From 5a1adc51c1663a7deaa0144863cef2c193290fa6 Mon Sep 17 00:00:00 2001
From: Arthur Baars <aibaars@github.com>
Date: Tue, 23 Jul 2024 20:25:55 +0200
Subject: [PATCH] Java: buildless: proxy test with maven

---
 .../buildless-fetches.expected                |  26 ++++
 .../diagnostics.expected                      |  70 +++++++++++
 .../java/buildless-proxy-maven/pom.xml        | 114 ++++++++++++++++++
 .../src/main/java/com/example/App.java        |  30 +++++
 .../src/main/resources/my-app.properties      |   1 +
 .../src/main/resources/page.xml               |   8 ++
 .../src/main/resources/struts.xml             |   4 +
 .../src/test/java/com/example/AppTest.java    |  20 +++
 .../java/buildless-proxy-maven/test.expected  |  10 ++
 .../java/buildless-proxy-maven/test.py        |  39 ++++++
 .../java/buildless-proxy-maven/test.ql        |   9 ++
 11 files changed, 331 insertions(+)
 create mode 100644 java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/buildless-fetches.expected
 create mode 100644 java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/diagnostics.expected
 create mode 100644 java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/pom.xml
 create mode 100644 java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/java/com/example/App.java
 create mode 100644 java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/resources/my-app.properties
 create mode 100644 java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/resources/page.xml
 create mode 100644 java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/resources/struts.xml
 create mode 100644 java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/test/java/com/example/AppTest.java
 create mode 100644 java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/test.expected
 create mode 100644 java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/test.py
 create mode 100644 java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/test.ql

diff --git a/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/buildless-fetches.expected b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/buildless-fetches.expected
new file mode 100644
index 00000000000..49120865e8d
--- /dev/null
+++ b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/buildless-fetches.expected
@@ -0,0 +1,26 @@
+https://repo.maven.apache.org/maven2/com/feiniaojin/naaf/naaf-graceful-response-example/1.0/naaf-graceful-response-example-1.0.jar
+https://repo.maven.apache.org/maven2/com/github/MoebiusSolutions/avro-registry-in-source/avro-registry-in-source-tests/1.8/avro-registry-in-source-tests-1.8.jar
+https://repo.maven.apache.org/maven2/com/github/MoebiusSolutions/avro-registry-in-source/example-project/1.5/example-project-1.5.jar
+https://repo.maven.apache.org/maven2/com/intuit/benten/benten-examples/0.1.5/benten-examples-0.1.5.jar
+https://repo.maven.apache.org/maven2/com/jakewharton/twirl/sample-runtime/1.2.0/sample-runtime-1.2.0.jar
+https://repo.maven.apache.org/maven2/com/mattunderscore/code/generation/specky/plugin-example/0.8.0/plugin-example-0.8.0.jar
+https://repo.maven.apache.org/maven2/com/microsoft/tang/tang-test-jarAB/0.9/tang-test-jarAB-0.9.jar
+https://repo.maven.apache.org/maven2/de/knutwalker/rx-redis-example_2.11/0.1.2/rx-redis-example_2.11-0.1.2.jar
+https://repo.maven.apache.org/maven2/de/knutwalker/rx-redis-java-example_2.11/0.1.2/rx-redis-java-example_2.11-0.1.2.jar
+https://repo.maven.apache.org/maven2/io/github/scrollsyou/example-spring-boot-starter/1.0.0/example-spring-boot-starter-1.0.0.jar
+https://repo.maven.apache.org/maven2/io/streamnative/com/example/maven-central-template/server/3.0.0/server-3.0.0.jar
+https://repo.maven.apache.org/maven2/junit/junit/4.11/junit-4.11.jar
+https://repo.maven.apache.org/maven2/no/nav/security/token-validation-ktor-demo/3.1.0/token-validation-ktor-demo-3.1.0.jar
+https://repo.maven.apache.org/maven2/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar
+https://repo.maven.apache.org/maven2/org/minijax/minijax-example-fileupload/0.5.10/minijax-example-fileupload-0.5.10.jar
+https://repo.maven.apache.org/maven2/org/minijax/minijax-example-inject/0.5.10/minijax-example-inject-0.5.10.jar
+https://repo.maven.apache.org/maven2/org/minijax/minijax-example-json/0.5.10/minijax-example-json-0.5.10.jar
+https://repo.maven.apache.org/maven2/org/minijax/minijax-example-mustache/0.5.10/minijax-example-mustache-0.5.10.jar
+https://repo.maven.apache.org/maven2/org/minijax/minijax-example-petclinic/0.5.10/minijax-example-petclinic-0.5.10.jar
+https://repo.maven.apache.org/maven2/org/minijax/minijax-example-security/0.5.10/minijax-example-security-0.5.10.jar
+https://repo.maven.apache.org/maven2/org/minijax/minijax-example-ssl/0.5.10/minijax-example-ssl-0.5.10.jar
+https://repo.maven.apache.org/maven2/org/minijax/minijax-example-todo-backend/0.5.10/minijax-example-todo-backend-0.5.10.jar
+https://repo.maven.apache.org/maven2/org/minijax/minijax-example-websocket/0.5.10/minijax-example-websocket-0.5.10.jar
