From 9d89967412d94ca092ebb90ed1ef39a7844f9029 Mon Sep 17 00:00:00 2001
From: Mark Brophy <36955467+m-brophy@users.noreply.github.com>
Date: Tue, 5 Sep 2023 16:21:45 +0100
Subject: [PATCH] WINDUPRULE-1018: new ruleset for eap8 log4j removed (#1016)

* WINDUPRULE-1018: new ruleset for eap8 log4j removed

* fix typo and logic error in rule 00001

* alter ruleset description

---------

Co-authored-by: PhilipCattanach <31246010+PhilipCattanach@users.noreply.github.com>
(cherry picked from commit 4c2e12d3db58822f67311dc85681ddf198775fa1)
---
 .../eap8/eap7/log4j-removed.windup.xml        | 147 ++++++++++++++++++
 .../data/log4j-removed-no-config/Test.java    |   8 +
 .../log4j-removed-with-config/Manifest.MF     |   1 +
 .../data/log4j-removed-with-config/Test.java  |   8 +
 .../jboss-deployment-structure.xml            |   7 +
 .../log4j-removed-with-config/jboss-log4j.xml |   0
 .../log4j.properties                          |   0
 .../data/log4j-removed-with-config/log4j.xml  |   0
 .../log4j-removed-with-config/standalone.xml  |  19 +++
 .../log4j-removed-no-config.windup.test.xml   |  24 +++
 .../eap7/tests/log4j-removed.windup.test.xml  |  60 +++++++
 11 files changed, 274 insertions(+)
 create mode 100644 rules/rules-reviewed/eap8/eap7/log4j-removed.windup.xml
 create mode 100644 rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-no-config/Test.java
 create mode 100644 rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/Manifest.MF
 create mode 100644 rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/Test.java
 create mode 100644 rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/jboss-deployment-structure.xml
 create mode 100644 rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/jboss-log4j.xml
 create mode 100644 rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/log4j.properties
 create mode 100644 rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/log4j.xml
 create mode 100644 rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/standalone.xml
 create mode 100644 rules/rules-reviewed/eap8/eap7/tests/log4j-removed-no-config.windup.test.xml
 create mode 100644 rules/rules-reviewed/eap8/eap7/tests/log4j-removed.windup.test.xml

diff --git a/rules/rules-reviewed/eap8/eap7/log4j-removed.windup.xml b/rules/rules-reviewed/eap8/eap7/log4j-removed.windup.xml
new file mode 100644
index 000000000..4ff58f3f3
--- /dev/null
+++ b/rules/rules-reviewed/eap8/eap7/log4j-removed.windup.xml
@@ -0,0 +1,147 @@
+<?xml version="1.0"?>
+<ruleset xmlns="http://windup.jboss.org/schema/jboss-ruleset" id="log4j-removed"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://windup.jboss.org/schema/jboss-ruleset http://windup.jboss.org/schema/jboss-ruleset/windup-jboss-ruleset.xsd">
+    <metadata>
+        <description>
+            This ruleset provides analysis of Java EE applications that use log4j which is no longer bundled within EAP8
+        </description>
+        <dependencies>
+            <addon id="org.jboss.windup.rules,windup-rules-javaee,3.0.0.Final" />
+            <addon id="org.jboss.windup.rules,windup-rules-java,3.0.0.Final" />
+            <addon id="org.jboss.windup.rules,windup-rules-xml,3.0.0.Final" />
+        </dependencies>
+        <sourceTechnology id="eap" versionRange="[6,8)" />
+        <targetTechnology id="eap" versionRange="[8,)" />
+    </metadata>
+    <rules>
+        <rule id="log4j-removed-00001">
+            <when>
+
+                <and>
+                    <javaclass references="org.apache.log4j.Logger">
+                        <location>IMPORT</location>
+                    </javaclass>
+                    <not>
+                        <or>
+                            <file filename="log4j.xml"/>
+                            <file filename="log4j.properties"/>
+                            <file filename="jboss-log4j.xml"/>
+                        </or>
+                    </not>
+                    <not>
+                        <or>
+                            <project>
+                                <artifact groupId="log4j" artifactId="log4j" />
+                            </project>
+                            <dependency groupId="log4j" artifactId="log4j" />
+                            <file filename="log4j.jar"/>
+                        </or>
+                    </not>
