sonarqube community edition 의 기본제공 룰셋에 java PMD plugin 추가까지 한 상태에서,
최대한 행안부취약점 가이드를 따르고 금감원 금융클라우드 신고가 가능하도록 룰셋을 추렸다
추려보니 100여개 정도가 되는것 같다.
아래 xml을 별도의 xml 파일로 저장해서 import하면 된다.
sonarqube marketplace에서 PMD 추가가 선행되어야 룰셋이 모두 보인다.
<profile>
<name>JavaRuleSet</name>
<language>java</language>
<rules>
<rule>
<repositoryKey>java</repositoryKey>
<key>S1104</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S1111</key>
<type>BUG</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S1114</key>
<type>BUG</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S1128</key>
<type>CODE_SMELL</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S1143</key>
<type>BUG</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S1147</key>
<type>CODE_SMELL</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S1182</key>
<type>CODE_SMELL</type>
<priority>MINOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S1444</key>
<type>CODE_SMELL</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S1481</key>
<type>CODE_SMELL</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S1694</key>
<type>CODE_SMELL</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S1696</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S1854</key>
<type>CODE_SMELL</type>
<priority>INFO</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S1872</key>
<type>BUG</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2053</key>
<type>VULNERABILITY</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2068</key>
<type>SECURITY_HOTSPOT</type>
<priority>BLOCKER</priority>
<parameters>
<parameter>
<key>credentialWords</key>
<value>password,passwd,pwd,passphrase,java.naming.security.credentials</value>
</parameter>
</parameters>
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2115</key>
<type>VULNERABILITY</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2168</key>
<type>BUG</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2184</key>
<type>BUG</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2225</key>
<type>BUG</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2245</key>
<type>SECURITY_HOTSPOT</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2254</key>
<type>VULNERABILITY</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2257</key>
<type>SECURITY_HOTSPOT</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2259</key>
<type>BUG</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2386</key>
<type>CODE_SMELL</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2441</key>
<type>BUG</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2445</key>
<type>BUG</type>
<priority>INFO</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2447</key>
<type>CODE_SMELL</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2583</key>
<type>BUG</type>
<priority>INFO</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2612</key>
<type>SECURITY_HOTSPOT</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2637</key>
<type>BUG</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2647</key>
<type>VULNERABILITY</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S2755</key>
<type>VULNERABILITY</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S3329</key>
<type>VULNERABILITY</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S3518</key>
<type>BUG</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S3752</key>
<type>SECURITY_HOTSPOT</type>
<priority>MINOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S4036</key>
<type>SECURITY_HOTSPOT</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S4347</key>
<type>VULNERABILITY</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S4423</key>
<type>VULNERABILITY</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S4426</key>
<type>VULNERABILITY</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S4433</key>
<type>VULNERABILITY</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S4502</key>
<type>SECURITY_HOTSPOT</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S4507</key>
<type>SECURITY_HOTSPOT</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S4792</key>
<type>SECURITY_HOTSPOT</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S4830</key>
<type>VULNERABILITY</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S4973</key>
<type>BUG</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S5247</key>
<type>SECURITY_HOTSPOT</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S5324</key>
<type>SECURITY_HOTSPOT</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S5332</key>
<type>SECURITY_HOTSPOT</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S5445</key>
<type>VULNERABILITY</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S5527</key>
<type>VULNERABILITY</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S5542</key>
<type>VULNERABILITY</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S5547</key>
<type>VULNERABILITY</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S5659</key>
<type>VULNERABILITY</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S5738</key>
<type>CODE_SMELL</type>
<priority>INFO</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S5808</key>
<type>VULNERABILITY</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S6293</key>
<type>SECURITY_HOTSPOT</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S6301</key>
<type>VULNERABILITY</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S6362</key>
<type>SECURITY_HOTSPOT</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S6363</key>
<type>SECURITY_HOTSPOT</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S6432</key>
<type>VULNERABILITY</type>
<priority>MINOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S6437</key>
<type>VULNERABILITY</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>java</repositoryKey>
<key>S899</key>
<type>BUG</type>
<priority>BLOCKER</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>AbstractClassWithoutAbstractMethod</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>AssignmentInOperand</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>AssignmentToNonFinalStatic</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>AvoidArrayLoops</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>AvoidConstantsInterface</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>AvoidReassigningParameters</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>AvoidSynchronizedAtMethodLevel</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>AvoidThrowingNullPointerException</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>DuplicateImports</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>EmptyCatchBlock</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters>
<parameter>
<key>allowCommentedBlocks</key>
<value>false</value>
</parameter>
</parameters>
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>EmptyFinallyBlock</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>EmptyIfStmt</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>EmptyStatementNotInLoop</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>EmptyTryBlock</key>
<type>CODE_SMELL</type>
<priority>MAJOR</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>EmptyWhileStmt</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>EqualsNull</key>
<type>BUG</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>FinalFieldCouldBeStatic</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>ImmutableField</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>ImportFromSamePackage</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>InefficientEmptyStringCheck</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>InefficientStringBuffering</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>MisleadingVariableName</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>SimpleDateFormatNeedsLocale</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>StringInstantiation</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>StringToString</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>SwitchStmtsShouldHaveDefault</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>SystemPrintln</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>UncommentedEmptyMethodBody</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>UnnecessaryConversionTemporary</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>UnnecessaryWrapperObjectCreation</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>UnusedFormalParameter</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>UnusedImports</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>UnusedLocalVariable</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>UnusedPrivateField</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>UnusedPrivateMethod</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>UselessParentheses</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>UselessStringValueOf</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>VariableNamingConventions</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd</repositoryKey>
<key>WhileLoopsMustUseBraces</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
<rule>
<repositoryKey>pmd-unit-tests</repositoryKey>
<key>SimplifyBooleanAssertion</key>
<type>CODE_SMELL</type>
<priority>CRITICAL</priority>
<parameters />
</rule>
</rules>
</profile>
728x90
'CloudNative > App Definition & Developement' 카테고리의 다른 글
| confluentinc/cp-kafka, zookeeper, kafka-ui (1) | 2024.11.18 |
|---|---|
| kafka-ui yaml (1) | 2024.11.08 |
| postgresql pgadmin helm install (0) | 2024.05.16 |
| on-prem k8s gitlab helm 구성 (2) | 2024.04.17 |
| tekton - OCP pipeline 3 steps (0) | 2024.03.27 |