sbaudoin / sonar-ansible Goto Github PK

View Code? Open in Web Editor NEW

70.0 70.0 17.0 325 KB

SonarQube plugin to analyze Ansible playbooks

License: Apache License 2.0

Java 80.21% HTML 10.38% Shell 6.51% Batchfile 1.03% Python 1.87%

sonar-ansible's People

Contributors

Stargazers

Watchers

Forkers

poojan007 lusiannedjepang miksonx jcastrfe amitbarai pkazi rgaduput mkopec87 rogeliocisternas 10088 ingenio alainlompo szevez mandracke76 alexist sunshine69 cristianstanciu

sonar-ansible's Issues

Multiple 'false-positive' reports for issue

We are running sonar-ansible 2.5.0 and ansible-lint 5.2.0 using ansible 2.10.15.

There seems to be an issue with the reporting of certain issues, I've added an excerpt from a logfile of ours:

13:01:57.114 DEBUG: Analyzing file: main.yml
13:01:57.115 DEBUG: 'defaults/main.yml' generated metadata with charset 'UTF-8'
13:01:57.116 DEBUG: File file:///var/atlassian/bamboo02-agent-2-home/xml-data/build-dir/CLAAA-BRC1-JOB1/defaults/main.yml has syntax error? false
13:01:57.116 DEBUG: Count lines in main.yml
13:01:57.120 DEBUG: Checking rule: yaml:EmptyValuesCheck
13:01:57.133 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.133 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.133 DEBUG: Checking rule: yaml:IndentationCheck
13:01:57.142 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.142 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.142 DEBUG: Checking rule: yaml:CommasCheck
13:01:57.150 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.150 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.150 DEBUG: Checking rule: yaml:LineLengthCheck
13:01:57.159 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.159 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.159 DEBUG: Checking rule: yaml:KeyDuplicatesCheck
13:01:57.167 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.167 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.167 DEBUG: Checking rule: yaml:EmptyLinesCheck
13:01:57.176 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.176 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.176 DEBUG: Checking rule: yaml:TrailingSpacesCheck
13:01:57.184 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.184 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.184 DEBUG: Checking rule: yaml:ParsingErrorCheck
13:01:57.184 DEBUG: Checking rule: yaml:CommentsCheck
13:01:57.193 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.193 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.193 DEBUG: Checking rule: yaml:BracesCheck
13:01:57.201 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.201 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.201 DEBUG: Checking rule: yaml:HyphensCheck
13:01:57.210 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.210 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.210 DEBUG: Checking rule: yaml:DocumentStartCheck
13:01:57.218 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.218 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.219 DEBUG: Checking rule: yaml:NewLineAtEndOfFileCheck
13:01:57.227 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.227 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.227 DEBUG: Checking rule: yaml:OctalValuesCheck
13:01:57.235 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.235 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.235 DEBUG: Checking rule: yaml:ColonsCheck
13:01:57.244 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.244 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.244 DEBUG: Checking rule: yaml:TruthyCheck
13:01:57.244 DEBUG: Got RuleProperty null
13:01:57.244 DEBUG: Got RuleProperty @org.sonar.check.RuleProperty(description="Comma-separated list of truthy values which will be ignored during linting", type="", defaultValue="true, false", key="allowed-values")
13:01:57.244 DEBUG: Got RuleProperty @org.sonar.check.RuleProperty(description="Disable verification for keys in mappings. By default, truthy rule applies to both keys and values. Set this option to false to prevent this.", type="", defaultValue="true", key="check-keys")
13:01:57.244 DEBUG: YAMLLint config for rule yaml:TruthyCheck/truthy: '---
rules:
  truthy:
    allowed-values: ['true', 'false', 'yes', 'no']
    check-keys: true
'
13:01:57.247 DEBUG: Problems found: []
13:01:57.247 DEBUG: Checking rule: yaml:CommentsIndentationCheck
13:01:57.255 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.255 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.255 DEBUG: Checking rule: yaml:BracketsCheck
13:01:57.263 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.263 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.264 DEBUG: Checking rule: yaml:NewLinesCheck
13:01:57.272 DEBUG: Problems found: [69:1:too many blank lines (1 > 0) (empty-lines)]
13:01:57.272 DEBUG: Creating violation for 69:1:too many blank lines (1 > 0) (empty-lines)
13:01:57.272 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.273 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.273 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.274 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.274 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.274 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.274 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.274 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.274 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.275 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.275 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.275 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.275 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.275 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.275 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.275 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)
13:01:57.276 DEBUG: Saving issue: too many blank lines (1 > 0) (empty-lines)

The result is, that the single line 69 is reported a whopping 17 times inside sonarqube. Each code smell is generated by one of the rules like HyphenCheck, BracktesCheck etc.

At first it looked like it might have to do something with #32, but the log looks to me like this is one single pass-through of main.yml

Any advice on how to fix this? If you could point me to the relevant place inside the code, I could maybe fix it myself and make a PR for you.

Security issue found

Same as sbaudoin/sonar-yaml#45

java.lang.ArrayIndexOutOfBoundsException:

Hi there,

I'm trying to set up the ansible plugin on a new install of SonarQube. I've probably done something childishly stupid, but on the first repo we attempted to run it against, we get a ArrayIndexOutOfBoundsException when attempting to analyse one of the playbooks:

Getting the below error during a run on sonar scanner executed as a github action.