+                </and>
+            </when>
+            <perform>
+                <hint title="Log4j version 1 is not longer provided in EAP8" effort="1" category-id="mandatory">
+                    <message>Log4j usage without configuration files</message>
+                    <link href="https://access.redhat.com/articles/6973120" title="Migration: Apache Log4j version 1 is not longer provided in EAP 8"/>
+                </hint>
+            </perform>
+        </rule>
+        <rule id="log4j-removed-00002">
+            <when>
+                <not>
+                    <or>
+                        <project>
+                            <artifact groupId="log4j" artifactId="log4j" />
+                        </project>
+                        <dependency groupId="log4j" artifactId="log4j" />
+                        <file filename="log4j.jar"/>
+                    </or>
+                </not>
+                <and>
+                    <javaclass references="org.apache.log4j.Logger">
+                        <location>IMPORT</location>
+                    </javaclass>
+                </and>
+            </when>
+            <perform>
+                <hint title="Log4j version 1 is not longer provided in EAP8" effort="1" category-id="mandatory">
+                    <message>Log4j usage without including `log4j.jar`</message>
+                    <link href="https://access.redhat.com/articles/6973120" title="Migration: Apache Log4j version 1 is not longer provided in EAP 8"/>
+                </hint>
+            </perform>
+        </rule>
+        <rule id="log4j-removed-00003">
+            <when>
+                <not>
+                    <or>
+                        <project>
+                            <artifact groupId="log4j" artifactId="log4j" />
+                        </project>
+                        <dependency groupId="log4j" artifactId="log4j" />
+                        <file filename="log4j.jar"/>
+                    </or>
+                </not>
+                <and>
+                    <file filename="{config-filename}"/>
+                </and>
+            </when>
+            <perform>
+                <hint title="Log4j version 1 is not longer provided in EAP8" effort="1" category-id="mandatory">
+                    <message>Log4j configuration without including `log4j.jar`</message>
+                    <link href="https://access.redhat.com/articles/6973120" title="Migration: Apache Log4j version 1 is not longer provided in EAP 8"/>
+                </hint>
+            </perform>
+            <where param="config-filename">
+                <matches pattern="(log4j.xml|log4j.properties|jboss-log4j.xml)"/>
+            </where>
+        </rule>
+        <rule id="log4j-removed-00004">
+            <when>
+                <not>
+                    <or>
+                        <project>
+                            <artifact groupId="log4j" artifactId="log4j" />
+                        </project>
+                        <dependency groupId="log4j" artifactId="log4j" />
+                        <file filename="log4j.jar"/>
+                    </or>
+                </not>
+                <and>
+                    <filecontent pattern="custom-handler{*}org.apache.log4j.{*}Appender" filename="{*}.xml"/>
+                </and>
+            </when>
+            <perform>
+                <hint title="Log4j version 1 is not longer provided in EAP8" effort="1" category-id="mandatory">
+                    <message>Log4j custom-handler using appender</message>
+                    <link href="https://access.redhat.com/articles/6973120" title="Migration: Apache Log4j version 1 is not longer provided in EAP 8"/>
+                </hint>
+            </perform>
+        </rule>
+        <rule id="log4j-removed-00005">
+            <when>
+                <not>
+                    <or>
+                        <project>
+                            <artifact groupId="log4j" artifactId="log4j" />
+                        </project>
+                        <dependency groupId="log4j" artifactId="log4j" />
+                        <file filename="log4j.jar"/>
+                    </or>
+                </not>
+                <and>
+                    <or>
+                        <filecontent pattern="org.jboss.log4j.logmanager" filename="jboss-deployment-structure.xml"/>
