Merge pull request #8 from mulesoft-consulting/feature/domain

Added Mule 4 Domain Support

Author: fperezpa

README.md

@@ -54,6 +54,10 @@ Sonarqube plugin:
 
 ## Release Notes
 
+#### 1.0.2
+##### Changes
+	- Added Support for Mule 4 Domain Inspections
+
 #### 1.0.1
 ##### Changes
 	- Refactor - One single project. mule-validation-xpath-core dependency is not longer needed

pom.xml

@@ -5,7 +5,7 @@
 
 	<groupId>com.mulesoft.services</groupId>
 	<artifactId>mule-validation-sonarqube-plugin</artifactId>
-	<version>1.0.1</version>
+	<version>1.0.2</version>
 	<packaging>jar</packaging>
 
 	<url>http://maven.apache.org</url>

src/main/resources/namespace-4.properties

@@ -3,12 +3,15 @@ api-gateway=http://www.mulesoft.org/schema/mule/api-gateway
 ee=http://www.mulesoft.org/schema/mule/ee/core
 mule=http://www.mulesoft.org/schema/mule/core
 munit=http://www.mulesoft.org/schema/mule/munit
+munit-tools=http://www.mulesoft.org/schema/mule/munit-tools
 context=http://www.springframework.org/schema/context
 secure-properties=http://www.mulesoft.org/schema/mule/secure-properties
 http=http://www.mulesoft.org/schema/mule/http
 scripting=http://www.mulesoft.org/schema/mule/scripting
 tls=http://www.mulesoft.org/schema/mule/tls
 doc=http://www.mulesoft.org/schema/mule/documentation
 validation=http://www.mulesoft.org/schema/mule/validation
+tls=http://www.mulesoft.org/schema/mule/tls
 java=http://www.mulesoft.org/schema/mule/java
-db=http://www.mulesoft.org/schema/mule/db
+db=http://www.mulesoft.org/schema/mule/db
+domain=http://www.mulesoft.org/schema/mule/ee/domain

src/test/java/com/mulesoft/services/tools/validation/Mule4Test.java

@@ -48,4 +48,14 @@ public void testRuleDBProperties() throws JDOMException, IOException {
 		boolean valid = xpathProcessor.processXPath(rule, rootElement, Boolean.class).booleanValue();
 		assertTrue("DB CONFIG HOST MUST HAVE A PROP PLACEHOLDER", valid);
 	}
+	
+	@Test
+	public void testDomain() throws JDOMException, IOException {
+		String rule = "count(//domain:mule-domain/http:request-config[not(@responseTimeout) or not(matches(@responseTimeout,'^\\$\\{.*\\}$'))]) = 0";
+		String fileName = testDirectory.concat(File.separator + "mule-domain-config.xml");
+		Document document = saxBuilder.build(new File(fileName));
+		Element rootElement = document.getRootElement();
+		boolean valid = xpathProcessor.processXPath(rule, rootElement, Boolean.class).booleanValue();
+		assertTrue("HTTP Requestor Configuration should have a configurable Response Timeout", valid);
+	}
 }

src/test/resources/mule4/mule-domain-config.xml

@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<domain:mule-domain
+        xmlns:tls="http://www.mulesoft.org/schema/mule/tls"
+        xmlns:http="http://www.mulesoft.org/schema/mule/http"         xmlns="http://www.mulesoft.org/schema/mule/core"
+        xmlns:domain="http://www.mulesoft.org/schema/mule/ee/domain"
+        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+        xmlns:doc="http://www.mulesoft.org/schema/mule/documentation"
+        xsi:schemaLocation="
+http://www.mulesoft.org/schema/mule/tls http://www.mulesoft.org/schema/mule/tls/current/mule-tls.xsd http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd
+               http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd
+               http://www.mulesoft.org/schema/mule/ee/domain http://www.mulesoft.org/schema/mule/ee/domain/current/mule-domain-ee.xsd">
+
+    <!-- configure here resource to be shared within the domain -->
+    <http:request-config name="HTTP_Request_configuration" doc:name="HTTP Request configuration" doc:id="0294ba59-72a5-4230-b29f-11a68e153790" responseTimeout="${http.timeout}">
+        <http:request-connection protocol="HTTPS" host="api.exchangeratesapi.io" port="443">
+            <reconnection >
+                <reconnect frequency="${request.reconnection.freq}" count="${request.reconnection.count}" />
+            </reconnection>
+        </http:request-connection>
+        <http:default-headers >
+            <http:default-header key="whateverOne" value="something" />
+            <http:default-header key="whateverTwo" value="somethingElse" />
+        </http:default-headers>
+        <http:default-query-params >
+            <http:query-param key="parameter" value="value" />
+        </http:default-query-params>
+    </http:request-config>
+    <http:listener-config name="test-api-with-examples-httpListenerConfig">
+        <http:listener-connection host="0.0.0.0" port="${http.port}" protocol="HTTPS" tlsContext="${http.tls.config}"/>
+    </http:listener-config>
+    <tls:context name="TLS_Context" doc:name="TLS Context" doc:id="1da6ee2f-5864-4d8d-ada0-4298257a7962" >
+        <tls:trust-store path="${}"/>
+        <tls:key-store type="jks" path="${}" />
+    </tls:context>
+</domain:mule-domain>

