rules don't trigger for config files with newlines

[vermegi]

I have been testing with spring petclinic microservices, and specifically for the config repo used there, I was expecting certain rules to trigger, but they don't. I think this has to do with the definition of the rule being like this:

(https://github.com/Azure/appcat-rulesets/blob/d60c16ddefee1139f64322d9e42442c129e7ed14/rules/rules-reviewed/azure/azure-database-config.windup.xml#L24)

While in the config repo for petclinic the definition is like this:

datasource: url: jdbc:mysql://localhost:3306/petclinic?useSSL=false

Because of the different way of defining this property, this rule will not trigger.

The rule did trigger on jdbc:

(https://github.com/Azure/appcat-rulesets/blob/d60c16ddefee1139f64322d9e42442c129e7ed14/rules/rules-reviewed/azure/azure-database-config.windup.xml#L23C76-L23C76)

Similarly, none of the port definitions in these YAML files got reported on. For instance admin-server.yml has the following property definition:

server: port: 9090

while the rule (https://github.com/Azure/appcat-rulesets/blob/main/rules/rules-reviewed/azure/springboot/spring-boot-to-azure-port.windup.xml) uses This will not detect the newline.

[agoncal]

WindUp does not have the same level of features when it comes to YAML. There are several opened JIRA issues on this topic:

• Analysis of yaml/yml files
• yml/yaml file analysis
• yml/yaml files - Source Code Report

The WINDUP-3420 is the one about the issues we face:

It must be possible to traverse yaml/yml files, with the same degree of precision as XML files. Hence provide the equivalent capability of the XPATH to navigate to specific property values.

I've left a comment in the JIRA.

[agoncal]

Until finding a better way, the WindUp team has disabled the YAML file extension. See https://github.com/windup/windup-rulesets/pull/1018