Support Custom plugin on Sonar Cloud

We want to build and run Sonar Java custom plugin for a very project specific rule.

But it doesn’t seem to be supported on Sonarcloud:


Requesting for a mechanism to create & deploy custom plugin on Sonarcloud.

Sorry, this is not in the plans. On SonarCloud, we can not afford running code that is not developed or mastered by our teams.

Hi Fabrice

We are ok that not being allowed for custom plugin on sonar cloud. We should be able to create our own rules to check. If certain conditions are mate while writing the code. E.g i want developer must write his class name ending with Validator. How can i achieve this?

Thanks
Nivrutti

Hi Nivrutti,

as Fabrice wrote, SonarSource will not support custom rules in their SonarCloud service. But if you install SonarQube on your own server you can install third-party plugins and custom rules.

If you need or want to stay with SonarCloud, though, you could achieve what you want by integrating other tools into your build process. However, it will work differently: instead of creating violations/issues in SonarCloud, it will cause the build to fail, and your Continuous Integration platform (Bitbucket Pipelines, Github Actions, Jenkins, Bamboo …) can inform the author and possibly the team.

ArchUnit, for example, allows writing architecture rules for Java projects in unit tests. A simple rule that enforces some kind of naming restriction looks like this:

classes()
    .that().resideInAPackage("..controller..")
    .or().areAnnotatedWith(MyController.class)
    .or().areAssignableTo(AbstractController.class)
    .should().haveSimpleNameEndingWith("Controller");

I haven’t worked with it yet, but it certainly looks like it will do the job.

Best regards,
Jens