2022-09-05T23:18:20.9438556Z 23:18:20.943 DEBUG: Analyzing file: test_emails.yaml
2022-09-05T23:18:20.9637788Z 23:18:20.963 INFO: ------------------------------------------------------------------------
2022-09-05T23:18:20.9639151Z 23:18:20.963 INFO: EXECUTION FAILURE
2022-09-05T23:18:20.9641889Z 23:18:20.963 INFO: ------------------------------------------------------------------------
2022-09-05T23:18:20.9645686Z 23:18:20.964 INFO: Total time: 36.965s
2022-09-05T23:18:21.0742959Z 23:18:21.073 INFO: Final Memory: 33M/117M
2022-09-05T23:18:21.0745377Z 23:18:21.074 INFO: ------------------------------------------------------------------------
2022-09-05T23:18:21.0747002Z 23:18:21.074 ERROR: Error during SonarScanner execution
2022-09-05T23:18:21.0754638Z java.lang.ArrayIndexOutOfBoundsException: Index -1 out of bounds for length 1024
2022-09-05T23:18:21.0819024Z 	at org.yaml.snakeyaml.reader.StreamReader.peek(StreamReader.java:136)
2022-09-05T23:18:21.0819763Z 	at org.yaml.snakeyaml.scanner.ScannerImpl.scanToNextToken(ScannerImpl.java:1222)
2022-09-05T23:18:21.0820400Z 	at org.yaml.snakeyaml.scanner.ScannerImpl.fetchMoreTokens(ScannerImpl.java:308)
2022-09-05T23:18:21.0821047Z 	at org.yaml.snakeyaml.scanner.ScannerImpl.checkToken(ScannerImpl.java:248)
2022-09-05T23:18:21.0821675Z 	at org.yaml.snakeyaml.parser.ParserImpl$ParseBlockMappingKey.produce(ParserImpl.java:634)
2022-09-05T23:18:21.0822271Z 	at org.yaml.snakeyaml.parser.ParserImpl.peekEvent(ParserImpl.java:165)
2022-09-05T23:18:21.0822771Z 	at org.yaml.snakeyaml.Yaml$3.hasNext(Yaml.java:677)
2022-09-05T23:18:21.0823183Z 	at java.base/java.lang.Iterable.forEach(Iterable.java:74)
2022-09-05T23:18:21.0823679Z 	at com.github.sbaudoin.yamllint.Linter.getSyntaxError(Linter.java:378)
2022-09-05T23:18:21.0824246Z 	at com.github.sbaudoin.yamllint.Linter.getSyntaxError(Linter.java:365)
2022-09-05T23:18:21.0824877Z 	at com.github.sbaudoin.sonar.plugins.yaml.checks.YamlSourceCode.<init>(YamlSourceCode.java:56)
2022-09-05T23:18:21.0825591Z 	at com.github.sbaudoin.sonar.plugins.yaml.rules.YamlSensor.execute(YamlSensor.java:111)
2022-09-05T23:18:21.0826280Z 	at org.sonar.scanner.sensor.AbstractSensorWrapper.analyse(AbstractSensorWrapper.java:64)
2022-09-05T23:18:21.0826962Z 	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:88)
2022-09-05T23:18:21.0827648Z 	at org.sonar.scanner.sensor.ModuleSensorsExecutor.lambda$execute$1(ModuleSensorsExecutor.java:61)
2022-09-05T23:18:21.0833924Z 	at org.sonar.scanner.sensor.ModuleSensorsExecutor.withModuleStrategy(ModuleSensorsExecutor.java:79)
2022-09-05T23:18:21.0834665Z 	at org.sonar.scanner.sensor.ModuleSensorsExecutor.execute(ModuleSensorsExecutor.java:61)
2022-09-05T23:18:21.0835419Z 	at org.sonar.scanner.scan.SpringModuleScanContainer.doAfterStart(SpringModuleScanContainer.java:81)
2022-09-05T23:18:21.0836217Z 	at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
2022-09-05T23:18:21.0836961Z 	at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
2022-09-05T23:18:21.0837678Z 	at org.sonar.scanner.scan.SpringProjectScanContainer.scan(SpringProjectScanContainer.java:396)
2022-09-05T23:18:21.0838464Z 	at org.sonar.scanner.scan.SpringProjectScanContainer.scanRecursively(SpringProjectScanContainer.java:392)
2022-09-05T23:18:21.0839283Z 	at org.sonar.scanner.scan.SpringProjectScanContainer.doAfterStart(SpringProjectScanContainer.java:361)
2022-09-05T23:18:21.0840091Z 	at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
2022-09-05T23:18:21.0840852Z 	at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
2022-09-05T23:18:21.0841806Z 	at org.sonar.scanner.bootstrap.SpringGlobalContainer.doAfterStart(SpringGlobalContainer.java:135)
2022-09-05T23:18:21.0842584Z 	at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:188)
2022-09-05T23:18:21.0843342Z 	at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:167)
2022-09-05T23:18:21.0843955Z 	at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:72)
2022-09-05T23:18:21.0844454Z 	at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:66)
2022-09-05T23:18:21.0845134Z 	at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
2022-09-05T23:18:21.0845969Z 	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
2022-09-05T23:18:21.0846645Z 	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
2022-09-05T23:18:21.0847394Z 	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
2022-09-05T23:18:21.0848012Z 	at java.base/java.lang.reflect.Method.invoke(Method.java:566)
2022-09-05T23:18:21.0848636Z 	at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
2022-09-05T23:18:21.0849207Z 	at com.sun.proxy.$Proxy0.execute(Unknown Source)
2022-09-05T23:18:21.0849729Z 	at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
2022-09-05T23:18:21.0850368Z 	at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
2022-09-05T23:18:21.0850917Z 	at org.sonarsource.scanner.cli.Main.execute(Main.java:112)
2022-09-05T23:18:21.0851371Z 	at org.sonarsource.scanner.cli.Main.execute(Main.java:75)
2022-09-05T23:18:21.0851823Z 	at org.sonarsource.scanner.cli.Main.main(Main.java:61)

Included below is the command line that was used to execute the scanner in case that's of use:

2022-09-05T23:18:21.6914729Z ##[command]/usr/bin/docker run --name a9b0cdae7e23de94d34a356987d677617ea_d956ef --label 786a9b --workdir /github/workspace --rm -e "SONAR_TOKEN" -e "SONAR_HOST_URL" -e "INPUT_ARGS" -e "INPUT_PROJECTBASEDIR" -e "HOME" -e "GITHUB_JOB" -e "GITHUB_REF" -e "GITHUB_SHA" -e "GITHUB_REPOSITORY" -e "GITHUB_REPOSITORY_OWNER" -e "GITHUB_RUN_ID" -e "GITHUB_RUN_NUMBER" -e "GITHUB_RETENTION_DAYS" -e "GITHUB_RUN_ATTEMPT" -e "GITHUB_ACTOR" -e "GITHUB_TRIGGERING_ACTOR" -e "GITHUB_WORKFLOW" -e "GITHUB_HEAD_REF" -e "GITHUB_BASE_REF" -e "GITHUB_EVENT_NAME" -e "GITHUB_SERVER_URL" -e "GITHUB_API_URL" -e "GITHUB_GRAPHQL_URL" -e "GITHUB_REF_NAME" -e "GITHUB_REF_PROTECTED" -e "GITHUB_REF_TYPE" -e "GITHUB_WORKSPACE" -e "GITHUB_ACTION" -e "GITHUB_EVENT_PATH" -e "GITHUB_ACTION_REPOSITORY" -e "GITHUB_ACTION_REF" -e "GITHUB_PATH" -e "GITHUB_ENV" -e "GITHUB_STEP_SUMMARY" -e "RUNNER_OS" -e "RUNNER_ARCH" -e "RUNNER_NAME" -e "RUNNER_TOOL_CACHE" -e "RUNNER_TEMP" -e "RUNNER_WORKSPACE" -e "ACTIONS_RUNTIME_URL" -e "ACTIONS_RUNTIME_TOKEN" -e "ACTIONS_CACHE_URL" -e GITHUB_ACTIONS=true -e CI=true --entrypoint "/cleanup.sh" -v "/var/run/docker.sock":"/var/run/docker.sock" -v "/home/runner/work/_temp/_github_home":"/github/home" -v "/home/runner/work/_temp/_github_workflow":"/github/workflow" -v "/home/runner/work/_temp/_runner_file_commands":"/github/file_commands" -v "/home/runner/work/AAP-AD-Users-and-Groups/AAP-AD-Users-and-Groups":"/github/workspace" 786a9b:0cdae7e23de94d34a356987d677617ea -X -Dsonar.verbose=true

