Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SONARIAC-1892 Modify rule S6975: Fix how to fix it section split #4604

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

SONARIAC-1892 Modify rule S6975: Fix how to fix it section split #4604

wants to merge 1 commit into from

Conversation

GabinL21
Copy link
Contributor

@GabinL21 GabinL21 commented Jan 8, 2025

Review

A dedicated reviewer checked the rule description successfully for:

  • logical errors and incorrect information
  • information gaps and missing content
  • text style and tone
  • PR summary and labels follow the guidelines

@GabinL21 GabinL21 added the iac label Jan 8, 2025
@GabinL21 GabinL21 self-assigned this Jan 8, 2025
@sonarqube-next SonarQube-Next
Copy link

sonarqube-next bot commented Jan 8, 2025

Quality Gate passed Quality Gate passed for 'rspec-tools'

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

@sonarqube-next SonarQube-Next
Copy link

sonarqube-next bot commented Jan 8, 2025

Quality Gate passed Quality Gate passed for 'rspec-frontend'

Issues
0 New issues
0 Fixed issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarQube

GabinL21
GabinL21 commented Jan 8, 2025
View reviewed changes
rules/S6975/azureresourcemanager/how-to-fix-it/arm.adoc
Comment on lines +3 to +5
=== Code examples

==== Compliant solution
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think these missing titles is why the content is not displayed on the Sonar rules website (but is still somehow display everywhere else, the parsing logic must be different)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It will be good to document in our Xtranet how to write rules. Especially, how it should be defined for IaC technologies that have 2 formats(json/bicep, json/yaml, yaml/properties).

@GabinL21 GabinL21 requested a review from mstachniuk January 8, 2025 15:45
mstachniuk
mstachniuk approved these changes Jan 9, 2025
View reviewed changes
Copy link
Contributor

@mstachniuk mstachniuk left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

rules/S6321/azureresourcemanager/how-to-fix-it/arm.adoc
@@ -0,0 +1,53 @@
== How to fix it in ARM Templates
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not sure if arm.json is a good name for the file as ARM is a name of technology. The suprorted languages are Bicep and JSON, so IMO the files should be rename to json.adoc

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Indeed! I followed the convention we were already using, I will update every other file then.

Should I also update the header? In Microsoft's documentation, ARM templates seem to imply that it's JSON, and Bicep is not defined as an ARM template, but the line seems blurry. I'd rename it "How to fix it in JSON Templates" (without mentioning ARM to keep it shorter; ARM is already implied by the rule language) and keep "How to fix it in Bicep."

What do you think?

rules/S6321/azureresourcemanager/how-to-fix-it/bicep.adoc
access: 'Allow'
protocol: '*'
destinationPortRange: '*'
sourceAddressPrefix: '*'
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider adding Noncompliant comment.
See: https://github.com/SonarSource/rspec/blob/444c23805989cba3ebdd79d578388f8f6626f596/docs/description.adoc

noncompliant lines should always be highlighted with the corresponding comment “// Noncompliant” optionally followed by some explanation) if that is clearer

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It's kinda hard to add Noncompliant comments to both code examples you mentioned because it's actually a combination of multiple lines that makes it non-compliant. I'll look into it, see what's possible and how we're dealing with similar situations to be consistent 😉

rules/S6385/azureresourcemanager/how-to-fix-it/bicep.adoc
properties: {
permissions: [
{
actions: ['*']
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Consider adding Noncompliant comment

rules/S6975/azureresourcemanager/how-to-fix-it/arm.adoc
Comment on lines +3 to +5
=== Code examples

==== Compliant solution
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It will be good to document in our Xtranet how to write rules. Especially, how it should be defined for IaC technologies that have 2 formats(json/bicep, json/yaml, yaml/properties).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mstachniuk mstachniuk mstachniuk approved these changes

Assignees

@GabinL21 GabinL21

Labels
iac
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@GabinL21 @mstachniuk