Hi Team, I have a very specific requirement and would request some guidance on getting started on this.
Background :
I have a piece of code that scans the project repository for specific test classes and determine whether test method contain some pattern for example if contract test methods make calls using “RxHttpClient” pattern. My code scans the project repository, identifies all such methods. Currently I have this code running as a utility from jenkins, but ask is to integrate this at PR level using SonarQube.
Requirement - How to write a custom plugin or rule where I can integrate my code. In short, currently what my utility is doing (Scanning and identify contract test methods using specific pattern) I want to achieve same using Sonar.
Currently Sonar is running as part of PR, when I contacted plugin team, they asked to write a custom rule/plugin for this requirement and they will deploy it to server. I am new to this so having bit trouble getting started. Any suggestions would be really helpful.
Are you raising issues, or just counting to create metrics? If it’s issues, then it’s probably easier to just adapt your tool to output the generic issue format and feed the data in that way.
I want to raise issues, I am able to create a custom rule using sonar-plugin-api and sonar-java-plugin which I believe serves my purpose, but i am having trouble writing unit tests for it.
I am on Java11 and using latest version of sonar-plugin and sonar java. Details below.
Sure will do. Can you point me to any example project if you have, where I can look for unit tests ? If there is any sample project for custom plugin development
I mean sample project to build custom plugin with latest sonar version? I want to migrate to new version but facing lot of issues when upgraded to new version. Any reference project would help
I could achieve to some extent what I want to do. Also able to write test with latest version.
I would need some help in proceeding further. If someone can help with below query would be really helpful.
I am visiting each method of a class under scan using ‘visitMethod’ . I need to get entire content of the method as string? So that for my custom plugin, I can check if any method contains certain string which we consider as violation. Basically want to check if certain String is present inside the method
@Override
public void visitMethod(MethodTree tree) {
super.visitMethod(tree);
boolean usedRxHttpClient = false;
// Traverse the method's block
for (StatementTree statement : tree.block().body()) {
if (statement.is(Tree.Kind.VARIABLE)) {
VariableTree variable = (VariableTree) statement;
System.out.println("Variable type is : " + variable.type());
// Check if the variable type is RxHttpClient
if ("RxHttpClient".equals(variable.type().toString())) {
usedRxHttpClient = true;
break;
}
}
}
// Report an issue if RxHttpClient is used in the method
if (usedRxHttpClient) {
context.reportIssue(this, tree.simpleName(), "Method uses RxHttpClient");
}
}
Language - Java
Above is my code which checks Usage of RxHttpClient. Here I am checking for each variable declaration type within method. I am able to identify for some extent. This code is not working when RxHttpClient is declared within try catch block. Also I want to check for strings other than RxHttpClient.
Is there a way, instead of checking for variable type, can I just get entire method as string or traverse each statement and get the line as String so I can do String.contains() operation.
I recommend you to go over the CUSTOM_RULES_101 guidelines, where you should get everything you need to write, test and add a custom rule to the Sonar Java Plugin. You can also find examples here.
You are asking for help in writing your custom rule logic, unfortunately, this is something that you need to figure out yourself. It can help you to look at how we implement our rules, you can find them here. Have a look at this to understand how to get type information from the semantic.
Wish you the best of luck in implementing your rule.
Hi @angelo.buono . thanks for responding. I am able to figure out my logic and it worked. I also need to create a custom rule which analysis the Kotlin files. However I am unable to find much documentation around that. Would you be able to point me to some documentation or example project for Kotlin?
I’m glad that you succeded in implementing your custom rule for the Java Plugin.
Unfortunately, there is no support for custom rules in the Kotlin Plugin. You can check Adding coding rules for the list of Sonar Plugins that support custom rules.
we specify and implement rules language by language. We have different teams specialized in different languages. It is possible to have the same rule defined in different languages, but their specification may be different and their implementation is independent.
I don’t recall any rule allowing the detection of a String within the file.
Feel free to look into the list of Kotlin Rules and search by yourself. In case you can’t find any suitable rule for your specific need you may:
Open a new post in which you propose an idea for a new rule, that is backed by a valid rationale.
Find a different tool more suitable for your task. In your case, a simple script may be enough, for example, grep -Rnw '/path/to/folder/' -e 'pattern'.
Generally, our rules are based on best practices that guarantee maintainable, reliable, and secure code.
Hi @angelo.buono , thanks a lot for responding. I want to gate at PR level so going with Sonar option to block PR merge in case a file meets specific requirement.
Regarding custom rule for sonar, I found a link (2 years old), is this not officially supported? Is this a feasible solution to create custom rule for kotlin?