dumy questions

Hello:
I have some dummy questions below regarding sonar-ansible plugins (tested environment: sonarqube-8.9.10.61524 & sonarqube-10.0.0.68432, sonar-yaml-plugin-1.7.0.jar, sonar-ansible-plugin-2.5.1.jar, ansible-lint 3.5.1 & ansible-lint 6.17.2):

Is it a MUST to install ansible-lint on whichever machine sonar scanner is installed?
If not have to install ansible-lint, then how to do it? especially for gitlab runner? Any url link?
For the same yaml file, the results between "run command: ansible-lint *.yml" and that displayed on sonarqube report are quite different (usually sonarqube reported issues are much less than the ones obtained from running ansible-lint command directly), is this normal behavior?
Any sonar-ansibe gitlab runner setup links?

thanks very much
John

Compatibility with Sonar v9.2

Hello Team,

We have observed that latest Sonar lint plugin version: 2.5.0 would not be supported SonarQube v9.2.

https://docs.sonarqube.org/latest/instance-administration/plugin-version-matrix/

Would be great help, if you could provide some updates on the latest SonarQube supports with this plugin.

Thanks.

To whoever aiming to use this module in 2024

I hope this will save you time.

This plugin has not been updated for a very long time, and then it is not working anymore with newer ansible-lint versions.

You can try another approach with sarif exports, and generic issues import.

Note that at the date I write this message, the direct sarif import is not working for ansible-lint generated reports.

First say to ansible-lint to generate a sarif export:

ansible-lint --sarif-file ansible-lint-sarif.json

To convert the sarif to generic-issue-import-format, you may decide to use a script that I paste right below.

Once you have the json file, you simply have to add the following to you sonar-project.properties file:

sonar.externalIssuesReportPaths=converted-file-sq.json

I hope this helps.

"""Convert SARIF to Generic SonarQube issues import format.

Initially based on work made by David Fischer <[email protected]>
* https://community.sonarsource.com/t/import-sarif-results-as-security-hotspots/83223
* docs.sonarqube.org/9.8/analyzing-source-code/importing-external-issues/generic-issue-import-format
* https://gist.github.com/davidfischer-ch/cdfede27ac053a8332b2127becc07608

Authors: David Fischer <[email protected]>, Florck
"""

from __future__ import annotations

from pathlib import Path
from typing import Final
import collections
import json
import os
import sys

# https://docs.oasis-open.org/sarif/sarif/v2.1.0/os/sarif-v2.1.0-os.html#_Toc34317648
# SonarQube severity can be one of BLOCKER, CRITICAL, MAJOR, MINOR, INFO
LEVEL_TO_SERVERITY: Final[dict[str, str]] = {
    "warning": "MEDIUM",
    "error": "HIGH",
    "note": "LOW",
    "none": "LOW",
}
DEFAULT_LEVEL: Final[str] = "warning"
DEFAULT_CLEAN_CODE_ATTRIBUTE: Final[str] = "CONVENTIONAL"
DEFAULT_SOFTWARE_QUALITY: Final[str] = "RELIABILITY"


Position = collections.namedtuple("Position", ["line", "column"])


def fix_start_end(start, end, file_path):
    """Ensure the end position makes sense or fix it"""
    lines = Path(file_path).read_text(encoding="utf-8").split(os.linesep)
    if start == end or (end.column and end.column > len(lines[end.line])):
        if end.line + 1 < len(lines):
            # Move end position to next line at column 0
            end = Position(end.line + 1, 0)
        else:
            # Move start to previous line at same column
            # Move end position to same line at column 0
            start = Position(start.line - 1, start.column)
            end = Position(end.line, 0)
    return start, end


def get_rules(sarif_rules, engine_id):
    """Get rules as formatted by sonar."""

    rules: list[dict] = []

    for rule_id in sarif_rules:
        sarif_rule = sarif_rules[rule_id]
        description = sarif_rule.get("shortDescription", {}).get("text")
        description += "<br />"
        description += sarif_rule.get("help", {}).get("text")
        description += "<br />"
        description += f'<a href="{sarif_rule.get("helpUri")}">Documentation</a>'
        description += "<br /> <h3>Tags</h3><br /> "
        description += ",".join(sarif_rule.get("properties", {}).get("tags", []))
        rule = {
            "id": rule_id,
            "name": sarif_rule["name"],
            "description": description,
            "engineId": engine_id,
            "cleanCodeAttribute": DEFAULT_CLEAN_CODE_ATTRIBUTE,
            "impacts": [
                {
                    "softwareQuality": DEFAULT_SOFTWARE_QUALITY,
                    "severity": LEVEL_TO_SERVERITY[
                        sarif_rule.get("defaultConfiguration", {}).get(
                            "level", DEFAULT_LEVEL
                        )
                    ],
                }
            ],
        }
        rules.append(rule)
    return rules


def get_issues(
    run_data, source, sarif_rules, engine_key, run_index
):  # pylint:disable=too-many-locals
    """Get the issues formatted as expected by sonar."""

    issues: list[dict] = []

    for result_index, result_data in enumerate(run_data["results"], 1):

