Mer robust lokalt oppsett + sonarting (#1259)

* Mer robust lokalt oppsett + sonarting

* Fkse bygge

* Kommenter et par false positives

README.md

@@ -1,3 +1,11 @@
+[![Bygg og deploy](https://github.com/navikt/fp-felles/actions/workflows/build.yml/badge.svg)](https://github.com/navikt/fp-felles/actions/workflows/build.yml)
+[![Sonarcloud Status](https://sonarcloud.io/api/project_badges/measure?project=navikt_fp-felles&metric=alert_status)](https://sonarcloud.io/dashboard?id=navikt_fp-felles)
+[![SonarCloud Coverage](https://sonarcloud.io/api/project_badges/measure?project=navikt_fp-felles&metric=coverage)](https://sonarcloud.io/component_measures/metric/coverage/list?id=navikt_fp-felles)
+[![SonarCloud Bugs](https://sonarcloud.io/api/project_badges/measure?project=navikt_fp-felles&metric=bugs)](https://sonarcloud.io/component_measures/metric/reliability_rating/list?id=navikt_fp-felles)
+[![SonarCloud Vulnerabilities](https://sonarcloud.io/api/project_badges/measure?project=navikt_fp-felles&metric=vulnerabilities)](https://sonarcloud.io/component_measures/metric/security_rating/list?id=navikt_fp-felles)
+![GitHub release (latest by date)](https://img.shields.io/github/v/release/navikt/fp-felles)
+![GitHub](https://img.shields.io/github/license/navikt/fp-felles)
+
 # fp-felles
 
 Inneholder følgende hovedmoduler

felles/abac/src/main/java/no/nav/vedtak/sikkerhet/abac/AbacDataAttributter.java

@@ -43,7 +43,7 @@ public AbacDataAttributter leggTil(AbacAttributtType type, Collection<Object> sa
     }
 
     public AbacDataAttributter leggTil(AbacAttributtType type, Object verdi) {
-        requireNonNull(verdi, "Attributt av type " + type + " kan ikke være null"); //$NON-NLS-1$ //$NON-NLS-2$
+        requireNonNull(verdi, "Attributt av type " + type + " kan ikke være null");
         Set<Object> a = attributter.get(type);
         if (a == null) {
             a = new LinkedHashSet<>(4); // det er vanligvis bare 1 attributt i settet
@@ -56,7 +56,7 @@ public AbacDataAttributter leggTil(AbacAttributtType type, Object verdi) {
     @SuppressWarnings("unchecked")
     public <T> Set<T> getVerdier(AbacAttributtType type) {
         return attributter.containsKey(type)
-            ? (Set<T>) attributter.get(type) // NOSONAR cast fungerer når settere/gettere er symmetriske slik de skal være her
+            ? (Set<T>) attributter.get(type)
             : Collections.emptySet();
     }
 

felles/abac/src/main/java/no/nav/vedtak/sikkerhet/abac/BeskyttetRessursInterceptor.java

@@ -131,9 +131,9 @@ static void leggTilAttributterFraParameter(AbacDataAttributter attributter, Obje
         if (tilpassetAnnotering != null) {
             leggTil(attributter, tilpassetAnnotering, parameterValue);
         } else {
-            if (parameterValue instanceof AbacDto abacDto) { // NOSONAR for å støtte både enkelt-DTO-er og collection av DTO-er
+            if (parameterValue instanceof AbacDto abacDto) {
                 attributter.leggTil(abacDto.abacAttributter());
-            } else if (parameterValue instanceof Collection collection) { // NOSONAR for å støtte både enkelt-DTO-er og collection av DTO-er
+            } else if (parameterValue instanceof Collection collection) {
                 leggTilAbacDtoSamling(attributter, collection);
             }
         }

felles/abac/src/main/java/no/nav/vedtak/sikkerhet/abac/pipdata/PipAktørId.java

@@ -22,7 +22,7 @@ public class PipAktørId implements Serializable, Comparable<PipAktørId>, Ressu
     @JsonValue
     @NotNull
     @javax.validation.constraints.Pattern(regexp = VALID_REGEXP, message = "aktørId ${validatedValue} har ikke gyldig verdi (pattern '{regexp}')")
-    private String aktørId;  // NOSONAR
+    private String aktørId;
 
     public PipAktørId(Long aktørId) {
         Objects.requireNonNull(aktørId, "aktørId");

felles/abac/src/test/java/no/nav/vedtak/sikkerhet/pdp/PdpKlientImplTest.java

@@ -41,7 +41,7 @@
 import no.nav.vedtak.sikkerhet.pdp.xacml.XacmlRequest;
 import no.nav.vedtak.sikkerhet.pdp.xacml.XacmlResponse;
 
