2019-03-23 17:49:37 +01:00
|
|
|
|
<?php
|
|
|
|
|
|
namespace Psalm\Plugin;
|
|
|
|
|
|
|
|
|
|
|
|
use Psalm\Codebase;
|
|
|
|
|
|
use Psalm\SourceControl\SourceControlInfo;
|
|
|
|
|
|
|
2019-03-31 20:02:30 +02:00
|
|
|
|
class Shepherd implements \Psalm\Plugin\Hook\AfterAnalysisInterface
|
2019-03-23 17:49:37 +01:00
|
|
|
|
{
|
|
|
|
|
|
/**
|
|
|
|
|
|
* Called after analysis is complete
|
|
|
|
|
|
* @param array<int, array{severity: string, line_from: int, line_to: int, type: string, message: string,
|
|
|
|
|
|
* file_name: string, file_path: string, snippet: string, from: int, to: int,
|
|
|
|
|
|
* snippet_from: int, snippet_to: int, column_from: int, column_to: int, selected_text: string}> $issues
|
|
|
|
|
|
*
|
|
|
|
|
|
* @return void
|
|
|
|
|
|
*/
|
|
|
|
|
|
public static function afterAnalysis(
|
|
|
|
|
|
Codebase $codebase,
|
|
|
|
|
|
array $issues,
|
|
|
|
|
|
array $build_info,
|
|
|
|
|
|
SourceControlInfo $source_control_info = null
|
|
|
|
|
|
) {
|
2019-03-31 20:18:22 +02:00
|
|
|
|
if (!function_exists('curl_init')) {
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'No curl found, cannot send data to ' . $codebase->config->shepherd_host . PHP_EOL);
|
2019-03-31 20:18:22 +02:00
|
|
|
|
return;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-03-28 17:06:21 +01:00
|
|
|
|
if ($source_control_info instanceof \Psalm\SourceControl\Git\GitInfo && $build_info) {
|
2019-03-23 17:49:37 +01:00
|
|
|
|
$data = [
|
|
|
|
|
|
'build' => $build_info,
|
|
|
|
|
|
'git' => $source_control_info->toArray(),
|
|
|
|
|
|
'issues' => array_filter(
|
|
|
|
|
|
$issues,
|
|
|
|
|
|
function (array $i) : bool {
|
|
|
|
|
|
return $i['severity'] === 'error';
|
|
|
|
|
|
}
|
|
|
|
|
|
),
|
|
|
|
|
|
'coverage' => $codebase->analyzer->getTotalTypeCoverage($codebase)
|
|
|
|
|
|
];
|
|
|
|
|
|
|
|
|
|
|
|
$payload = json_encode($data);
|
|
|
|
|
|
|
2019-03-31 20:02:30 +02:00
|
|
|
|
$base_address = $codebase->config->shepherd_host;
|
2019-03-27 22:01:05 +01:00
|
|
|
|
|
|
|
|
|
|
if (parse_url($base_address, PHP_URL_SCHEME) === null) {
|
|
|
|
|
|
$base_address = 'https://' . $base_address;
|
|
|
|
|
|
}
|
|
|
|
|
|
|
2019-03-23 17:49:37 +01:00
|
|
|
|
// Prepare new cURL resource
|
2019-04-02 03:34:24 +02:00
|
|
|
|
$ch = curl_init($base_address . '/hooks/psalm');
|
2019-03-23 17:49:37 +01:00
|
|
|
|
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
|
|
|
|
|
curl_setopt($ch, CURLINFO_HEADER_OUT, true);
|
|
|
|
|
|
curl_setopt($ch, CURLOPT_POST, true);
|
|
|
|
|
|
curl_setopt($ch, CURLOPT_POSTFIELDS, $payload);
|
|
|
|
|
|
|
|
|
|
|
|
// Set HTTP Header for POST request
|
|
|
|
|
|
curl_setopt(
|
|
|
|
|
|
$ch,
|
|
|
|
|
|
CURLOPT_HTTPHEADER,
|
|
|
|
|
|
[
|
|
|
|
|
|
'Content-Type: application/json',
|
|
|
|
|
|
'Content-Length: ' . strlen($payload)
|
|
|
|
|
|
]
|
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
|
|
// Submit the POST request
|
2019-03-28 17:06:21 +01:00
|
|
|
|
$return = curl_exec($ch);
|
|
|
|
|
|
|
|
|
|
|
|
if ($return !== '') {
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'Error with Psalm Shepherd:' . PHP_EOL);
|
2019-04-01 01:20:05 +02:00
|
|
|
|
|
|
|
|
|
|
if ($return === false) {
|
2019-04-01 01:51:47 +02:00
|
|
|
|
/** @var array */
|
|
|
|
|
|
$curl_info = curl_getinfo($ch);
|
|
|
|
|
|
|
|
|
|
|
|
if (($curl_info['ssl_verify_result'] ?? 0) !== 0) {
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'Curl SSL error: ');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
|
|
|
|
|
|
switch ($curl_info['ssl_verify_result']) {
|
|
|
|
|
|
case 2:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'unable to get issuer certificate');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 3:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'unable to get certificate CRL');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 4:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'unable to decrypt certificate’s signature');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 5:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'unable to decrypt CRL’s signature');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 6:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'unable to decode issuer public key');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 7:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'certificate signature failure');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 8:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'CRL signature failure');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 9:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'certificate is not yet valid');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 10:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'certificate has expired');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 11:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'CRL is not yet valid');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 12:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'CRL has expired');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 13:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'format error in certificate’s notBefore field');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 14:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'format error in certificate’s notAfter field');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 15:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'format error in CRL’s lastUpdate field');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 16:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'format error in CRL’s nextUpdate field');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 17:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'out of memory');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 18:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'self signed certificate');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 19:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'self signed certificate in certificate chain');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 20:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'unable to get local issuer certificate');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 21:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'unable to verify the first certificate');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 22:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'certificate chain too long');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 23:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'certificate revoked');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 24:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'invalid CA certificate');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 25:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'path length constraint exceeded');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 26:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'unsupported certificate purpose');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 27:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'certificate not trusted');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 28:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'certificate rejected');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 29:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'subject issuer mismatch');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 30:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'authority and subject key identifier mismatch');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 31:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'authority and issuer serial number mismatch');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 32:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'key usage does not include certificate signing');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
case 50:
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, 'application verification failure');
|
2019-04-01 01:51:47 +02:00
|
|
|
|
break;
|
|
|
|
|
|
}
|
2019-04-01 02:16:39 +02:00
|
|
|
|
|
2019-05-30 16:30:41 +02:00
|
|
|
|
fwrite(STDERR, PHP_EOL);
|
2019-04-01 01:51:47 +02:00
|
|
|
|
} else {
|
|
|
|
|
|
echo var_export(curl_getinfo($ch), true) . PHP_EOL;
|
|
|
|
|
|
}
|
2019-04-01 01:20:05 +02:00
|
|
|
|
} else {
|
|
|
|
|
|
echo $return . PHP_EOL;
|
2019-04-01 02:47:33 +02:00
|
|
|
|
echo 'Git args: ' . var_export($source_control_info->toArray(), true) . PHP_EOL;
|
|
|
|
|
|
echo 'CI args: ' . var_export($build_info, true) . PHP_EOL;
|
2019-04-01 01:20:05 +02:00
|
|
|
|
}
|
2019-03-28 17:06:21 +01:00
|
|
|
|
}
|
2019-03-23 17:49:37 +01:00
|
|
|
|
|
|
|
|
|
|
// Close cURL session handle
|
|
|
|
|
|
curl_close($ch);
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
|
|
}
|
