Add support for loading and reporting analysis issues to platform plugins

Xenowa commented 4 months ago

Purpose

Add functionalities to:

Load and report analysis issues to static analysis platforms via static code analysis platform plugins defined in a Scan.toml file.

[[platform]]
name = "platformName"
path = "path/to/static_code_analysis_platform_plugin"

Filter analysis issues based on fully qualified name of analysis rules defined in a Scan.toml file or provided via the terminal.

# Scan.toml
[rule]
include = [
    "ballerina:1",
    "exampleOrg/example_module_static_code_analyzer:1",
    "ballerina/example_module_static_code_analyzer:1",
    "ballerinax/example_module_static_code_analyzer:1",
]
exclude = ["ballerina:1"]

bal scan --include-rules="ballerina:1, ballerina/example_module_static_code_analyzer:1" --exclude-rules="ballerina:1"

codecov[bot] commented 4 months ago

Codecov Report

Attention: Patch coverage is 40.47619% with 50 lines in your changes missing coverage. Please review.

Project coverage is 82.30%. Comparing base (13ac6e0) to head (d9b233b).

:exclamation: Current head d9b233b differs from pull request most recent head 722dea1

Please upload reports for the commit 722dea1 to get more accurate results.

Files	Patch %	Lines
.../main/java/io/ballerina/scan/internal/ScanCmd.java	42.02%	35 Missing and 5 partials :warning:
...erina/scan/internal/PlatformPluginContextImpl.java	0.00%	6 Missing :warning:
...va/io/ballerina/scan/internal/ProjectAnalyzer.java	50.00%	2 Missing and 2 partials :warning:

Additional details and impacted files

```diff @@ Coverage Diff @@ ## static-code-analysis-tool #16 +/- ## =============================================================== - Coverage 87.50% 82.30% -5.20% Complexity 161 161 =============================================================== Files 17 18 +1 Lines 656 712 +56 Branches 73 78 +5 =============================================================== + Hits 574 586 +12 - Misses 55 94 +39 - Partials 27 32 +5 ```

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.

sonarcloud[bot] commented 2 months ago

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

ballerina-platform / static-code-analysis-tool