        # Code is not programmed to handle multiple locations, because ... Its a WIP
        if (num_locations := len(result_data["locations"])) != 1:
            raise NotImplementedError(
                f"File {source} : run[{run_index}].results[{result_index}].locations[] "
                f"size expected 1, actual {num_locations}"
            )

        rule_id = result_data["ruleId"]
        rule_data = (
            sarif_rules[rule_id] if sarif_rules else {}
        )  # Only if rules is not empty
        location_data = result_data["locations"][0]["physicalLocation"]
        file_path = location_data["artifactLocation"]["uri"]

        issue = {
            "primaryLocation": {
                "filePath": file_path,
                "message": rule_data.get("help", {}).get("text"),
            },
            "ruleId": rule_id,
        }

        # Converting location data
        start = Position(
            location_data["region"]["startLine"] - 1,
            location_data["region"].get("startColumn", 1) - 1,
        )
        end = Position(
            location_data["region"].get("endLine", start.line + 1) - 1,
            location_data["region"].get("endColumn", start.column + 1) - 1,
        )

        # Fix location data for some tools (data is wrong or missing)
        if engine_key in {"ansible-lint", "robocop"}:
            start, end = fix_start_end(start, end, file_path)

        # Lines are 1-indexed both in SARIF and Sonar Generic
        # Columns are 1-indexed in SARIF 0-indexed in Sonar Generic
        issue["primaryLocation"]["textRange"] = {
            "startLine": start.line + 1,
            "startColumn": start.column,
            "endLine": end.line + 1,
            "endColumn": end.column,
        }

        issues.append(issue)
    return issues


def main(
    source: Path | str, target: Path | str
) -> None:  # pylint:disable=too-many-locals
    """Implement main logic."""

    source = Path(source).resolve()
    target = Path(target).resolve()

    if target.exists():
        raise IOError(f'Target file "{target}" already exist.')

    sarif_data: dict = json.loads(source.read_text(encoding="utf-8"))
    if "sarif" not in sarif_data["$schema"]:
        raise ValueError("Source is (probably) not a valid sarif file.")

    issues: list[dict] = []
    rules: list[dict] = []

    for run_index, run_data in enumerate(sarif_data["runs"], 1):

        driver_data = run_data["tool"]["driver"]
        engine_id = driver_data["name"]
        engine_key = engine_id.lower()

        sarif_rules: dict[str, dict] = {
            rule["id"]: rule for rule in driver_data.get("rules", {})
        }

        rules.extend(get_rules(sarif_rules, engine_id))

        issues.extend(get_issues(run_data, source, sarif_rules, engine_key, run_index))
    target.write_text(
        json.dumps({"rules": rules, "issues": issues}, indent=2), encoding="utf-8"
    )


if __name__ == "__main__":
    main(sys.argv[1], sys.argv[2])

Ansible-lint also executed on quality profile with no ansible rules

We have installed sonar-ansible on our sonar instance and have put ansible-lint on some of our machines (not-all).

After analysing some non-ansible projects we had the issue described in #3 .
But in our case this was breaking a build that only had the usual YAML Quality profile enabled (no ansible rules activated). Ansible-lint should not have been run in the first place.

Would it be possible that ansible-lint is only triggered on projects that have the related rules enabled.
Our workaround is, to not analyse yaml on other projects right now (using global file regex patterns).

Thanks and appreciating this plugin!

Ansible lint not sending complete report to Sonarqube

Thanks for the plugin
Having Issues on sending the report to Sonarqube:

Is there any exception that this plugin will send only specific code in sonarqube.

Because when I run the linting locally I'm getting lot of errors which are not showing in the sonarqube.

Could you pls help me by providing how the interation between Sonarqube and linting works. please let me know any more details.

Thanks in Advance.

Ansible lint is executed for every file

Hey,

We started to use ansible-lint in combination with sonar. When we activate the sonar plugin (by picking the quality profile containing the ansible rules) the sonar execution takes a lot more time.

My understanding is that the sonar plugin runs ansible-lint for every file that is given as input and therefore starts a lot of ansible-lint processes. When running ansible-lint on the command line it checks all the files at once.

If my understanding is correct, would there be a way to run ansible-lint just once instead of multiple times?
Here is an excerpt of an execution log

13:55:46.594 DEBUG: Ansible sensor executed with context: org.sonar.scanner.sensor.ModuleSensorContext@6f915016
13:55:46.594 DEBUG: Analyzing file: demo-playbook.yml
13:55:46.595 DEBUG: Executing command: [ansible-lint, -p, --nocolor, /home/mcico/projects/deleng/deleng-demo-ansible/demo-playbook.yml]
13:55:46.595 DEBUG: Work directory: /home/mcico/projects/deleng/deleng-demo-ansible
13:55:49.396 WARN: Errors happened during analysis:
Added ANSIBLE_ROLES_PATH=~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:roles
Loading custom .yamllint config file, this extends our internal yamllint config.
13:55:49.397 DEBUG: 0 issue(s) found
13:55:49.399 DEBUG: Analyzing file: main.yml
13:55:49.400 DEBUG: Executing command: [ansible-lint, -p, --nocolor, /home/mcico/projects/deleng/deleng-demo-ansible/roles/demo/tasks/main.yml]
13:55:49.400 DEBUG: Work directory: /home/mcico/projects/deleng/deleng-demo-ansible
13:55:51.460 WARN: Errors happened during analysis:
Added ANSIBLE_ROLES_PATH=~/.ansible/roles:/usr/share/ansible/roles:/etc/ansible/roles:roles
Loading custom .yamllint config file, this extends our internal yamllint config.
13:55:51.461 DEBUG: 0 issue(s) found
13:55:51.461 DEBUG: Saving issues for file:///home/mcico/projects/deleng/deleng-demo-ansible/demo-playbook.yml
13:55:51.463 DEBUG: Saving issues for file:///home/mcico/projects/deleng/deleng-demo-ansible/roles/demo/tasks/main.yml
13:55:51.464 INFO: Sensor Ansible Lint Sensor [ansible] (done) | time=4870ms
13:55:51.464 INFO: Sensor JavaXmlSensor [java]
13:55:51.464 INFO: Sensor JavaXmlSensor [java] (done) | time=0ms
13:55:51.465 INFO: Sensor HTML [web]
13:55:51.468 INFO: Sensor HTML [web] (done) | time=3ms
13:55:51.468 INFO: Sensor YAML Sensor [yaml]
13:55:51.468 DEBUG: YAML sensor executed with context: org.sonar.scanner.sensor.ModuleSensorContext@6f915016
13:55:51.468 DEBUG: Parsing error rule key found: null
13:55:51.469 DEBUG: Analyzing file: demo-playbook.yml
13:55:51.473 DEBUG: Evaluate issue exclusions for 'demo-playbook.yml'
13:55:51.477 INFO: Load project repositories
13:55:51.500 DEBUG: GET 200 http://sonar-prod.zh.adnovum.ch:9000/sonar/batch/project.protobuf?key=deleng%3Adeleng-demo-ansible | time=23ms
13:55:51.506 INFO: Load project repositories (done) | time=29ms
13:55:51.506 DEBUG: 'demo-playbook.yml' generated metadata with charset 'UTF-8'
13:55:51.554 DEBUG: File file:///home/mcico/projects/deleng/deleng-demo-ansible/demo-playbook.yml has syntax error? false
13:55:51.555 DEBUG: Count lines in demo-playbook.yml

