[windup-dev] Rules and Ruleset filtering (how to prevent app rules from running on server)

[Ondrej Zizka]

Hi all,

for the approach using rules filtering, we need to:

1) Add the proper metadata to all app-only rules,
2) Figure out how to determine whether we are scanning a server or 
something else,
3) Update the filtering mechanism to support "exclude" and "include" 
filters.


Ad 1)  This includes Java-based rules and XML-based rules.

Ad 2)
    a) Either scan using server identification
    b) Use different user parameter, like, --serverPath instead of 
--inputPath.

    Ad a) In case we would not identify the server, app rules would run, 
and the result would be interesting but unexpected.
             Also, it would need a change in the filter API, so we could 
dynamically change the RuleProvider filters when already executing 
RuleProviders.
             That might lead to future problems when we do some 
preprocessing of RuleProviders, i.e. creating a list of those which will 
run prior to executing them, which I think is likely to happen in the 
future.

    Ad b) This is what I  currently have implemented for the server 
ident rules.

Ad 3) I think good enough solution could be some kind of 
MetadataExcludeRuleProviderFilter, which would say "no" to anything that 
has tag "xyz".

WDYT?
Ondra