+https://repo.maven.apache.org/maven2/org/scalamock/scalamock-examples_2.10/3.6.0/scalamock-examples_2.10-3.6.0.jar
+https://repo.maven.apache.org/maven2/org/somda/sdc/glue-examples/4.0.0/glue-examples-4.0.0.jar
+https://repo.maven.apache.org/maven2/us/fatehi/schemacrawler-examplecode/16.20.2/schemacrawler-examplecode-16.20.2.jar
diff --git a/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/diagnostics.expected b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/diagnostics.expected
new file mode 100644
index 00000000000..f3c89bb842a
--- /dev/null
+++ b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/diagnostics.expected
@@ -0,0 +1,70 @@
+{
+  "markdownMessage": "Java analysis used build tool Maven to pick a JDK version and/or to recommend external dependencies.",
+  "severity": "unknown",
+  "source": {
+    "extractorName": "java",
+    "id": "java/autobuilder/buildless/using-build-tool-advice",
+    "name": "Java analysis used build tool Maven to pick a JDK version and/or to recommend external dependencies"
+  },
+  "visibility": {
+    "cliSummaryTable": true,
+    "statusPage": false,
+    "telemetry": true
+  }
+}
+{
+  "markdownMessage": "Java analysis used the system default JDK.",
+  "severity": "unknown",
+  "source": {
+    "extractorName": "java",
+    "id": "java/autobuilder/buildless/jdk-system-default",
+    "name": "Java analysis used the system default JDK"
+  },
+  "visibility": {
+    "cliSummaryTable": true,
+    "statusPage": false,
+    "telemetry": true
+  }
+}
+{
+  "markdownMessage": "Java analysis with build-mode 'none' completed.",
+  "severity": "unknown",
+  "source": {
+    "extractorName": "java",
+    "id": "java/autobuilder/buildless/complete",
+    "name": "Java analysis with build-mode 'none' completed"
+  },
+  "visibility": {
+    "cliSummaryTable": true,
+    "statusPage": false,
+    "telemetry": true
+  }
+}
+{
+  "markdownMessage": "Java was extracted with build-mode set to 'none'. This means that all Java source in the working directory will be scanned, with build tools such as Maven and Gradle only contributing information about external dependencies.",
+  "severity": "note",
+  "source": {
+    "extractorName": "java",
+    "id": "java/autobuilder/buildless/mode-active",
+    "name": "Java was extracted with build-mode set to 'none'"
+  },
+  "visibility": {
+    "cliSummaryTable": true,
+    "statusPage": true,
+    "telemetry": true
+  }
+}
+{
+  "markdownMessage": "Reading the dependency graph from build files provided 2 classpath entries",
+  "severity": "unknown",
+  "source": {
+    "extractorName": "java",
+    "id": "java/autobuilder/buildless/depgraph-provided-by-maven",
+    "name": "Java analysis extracted precise dependency graph information from tool Maven"
+  },
+  "visibility": {
+    "cliSummaryTable": true,
+    "statusPage": false,
+    "telemetry": true
+  }
+}
diff --git a/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/pom.xml b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/pom.xml
new file mode 100644
index 00000000000..ec4aaf128c1
--- /dev/null
+++ b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/pom.xml
@@ -0,0 +1,114 @@
+<?xml version="1.0" encoding="UTF-8"?>
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+
+  <groupId>com.example</groupId>
+  <artifactId>maven-sample</artifactId>
+  <version>1.0-SNAPSHOT</version>
+
+  <name>maven-sample</name>
+  <!-- FIXME change it to the project's website -->
+  <url>http://www.example.com</url>
+
+  <properties>
+    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+    <maven.compiler.source>1.7</maven.compiler.source>
+    <maven.compiler.target>1.7</maven.compiler.target>
+  </properties>
+
+  <dependencies>
+    <dependency>
+      <groupId>junit</groupId>
+      <artifactId>junit</artifactId>
+      <version>4.11</version>
+      <scope>test</scope>
+    </dependency>
+  </dependencies>
+
+  <build>
+    <plugins>
+      <plugin>
+        <artifactId>exec-maven-plugin</artifactId>
+        <groupId>org.codehaus.mojo</groupId>
+        <version>1.1.1</version>
+        <executions>
+          <execution>
+            <id>check-maven-version</id>
+            <phase>package</phase>
+            <goals>
+              <goal>java</goal>
+            </goals>
+          </execution>
+        </executions>
+        <configuration>
+          <mainClass>com.example.App</mainClass>
+        </configuration>
+      </plugin>
+      <plugin>
+        <groupId>com.diffplug.spotless</groupId>
+        <artifactId>spotless-maven-plugin</artifactId>
+        <version>2.19.1</version>
+        <executions>
+          <execution>
+            <goals>
+              <goal>check</goal>
+            </goals>
+            <phase>compile</phase>
+          </execution>
+        </executions>
+        <configuration>
+          <java>
+            <licenseHeader>
+              <content>/* FAIL ME */</content>
+            </licenseHeader>
+          </java>
+        </configuration>
+      </plugin>