In this particular case ansible-lint is started twice, once for the playbook and once for the main.yml file in the demo role. For small projects this is no big deal, but for projects with many files the execution time increases dramatically.

cheers & thanks,
marco

java.lang.NoClassDefFoundError: com/github/sbaudoin/sonar/plugins/ansible/settings/AnsibleSettings

Hi folks,

we have installed the latest Ansible plugin (2.5.1.) in our SonarQube server (v10.4.1). When invoking SonarScanner using the Docker-Image (:latest), the Ansible plugin throws the following exception:

Using docker image sha256:28ccb3e6dcd60822ea19a882cd9b47f204326ab78235403847ea5737491e8281 for sonarsource/sonar-scanner-cli:latest with digest sonarsource/sonar-scanner-cli@sha256:0bc49076468d2955948867620b2d98d67f0d59c0fd4a5ef1f0afc55cf86f2079 ...
$ sonar-scanner
INFO: Scanner configuration file: /opt/sonar-scanner/conf/sonar-scanner.properties
INFO: Project root configuration file: /builds/project/..../sonar-project.properties
INFO: SonarScanner 5.0.1.3006
INFO: Java 17.0.11 Alpine (64-bit)
INFO: Linux 3.10.0-1160.118.1.el7.x86_64 amd64
INFO: User cache: /builds/project/.../.sonar/cache
INFO: Analyzing on SonarQube server 10.4.1.88267
INFO: Default locale: "en_US", source code encoding: "UTF-8"
INFO: Load global settings
INFO: Load global settings (done) | time=175ms
INFO: Server id: 46C165B2-10d67e05d3a1e14
INFO: User cache: /builds/project/..../.sonar/cache
WARN: sonar.plugins.downloadOnlyRequired is false, so ALL available plugins will be downloaded
INFO: Loading all plugins
INFO: Load plugins index
INFO: Load plugins index (done) | time=129ms
INFO: Load/download plugins
INFO: Load/download plugins (done) | time=286ms
INFO: ------------------------------------------------------------------------
INFO: EXECUTION FAILURE
INFO: ------------------------------------------------------------------------
INFO: Total time: 4.252s
INFO: Final Memory: 10M/56M
INFO: ------------------------------------------------------------------------
ERROR: Error during SonarScanner execution
java.lang.NoClassDefFoundError: com/github/sbaudoin/sonar/plugins/ansible/settings/AnsibleSettings
	at com.github.sbaudoin.sonar.plugins.ansible.AnsiblePlugin.define(AnsiblePlugin.java:27)
	at org.sonar.scanner.bootstrap.ExtensionInstaller.installExtensionsForPlugins(ExtensionInstaller.java:64)
	at org.sonar.scanner.bootstrap.ExtensionInstaller.install(ExtensionInstaller.java:51)
	at org.sonar.scanner.bootstrap.SpringScannerContainer.addScannerExtensions(SpringScannerContainer.java:175)
	at org.sonar.scanner.bootstrap.SpringScannerContainer.doBeforeStart(SpringScannerContainer.java:155)
	at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:221)
	at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:202)
	at org.sonar.scanner.bootstrap.SpringGlobalContainer.doAfterStart(SpringGlobalContainer.java:1[38](http://.../-/jobs/254841#L38))
	at org.sonar.core.platform.SpringComponentContainer.startComponents(SpringComponentContainer.java:223)
	at org.sonar.core.platform.SpringComponentContainer.execute(SpringComponentContainer.java:202)
	at org.sonar.batch.bootstrapper.Batch.doExecute(Batch.java:71)
	at org.sonar.batch.bootstrapper.Batch.execute(Batch.java:65)
	at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:46)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
	at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:77)
	at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
	at java.base/java.lang.reflect.Method.invoke(Method.java:568)
	at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
	at jdk.proxy1/jdk.proxy1.$Proxy0.execute(Unknown Source)
	at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:189)
	at org.sonarsource.scanner.api.EmbeddedScanner.execute(EmbeddedScanner.java:138)
	at org.sonarsource.scanner.cli.Main.execute(Main.java:126)
	at org.sonarsource.scanner.cli.Main.execute(Main.java:81)
	at org.sonarsource.scanner.cli.Main.main(Main.java:62)
Caused by: java.lang.ClassNotFoundException: com.github.sbaudoin.sonar.plugins.ansible.settings.AnsibleSettings
	at org.sonar.classloader.ParentFirstStrategy.loadClass(ParentFirstStrategy.java:[39](http://.../-/jobs/254841#L39))
	at org.sonar.classloader.ClassRealm.loadClass(ClassRealm.java:97)
	at org.sonar.classloader.ClassRealm.loadClass(ClassRealm.java:86)
	... 24 more

However, we don't use Ansible in our Project. I see that "sonar.plugins.downloadOnlyRequired" is "false", but anyway, I guess the plugin should not throw an exception.

Can you help us in this case?

Best,
Christof Luick

YAML Quality Profile does not have any ansible rules after downloading the plugins Sonar-Ansible & YAML

When installing “sonar-ansible” & “sonar-yaml” plugins, following the documentation provided on the UI (Marketplace). After downloading the YAML and Ansible SonarQube plugins in the appropriate folder “extensions/plugins”, restart SonarQube, we are NOT capable to enable Ansible rule. YAML quality profile still has no rules and there isn't any rule showing when searching with the tag "ansible" to enable the Ansible rules for the newly quality profile created.
Is there any step that I'm missing or the documentation does not mentioned?

Starting with ansible-lint 5.0.x format of output changed

Hey there,

I wanted to add a ticket here as I noticed that starting with this commit (ansible/ansible-lint#1305) on ansible-lint, they removed the E### rule id and replaced them all with text based ids. This will obviously break the link to sonar. If someone could point me in the right direction, I could try to provide a PR to address this.

