Support specifying rule type and adding tags #67
Conversation
Adds two command line parameters: - "/addTag:<tag>" which adds the <tag> to all rules - "/ruleType:CODE_SMELL|VULNERABILITY|BUG" allows to set all rules' type to other than the default code smell
|
Hi @koczkatamas. Thanks for submitting the PR, and apologies for the delay in responding. At one point in the past we had an internal discussion about the possibility of using custom tags or attributes on the analyzers to specify the additional rules metadata, which would be a more flexible solution for analyzer authors. |
|
I am wrapping a third-party analyzer and I was not aware it is possible to modify these configuration values with SQALE. Could you show me an example how does that work? Also I wanted to open an issue because the command line arguments for the SDK are not documented (only the And even when I read the SQALE description while I was editing the resource file, I could not infer from it that you can use this option to re-use a modified rule file. (I am telling you this because others can run into this or similar issues.) So it may worth to document this feature in the README.md |
|
Thanks for the information. Changing the SQALE file won't affect the rules.xml file - I was asking if using a similar approach to would achieve what you wanted, and it sounds like it would. (FYI as a manual workaround, you should be able to unzip the jar file, edit the rules.xml and re-zip the jar) |
|
Oh I see, I was thinking about an option myself which allows you to modify the rules.xml file and then supply the new file as parameter, but it looked too complicated for me to implement. Also thanks for the tip about manually modifying the rules.xml in the jar file, I am not familiar enough with the plugin format to know that this could've work. I think it could be a good workaround for other SDK users too, and even if we don't add new feature to the SDK now (this PR or a more complex solution proposed by you), it may worth to mention this little trick somewhere (probably README.md would be the most visible place for it). |
|
@koczkatamas I've added a /rules: option to the command line to allow the caller to supply a customised rules file as discussed above (i.e. run once to generate the template xml file; edit it; run again to build the plugin with the new file). The code is in the branch duncanp/rulesXml. Could you try it out and let me know if it works for your scenario please? Thanks. |
|
@koczkatamas FYI we've been doing some work on the Roslyn SDK this week to make the generated plugin compatible with SonarQube v7.0+. As part of this, we're dropping the ability to customise the SQALE.xml file (SQALE is deprecated and has been for some time), and adding the ability to customise the rules.xml file instead (see #89). |
|
@duncanp-sonar , wanted to have more detailed information on rules.xml. I noticed some arguments that are not covered in Readme's rules.xml sample in relation to Sonar typic rule definition, specifically 'priority' and 'status'. So wanted to know if the sample in Readme is all we have to customize the rule, or is it an expanded rules.xml that you can provide us with. |
|
Hi, I'll close this one for the time being as there are some rebase conflicts. Please feel free to create a new issue and PR in case there's something to be added. |
Adds two command line parameters:
<tag>to all rulesPlease note this is a preliminary PR which does not includes eg. tests for the new functionality and may violate some Sonar rules (eg. allowed parameter count in a method signature), so let's discuss first what requirements needs to be satisfied before going forward.