-public class PdpKlientImplTest {
+class PdpKlientImplTest {
 
     private static final String JWT_TOKENSTRING = "eyAidHlwIjogIkpXVCIsICJraWQiOiAiU0gxSWVSU2sxT1VGSDNzd1orRXVVcTE5VHZRPSIsICJhbGciOiAiUlMyNTYiIH0.eyAiYXRfaGFzaCI6ICIyb2c1RGk5ZW9LeFhOa3VPd0dvVUdBIiwgInN1YiI6ICJzMTQyNDQzIiwgImF1ZGl0VHJhY2tpbmdJZCI6ICI1NTM0ZmQ4ZS03MmE2LTRhMWQtOWU5YS1iZmEzYThhMTljMDUtNjE2NjA2NyIsICJpc3MiOiAiaHR0cHM6Ly9pc3NvLXQuYWRlby5ubzo0NDMvaXNzby9vYXV0aDIiLCAidG9rZW5OYW1lIjogImlkX3Rva2VuIiwgImF1ZCI6ICJPSURDIiwgImNfaGFzaCI6ICJiVWYzcU5CN3dTdi0wVlN0bjhXLURnIiwgIm9yZy5mb3JnZXJvY2sub3BlbmlkY29ubmVjdC5vcHMiOiAiMTdhOGZiMzYtMGI0Ny00YzRkLWE4YWYtZWM4Nzc3Y2MyZmIyIiwgImF6cCI6ICJPSURDIiwgImF1dGhfdGltZSI6IDE0OTgwMzk5MTQsICJyZWFsbSI6ICIvIiwgImV4cCI6IDE0OTgwNDM1MTUsICJ0b2tlblR5cGUiOiAiSldUVG9rZW4iLCAiaWF0IjogMTQ5ODAzOTkxNSB9.S2DKQweQWZIfjaAT2UP9_dxrK5zqpXj8IgtjDLt5PVfLYfZqpWGaX-ckXG0GlztDVBlRK4ylmIYacTmEAUV_bRa_qWKRNxF83SlQRgHDSiE82SGv5WHOGEcAxf2w_d50XsgA2KDBCyv0bFIp9bCiKzP11uWPW0v4uIkyw2xVxMVPMCuiMUtYFh80sMDf9T4FuQcFd0LxoYcSFDEDlwCdRiF3ufw73qtMYBlNIMbTGHx-DZWkZV7CgukmCee79gwQIvGwdLrgaDrHFCJUDCbB1FFEaE3p3_BZbj0T54fCvL69aHyWm1zEd9Pys15yZdSh3oSSr4yVNIxhoF-nQ7gY-g;";
     public static final OpenIDToken JWT_TOKEN = new OpenIDToken(OpenIDProvider.STS, new TokenString(JWT_TOKENSTRING));
@@ -58,7 +58,7 @@ public void setUp() {
     }
 
     @Test
-    public void kallPdpMedSamlTokenNårIdTokenErSamlToken() {
+    void kallPdpMedSamlTokenNårIdTokenErSamlToken() {
         var idToken = Token.withSamlToken("SAML");
         var responseWrapper = createResponse("xacmlresponse.json");
         var captor = ArgumentCaptor.forClass(XacmlRequest.class);
@@ -72,7 +72,7 @@ public void setUp() {
     }
 
     @Test
-    public void kallPdpUtenFnrResourceHvisPersonlisteErTom() {
+    void kallPdpUtenFnrResourceHvisPersonlisteErTom() {
         var idToken = Token.withOidcToken(JWT_TOKEN, "TEST", IdentType.InternBruker);
         var responseWrapper = createResponse("xacmlresponse.json");
         var captor = ArgumentCaptor.forClass(XacmlRequest.class);
@@ -87,7 +87,7 @@ public void kallPdpUtenFnrResourceHvisPersonlisteErTom() {
     }
 