This will probably be a little bit harder to stay backwards compatible like you did with the ANSIBLE##### to E### transition so not sure if you would want this as a breaking change or not.

Support new ansible-lint rule E306

Output the versions of Ansible and ansible-lint in the plugin's logs

To ease the identification of potential issues, the plugin logs should output the version of Ansible and ansible-lint used to analyze the code.

Problem with regexp rawIssue 'Matcher new50Splitter = Pattern.compile("^(.*):([0-9]+): ([^ ]+)$").matcher(rawIssue);'

Hello,

The regexp here don't match the lint error

The good syntax must be "^(.):([0-9]+): ([^ ]+)(.)$"

My execution context is:

...
maven-3.6-jdk-11
org/sonarsource/parent/parent/59.0.29/parent-59.0.29
org/sonarsource/scanner/maven/sonar-maven-plugin/3.9.0.2155/sonar-maven-plugin-3.9.0.2155
org/sonarsource/scanner/api/sonar-scanner-api/2.16.1.361/sonar-scanner-api-2.16.1.361
...
[INFO] SonarQube version: 8.9.7
[INFO] Default locale: "en", source code encoding: "UTF-8"
[INFO] Load global settings
...
[INFO] Sensor Ansible Lint Sensor [ansible]
[INFO] ansible version:
[INFO] ansible [core 2.12.8]
[INFO]   config file = None
[INFO]   configured module search path = ['/root/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
[INFO]   ansible python module location = /usr/local/lib/python3.9/dist-packages/ansible
[INFO]   ansible collection location = /root/.ansible/collections:/usr/share/ansible/collections
[INFO]   executable location = /usr/local/bin/ansible
[INFO]   python version = 3.9.2 (default, Feb 28 2021, 17:03:44) [GCC 10.2.1 20210110]
[INFO]   jinja version = 3.1.2
[INFO]   libyaml = True
[INFO] ansible-lint version:
[INFO] ansible-lint 6.5.0 using ansible 2.12.8
[WARNING] Invalid issue syntax, ignoring: src/main/resources/xxxxxx/meta/main.yml:1: schema (schema[meta])
[WARNING] Invalid issue syntax, ignoring: src/main/resources/xxxxxx/meta/main.yml:1: schema (schema[meta])
[INFO] Sensor Ansible Lint Sensor [ansible] (done) | time=19441ms

My YAML file for test is :

galaxy_info:
  author: ME
  description: my ansible role
  company: ME

  # If the issue tracker for your role is not on github, uncomment the
  # next line and provide a value
  issue_tracker_url: https://xxx.com/devops/roles/xxx/-/issues

  # Some suggested licenses:
  # - BSD (default)
  # - MIT
  # - GPLv2
  # - GPLv3
  # - Apache
  # - CC-BY
  license: BSD

  min_ansible_version: 1.2

  # If this a Container Enabled role, provide the minimum Ansible Container version.
  # min_ansible_container_version:

  # Optionally specify the branch Galaxy will use when accessing the GitHub
  # repo for this role. During role install, if no tags are available,
  # Galaxy will use this branch. During import Galaxy will access files on
  # this branch. If Travis integration is configured, only notifications for this
  # branch will be accepted. Otherwise, in all cases, the repo's default branch
  # (usually master) will be used.
  # github_branch:

  #
  # platforms is a list of platforms, and each platform has a name and a list of versions.
  #
  platforms:
    - name: ArchLinux
      versions:
        - all
  # - name: SomePlatform
  #   versions:
  #   - all
  #   - 1.0
  #   - 7
  #   - 99.99

  galaxy_tags: []
    # List tags for your role here, one per line. A tag is a keyword that describes
    # and categorizes the role. Users find roles by searching for tags. Be sure to
    # remove the '[]' above, if you add tags to this list.
    #
    # NOTE: A tag is limited to a single word comprised of alphanumeric characters.
    #       Maximum 20 tags per role.

dependencies: []
  # List your role dependencies here, one per line. Be sure to remove the '[]' above,
  # if you add dependencies to this list.

Sonar-scanner not saving ansible-lint issues

Hello.

I've been running some test in our staging instances in order to audit my ansible playbooks with Sonarqube but I faced a very strange issue:

When running sonar-scanner in DEBUG mode (after properly installing ansible-lint and checking that ansible-lint actually analyses) it is not able to save ansible-lint reports and send them back to Sonarqube. Here's sonar-scanner result for that matter:

12:23:55.055 DEBUG: 7 issue(s) found
12:23:55.057 DEBUG: Analyzing file: ejemplo_ansible.yml
12:23:55.057 DEBUG: Executing command: [ansible-lint, -p, --nocolor, /home/master/workspace/REGRESION/ANSIBLE/prueba-analisis-ansible-yaml/src/ejemplo_ansible.yml]
12:23:55.057 DEBUG: Work directory: /home/master/workspace/REGRESION/ANSIBLE/prueba-analisis-ansible-yaml 12:23:55.930 WARN: Errors happened during analysis: Syntax Error while loading YAML. mapping values are not allowed here

The error appears to be in '/home/master/workspace/REGRESION/ANSIBLE/prueba-analisis-ansible-yaml/src/ejemplo_ansible.yml': line 92, column 14, but may be elsewhere in the file depending on the exact syntax problem.

The offending line appears to be:

  - hosts: webservers
         ^ here

12:23:55.930 DEBUG: 0 issue(s) found 12:23:55.930 DEBUG: Saving issues for file:///home/master/workspace/REGRESION/ANSIBLE/prueba-analisis-ansible-yaml/src/docker-compose.yml 12:23:55.931 DEBUG: Saving issues for file:///home/master/workspace/REGRESION/ANSIBLE/prueba-analisis-ansible-yaml/src/docker-compose.yaml 12:23:55.931 DEBUG: Saving issues for file:///home/master/workspace/REGRESION/ANSIBLE/prueba-analisis-ansible-yaml/src/ejemplo.yml 12:23:55.932 DEBUG: Saving issues for file:///home/master/workspace/REGRESION/ANSIBLE/prueba-analisis-ansible-yaml/src/ejemplo_ansible.yml 12:23:55.932 INFO: Sensor Ansible Lint Sensor [ansible] (done) | time=4286ms 1

Although it gets all issues, sonar-scanner is not able to save them correctly, so no issues are shown in Sonarqube. I'm working with:

Ansible-lint (in my host): 4.2.0
-Sonar-scanner: 4.2.0
Sonar-ansible: 2.3.0
-YAML Analyzer: 1.5.1

I'd like to know if there is any related issue to this one, and whether it is any problem related with sonar-ansible or it's about ansible-lint/sonar-scanner.