src/test/resources/rules-4.xml

@@ -129,6 +129,92 @@
 			matches(//mule:mule/db:config/db:mssql-connection/@host,
 			'^\$\{.*\}$')
 		</rule>
+		<rule id="11"
+			name="Domain - HTTP Requestor reconnection strategy should use a configurable count value"
+			description="&lt;b&gt;Domain&lt;/b&gt; - HTTP Requestor reconnection strategy should use a configurable count value"
+			severity="MAJOR" applies="file" type="bug">
+			count(//domain:mule-domain/http:request-config/http:request-connection)
+			= count(
+			//domain:mule-domain/http:request-config/http:request-connection/mule:reconnection/mule:reconnect[matches(@count,'^\$\{.*\}$')]
+			)
+		</rule>
+		<rule id="12"
+			name="Domain - HTTP Requestor reconnection strategy should use configurable frequency"
+			description="&lt;b&gt;Domain&lt;/b&gt; - HTTP Requestor reconnection strategy should use configurable frequency"
+			severity="MAJOR" applies="file" type="bug">
+			count(//domain:mule-domain/http:request-config/http:request-connection)
+			= count(
+			//domain:mule-domain/http:request-config/http:request-connection/mule:reconnection/mule:reconnect[matches(@frequency,'^\$\{.*\}$')]
+			)
+		</rule>
+		<rule id="13"
+			name="Domain - Mule Secure Properties should use AES-CBC algorithm"
+			description="&lt;b&gt;Domain&lt;/b&gt; - Mule Secure Properties should use AES-CBC algorithm"
+			severity="MAJOR" applies="file" type="vulnerability">
+			count(//domain:mule-domain/secure-properties:config/secure-properties:encrypt[@algorithm!='AES'
+			or @mode!='CBC']) = 0
+		</rule>
+		<rule id="14"
+			name="Domain - HTTP Listener should not use a hardcoded port value"
+			description="&lt;b&gt;Domain&lt;/b&gt; - HTTP Listener should not use a hardcoded port value"
+			severity="MAJOR" applies="file" type="code_smell">
+			count(//domain:mule-domain/http:listener-config)=0
+			or
+			matches(//domain:mule-domain/http:listener-config/http:listener-connection/@port,
+			'^\$\{.*\}$')
+		</rule>
+		<rule id="15"
+			name="Domain - HTTP Requestor Configuration should reference a TLS Configuration"
+			description="&lt;b&gt;Domain&lt;/b&gt; - HTTP Requestor should reference a TLS Configuration"
+			severity="MINOR" applies="file" type="bug">
+			count(//domain:mule-domain/http:request-config) =
+			count(//domain:mule-domain/http:request-config/http:request-connection[matches(@tlsContext,'^\$\{.*\}$')])
+		</rule>
+		<rule id="16"
+			name="Domain - Trust Store Configuration should use a configurable path"
+			description="&lt;b&gt;Domain&lt;/b&gt; - Trust Store Configuration should use a configurable path"
+			severity="MINOR" applies="file" type="vulnerability">
+			count(//domain:mule-domain/tls:context/tls:trust-store) =
+			count(//domain:mule-domain/tls:context/tls:trust-store[matches(@path,'^\$\{.*\}$')])
+		</rule>
+		<rule id="17"
+			name="Domain - Key Store Configuration should use a configurable path"
+			description="&lt;b&gt;Domain&lt;/b&gt; - Key Store Configuration should use a configurable path"
+			severity="MINOR" applies="file" type="vulnerability">
+			count(//domain:mule-domain/tls:context/tls:key-store) =
+			count(//domain:mule-domain/tls:context/tls:key-store[matches(@path,'^\$\{.*\}$')])
+		</rule>
+		<rule id="18"
+			name="Domain - Trust Store Configuration should not have the insecure attribute"
+			description="&lt;b&gt;Domain&lt;/b&gt; - Trust Store Configuration should not have the insecure attribute"
+			severity="CRITICAL" applies="file" type="vulnerability">
+			count(//domain:mule-domain/tls:context/tls:trust-store) =
+			count(//domain:mule-domain/tls:context/tls:trust-store[not(@insecure)])
+		</rule>
+		<rule id="19"
+			name="Domain - HTTPS Listener should have a TLS Configuration"
+			description="&lt;b&gt;Domain&lt;/b&gt; - HTTPS Listener should have a TLS Configuration"
+			severity="MAJOR" applies="file" type="vulnerability">
+			count(//domain:mule-domain/http:listener-config/http:listener-connection[@protocol='HTTPS'
+			and not(@tlsContext)])=0
+		</rule>
+		<rule id="20"
+			name="Domain - HTTP Requestor Configuration should not use dynamic default headers or query params"
+			description="&lt;b&gt;Domain&lt;/b&gt; - HTTP Requestor Configuration should not use dynamic default headers or query params"
+			severity="CRITICAL" applies="file" type="code_smell">
+			count(//domain:mule-domain/http:request-config/http:default-headers/http:default-header[matches(@value,'^#\[.*\]$')])
+			= 0
+			and
+			count(//domain:mule-domain/http:request-config/http:default-query-params/http:query-param[matches(@value,'^#\[.*\]$')])
+			= 0
+		</rule>
+		<rule id="21"
+			name="Domain - HTTP Requestor Configuration should have a configurable Response Timeout"
+			description="&lt;b&gt;Domain&lt;/b&gt; - HTTP Requestor Configuration should have a configurable Response Timeout"
+			severity="CRITICAL" applies="file" type="bug">
+			count(//domain:mule-domain/http:request-config[not(@responseTimeout)
+			or not(matches(@responseTimeout,'^\$\{.*\}$'))]) = 0
+		</rule>
 	</ruleset>
 </rulestore>