Is it possible to write a rule to handle changes of specific files to be bugs?

We are using liquibase and existing changesets should never be changed again, otherwise updates of databases would fail. By that we came to the question if it is possible to write a rule, that shows the change of specific files to be a bug.

It is not a common way to write a rule, because there is no xpath for it. On the other side, sonarqube should have all information (changed files) to decide on it. The question is just, how to do something like this.

Example from liquibase:

• old code from 014-20240604-add-test-table.xml

<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-latest.xsd">
  <changeSet author="AIGEL" id="20240604-1">
    <createTable tableName="test_table">
      <column autoIncrement="true" name="ref_id" type="BIGINT">
        <constraints nullable="false" primaryKey="true" primaryKeyName="pk_tt_id"/>
      </column>
      <column name="created" type="datetime">
        <constraints nullable="false"/>
      </column>
      <column defaultValueComputed="NULL" name="modified" type="datetime"/>
      <column name="example_column" type="VARCHAR(255)">
        <constraints nullable="false" unique="true" uniqueConstraintName="unique_ref_id"/>
      </column>
    </createTable>
  </changeSet>

• new code from 014-20240604-add-test-table.xml, should not be modified but has a change (added_column)

<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-latest.xsd">
  <changeSet author="AIGEL" id="20240604-1">
    <createTable tableName="test_table">
      <column autoIncrement="true" name="ref_id" type="BIGINT">
        <constraints nullable="false" primaryKey="true" primaryKeyName="pk_tt_id"/>
      </column>
      <column name="created" type="datetime">
        <constraints nullable="false"/>
      </column>
      <column name="added_column" type="datetime">
        <constraints nullable="false"/>
      </column>
      <column defaultValueComputed="NULL" name="modified" type="datetime"/>
      <column name="example_column" type="VARCHAR(255)">
        <constraints nullable="false" unique="true" uniqueConstraintName="unique_ref_id"/>
      </column>
    </createTable>
  </changeSet>

Hey there.

This kind of rule isn’t possible in SonarQube. I would suggest moving this logic outside of SonarQube. For example, A GitHub Action exists to prevent certain file changes.

You could also a rule to .gitignore, which will stop changes from being tracked (while not removing the checked-in file from your repo).

Hi,

thank you for your fast response even if it is not the desired result. I am sorry to hear, that it is not possible to write that kind of rule in SonarQube.

Unfortunately, the code is not hosted on github and gitlab does not support the suggested actions. We will try to solve it by a pipeline-step with a bash-script, which will work upon git-diff.

Best regards,
Andreas