     @Test
-    public void kallPdpMedJwtTokenBodyNårIdTokenErJwtToken() {
+    void kallPdpMedJwtTokenBodyNårIdTokenErJwtToken() {
         var idToken = Token.withOidcToken(JWT_TOKEN, "TEST", IdentType.InternBruker);
         var responseWrapper = createResponse("xacmlresponse.json");
         var captor = ArgumentCaptor.forClass(XacmlRequest.class);
@@ -102,7 +102,7 @@ public void kallPdpUtenFnrResourceHvisPersonlisteErTom() {
     }
 
     @Test
-    public void kallPdpMedJwtTokenBodyNårIdTokenErTokeXToken() {
+    void kallPdpMedJwtTokenBodyNårIdTokenErTokeXToken() {
         var idToken = Token.withOidcToken(JWT_TOKENX_TOKEN, "TEST", IdentType.InternBruker);
         var responseWrapper = createResponse("xacmlresponse.json");
         var captor = ArgumentCaptor.forClass(XacmlRequest.class);
@@ -117,7 +117,7 @@ public void kallPdpUtenFnrResourceHvisPersonlisteErTom() {
     }
 
     @Test
-    public void kallPdpMedFlereAttributtSettNårPersonlisteStørreEnn1() {
+    void kallPdpMedFlereAttributtSettNårPersonlisteStørreEnn1() {
         var idToken = Token.withOidcToken(JWT_TOKEN, "TEST", IdentType.InternBruker);
         var responseWrapper = createResponse("xacml3response.json");
         var captor = ArgumentCaptor.forClass(XacmlRequest.class);
@@ -140,7 +140,7 @@ public void kallPdpUtenFnrResourceHvisPersonlisteErTom() {
     }
 
     @Test
-    public void kallPdpMedFlereAttributtSettNårPersonlisteStørreEnn2() {
+    void kallPdpMedFlereAttributtSettNårPersonlisteStørreEnn2() {
         var idToken = Token.withOidcToken(JWT_TOKEN, "TEST", IdentType.InternBruker);
         var responseWrapper = createResponse("xacmlresponse-array.json");
         var captor = ArgumentCaptor.forClass(XacmlRequest.class);
@@ -163,7 +163,7 @@ public void kallPdpUtenFnrResourceHvisPersonlisteErTom() {
     }
 
     @Test
-    public void sporingsloggListeSkalHaSammeRekkefølgePåidenterSomXacmlRequest() {
+    void sporingsloggListeSkalHaSammeRekkefølgePåidenterSomXacmlRequest() {
         var idToken = Token.withOidcToken(JWT_TOKEN, "TEST", IdentType.InternBruker);
         var responseWrapper = createResponse("xacml3response.json");
         var captor = ArgumentCaptor.forClass(XacmlRequest.class);
@@ -194,7 +194,7 @@ public void kallPdpUtenFnrResourceHvisPersonlisteErTom() {
     }
 
     @Test
-    public void skal_base64_encode_saml_token() {
+    void skal_base64_encode_saml_token() {
         var idToken = Token.withSamlToken("<dummy SAML token>");
         @SuppressWarnings("unused")
         var responseWrapper = createResponse("xacmlresponse_multiple_obligation.json");
@@ -213,7 +213,7 @@ public void skal_base64_encode_saml_token() {
     }
 
     @Test
-    public void skal_bare_ta_med_deny_advice() {
+    void skal_bare_ta_med_deny_advice() {
         var idToken = Token.withSamlToken("<dummy SAML token>");
         var responseWrapper = createResponse("xacmlresponse_1deny_1permit.json");
 
@@ -246,7 +246,7 @@ private void assertHasAttribute(List<XacmlRequest.Attributes> attributes, String
     }
 
     @Test
-    public void skalFeileVedUkjentObligation() {
+    void skalFeileVedUkjentObligation() {
         var idToken = Token.withSamlToken("SAML");
         var responseWrapper = createResponse("xacmlresponse_multiple_obligation.json");
 
@@ -263,7 +263,7 @@ public void skalFeileVedUkjentObligation() {
     }
 
     @Test
-    public void skal_håndtere_blanding_av_fnr_og_aktør_id() {
+    void skal_håndtere_blanding_av_fnr_og_aktør_id() {
 
         var idToken = Token.withOidcToken(JWT_TOKEN, "TEST", IdentType.InternBruker);
         var responseWrapper = createResponse("xacml3response.json");
@@ -315,7 +315,7 @@ private XacmlResponse createResponse(String jsonFile) {
     }
 
