style: Fix more sonar issues with core

core/pom.xml

@@ -32,7 +32,6 @@
     <relativePath>../pom.xml</relativePath>
   </parent>
 
-  <groupId>org.jboss.sbomer</groupId>
   <version>1.0.0-SNAPSHOT</version>
   <artifactId>sbomer-core</artifactId>
 

core/src/main/java/org/jboss/sbomer/core/config/ConfigSchemaValidator.java

@@ -20,6 +20,7 @@
 import java.io.IOException;
 import java.io.InputStream;
 import java.nio.charset.StandardCharsets;
+import java.util.Objects;
 
 import org.jboss.sbomer.core.SchemaValidator;
 import org.jboss.sbomer.core.SchemaValidator.ValidationResult;
@@ -47,10 +48,12 @@ public ValidationResult validate(Config config) {
         }
 
         String schemaFile = GenerationRequestType.schemaFile(config.getClass());
+        String name = "schemas/" + schemaFile;
         String schema;
 
-        try (InputStream is = SchemaValidator.class.getClassLoader().getResourceAsStream("schemas/" + schemaFile)) {
-            schema = new String(is.readAllBytes(), StandardCharsets.UTF_8);
+        try (InputStream in = SchemaValidator.class.getClassLoader().getResourceAsStream(name)) {
+            Objects.requireNonNull(in, "Resource " + name + " not found");
+            schema = new String(in.readAllBytes(), StandardCharsets.UTF_8);
         } catch (IOException e) {
             throw new ApplicationException("Could not read the configuration file schema", e);
         }

core/src/main/java/org/jboss/sbomer/core/config/DefaultProcessingConfig.java

@@ -53,7 +53,7 @@ interface ProcessorConfig {
     /**
      * List of configured default processors.
      *
-     * @return
+     * @return the list of default processors
      */
     List<ProcessorConfig> defaultProcessors();
 

core/src/main/java/org/jboss/sbomer/core/config/SbomerConfigProvider.java

@@ -31,10 +31,10 @@
 import lombok.Getter;
 import lombok.extern.slf4j.Slf4j;
 
+@Getter
 @Slf4j
 public class SbomerConfigProvider {
 
-    @Getter
     final DefaultGenerationConfig defaultGenerationConfig;
 
     private static SbomerConfigProvider instance;
@@ -69,7 +69,7 @@ public void adjust(PncBuildConfig config) {
 
         config.getProducts().forEach(product -> {
             // Adjusting generator configuration. This is the only thing we can adjust,
-            // because processor configuration is specific to the build and product release.
+            // because the processor configuration is specific to the build and product release.
             adjustGenerator(product);
 
             if (!product.hasDefaultProcessor()) {
@@ -88,7 +88,7 @@ public void adjust(PncBuildConfig config) {
     public void adjust(OperationConfig config) {
         log.debug("Adjusting operation configuration...");
 
-        // If we have not specified any products (for example when provided an empty config)
+        // If we have not specified any products (for example, when provided an empty config)
         if (config.getProduct() == null) {
             config.setProduct(ProductConfig.builder().build());
         }
@@ -97,7 +97,9 @@ public void adjust(OperationConfig config) {
 
         // Generator configuration was not provided, will use defaults
         if (generatorConfig == null) {
-            log.debug("No generator provided, will use defaults: '{}'", GeneratorType.CYCLONEDX_OPERATION);
+            log.debug(
+                    "No generator provided for adjusting, will use defaults: '{}'",
+                    GeneratorType.CYCLONEDX_OPERATION);
             generatorConfig = GeneratorConfig.builder().type(GeneratorType.CYCLONEDX_OPERATION).build();
             config.getProduct().setGenerator(generatorConfig);
         }
@@ -113,7 +115,7 @@ private void adjustGenerator(ProductConfig product) {
 
