You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@accumulo.apache.org by ct...@apache.org on 2018/10/09 21:20:56 UTC
[accumulo-maven-plugin] branch master updated: Improve spotbugs and
cleanup m2e warnings
This is an automated email from the ASF dual-hosted git repository.
ctubbsii pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/accumulo-maven-plugin.git
The following commit(s) were added to refs/heads/master by this push:
new 21ee50c Improve spotbugs and cleanup m2e warnings
21ee50c is described below
commit 21ee50c1f4365926937c4c2c88121ca5dc9bf1fe
Author: Christopher Tubbs <ct...@apache.org>
AuthorDate: Tue Oct 9 17:17:54 2018 -0400
Improve spotbugs and cleanup m2e warnings
* Suppress warnings in m2e (in Eclipse) about unknown plugin goals
* Use spotbugs annotation, and remove main method with spotbugs error
* Increase spotbugs rank to max (20)
* Remove redundant plugin versions inherited from parent POM
* Add safety check for instanceName characters
* Limit the exception catching to the checked exceptions thrown
---
pom.xml | 121 ++++++++++++++++++++-
.../apache/accumulo/maven/plugin/StartMojo.java | 34 ++----
src/main/spotbugs/exclude-filter.xml | 17 +--
3 files changed, 132 insertions(+), 40 deletions(-)
diff --git a/pom.xml b/pom.xml
index 8a37c48..825cdc4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -100,8 +100,16 @@
<mavenVersion>3.5.4</mavenVersion>
<sourceReleaseAssemblyDescriptor>source-release-tar</sourceReleaseAssemblyDescriptor>
<spotbugs.excludeFilterFile>src/main/spotbugs/exclude-filter.xml</spotbugs.excludeFilterFile>
+ <spotbugs.version>3.1.6</spotbugs.version>
</properties>
<dependencies>
+ <!-- spotbugs-annotations provides SuppressFBWarnings annotation -->
+ <dependency>
+ <groupId>com.github.spotbugs</groupId>
+ <artifactId>spotbugs-annotations</artifactId>
+ <version>${spotbugs.version}</version>
+ <optional>true</optional>
+ </dependency>
<dependency>
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
@@ -255,13 +263,13 @@
<plugin>
<groupId>com.github.spotbugs</groupId>
<artifactId>spotbugs-maven-plugin</artifactId>
- <version>3.1.6</version>
+ <version>${spotbugs.version}</version>
<configuration>
<xmlOutput>true</xmlOutput>
<effort>Max</effort>
<failOnError>true</failOnError>
<includeTests>true</includeTests>
- <maxRank>16</maxRank>
+ <maxRank>20</maxRank>
<plugins>
<plugin>
<groupId>com.overstock.findbugs</groupId>
@@ -464,7 +472,6 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-invoker-plugin</artifactId>
- <version>3.1.0</version>
<configuration>
<cloneClean>true</cloneClean>
<cloneProjectsTo>${project.build.directory}/it</cloneProjectsTo>
@@ -495,7 +502,6 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-plugin-plugin</artifactId>
- <version>${mavenPluginToolsVersion}</version>
<executions>
<!-- the help goal runs in addition to the default-descriptor -->
<execution>
@@ -541,12 +547,10 @@
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-plugin-plugin</artifactId>
- <version>${mavenPluginToolsVersion}</version>
</plugin>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-project-info-reports-plugin</artifactId>
- <version>3.0.0</version>
</plugin>
</plugins>
</reporting>
@@ -620,5 +624,110 @@
</plugins>
</build>
</profile>
+ <profile>
+ <id>m2e</id>
+ <activation>
+ <property>
+ <name>m2e.version</name>
+ </property>
+ </activation>
+ <build>
+ <pluginManagement>
+ <plugins>
+ <!--This plugin's configuration is used to store Eclipse m2e settings only. It has no influence on the Maven build itself.-->
+ <plugin>
+ <groupId>org.eclipse.m2e</groupId>
+ <artifactId>lifecycle-mapping</artifactId>
+ <version>1.0.0</version>
+ <configuration>
+ <lifecycleMappingMetadata>
+ <pluginExecutions>
+ <pluginExecution>
+ <pluginExecutionFilter>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-invoker-plugin</artifactId>
+ <versionRange>[0,)</versionRange>
+ <goals>
+ <goal>install</goal>
+ </goals>
+ </pluginExecutionFilter>
+ <action>
+ <ignore />
+ </action>
+ </pluginExecution>
+ <pluginExecution>
+ <pluginExecutionFilter>
+ <groupId>org.apache.maven.plugins</groupId>
+ <artifactId>maven-remote-resources-plugin</artifactId>
+ <versionRange>[0,)</versionRange>
+ <goals>
+ <goal>process</goal>
+ </goals>
+ </pluginExecutionFilter>
+ <action>
+ <ignore />
+ </action>
+ </pluginExecution>
+ <pluginExecution>
+ <pluginExecutionFilter>
+ <groupId>org.apache.rat</groupId>
+ <artifactId>apache-rat-plugin</artifactId>
+ <versionRange>[0,)</versionRange>
+ <goals>
+ <goal>check</goal>
+ </goals>
+ </pluginExecutionFilter>
+ <action>
+ <ignore />
+ </action>
+ </pluginExecution>
+ <pluginExecution>
+ <pluginExecutionFilter>
+ <groupId>org.gaul</groupId>
+ <artifactId>modernizer-maven-plugin</artifactId>