+    </plugins>
+    <pluginManagement>
+      <!-- lock down plugins versions to avoid using Maven defaults (may be moved to parent pom) -->
+      <plugins>
+        <!-- clean lifecycle, see https://maven.apache.org/ref/current/maven-core/lifecycles.html#clean_Lifecycle -->
+        <plugin>
+          <artifactId>maven-clean-plugin</artifactId>
+          <version>3.1.0</version>
+        </plugin>
+        <!-- default lifecycle, jar packaging: see https://maven.apache.org/ref/current/maven-core/default-bindings.html#Plugin_bindings_for_jar_packaging -->
+        <plugin>
+          <artifactId>maven-resources-plugin</artifactId>
+          <version>3.0.2</version>
+        </plugin>
+        <plugin>
+          <artifactId>maven-compiler-plugin</artifactId>
+          <version>3.8.0</version>
+        </plugin>
+        <plugin>
+          <artifactId>maven-surefire-plugin</artifactId>
+          <version>2.22.1</version>
+        </plugin>
+        <plugin>
+          <artifactId>maven-jar-plugin</artifactId>
+          <version>3.0.2</version>
+        </plugin>
+        <plugin>
+          <artifactId>maven-install-plugin</artifactId>
+          <version>2.5.2</version>
+        </plugin>
+        <plugin>
+          <artifactId>maven-deploy-plugin</artifactId>
+          <version>2.8.2</version>
+        </plugin>
+        <!-- site lifecycle, see https://maven.apache.org/ref/current/maven-core/lifecycles.html#site_Lifecycle -->
+        <plugin>
+          <artifactId>maven-site-plugin</artifactId>
+          <version>3.7.1</version>
+        </plugin>
+        <plugin>
+          <artifactId>maven-project-info-reports-plugin</artifactId>
+          <version>3.0.0</version>
+        </plugin>
+      </plugins>
+    </pluginManagement>
+  </build>
+</project>
\ No newline at end of file
diff --git a/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/java/com/example/App.java b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/java/com/example/App.java
new file mode 100644
index 00000000000..c9eec918587
--- /dev/null
+++ b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/java/com/example/App.java
@@ -0,0 +1,30 @@
+package com.example;
+
+import java.util.regex.Pattern;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+
+/**
+ * Hello world!
+ *
+ */
+public class App 
+{
+    public static void main( String[] args )
+    {
+        System.out.println( "Hello World!" );
+        String expectedVersion = System.getenv("EXPECT_MAVEN");
+        Path mavenHome = Paths.get(System.getProperty("maven.home")).normalize();
+        String observedVersion = mavenHome.getFileName().toString();
+        if (expectedVersion != null && !expectedVersion.equals(observedVersion)) {
+                System.err.println("Wrong maven version, expected '" + expectedVersion + "' but got '" + observedVersion + "'" + mavenHome);
+                System.exit(1);
+        }
+        String commandMatcher = System.getenv("EXPECT_COMMAND_REGEX");
+        String command = System.getProperty("sun.java.command");
+        if (commandMatcher != null && !Pattern.matches(commandMatcher, command)) {
+                System.err.println("Wrong command line, '" + command + "' does not match '" + commandMatcher + "'");
+                System.exit(1);
+        }
+    }
+}
diff --git a/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/resources/my-app.properties b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/resources/my-app.properties
new file mode 100644
index 00000000000..e566b49a29a
--- /dev/null
+++ b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/resources/my-app.properties
@@ -0,0 +1 @@
+version=1.0
diff --git a/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/resources/page.xml b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/resources/page.xml
new file mode 100644
index 00000000000..2bab459cb03
--- /dev/null
+++ b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/resources/page.xml
@@ -0,0 +1,8 @@
+<html>
+<head>
+<title>A sample</title>
+</head>
+<body>
+<p>Hello world!</p>
+</body>
+</html>
diff --git a/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/resources/struts.xml b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/resources/struts.xml
new file mode 100644
index 00000000000..73fc0c6b9cb
--- /dev/null
+++ b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/main/resources/struts.xml
@@ -0,0 +1,4 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<struts>
+This is a sample file
+</struts>
diff --git a/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/test/java/com/example/AppTest.java b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/test/java/com/example/AppTest.java
new file mode 100644
index 00000000000..22a94ca6f01
--- /dev/null
+++ b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/src/test/java/com/example/AppTest.java
@@ -0,0 +1,20 @@
+package com.example;
+
+import static org.junit.Assert.assertTrue;
+
+import org.junit.Test;
+
+/**
+ * Unit test for simple App.