         // Generator configuration was not provided, will use defaults
         if (generatorConfig == null) {
-            log.debug("No generator provided, will use defaults: '{}'", defaultGeneratorConfig);
+            log.debug("No generator provided for adjusting generator, will use defaults: '{}'", defaultGeneratorConfig);
             product.setGenerator(defaultGeneratorConfig);
         } else {
 

core/src/main/java/org/jboss/sbomer/core/config/SbomerConfigSourceProvider.java

@@ -18,7 +18,6 @@
 package org.jboss.sbomer.core.config;
 
 import java.util.ArrayList;
-import java.util.List;
 
 import org.eclipse.microprofile.config.spi.ConfigSource;
 
@@ -27,8 +26,6 @@
 class SbomerConfigSourceProvider extends YamlConfigSourceProvider {
     @Override
     public Iterable<ConfigSource> getConfigSources(ClassLoader classLoader) {
-        final List<ConfigSource> sources = new ArrayList<>(
-                loadConfigSources("META-INF/sbomer-config.yaml", 110, classLoader));
-        return sources;
+        return new ArrayList<>(loadConfigSources("META-INF/sbomer-config.yaml", 110, classLoader));
     }
 }

core/src/main/java/org/jboss/sbomer/core/config/request/ErrataAdvisoryRequestConfig.java

@@ -36,17 +36,17 @@
 @JsonInclude(JsonInclude.Include.NON_NULL)
 @JsonTypeName(ErrataAdvisoryRequestConfig.TYPE_NAME)
 public class ErrataAdvisoryRequestConfig extends RequestConfig {
-
     public static final String TYPE_NAME = "errata-advisory";
-    public static final String IDENTIFIER_KEY = "advisoryId";
 
-    {
-        this.type = TYPE_NAME;
-    }
+    public static final String IDENTIFIER_KEY = "advisoryId";
 
     /**
      * Advisory identifier (number or name).
      */
-    String advisoryId;
+    private String advisoryId;
 
+    @Override
+    public String getType() {
+        return TYPE_NAME;
+    }
 }

core/src/main/java/org/jboss/sbomer/core/config/request/ImageRequestConfig.java

@@ -38,14 +38,14 @@
 @JsonInclude(JsonInclude.Include.NON_NULL)
 @JsonTypeName(ImageRequestConfig.TYPE_NAME)
 public class ImageRequestConfig extends RequestConfig {
-
     public static final String TYPE_NAME = "image";
-    public static final String IDENTIFIER_KEY = "image";
 
-    {
-        this.type = TYPE_NAME;
-    }
+    public static final String IDENTIFIER_KEY = "image";
 
-    String image;
+    private String image;
 
+    @Override
+    public String getType() {
+        return TYPE_NAME;
+    }
 }

core/src/main/java/org/jboss/sbomer/core/config/request/PncAnalysisRequestConfig.java

@@ -40,15 +40,16 @@
 @JsonInclude(JsonInclude.Include.NON_NULL)
 @JsonTypeName(PncAnalysisRequestConfig.TYPE_NAME)
 public class PncAnalysisRequestConfig extends RequestConfig {
-
     public static final String TYPE_NAME = "pnc-analysis";
+
     public static final String IDENTIFIER_KEY = "milestoneId";
 
-    {
-        this.type = TYPE_NAME;
-    }
+    private String milestoneId;
 
-    String milestoneId;
-    List<String> urls;
+    private List<String> urls;
 
+    @Override
+    public String getType() {
+        return TYPE_NAME;
+    }
 }

core/src/main/java/org/jboss/sbomer/core/config/request/PncBuildRequestConfig.java

@@ -38,13 +38,14 @@
 @JsonInclude(JsonInclude.Include.NON_NULL)
 @JsonTypeName(PncBuildRequestConfig.TYPE_NAME)
 public class PncBuildRequestConfig extends RequestConfig {
-
     public static final String TYPE_NAME = "pnc-build";
+
     public static final String IDENTIFIER_KEY = "buildId";
 
-    {
-        this.type = TYPE_NAME;
-    }
+    private String buildId;
 
-    String buildId;
+    @Override
+    public String getType() {
+        return TYPE_NAME;
+    }
 }

core/src/main/java/org/jboss/sbomer/core/config/request/PncOperationRequestConfig.java