     @Test
-    public void lese_sammenligne_request() throws IOException {
+    void lese_sammenligne_request() throws IOException {
         File file = new File(getClass().getClassLoader().getResource("request.json").getFile());
         var target = DefaultJsonMapper.getObjectMapper().readValue(file, XacmlRequest.class);
 

felles/auth-filter/src/main/java/no/nav/vedtak/sikkerhet/jaxrs/AuthenticationFilterDelegate.java

@@ -88,7 +88,7 @@ public static void fjernKontekst() {
     }
 
     private static void setCallAndConsumerId(ContainerRequestContext request) {
-        String callId = Optional.ofNullable(request.getHeaderString(MDCOperations.HTTP_HEADER_CALL_ID)) // NOSONAR Akseptertet headere
+        String callId = Optional.ofNullable(request.getHeaderString(MDCOperations.HTTP_HEADER_CALL_ID))
             .or(() -> Optional.ofNullable(request.getHeaderString(MDCOperations.HTTP_HEADER_ALT_CALL_ID)))
             .orElseGet(MDCOperations::generateCallId);
         MDCOperations.putCallId(callId);

felles/auth-filter/src/test/java/no/nav/vedtak/sikkerhet/jaxrs/AuthenticationFilterDelegateTest.java

@@ -34,7 +34,7 @@
 import no.nav.vedtak.sikkerhet.oidc.validator.OidcTokenValidatorConfig;
 import no.nav.vedtak.sikkerhet.oidc.validator.OidcTokenValidatorResult;
 
-public class AuthenticationFilterDelegateTest {
+class AuthenticationFilterDelegateTest {
 
     private OidcTokenValidator tokenValidator = Mockito.mock(OidcTokenValidator.class);
 
@@ -76,7 +76,7 @@ public void teardown() throws Exception{
     }
 
     @Test
-    public void skal_slippe_gjennom_forespørsel_etter_ubeskyttet_ressurs() throws Exception {
+    void skal_slippe_gjennom_forespørsel_etter_ubeskyttet_ressurs() throws Exception {
         Method method = RestClass.class.getMethod("ubeskyttet");
         ResourceInfo ri = new TestInvocationContext(method, RestClass.class);
 
@@ -87,7 +87,7 @@ public void teardown() throws Exception{
 
 
     @Test
-    public void skal_ikke_slippe_gjennom_forespørsel_men_svare_med_401_etter_beskyttet_ressurs_når_forespørselen_ikke_har_med_id_token() throws Exception {
+    void skal_ikke_slippe_gjennom_forespørsel_men_svare_med_401_etter_beskyttet_ressurs_når_forespørselen_ikke_har_med_id_token() throws Exception {
         Method method = RestClass.class.getMethod("beskyttet");
         ResourceInfo ri = new TestInvocationContext(method, RestClass.class);
 
@@ -98,7 +98,7 @@ public void teardown() throws Exception{
 
 
     @Test
-    public void skal_sende_401_for_utløpt_Authorization_header() throws Exception {
+    void skal_sende_401_for_utløpt_Authorization_header() throws Exception {
         var utløptIdToken = getUtløptToken();
         Method method = RestClass.class.getMethod("beskyttet");
         ResourceInfo ri = new TestInvocationContext(method, RestClass.class);
@@ -113,7 +113,7 @@ public void teardown() throws Exception{
     }
 
     @Test
-    public void skal_slippe_gjennom_forespørsel_etter_beskyttet_ressurs_når_forespørselen_har_med_id_token_som_validerer()
+    void skal_slippe_gjennom_forespørsel_etter_beskyttet_ressurs_når_forespørselen_har_med_id_token_som_validerer()
         throws Exception {
         Method method = RestClass.class.getMethod("beskyttet");
         ResourceInfo ri = new TestInvocationContext(method, RestClass.class);
@@ -133,7 +133,7 @@ public void teardown() throws Exception{
 