+ */
+public class AppTest 
+{
+    /**
+     * Rigorous Test :-)
+     */
+    @Test
+    public void shouldAnswerWithTrue()
+    {
+        assertTrue( true );
+    }
+}
diff --git a/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/test.expected b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/test.expected
new file mode 100644
index 00000000000..cbd09bcf554
--- /dev/null
+++ b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/test.expected
@@ -0,0 +1,10 @@
+#select
+| src/main/java/com/example/App.java:0:0:0:0 | App |
+| src/test/java/com/example/AppTest.java:0:0:0:0 | AppTest |
+xmlFiles
+| pom.xml:0:0:0:0 | pom.xml |
+| src/main/resources/page.xml:0:0:0:0 | src/main/resources/page.xml |
+| src/main/resources/struts.xml:0:0:0:0 | src/main/resources/struts.xml |
+propertiesFiles
+| src/main/resources/my-app.properties:0:0:0:0 | src/main/resources/my-app.properties |
+| test-db/log/ext/javac.properties:0:0:0:0 | test-db/log/ext/javac.properties |
diff --git a/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/test.py b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/test.py
new file mode 100644
index 00000000000..47d64f8440e
--- /dev/null
+++ b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/test.py
@@ -0,0 +1,39 @@
+from create_database_utils import *
+from diagnostics_test_utils import *
+from buildless_test_utils import *
+import mitm_proxy
+import os
+import shutil
+import subprocess
+import sys
+
+shutil.rmtree('certs', ignore_errors=True)
+os.mkdir('certs')
+
+ca_cert_file = 'certs/ca-cert.pem'
+ca_key_file = 'certs/ca-key.pem'
+mitm_proxy.generateCA(ca_cert_file, ca_key_file)
+with open(ca_cert_file, 'rb') as f:
+    cert_pem = f.read().decode('ascii')
+
+# This starts an HTTP proxy server on http://localhost:9431
+proxy_server_process = subprocess.Popen(
+    [sys.executable, mitm_proxy.__file__, "9431", "certs/ca-cert.pem", "certs/ca-key.pem"], env={
+        "PROXY_USER": "proxy",
+        "PROXY_PASSWORD": "password"
+    })
+
+try:
+    run_codeql_database_create([], lang="java", extra_env={
+        "CODEQL_EXTRACTOR_JAVA_OPTION_BUILDLESS": "true",
+        "CODEQL_EXTRACTOR_JAVA_OPTION_BUILDLESS_CLASSPATH_FROM_BUILD_FILES": "true",
+        "CODEQL_PROXY_HOST": "localhost",
+        "CODEQL_PROXY_PORT": "9431",
+        "CODEQL_PROXY_USER": "proxy",
+        "CODEQL_PROXY_PASSWORD": "password",
+        "CODEQL_PROXY_CA_CERTIFICATE": cert_pem
+    })
+finally:
+    proxy_server_process.kill()
+check_diagnostics()
+check_buildless_fetches()
diff --git a/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/test.ql b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/test.ql
new file mode 100644
index 00000000000..25cd26fdd14
--- /dev/null
+++ b/java/ql/integration-tests/all-platforms/java/buildless-proxy-maven/test.ql
@@ -0,0 +1,9 @@
+import java
+
+from File f
+where f.isSourceFile()
+select f
+
+query predicate xmlFiles(XmlFile x) { any() }
+
+query predicate propertiesFiles(File f) { f.getExtension() = "properties" }