I have been able to get something working by writing a custom extension which instantiates its own VisitorsBridge and JavaAstScanner, so that I’m able to construct my JavaChecks how I wish. However, I would much rather hook into the existing JavaSquidSensor so that I am not writing as much duplicate code. I have also not seen my extension run in SonarLint, which is a requirement for me.
I’m not 100% sure how SonarJava custom check API is designed, but if your check class is a pico container component, then you can use constructor injection to access Configuration.
For the projectKey, there are many tricky issues, so could you please share your use case?
Thanks for the reply. JavaChecks are not pico components, from what I can tell. If you don’t define a no-args constructor, you get an error during analysis:
[ERROR] Failed to execute goal org.sonarsource.scanner.maven:sonar-maven-plugin:3.4.0.905:sonar
(default-cli) on project parent: Unable to load component class org.sonar.java.SonarComponents:
Fail to instantiate class class foo.bar.MyCustomCheck for rule my-repository:my-rule-id:
foo.bar.MyCustomCheck.<init>()
Getting into the specifics of my use case…
I’m writing a custom rule for my team which checks that changes made to a serializable Java class are forwards and backwards compatible with the previous release of our project. So unlike most rules, this rule needs to be able to compare the code to a previous version of the code.
I have a DynamoDB table which I’m using to store information about the serializable Java classes on each version of the project we have released.
ItemKey
ReleaseVersion
Data
sonarProjectId#fullyQualifiedClassName
XX.XX
binary blob
The specific serializable classes are not known ahead of time – they implement a common interface, which the rule is able to recognize.
My custom rule scans the ClassTree for these serializable classes, then queries the DynamoDB table for data about the class from the previously released version, then compares the two.
The projectId is useful in case there are two classes with the same fullyQualifiedName but in different modules, which could happen.
Then another option is to get the Configuration injected in your CheckRegistrar, and expose it as a static field that all your checks will be able to access. I don’t like exposing static fields, but here it is acceptable.
Regarding using the projectKey, you have to be careful of those points:
is your check supposed to work in SonarLint? I would suggest to disable it in SonarLint, since it is relying on an external DB, and that would slow down SonarLint
is your check supposed to work with branches and pull requests? You would have to get the data not only for the correct project/version, but also for the correct branch.