@@ -38,14 +38,14 @@
 @JsonInclude(JsonInclude.Include.NON_NULL)
 @JsonTypeName(PncOperationRequestConfig.TYPE_NAME)
 public class PncOperationRequestConfig extends RequestConfig {
-
     public static final String TYPE_NAME = "pnc-operation";
-    public static final String IDENTIFIER_KEY = "operationId";
 
-    {
-        this.type = TYPE_NAME;
-    }
+    public static final String IDENTIFIER_KEY = "operationId";
 
-    String operationId;
+    private String operationId;
 
+    @Override
+    public String getType() {
+        return TYPE_NAME;
+    }
 }

core/src/main/java/org/jboss/sbomer/core/config/request/RequestConfig.java

@@ -47,14 +47,16 @@
 })
 public abstract class RequestConfig {
     /**
-     * The API version of the configuration file. In case of breaking changes this value will be used to detect the
+     * The API version of the configuration file. In case of breaking changes, this value will be used to detect the
      * correct (de)serializer.
      */
     @Builder.Default
     String apiVersion = "sbomer.jboss.org/v1alpha1";
 
     String type;
 
+    public abstract String getType();
+
     public String toJson() {
         try {
             return ObjectMapperProvider.json().writerWithDefaultPrettyPrinter().writeValueAsString(this);
@@ -75,5 +77,4 @@ public static <T extends RequestConfig> T fromString(String value, Class<T> claz
             return null;
         }
     }
-
 }

core/src/main/java/org/jboss/sbomer/core/errors/ApplicationException.java

@@ -20,21 +20,17 @@
 import org.slf4j.helpers.MessageFormatter;
 
 public class ApplicationException extends RuntimeException {
-    private final Object[] params;
-
-    private String formattedMessage;
+    private final String message;
 
     public ApplicationException(String msg, Object... params) {
         super(msg, MessageFormatter.getThrowableCandidate(params));
-        this.params = params;
+        this.message = (params != null && params.length != 0)
+                ? MessageFormatter.arrayFormat(super.getMessage(), params).getMessage()
+                : super.getMessage();
     }
 
     @Override
-    public synchronized String getMessage() {
-        if (formattedMessage == null) {
-            formattedMessage = MessageFormatter.arrayFormat(super.getMessage(), params).getMessage();
-        }
-        return formattedMessage;
+    public String getMessage() {
+        return message;
     }
-
 }

core/src/main/java/org/jboss/sbomer/core/features/sbom/Constants.java

@@ -81,7 +81,7 @@ private Constants() {
     public static final String TEKTON_LABEL_VALUE_APP_PART_OF = "sbomer";
 
     /**
-     * The suffix which is used in a Task Run name to identify the number of retry attempt
+     * The suffix which is used in a Task Run name to identify the number of retry attempts
      */
     public static final String TEKTON_TASK_RUN_NAME_SUFFIX_RETRY_ATTEMPT = "retry";
 

core/src/main/java/org/jboss/sbomer/core/features/sbom/config/Config.java

@@ -55,14 +55,14 @@
 public abstract class Config {
 
     /**
-     * The API version of the configuration file. In case of breaking changes this value will be used to detect the
+     * The API version of the configuration file. In case of breaking changes, this value will be used to detect the
      * correct (de)serializer.
      */
     @Builder.Default
     String apiVersion = "sbomer.jboss.org/v1alpha1";
 
     /**
-     * Checks whether current object is an empty one.
+     * Checks whether the current object is empty.
      *
      * @return {@code true} if the object is empty, {@code false} otherwise.
      */
@@ -84,7 +84,7 @@ protected List<String> processCommand() {
     /**
      * <p>
      * Returns a command that represents the parameters that should be passed to the process command. This basically
-     * translates all the configured processors and it's parameters into a string that can be executed via CLI.
+     * translates all the configured processors and its parameters into a string that can be executed via CLI.
      * </p>
      *
      * <p>

core/src/main/java/org/jboss/sbomer/core/features/sbom/config/SyftImageConfig.java

@@ -84,7 +84,7 @@ protected List<String> processCommand() {
         DefaultProcessorConfig defaultProcessorConfig = new DefaultProcessorConfig();
 