 
     @Test
-    public void skal_slippe_gjennom_token_tilstrekkelig_levetid_til_å_brukes_til_kall_til_andre_tjenester()
+    void skal_slippe_gjennom_token_tilstrekkelig_levetid_til_å_brukes_til_kall_til_andre_tjenester()
         throws Exception {
         Method method = RestClass.class.getMethod("beskyttet");
         ResourceInfo ri = new TestInvocationContext(method, RestClass.class);
@@ -151,7 +151,7 @@ public void teardown() throws Exception{
     }
 
     @Test
-    public void skal_slippe_gjennom_token_tilstrekkelig_levetid_til_å_brukes_til_kall_til_andre_tjenester_selv_om_kortere_enn_gammel_grense()
+    void skal_slippe_gjennom_token_tilstrekkelig_levetid_til_å_brukes_til_kall_til_andre_tjenester_selv_om_kortere_enn_gammel_grense()
         throws Exception {
         Method method = RestClass.class.getMethod("beskyttet");
         ResourceInfo ri = new TestInvocationContext(method, RestClass.class);

felles/db/src/main/java/no/nav/vedtak/felles/jpa/EntityManagerProducer.java

@@ -35,7 +35,7 @@ public class EntityManagerProducer {
     /**
      * registrerte {@link EntityManagerFactory}.
      */
-    private static final Map<String, EntityManagerFactory> CACHE_FACTORIES = new ConcurrentHashMap<>(); // NOSONAR
+    private static final Map<String, EntityManagerFactory> CACHE_FACTORIES = new ConcurrentHashMap<>();
 
     @Produces
     @RequestScoped

felles/db/src/main/java/no/nav/vedtak/felles/jpa/TransactionHandler.java

@@ -37,10 +37,10 @@ public R apply(EntityManager em) throws Exception {
         }
     }
 
-    protected abstract R doWork(EntityManager entityManager) throws Exception;  // NOSONAR
+    protected abstract R doWork(EntityManager entityManager) throws Exception; // NOSONAR
 
     public interface Work<R> {
-        R doWork(EntityManager em) throws Exception; // NOSONAR
+        R doWork(EntityManager em) throws Exception;  // NOSONAR
     }
 
-}
+}

felles/db/src/main/java/no/nav/vedtak/felles/jpa/converters/PropertiesToStringConverter.java

@@ -36,7 +36,7 @@ public Properties convertToEntityAttribute(String dbData) {
             try {
                 props.load(new StringReader(dbData));
             } catch (IOException e) {
-                throw new IllegalArgumentException("Kan ikke lese properties til string:" + props, e); //$NON-NLS-1$
+                throw new IllegalArgumentException("Kan ikke lese properties til string:" + props, e);
             }
         }
         return props;

felles/db/src/main/java/no/nav/vedtak/felles/jpa/savepoint/RunWithSavepoint.java

@@ -54,8 +54,7 @@ public V execute(Connection conn) throws SQLException {
                             // allerede skjedd, ikke håndter på nytt men la 'vårt' savepoint i fred
                             throw e;
                         } catch (Throwable t) { // NOSONAR
-                            // alle andre feil intercepts medfører rollback siden vi ikke kan være sikre på
-                            // tilstand.
+                            // alle andre feil intercepts medfører rollback siden vi ikke kan være sikre på tilstand.
                             em.clear(); // rydd ugyldig state
                             if (!conn.isClosed()) {
                                 conn.rollback(savepoint);

felles/db/src/test/java/no/nav/vedtak/felles/jpa/converters/BooleanToStringConverterTest.java

@@ -4,38 +4,38 @@
 
 import org.junit.jupiter.api.Test;
 
-public class BooleanToStringConverterTest {
+class BooleanToStringConverterTest {
 
     private static final BooleanToStringConverter BOOLEAN_TO_STRING_CONVERTER = new BooleanToStringConverter();
 
     @Test
-    public void skal_konvertere_J_til_TRUE() {
+    void skal_konvertere_J_til_TRUE() {
         assertThat(BOOLEAN_TO_STRING_CONVERTER.convertToEntityAttribute("J")).isEqualTo(Boolean.TRUE);
     }
 
     @Test
-    public void skal_konvertere_N_til_FALSE() {
+    void skal_konvertere_N_til_FALSE() {
         assertThat(BOOLEAN_TO_STRING_CONVERTER.convertToEntityAttribute("N")).isEqualTo(Boolean.FALSE);
     }
 
