add logs and statistics (#144)

Signed-off-by: Nicklas Körtge <[email protected]>

java/src/main/java/com/ibm/plugin/JavaAggregator.java

@@ -45,6 +45,7 @@ private JavaAggregator() {
 
     public static void addNodes(@Nonnull List<INode> newNodes) {
         detectedNodes.addAll(newNodes);
+        IAggregator.log(newNodes);
     }
 
     @Nonnull

output/src/main/java/com/ibm/output/IAggregator.java

@@ -19,4 +19,21 @@
  */
 package com.ibm.output;
 
-public interface IAggregator {}
+import com.ibm.mapper.model.INode;
+import java.util.List;
+import javax.annotation.Nonnull;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public interface IAggregator {
+    Logger LOGGER = LoggerFactory.getLogger(IAggregator.class);
+
+    static void log(@Nonnull List<INode> nodes) {
+        nodes.forEach(
+                node ->
+                        LOGGER.info(
+                                "Detected ({}) {}",
+                                node.getKind().getSimpleName(),
+                                node.asString()));
+    }
+}

output/src/main/java/com/ibm/output/statistics/IStatistics.java

@@ -0,0 +1,28 @@
+/*
+ * SonarQube Cryptography Plugin
+ * Copyright (C) 2024 IBM
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to you under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.ibm.output.statistics;
+
+import java.util.function.Consumer;
+import javax.annotation.Nonnull;
+
+public interface IStatistics {
+
+    void print(@Nonnull Consumer<String> out);
+}

output/src/main/java/com/ibm/output/statistics/ScanStatistics.java

@@ -0,0 +1,51 @@
+/*
+ * SonarQube Cryptography Plugin
+ * Copyright (C) 2024 IBM
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements.  See the NOTICE file distributed with
+ * this work for additional information regarding copyright ownership.
+ * The ASF licenses this file to you under the Apache License, Version 2.0
+ * (the "License"); you may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+package com.ibm.output.statistics;
+
+import com.ibm.mapper.model.INode;
+import java.util.Map;
+import java.util.function.Consumer;
+import java.util.function.IntSupplier;
+import java.util.function.Supplier;
+import javax.annotation.Nonnull;
+
+public final class ScanStatistics implements IStatistics {
+    private final int numberOfDetectedAssets;
+    @Nonnull private final Map<Class<? extends INode>, Long> numberOfAssetsPerType;
+
+    public ScanStatistics(
+            @Nonnull IntSupplier numberOfDetectedAssetsSupplier,
+            @Nonnull Supplier<Map<Class<? extends INode>, Long>> numberOfAssetsPerTypeSupplier) {
+        this.numberOfDetectedAssets = numberOfDetectedAssetsSupplier.getAsInt();
+        this.numberOfAssetsPerType = numberOfAssetsPerTypeSupplier.get();
+    }
+
+    @Override
+    public void print(@Nonnull Consumer<String> out) {
+        out.accept("========== CBOM Statistics ==========");
+        out.accept(String.format("%-33s: %s", "Detected Assets", numberOfDetectedAssets));
+        for (Map.Entry<Class<? extends INode>, Long> entry : numberOfAssetsPerType.entrySet()) {
+            out.accept(
+                    String.format(
+                            " - %-30s: %s", entry.getKey().getSimpleName(), entry.getValue()));
+        }
+        out.accept("=====================================");
+    }
+}

python/src/main/java/com/ibm/plugin/PythonAggregator.java

@@ -57,6 +57,7 @@ public static List<INode> getDetectedNodes() {
 
     public static void addNodes(@Nonnull List<INode> newNodes) {
         detectedNodes.addAll(newNodes);
+        IAggregator.log(newNodes);
     }
 
     public static void reset() {

sonar-cryptography-plugin/src/main/java/com/ibm/plugin/OutputFileJob.java

@@ -29,7 +29,6 @@
 import org.sonar.api.batch.postjob.PostJobDescriptor;
 
 public class OutputFileJob implements PostJob {
-
     private static final Logger LOGGER = LoggerFactory.getLogger(OutputFileJob.class);
 
     @Override
@@ -45,7 +44,10 @@ public void execute(@Nonnull PostJobContext postJobContext) {
                         .get(Constants.CBOM_OUTPUT_NAME)
                         .orElse(Constants.CBOM_OUTPUT_NAME_DEFAULT);
         ScannerManager scannerManager = new ScannerManager(new CBOMOutputFileFactory());
-        scannerManager.getOutputFile().saveTo(new File(cbomFilename + ".json"));
-        LOGGER.info("CBOM was successfully generated '" + cbomFilename + ".json'.");
+        final File cbom = new File(cbomFilename + ".json");
+        scannerManager.getOutputFile().saveTo(cbom);
+        LOGGER.info("CBOM was successfully generated '{}'.", cbom.getAbsolutePath());
+
+        scannerManager.getStatistics().print(LOGGER::info);
     }
 }

sonar-cryptography-plugin/src/main/java/com/ibm/plugin/ScannerManager.java

@@ -22,9 +22,12 @@
 import com.ibm.mapper.model.INode;
 import com.ibm.output.IOutputFile;
 import com.ibm.output.IOutputFileFactory;
+import com.ibm.output.statistics.IStatistics;
+import com.ibm.output.statistics.ScanStatistics;
 import java.util.ArrayList;
 import java.util.List;
 import java.util.Optional;
+import java.util.stream.Collectors;
 import javax.annotation.Nonnull;
 import javax.annotation.Nullable;
 
@@ -37,12 +40,28 @@ public ScannerManager(@Nullable IOutputFileFactory outputFileFactory) {
 
     @Nonnull
     public IOutputFile getOutputFile() {
+        return Optional.ofNullable(this.outputFileFactory)
+                .orElse(IOutputFileFactory.DEFAULT)
+                .createOutputFormat(getAggregatedNodes());
+    }
+
+    @Nonnull
+    public IStatistics getStatistics() {
+        return new ScanStatistics(
+                () -> getAggregatedNodes().size(), // numberOfDetectedAssetsSupplier
+                () ->
+                        getAggregatedNodes().stream() // numberOfAssetsPerTypeSupplier
+                                .collect(
+                                        Collectors.groupingBy(
+                                                INode::getKind, Collectors.counting())));
+    }
+
+    @Nonnull
+    private List<INode> getAggregatedNodes() {
         List<INode> nodes = new ArrayList<>();
         nodes.addAll(JavaAggregator.getDetectedNodes());
         nodes.addAll(PythonAggregator.getDetectedNodes());
-        return Optional.ofNullable(this.outputFileFactory)
-                .orElse(IOutputFileFactory.DEFAULT)
-                .createOutputFormat(nodes);
+        return nodes;
     }
 
     public void reset() {