzer.java
@@ -0,0 +1,61 @@
+package io.codety.scanner.analyzer.phpstan;
+
+import io.codety.common.dto.CodeAnalyzerType;
+import io.codety.common.dto.LanguageType;
+import io.codety.scanner.analyzer.CodeAnalyzerInterface;
+import io.codety.scanner.analyzer.dto.AnalyzerConfigurationDetailDto;
+import io.codety.scanner.reporter.dto.CodeAnalysisIssueDto;
+import io.codety.scanner.reporter.dto.CodeAnalysisResultDto;
+import io.codety.scanner.service.dto.AnalyzerRequest;
+import io.codety.scanner.util.CodetyConsoleLogger;
+import io.codety.scanner.util.RuntimeExecUtil;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import java.util.ArrayList;
+import java.util.List;
+
+@Service
+public class PhpstanCodeAnalyzer implements CodeAnalyzerInterface {
+    @Override
+    public List<CodeAnalysisResultDto> analyzeCode(AnalyzerConfigurationDetailDto runnerConfiguration, AnalyzerRequest request) {
+
+        CodetyConsoleLogger.info("Scanning "+runnerConfiguration.getLanguage()+" code via "+runnerConfiguration.getCodeAnalyzerType().name()+"...");
+        ArrayList<CodeAnalysisResultDto> list = new ArrayList();
+
+        String[] command;
+        String localGitRepoPath = request.getLocalGitRepoPath();
+        //./vendor/bin/phpstan --memory-limit=1024000000  --no-interaction --no-progress  --error-format=json  analyse
+        if(runnerConfiguration.getPayload() == null || runnerConfiguration.getPayload().isEmpty()){
+            command = new String[]{"./vendor/bin/phpsta", "--memory-limit=1024000000", "--no-interaction", "--no-progress", "--error-format=json", "analyse", localGitRepoPath};
+        }else{
+            //Use multiple rules: --check CKV_GCP_33,CKV_GCP_34,CKV_GCP_35 ...
+            command = new String[]{"./vendor/bin/phpsta", "--memory-limit=1024000000", "--no-interaction", "--no-progress", "--error-format=json", "analyse", localGitRepoPath};
+        }
+        try {
+            RuntimeExecUtil.RuntimeExecResult runtimeExecResult = RuntimeExecUtil.exec(command, "/", 60, false, null);
+
+            String errorOutput = runtimeExecResult.getErrorOutput();
+            String successOutput = runtimeExecResult.getSuccessOutput();
+
+            List<CodeAnalysisIssueDto> codeAnalysisIssueDtoList = PhpstanConverter.convertResult(successOutput, localGitRepoPath);
+
+            CodeAnalysisResultDto resultDto = new CodeAnalysisResultDto(runnerConfiguration.getLanguage(), runnerConfiguration.getCodeAnalyzerType());
+            resultDto.setDisplayTitle("IaC");
+            resultDto.addIssues(codeAnalysisIssueDtoList);
+            list.add(resultDto);
+
+        } catch (Exception e) {
+            CodetyConsoleLogger.info("Skip checkov analyzer due to exceptions");
+            CodetyConsoleLogger.debug("Skip checkov analyzer due to exceptions " + e.getMessage(), e);
+        }
+
+        return list;
+
+    }
+
+    @Override
+    public List<CodeAnalysisResultDto> analyzeCode(AnalyzerRequest request) {
+        return analyzeCode(new AnalyzerConfigurationDetailDto(LanguageType.php, CodeAnalyzerType.phpstan), request);
+    }
+}
diff --git a/analyzer-phpstan/src/main/java/io/codety/scanner/analyzer/phpstan/PhpstanConverter.java b/analyzer-phpstan/src/main/java/io/codety/scanner/analyzer/phpstan/PhpstanConverter.java
@@ -0,0 +1,29 @@
+package io.codety.scanner.analyzer.phpstan;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import io.codety.scanner.analyzer.phpstan.dto.PhpstanIssueDto;
+import io.codety.scanner.analyzer.phpstan.dto.PhpstanRoot;
+import io.codety.scanner.reporter.dto.CodeAnalysisIssueDto;
+import io.codety.scanner.util.JsonFactoryUtil;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+public class PhpstanConverter {
+    public static List<CodeAnalysisIssueDto> convertResult(String successOutput, String localGitRepoPath) throws JsonProcessingException {
+        List<CodeAnalysisIssueDto> result = new ArrayList<>();
+        PhpstanRoot phpstanRoot = JsonFactoryUtil.objectMapper.readValue(successOutput, PhpstanRoot.class);
+
+        Map<String, PhpstanIssueDto> files = phpstanRoot.getFiles();
+        for(String file : files.keySet()){
+            if(file.startsWith(localGitRepoPath)){
+
+            }
+
+        }
+
+
+        return result;
+    }
+}
diff --git a/image/publish_image.sh b/image/publish_image.sh
@@ -25,12 +25,14 @@ if [ $? -ne 0 ]; then
     echo "Failed to build multi-platform container, create a new builder may fix the issue: '$> docker buildx create --name mybuilder --use ' "
     exit 1;
 fi
-
+echo " ========= Build and publish images end  ========":
 
 git tag -a "$DOCKER_BUILD_VERSION" -m "tag version $DOCKER_BUILD_VERSION"
 git push origin "$DOCKER_BUILD_VERSION"
 
-echo " ========= Build and publish images end  ========":
+#echo " ========= Publish release start  ========":
+#gh release upload "$DOCKER_BUILD_VERSION" scanner/build/libs/app.jar
+#echo " ========= Publish release end  ========":
 
 echo "====User below command to test the container: ====="
 echo "docker run -v $(pwd):/src codetyio/codety:$1"
diff --git a/scanner-common/src/main/java/io/codety/common/dto/CodeAnalyzerType.java b/scanner-common/src/main/java/io/codety/common/dto/CodeAnalyzerType.java
@@ -16,6 +16,7 @@ public enum CodeAnalyzerType {
     , rubocop(40)
     , stylelint(50)
     , shellcheck(60)
+    , phpstan(70)
     ;
     public final int codeAnalyzerType;