NoClassDefFoundError com.google.common.collect.Iterables on custom plugin deploy

时间:2016-02-03 18:59:27

标签: java sonarqube

我正在尝试编写插件来执行一些自定义Java检查。

检查很简单,看起来都很相似:

@ActivatedByDefault
@SqaleConstantRemediation("1h")
@SqaleSubCharacteristic(SECURITY_FEATURES)
@Rule(name = "Methods annotated with @RequestMapping should also have @PreAuthorize annotation", priority = CRITICAL)
public class RequestMappingHasPreAuthorizeAnnotationCheck extends MethodVisitor {

@Override
public void visitMethod(MethodTree methodTree) {
    if (hasRequestMappingButNotPreAuthorize(methodTree.modifiers())) {
        reportIssue(methodTree,
                "Methods annotated with @RequestMapping should also be annotated with @PreAuthorize");
    }
}

private static boolean hasRequestMappingButNotPreAuthorize(ModifiersTree modifiers) {
    return isAnnotatedWith(modifiers, REQUEST_MAPPING) && !isAnnotatedWith(modifiers, PRE_AUTHORIZE);
}

pom.xml的相关部分:

<packaging>sonar-plugin</packaging>
<dependencies>
    <dependency>
        <groupId>org.sonarsource.java</groupId>
        <artifactId>java-checks</artifactId>
        <version>3.9</version>
    </dependency>
    <dependency>
        <groupId>org.sonarsource.sonarqube</groupId>
        <artifactId>sonar-plugin-api</artifactId>
        <version>5.3</version>
        <scope>provided</scope>
    </dependency>
</dependencies>
<build>
    <plugins>
        <plugin>
            <groupId>org.sonarsource.sonar-packaging-maven-plugin</groupId>
            <artifactId>sonar-packaging-maven-plugin</artifactId>
            <version>1.15</version>
            <extensions>true</extensions>
            <configuration>
                <pluginClass>com.company.sonar.security.RestSecurityPlugin</pluginClass>
                <pluginDescription>Verifies security annotations</pluginDescription>
            </configuration>
        </plugin>
        <plugin>
            <groupId>org.codehaus.sonar</groupId>
            <artifactId>sonar-dev-maven-plugin</artifactId>
            <version>1.8</version>
        </plugin>
    </plugins>
</build>

当我用

构建时 
mvn clean package

它在目标中生成我的快照jar,但是显示它(沿着w /其他库的类似消息):

[WARNING] com.google.guava:guava:jar:10.0.1:compile is provided by SonarQube plugin API and will not be packaged in your plugin

当我尝试使用

将其部署到我的本地测试声纳服务器时 
mvn sonar-dev:upload -DsonarHome=~/sonarqube-5.3

我得到了下面的(剪断的)堆栈跟踪:

Java::JavaLang::NoClassDefFoundError (com/google/common/collect/Iterables):
org.sonar.squidbridge.annotations.AnnotationBasedRulesDefinition.addRuleClasses(AnnotationBasedRulesDefinition.java:90)
org.sonar.squidbridge.annotations.AnnotationBasedRulesDefinition.addRuleClasses(AnnotationBasedRulesDefinition.java:86)
org.sonar.squidbridge.annotations.AnnotationBasedRulesDefinition.load(AnnotationBasedRulesDefinition.java:75)
com.company.sonar.security.RestSecurityRulesDefinition.define(RestSecurityRulesDefinition.java:25)
org.sonar.server.rule.RuleDefinitionsLoader.load(RuleDefinitionsLoader.java:54)
org.sonar.server.rule.RegisterRules.start(RegisterRules.java:100)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.lang.reflect.Method.invoke(Method.java:497)
org.picocontainer.lifecycle.ReflectionLifecycleStrategy.invokeMethod(ReflectionLifecycleStrategy.java:110)
org.picocontainer.lifecycle.ReflectionLifecycleStrategy.start(ReflectionLifecycleStrategy.java:89)
org.sonar.core.platform.ComponentContainer$1.start(ComponentContainer.java:291)
org.picocontainer.injectors.AbstractInjectionFactory$LifecycleAdapter.start(AbstractInjectionFactory.java:84)
org.picocontainer.behaviors.AbstractBehavior.start(AbstractBehavior.java:169)
org.picocontainer.behaviors.Stored$RealComponentLifecycle.start(Stored.java:132)
org.picocontainer.behaviors.Stored.start(Stored.java:110)
org.picocontainer.DefaultPicoContainer.potentiallyStartAdapter(DefaultPicoContainer.java:1016)
org.picocontainer.DefaultPicoContainer.startAdapters(DefaultPicoContainer.java:1009)
org.picocontainer.DefaultPicoContainer.start(DefaultPicoContainer.java:767)
org.sonar.core.platform.ComponentContainer.startComponents(ComponentContainer.java:131)
org.sonar.server.platform.platformlevel.PlatformLevel.start(PlatformLevel.java:84)
org.sonar.server.platform.platformlevel.PlatformLevelStartup.access$001(PlatformLevelStartup.java:45)
org.sonar.server.platform.platformlevel.PlatformLevelStartup$1.doPrivileged(PlatformLevelStartup.java:82)
org.sonar.server.user.DoPrivileged.execute(DoPrivileged.java:45)
org.sonar.server.platform.platformlevel.PlatformLevelStartup.start(PlatformLevelStartup.java:78)
org.sonar.server.platform.Platform.executeStartupTasks(Platform.java:197)
org.sonar.server.platform.Platform.restart(Platform.java:141)
org.sonar.server.platform.Platform.restart(Platform.java:125)
org.sonar.server.platform.ws.RestartAction.handle(RestartAction.java:63)
org.sonar.server.ws.WebServiceEngine.execute(WebServiceEngine.java:85)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
(snip)

RestSecurityRulesDefinition类如下所示:

public class RestSecurityRulesDefinition implements RulesDefinition {

@Override
public void define(Context context) {
    NewRepository repository = context.createRepository("rest-security", "java").setName("rest-security");

    @SuppressWarnings("rawtypes")
    List<Class> ruleClasses = new ArrayList<>();
    ruleClasses.add(PreAuthorizeInfoCheck.class);
    ruleClasses.add(RequestMappingHasPartnerSecuredAnnotationCheck.class);
    ruleClasses.add(RequestMappingHasPreAuthorizeAnnotationCheck.class);
    ruleClasses.add(RequestMappingHasTimedAnnotationCheck.class);
    ruleClasses.add(RestControllerWithExceptionHandlerAnnotationCheck.class);

    // exception gets thrown on the following line
    AnnotationBasedRulesDefinition.load(repository, "java", ruleClasses);
    repository.done();
}

使用sonar.web.dev = true重新下载5.3服务器。

对我可能遗失的任何帮助?

0 个答案:

没有答案
相关问题
最新问题