+                        <filecontent pattern="org.jboss.log4j.logmanager" filename="Manifest.MF"/>
+                    </or>
+                </and>
+            </when>
+            <perform>
+                <hint title="Log4j version 1 is not longer provided in EAP8" effort="1" category-id="mandatory">
+                    <message>Log4j module dependency declaration</message>
+                    <link href="https://access.redhat.com/articles/6973120" title="Migration: Apache Log4j version 1 is not longer provided in EAP 8"/>
+                </hint>
+            </perform>
+        </rule>
+    </rules>
+</ruleset>
\ No newline at end of file
diff --git a/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-no-config/Test.java b/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-no-config/Test.java
new file mode 100644
index 000000000..426ee93da
--- /dev/null
+++ b/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-no-config/Test.java
@@ -0,0 +1,8 @@
+import org.apache.log4j.Logger;
+
+public class Test {
+
+    public static void main(String[] args) {
+        Logger logger = new Logger();
+    }
+}
\ No newline at end of file
diff --git a/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/Manifest.MF b/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/Manifest.MF
new file mode 100644
index 000000000..2a20c1c6b
--- /dev/null
+++ b/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/Manifest.MF
@@ -0,0 +1 @@
+Dependencies: org.jboss.log4j.logmanager
\ No newline at end of file
diff --git a/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/Test.java b/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/Test.java
new file mode 100644
index 000000000..426ee93da
--- /dev/null
+++ b/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/Test.java
@@ -0,0 +1,8 @@
+import org.apache.log4j.Logger;
+
+public class Test {
+
+    public static void main(String[] args) {
+        Logger logger = new Logger();
+    }
+}
\ No newline at end of file
diff --git a/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/jboss-deployment-structure.xml b/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/jboss-deployment-structure.xml
new file mode 100644
index 000000000..12ecbd78b
--- /dev/null
+++ b/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/jboss-deployment-structure.xml
@@ -0,0 +1,7 @@
+<jboss-deployment-structure>
+    <deployment>
+        <dependencies>
+            <module name="org.jboss.log4j.logmanager" export="FALSE"/>
+        </dependencies>
+    </deployment>
+</jboss-deployment-structure>
\ No newline at end of file
diff --git a/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/jboss-log4j.xml b/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/jboss-log4j.xml
new file mode 100644
index 000000000..e69de29bb
diff --git a/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/log4j.properties b/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/log4j.properties
new file mode 100644
index 000000000..e69de29bb
diff --git a/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/log4j.xml b/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/log4j.xml
new file mode 100644
index 000000000..e69de29bb
diff --git a/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/standalone.xml b/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/standalone.xml
new file mode 100644
index 000000000..f6a7bc7f1
--- /dev/null
+++ b/rules/rules-reviewed/eap8/eap7/tests/data/log4j-removed-with-config/standalone.xml
@@ -0,0 +1,19 @@
+<subsystem xmlns="urn:jboss:domain:logging:1.2">
+    <custom-handler name="log4jAppender" class="org.apache.log4j.FileAppender" module="org.apache.log4j">
+        <formatter>
+            <pattern-formatter pattern="%d{HH:mm:ss,SSS} %-5p [%c] (%t) %s%E%n"/>
+        </formatter>
+        <level name="INFO"/>
+        <properties>
+            <property name="append" value="true"/>
+            <property name="file" value="${jboss.server.log.dir}/log4j.log"/>
+            <property name="immediateFlush" value="true"/>
+        </properties>
+    </custom-handler>
+    <root-logger>
+        <level name="INFO"/>
+        <handlers>
+            <handler name="log4jAppender"/>
+        </handlers>
+    </root-logger>
+</subsystem>
\ No newline at end of file