     @Test
-    public void skal_konverte_null_string_til_null_boolean() {
+    void skal_konverte_null_string_til_null_boolean() {
         assertThat(BOOLEAN_TO_STRING_CONVERTER.convertToEntityAttribute(null)).isNull();
     }
 
     @Test
-    public void skal_konverte_TRUE_til_J() {
+    void skal_konverte_TRUE_til_J() {
         assertThat(BOOLEAN_TO_STRING_CONVERTER.convertToDatabaseColumn(Boolean.TRUE)).isEqualTo("J");
     }
 
     @Test
-    public void skal_konverte_FALSE_til_N() {
+    void skal_konverte_FALSE_til_N() {
         assertThat(BOOLEAN_TO_STRING_CONVERTER.convertToDatabaseColumn(Boolean.FALSE)).isEqualTo("N");
     }
 
     @Test
-    public void skal_konverte_null_boolean_til_null_streng() {
+    void skal_konverte_null_boolean_til_null_streng() {
         assertThat(BOOLEAN_TO_STRING_CONVERTER.convertToDatabaseColumn(null)).isEqualTo(null);
     }
 
-}
+}

felles/db/src/test/java/no/nav/vedtak/felles/jpa/converters/PropertiesToStringConverterTest.java

@@ -7,10 +7,10 @@
 
 import org.junit.jupiter.api.Test;
 
-public class PropertiesToStringConverterTest {
+class PropertiesToStringConverterTest {
 
     @Test
-    public void test_method_convertToDatabaseColumn() {
+    void test_method_convertToDatabaseColumn() {
         final String propNavn = "propNavn";
         final String propVerdi = "propVerdi";
         Properties properties = new Properties();
@@ -20,13 +20,13 @@ public void test_method_convertToDatabaseColumn() {
     }
 
     @Test
-    public void test_method_convertToDatabaseColumn_null_sjekk() {
+    void test_method_convertToDatabaseColumn_null_sjekk() {
         Properties properties = new Properties();
         assertNull(new PropertiesToStringConverter().convertToDatabaseColumn(properties));
     }
 
     @Test
-    public void test_method_convertToEntityAttribute() {
+    void test_method_convertToEntityAttribute() {
         final String dbData = "navn=testNavn\nby=oslo\nland=norge";
         Properties properties = new PropertiesToStringConverter().convertToEntityAttribute(dbData);
         assertThat(properties.getProperty("land")).isEqualTo("norge");

felles/klient/src/main/java/no/nav/vedtak/klient/http/ResponseHandler.java

@@ -11,7 +11,6 @@
 final class ResponseHandler {
 
     private ResponseHandler() {
-        // NOSONAR
     }
 
     static <W> W handleResponse(final HttpResponse<W> response, URI endpoint, Set<Integer> acceptStatus) {

felles/kontekst/src/main/java/no/nav/vedtak/sikkerhet/kontekst/BasisKontekst.java

@@ -55,8 +55,9 @@ public static BasisKontekst forProsesstask() {
     }
 
     public static BasisKontekst forProsesstaskUtenSystembruker() {
-        var appname = "srv" + Environment.current().application();
-        return new BasisKontekst(SikkerhetContext.SYSTEM, appname, IdentType.Prosess, Optional.ofNullable(Environment.current().clientId()).orElse(appname));
+        var username = "srv" + Optional.ofNullable(Environment.current().application()).orElse("local");
+        var konsument =  Optional.ofNullable(Environment.current().clientId()).orElse(username);
+        return new BasisKontekst(SikkerhetContext.SYSTEM, username, IdentType.Prosess, konsument);
     }
 
     public static BasisKontekst ikkeAutentisertRequest(String consumerId) {

felles/log/src/main/java/no/nav/vedtak/log/util/MemoryAppender.java

@@ -80,9 +80,9 @@ public static MemoryAppender sniff(Class<?> clazz) {
 
     public static MemoryAppender sniff(org.slf4j.Logger logger) {
         var log = Logger.class.cast(logger);
-        log.setLevel(Level.INFO);
+        log.setLevel(Level.INFO); // NOSONAR test-utility
         var sniffer = new MemoryAppender(log.getName());
-        log.addAppender(sniffer);
+        log.addAppender(sniffer); // NOSONAR test-utility
         sniffer.start();
         return sniffer;
     }