Help with xpath for xml template rules

TryingToCode · October 24, 2018, 11:23am

Hi,

i’m new to sonar and xpath and i have kind of the same problem.

my XML broken down looks like this

<?xml version="1.0" encoding="utf-8"?>
        <Project>
                <ItemGroup>
                       <ProjectReference>
                            <Private>False</Private>
                       </ProjectReference>
                </ItemGroup>
        </Project>

i want to write a custom rule which checks if is false or not and want to have an error if it is not false.

I tried it with this

/Project/ItemGroup/ProjectReference/Private[text()!='False']

but i dont get an error message.

--------------------------------------------------EDIT---------------------------------------------------------------------

In the meantime i found the SSLR Toolkit and got some working XPath for my need, but Sonar still doesnt give me an errormessage and i dont know why.

This is my XPath:

//ELEMENT[./S_TAG/NAME/@tokenValue='Private' and ./CONTENT/CHAR_DATA/TOKEN/@tokenValue='False']

and this is my Syntax Tree

pynicolas · October 30, 2018, 10:38am

Your original XPath expression looks good to me. Except that, given the != operator, it raises issues only when the content of the Private tag is not False. I set up the following expression and it raised an issue on your code example:

/Project/ItemGroup/ProjectReference/Private[text()='False']

sonalidesh · April 18, 2019, 1:17pm

It still does not show the error, I am running MS build and this rule configured in xml default profile. So it should pick up and scan xml file

sonalidesh · April 18, 2019, 1:18pm

Marcel Walliser TryingToCode
Did you got this working?

duncanp · April 23, 2019, 8:49am

A couple of questions:

just to be clear, are you using the Sonar Scanner for MSBuild?
are the XML files you want to be analysed referenced by the projects you are building, and if so which item groups are they in? (e.g. Compile, Content etc)

When you run the End step of the Scanner for MSBuild it generates a sonar-project.properties file that lists all of the files that will be analysed. The file will be in the .sonarqube\out directory. Check that your XML files are included.

sonalidesh · April 24, 2019, 8:13am

Hello

Yes using SonarScanner for MSbuild as below:

SonarScanner.MSBuild.exe begin /key:“WebAppTest”
“C:\Program Files (x86)\Microsoft Visual Studio\2017\Community\MSBuild\15.0\Bin\MSBuild.exe” /t:Rebuild
3.SonarScanner.MSBuild.exe end

Yes the config /xml file are part of sonar-project.properties. The files were part of content.

duncanp · April 24, 2019, 11:16am

Ok, so the Scanner for MSBuild is passing the correct configuration to the command line scanner that is being executed in the end step.

I’m not familiar with custom XPath rules so I can’t be of much more help. Some general suggestions: check that the rule is enabled in the QP, check that the expected QP is being used during the analysis, and check the console output of the end step for any warnings or errors.

sonalidesh · May 7, 2019, 1:05pm

Anyone who can help here…We have also tried to write a utility from Java to scan xml files but how to apply that on the C# project? Doing Sonar Scanner or MSbuild the rules are still not applied.

Lena · July 3, 2019, 9:54am

Does that xml file appear in SQ UI? it there syntax highlighting, other XML issues on that file?
Show the full logs of the analysis.