diff --git a/rules/rules-reviewed/eap8/eap7/tests/log4j-removed-no-config.windup.test.xml b/rules/rules-reviewed/eap8/eap7/tests/log4j-removed-no-config.windup.test.xml
new file mode 100644
index 000000000..ea8dd4ada
--- /dev/null
+++ b/rules/rules-reviewed/eap8/eap7/tests/log4j-removed-no-config.windup.test.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0"?>
+<ruletest id="log4j-removed-no-config-tests"
+          xmlns="http://windup.jboss.org/schema/jboss-ruleset"
+          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+          xsi:schemaLocation="http://windup.jboss.org/schema/jboss-ruleset http://windup.jboss.org/schema/jboss-ruleset/windup-jboss-ruleset.xsd">
+    <testDataPath>data/log4j-removed-no-config/</testDataPath>
+    <rulePath>../log4j-removed.windup.xml</rulePath>
+    <ruleset>
+        <rules>
+            <rule id="log4j-removed-00001-test">
+                <when>
+                    <not>
+                        <iterable-filter size="1">
+                            <hint-exists message="Log4j usage without configuration files"/>
+                        </iterable-filter>
+                    </not>
+                </when>
+                <perform>
+                    <fail message="[log4j-removed-00001] The hint was not found!" />
+                </perform>
+            </rule>
+        </rules>
+    </ruleset>
+</ruletest>
\ No newline at end of file
diff --git a/rules/rules-reviewed/eap8/eap7/tests/log4j-removed.windup.test.xml b/rules/rules-reviewed/eap8/eap7/tests/log4j-removed.windup.test.xml
new file mode 100644
index 000000000..d35a0350c
--- /dev/null
+++ b/rules/rules-reviewed/eap8/eap7/tests/log4j-removed.windup.test.xml
@@ -0,0 +1,60 @@
+<?xml version="1.0"?>
+<ruletest id="log4j-removed-with-config-tests"
+          xmlns="http://windup.jboss.org/schema/jboss-ruleset"
+          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+          xsi:schemaLocation="http://windup.jboss.org/schema/jboss-ruleset http://windup.jboss.org/schema/jboss-ruleset/windup-jboss-ruleset.xsd">
+    <testDataPath>data/log4j-removed-with-config/</testDataPath>
+    <rulePath>../log4j-removed.windup.xml</rulePath>
+    <ruleset>
+        <rules>
+            <rule id="log4j-removed-00002-test">
+                <when>
+                    <not>
+                        <iterable-filter size="1">
+                            <hint-exists message="Log4j usage without including `log4j.jar`"/>
+                        </iterable-filter>
+                    </not>
+                </when>
+                <perform>
+                    <fail message="[log4j-removed-00002] The hint was not found!" />
+                </perform>
+            </rule>
+            <rule id="log4j-removed-00003-test">
+                <when>
+                    <not>
+                        <iterable-filter size="3">
+                            <hint-exists message="Log4j configuration without including `log4j.jar`"/>
+                        </iterable-filter>
+                    </not>
+                </when>
+                <perform>
+                    <fail message="[log4j-removed-00003] The hint was not found!" />
+                </perform>
+            </rule>
+            <rule id="log4j-removed-00004-test">
+                <when>
+                    <not>
+                        <iterable-filter size="1">
+                            <hint-exists message="Log4j custom-handler using appender"/>
+                        </iterable-filter>
+                    </not>
+                </when>
+                <perform>
+                    <fail message="[log4j-removed-00004] The hint was not found!" />
+                </perform>
+            </rule>
+            <rule id="log4j-removed-00005-test">
+                <when>
+                    <not>
+                        <iterable-filter size="2">
+                            <hint-exists message="Log4j module dependency declaration"/>
+                        </iterable-filter>
+                    </not>
+                </when>
+                <perform>
+                    <fail message="[log4j-removed-00005] The hint was not found!" />
+                </perform>
+            </rule>
+        </rules>
+    </ruleset>
+</ruletest>
\ No newline at end of file