+ <versionRange>[0,)</versionRange>
+ <goals>
+ <goal>modernizer</goal>
+ </goals>
+ </pluginExecutionFilter>
+ <action>
+ <ignore />
+ </action>
+ </pluginExecution>
+ <pluginExecution>
+ <pluginExecutionFilter>
+ <groupId>com.github.ekryd.sortpom</groupId>
+ <artifactId>sortpom-maven-plugin</artifactId>
+ <versionRange>[0,)</versionRange>
+ <goals>
+ <goal>sort</goal>
+ <goal>verify</goal>
+ </goals>
+ </pluginExecutionFilter>
+ <action>
+ <ignore />
+ </action>
+ </pluginExecution>
+ <pluginExecution>
+ <pluginExecutionFilter>
+ <groupId>com.github.koraktor</groupId>
+ <artifactId>mavanagaiata</artifactId>
+ <versionRange>[0,)</versionRange>
+ <goals>
+ <goal>commit</goal>
+ </goals>
+ </pluginExecutionFilter>
+ <action>
+ <ignore />
+ </action>
+ </pluginExecution>
+ </pluginExecutions>
+ </lifecycleMappingMetadata>
+ </configuration>
+ </plugin>
+ </plugins>
+ </pluginManagement>
+ </build>
+ </profile>
</profiles>
</project>
diff --git a/src/main/java/org/apache/accumulo/maven/plugin/StartMojo.java b/src/main/java/org/apache/accumulo/maven/plugin/StartMojo.java
index 42131cf..ebd441e 100644
--- a/src/main/java/org/apache/accumulo/maven/plugin/StartMojo.java
+++ b/src/main/java/org/apache/accumulo/maven/plugin/StartMojo.java
@@ -32,6 +32,8 @@ import org.apache.maven.plugins.annotations.Mojo;
import org.apache.maven.plugins.annotations.Parameter;
import org.apache.maven.plugins.annotations.ResolutionScope;
+import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
+
/**
* Goal which starts an instance of {@link MiniAccumuloCluster}.
*/
@@ -55,56 +57,42 @@ public class StartMojo extends AbstractAccumuloMojo {
required = true)
private int zooKeeperPort;
- private String miniClasspath;
-
static Set<MiniAccumuloClusterImpl> runningClusters = Collections
.synchronizedSet(new HashSet<>());
+ @SuppressFBWarnings(value = "PATH_TRAVERSAL_IN",
+ justification = "could restrict outputDirectory to target/ in future")
@Override
public void execute() throws MojoExecutionException {
if (shouldSkip()) {
return;
}
- File subdir = new File(new File(outputDirectory, "accumulo-maven-plugin"), instanceName);
+ if (!instanceName.matches("^[a-zA-Z0-9_-]+$")) {
+ throw new MojoExecutionException("instanceName must be only letters and numbers");
+ }
+ File subdir = new File(new File(outputDirectory, "accumulo-maven-plugin"), instanceName);
try {
subdir = subdir.getCanonicalFile();
if (subdir.exists())
FileUtils.forceDelete(subdir);
if (!subdir.mkdirs() && !subdir.isDirectory())
- throw new IOException(subdir + " cannot be created as a directory");
+ throw new MojoExecutionException(subdir + " cannot be created as a directory");
MiniAccumuloConfigImpl cfg = new MiniAccumuloConfigImpl(subdir, rootPassword);
cfg.setInstanceName(instanceName);
cfg.setZooKeeperPort(zooKeeperPort);
- configureMiniClasspath(cfg, miniClasspath);
+ configureMiniClasspath(cfg, null);
MiniAccumuloClusterImpl mac = new MiniAccumuloClusterImpl(cfg);
getLog().info("Starting MiniAccumuloCluster: " + mac.getInstanceName() + " in "
+ mac.getConfig().getDir());
mac.start();
runningClusters.add(mac);
- } catch (Exception e) {
+ } catch (IOException | InterruptedException e) {
throw new MojoExecutionException(
"Unable to start " + MiniAccumuloCluster.class.getSimpleName(), e);
}
}
- public static void main(String[] args) throws MojoExecutionException {
- int a = 0;
- for (String arg : args) {
- if (a < 2) {
- // skip the first two args
- a++;
- continue;
- }
- StartMojo starter = new StartMojo();
- starter.outputDirectory = new File(args[0]);
- String[] instArgs = arg.split(" ");
- starter.instanceName = instArgs[0];
- starter.rootPassword = instArgs[1];
- starter.miniClasspath = args[1];
- starter.execute();
- }
- }
}
diff --git a/src/main/spotbugs/exclude-filter.xml b/src/main/spotbugs/exclude-filter.xml
index e4122bb..d2c9650 100644
--- a/src/main/spotbugs/exclude-filter.xml
+++ b/src/main/spotbugs/exclude-filter.xml
@@ -15,15 +15,10 @@
limitations under the License.
-->
<FindBugsFilter>
- <Match>
- <!-- new file on user input can be dangerous but OK here -->
- <Class name="org.apache.accumulo.maven.plugin.StartMojo"/>
- <Bug code="PATH" pattern="PATH_TRAVERSAL_IN"/>
- </Match>
- <Match>
- <!-- dangerous on untrusted files but OK here -->
- <Class name="org.apache.accumulo.maven.plugin.HelpMojo"/>
- <Method name="build" params="" returns="org.w3c.dom.Document"/>
- <Bug code="XXE" pattern="XXE_DOCUMENT"/>
- </Match>
+ <Match>
+ <!-- dangerous on untrusted files but okay on generated file -->
+ <Class name="org.apache.accumulo.maven.plugin.HelpMojo"/>
+ <Method name="build" params="" returns="org.w3c.dom.Document"/>
+ <Bug code="XXE" pattern="XXE_DOCUMENT"/>
+ </Match>
</FindBugsFilter>