Thank you very much.

INFO: No active rules found for this plugin

Scans are not showing any Ansible related content on the SonarQube server.

SonarQube server v 7.9
sonar-scanner v 4.0.0.1744
Ansible-lint v 4.1.0

A new quality profile was created on the server like so:

SonarQube 'Quality profiles' menu
Click 'Create'
Name: Ansible
Language: YAML
Parent: Sonar way (built-in)
Click 'Activate more'
Search in 'tag' for 'ansible'
Click 'Bulk change'
Activate in Ansible
(60 rules activated)

Then run sonar-scanner on machine with Ansible YAML files, sonar-scanner and ansible-lint:

INFO: 28 files indexed
INFO: 0 files ignored because of scm ignore settings
INFO: Quality profile for py: Sonar way
INFO: Quality profile for yaml: Sonar way
...
INFO: Sensor Ansible Lint Sensor [ansible]
INFO: No active rules found for this plugin, skipping.
INFO: Sensor Ansible Lint Sensor [ansible] (done) | time=1ms
...
INFO: Sensor YAML Sensor [yaml]
WARN: Metric 'comment_lines_data' is deprecated. Provided value is ignored.
INFO: Sensor YAML Sensor [yaml] (done) | time=843ms
...
INFO: ANALYSIS SUCCESSFUL, you can browse

Python error version: 3.9

Following #39 , what python version do you recomend? Using ansible on version 2.9.18 and ansible-lint on version 4.3.7.

Thank you once again.

Plugin not compatible with ansible-lint 3.5

Rule Ids have changed in ansible-lint 3.5, so the plugin no long recognizes them. Example: the former rule "no trailing white space" had the ID EANSIBLE0002; now with ansible-lint 3.5 it is E201.

Pass in .ansible-lint configuration file

Hi,

we have an .ansible-lint configuration inside the root directory of our projects.
As the plugin does run ansible-lint on each file seperately the .ansible-lint config is not used for playbooks in subdirectories.

A great feature would be to be able to configure the path to .ansible-lint and have it passed to ansible-lint via the -c flag.

Thanks,
Mazelt

Outdated plugin blocks the market

The whole logic of this plugin is bad and outdated.

Cause

The newer versions of ansible-lint offer a json formatted output for integration with tools and that formatting contains the path of the analyzed files. This way you wouldn't need to iterate over the InputFiles set object.

Correct logic of analyzing the playbooks with ansible-lint

Using the command ansible-lint -f json <sources>/ instead of specified paths would eliminate the huge overhead and also because of -f json instead of -p the integration to new versions would be a whole lot easier.

Reason of this issue

I tried to rewrite it on my local repository but because of the deprecated version tests I could not get it to test or build.
This is the only sonarqube integration plugin for ansible and since this exists noone wants to write a correct, working one and they just don't care about the overhead.

File to be fixed:

sonar-ansible-api/src/main/java/com/github/sbaudoin/sonar/plugins/ansible/rules/AbstractAnsibleSensor.java
at:

116-169
255-273

I am willing to help you integrate with newer versions and with the correct logic if you can create an environment where the current build runs.

Ansible-lint recommend version

Hi!

Sorry if this was already address, but what version do you recomend for ansible-lint?

Thank you.

5.0.6 not work

hello

With ansible-lint 5.0.6 they are many error with analysis

WARNING Listing 43 violation(s) that are fatal
WARN: Invalid issue syntax, ignoring: ../../playbook/test.yml:8: risky-shell-pipe
WARN: Errors happened during analysis:

A vault password must be specified to decrypt data

Hello

I am testing the integration of the plugin with one opf my projects where I am using sonar-vault.
and the lint process didn't work as expected and it is requesting for the vault password, here is the error message:

INFO: ansible-lint 4.2.0 WARN: Messages printed to error output during analysis: A vault password must be specified to decrypt data WARN: Messages printed to error output during analysis: A vault password must be specified to decrypt data WARN: Messages printed to error output during analysis: A vault password must be specified to decrypt data WARN: Messages printed to error output during analysis: A vault password must be specified to decrypt data WARN: Messages printed to error output during analysis: A vault password must be specified to decrypt data WARN: Messages printed to error output during analysis: A vault password must be specified to decrypt data WARN: Messages printed to error output during analysis: A vault password must be specified to decrypt data

why it is requesting for the vault password.
PS: Using the ansible-lint package out of the box does not request any password and it doesn't scan the ansible-vault files.

Any idea ?

SonarQube analysis fails when ansible-lint binary doesn't exist

When project contain some .yml file but ansible-lint is not available on host, the SonarQube analysis fails with:

INFO: Sensor Ansible Lint Sensor [ansible]
INFO: 0/0 source files have been analyzed
ERROR: Error executing command
java.io.IOException: Cannot run program "ansible-lint": error=2, No such file or directory
INFO: Sensor Ansible Lint Sensor [ansible] (done) | time=11ms
	at java.lang.ProcessBuilder.start(ProcessBuilder.java:1048)
INFO: Sensor JavaXmlSensor [java]
	at com.github.sbaudoin.sonar.plugins.ansible.rules.AbstractAnsibleSensor.executeCommand(AbstractAnsibleSensor.java:168)
INFO: Sensor JavaXmlSensor [java] (done) | time=1ms
	at com.github.sbaudoin.sonar.plugins.ansible.rules.AbstractAnsibleSensor.executeWithAnsibleLint(AbstractAnsibleSensor.java:112)
INFO: Sensor HTML [web]
	at com.github.sbaudoin.sonar.plugins.ansible.rules.AnsibleSensor.execute(AnsibleSensor.java:42)
	at org.sonar.scanner.sensor.SensorWrapper.analyse(SensorWrapper.java:53)
    [...]
	at org.sonarsource.scanner.cli.Main.main(Main.java:61)
Caused by: java.io.IOException: error=2, No such file or directory
	at java.lang.UNIXProcess.forkAndExec(Native Method)
	at java.lang.UNIXProcess.<init>(UNIXProcess.java:248)
	at java.lang.ProcessImpl.start(ProcessImpl.java:134)
	at java.lang.ProcessBuilder.start(ProcessBuilder.java:1029)
	... 35 common frames omitted

It could be better if SonarQube analysis would not be broken, and a log WARN or ERROR displayed with requirement about 'ansible-lint' binary (for better analysis, ...).