         // If the default processor is not there, add it.
-        // This ensures that even after we initialize the object, for example after deserialization,
+        // This ensures that even after we initialize the object, for example, after deserialization,
         // we will have the default processor added, so that the correct command can be instantiated.
         if (!processors.contains(defaultProcessorConfig)) {
             processors.add(0, defaultProcessorConfig);

core/src/main/java/org/jboss/sbomer/core/features/sbom/provider/BuildFinderConfigProvider.java

@@ -91,7 +91,8 @@ public BuildFinderConfigProvider() throws IOException {
         // The checksum-only option specifies whether to skip the Koji build lookup stage and only checksum the files in
         // the input.
         config.setChecksumOnly(false);
-        // The checksum-type option specifies the checksum type to use for lookups. Note that at this time Koji can only
+        // The checksum-type option specifies the checksum type to use for lookups. Note that at this time, Koji can
+        // only
         // support a single checksum type in its database, md5, even though the Koji API currently provides additional
         // support for sha256 and sha512 checksum types.
         config.setChecksumTypes(DEFAULT_CHECKSUM_TYPES);
@@ -119,7 +120,7 @@ public BuildFinderConfigProvider() throws IOException {
     }
 
     /**
-     * Ensures that the content of temporary directory is removed after we shut down the application.
+     * Ensures that the content of the temporary directory is removed after we shut down the application.
      *
      * @param event the shutdown event
      */
@@ -128,7 +129,7 @@ void cleanup(@Observes ShutdownEvent event) {
     }
 
     /**
-     * Override koji hub url in the config if 'sbomer.koji.hub.url' defined in a system property, env variable, or in
+     * Override koji hub url in the config if 'sbomer.koji.hub.url' is defined in a system property, env variable, or in
      * application.properties.
      *
      * @param config config file to potentially override its kojiHubUrl
@@ -158,7 +159,7 @@ private void setKojiHubURL(BuildConfig config) throws IOException {
     }
 
     /**
-     * Override koji web url in the config if 'sbomer.koji.web.url' defined in a system property, env variable, or in
+     * Override koji web url in the config if 'sbomer.koji.web.url' is defined in a system property, env variable, or in
      * application.properties. Otherwise, use kojiHubUrl to generate the kojiWebUrl.
      *
      * @param config config file to potentially override its kojiWebUrl

core/src/main/java/org/jboss/sbomer/core/features/sbom/utils/FileUtils.java

@@ -18,15 +18,12 @@
 package org.jboss.sbomer.core.features.sbom.utils;
 
 import java.io.IOException;
-import java.nio.file.FileSystems;
 import java.nio.file.FileVisitResult;
 import java.nio.file.Files;
 import java.nio.file.Path;
-import java.nio.file.PathMatcher;
 import java.nio.file.SimpleFileVisitor;
 import java.nio.file.attribute.BasicFileAttributes;
 import java.util.List;
-import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
 import lombok.extern.slf4j.Slf4j;
@@ -80,7 +77,9 @@ public static List<Path> findManifests(Path directory) throws IOException {
             List<Path> manifestPaths = paths.filter(path -> MANIFEST_FILENAME.equals(path.getFileName().toString()))
                     .filter(Files::isRegularFile)
                     .sorted()
-                    .peek(path -> log.info("Found manifest at path '{}'", path.toAbsolutePath()))
+                    .peek(path -> log.info("Found manifest at path '{}'", path.toAbsolutePath())) // NOSONAR: peek() is
+                                                                                                  // used just for
+                                                                                                  // logging
                     .toList();
 
             log.info("Found {} generated manifests", manifestPaths.size());

core/src/main/java/org/jboss/sbomer/core/features/sbom/utils/PurlRebuilder.java

@@ -106,6 +106,10 @@ public class PurlRebuilder {
         SYFT_PACKAGE_2_PURL_TYPE_MAP.put(SYFT_WORDPRESSPLUGINPKG, "wordpress-plugin");
     }
 
+    private PurlRebuilder() {
+        throw new IllegalStateException("This is a utility class that should not be instantiated");
+    }
+
     /**
      * Given a component, tries to create a valid purl using the Syft information (if available) and the component
      * properties