Version Compatibility

Hi,

Please share if the latest plugin v2.5.1 is compatible for SonarQube Enterprise 9.9.1?

Thanks

Remove deprecation warning

When running with recent SQ servers we can see the following annoying warning:

WARN: Metric 'comment_lines_data' is deprecated. Provided value is ignored.

Travis build : disable shallow clone (git)

The SonarCloud analysis display shallow clone warning, due to 50 commit depth by default.

.travis.yaml should remove this limitation:

git:
  depth: false

The plugin download link is 404

Maybe you forgot to checkin the Jar?

java.lang.IllegalArgumentException: 0 is not a valid line for a file

Hi,

ansible-lint 4.1.0
Sonarqube 7.1.0.11001
sonar-ansible: latest version

I am getting some java errors at the end of the sonar scan..

the Ansible linting appears to run fine all the way to the end and then I hit this issue..

11:37:15.282 DEBUG: Problems found: []
11:37:15.282 DEBUG: Saving issue: missing document end "..." (document-end)

[11:37:15] 11:37:15.288 INFO: ------------------------------------------------------------------------
11:37:15.288 INFO: EXECUTION FAILURE
11:37:15.288 INFO: ------------------------------------------------------------------------
11:37:15.288 INFO: Total time: 5:47.959s

[11:37:15] 11:37:15.405 INFO: Final Memory: 54M/864M
11:37:15.405 INFO: ------------------------------------------------------------------------

[11:37:15] 11:37:15.405 ERROR: Error during SonarQube Scanner execution

[11:37:15] java.lang.IllegalArgumentException: 0 is not a valid line for a file

[11:37:15] at org.sonar.api.internal.google.common.base.Preconditions.checkArgument(Preconditions.java:145)
at org.sonar.api.batch.fs.internal.DefaultInputFile.checkValid(DefaultInputFile.java:308)

[11:37:15] at org.sonar.api.batch.fs.internal.DefaultInputFile.newPointer(DefaultInputFile.java:246)
at org.sonar.api.batch.fs.internal.DefaultInputFile.selectLine(DefaultInputFile.java:269)
at com.github.sbaudoin.sonar.plugins.yaml.rules.YamlSensor.saveIssues(YamlSensor.java:172)
at com.github.sbaudoin.sonar.plugins.yaml.rules.YamlSensor.runChecks(YamlSensor.java:151)
at com.github.sbaudoin.sonar.plugins.yaml.rules.YamlSensor.execute(YamlSensor.java:103)
at org.sonar.scanner.sensor.SensorWrapper.analyse(SensorWrapper.java:53)
at org.sonar.scanner.phases.SensorsExecutor.executeSensor(SensorsExecutor.java:88)
at org.sonar.scanner.phases.SensorsExecutor.execute(SensorsExecutor.java:82)
at org.sonar.scanner.phases.SensorsExecutor.execute(SensorsExecutor.java:68)
at org.sonar.scanner.phases.AbstractPhaseExecutor.execute(AbstractPhaseExecutor.java:88)
at org.sonar.scanner.scan.ModuleScanContainer.doAfterStart(ModuleScanContainer.java:180)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:135)
[11:37:15]
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:121)
at org.sonar.scanner.scan.ProjectScanContainer.scan(ProjectScanContainer.java:302)
at org.sonar.scanner.scan.ProjectScanContainer.scanRecursively(ProjectScanContainer.java:297)
at org.sonar.scanner.scan.ProjectScanContainer.doAfterStart(ProjectScanContainer.java:271)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:135)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:121)
at org.sonar.scanner.task.ScanTask.execute(ScanTask.java:48)

[11:37:15] at org.sonar.scanner.task.TaskContainer.doAfterStart(TaskContainer.java:84)
at org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:135)
at org.sonar.core.platform.ComponentContainer.execute(ComponentContainer.java:121)
at org.sonar.scanner.bootstrap.GlobalContainer.executeTask(GlobalContainer.java:121)
at org.sonar.batch.bootstrapper.Batch.doExecuteTask(Batch.java:116)
at org.sonar.batch.bootstrapper.Batch.executeTask(Batch.java:111)
at org.sonarsource.scanner.api.internal.batch.BatchIsolatedLauncher.execute(BatchIsolatedLauncher.java:62)

[11:37:15] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.sonarsource.scanner.api.internal.IsolatedLauncherProxy.invoke(IsolatedLauncherProxy.java:60)
at com.sun.proxy.$Proxy0.execute(Unknown Source)
at org.sonarsource.scanner.api.EmbeddedScanner.doExecute(EmbeddedScanner.java:233)

[11:37:15] at org.sonarsource.scanner.api.EmbeddedScanner.runAnalysis(EmbeddedScanner.java:151)
at org.sonarsource.scanner.cli.Main.runAnalysis(Main.java:110)
at org.sonarsource.scanner.cli.Main.execute(Main.java:74)
at org.sonarsource.scanner.cli.Main.main(Main.java:61)

[11:37:15] Return code: 1.

The plugin raises a lot of warnings with ansible-lint 4.3.1+

Starting with ansible-lint 4.3.1, the plugin raises a lot of warnings, for e.g.:

With ansible-lint 4.3.5:

WARN: Errors happened during analysis:
You can skip specific rules or tags by adding them to your configuration file:

┌──────────────────────────────────────────────────────────────────────────────┐
│ # .ansible-lint                                                              │
│ warn_list:  # or 'skip_list' to silence them completely                      │
│   - '301'  # Commands should not change things if nothing needs doing        │
└──────────────────────────────────────────────────────────────────────────────┘

With ansible-lint 4.3.1:

WARN: Invalid issue syntax, ignoring: You can skip specific rules by adding them to the skip_list section of your
WARN: Invalid issue syntax, ignoring: configuration file:
WARN: Invalid issue syntax, ignoring:
WARN: Invalid issue syntax, ignoring: ┌──────────────────────────────────────────────────────────────────────────────┐
WARN: Invalid issue syntax, ignoring: │ # .ansible-lint                                                              │
WARN: Invalid issue syntax, ignoring: │ skip_list:                                                                   │
WARN: Invalid issue syntax, ignoring: │   - '301'  # Commands should not change things if nothing needs doing'       │
WARN: Invalid issue syntax, ignoring: └──────────────────────────────────────────────────────────────────────────────┘