Custom PMD Java rule violations not showing on SonarQube
Question
I'm trying to run my custom PMD rules on SonarQube but, so far, without success.
I have created a plugin which extends from the sonar-pmd-plugin. In this plugin I have my PMD ruleset file (custom_rules.xml), a Sonar rules file (pmd-extensions.xml) and the Java classes of my custom rules.
SonarQube identifies my rules, and I have enabled them in my default quality profile. Finally, when I run the sonar analysis on a given project, I see that my custom rules are properly executed and that they find violations in the project under analysis.
However, these violations are never shown on the project dashboard on SonarQube.
The version of SonarQube I'm using is 5.1.1. The version of the PMD plugin is 2.4.1. I created a minimal example for this issue, with only one custom rule.
custom_rules.xml:
<?xml version="1.0" encoding="UTF-8"?>
<ruleset name="My custom rules" xmlns="http://pmd.sourceforge.net/ruleset/2.0.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://pmd.sourceforge.net/ruleset/2.0.0 http://pmd.sourceforge.net/ruleset_2_0_0.xsd">
<rule
language="java"
name="RuleJavaAssert"
message="Avoid assert in production"
class="br.gov.tcu.rules.RuleJavaAssert">
<description>Production code should not use the assert command</description>
<priority>3</priority>
</rule>
</ruleset>
pmd-extensions.xml:
<rules>
<rule>
<key>br.gov.tcu.rules.RuleJavaAssert</key>
<name>Avoid assert in production</name>
<category name="Maintainability" />
<priority>BLOCKER</priority>
<description>Production code should not use the assert command</description>
<configKey>br/gov/tcu/rules/custom_rules.xml/RuleJavaAssert</configKey>
</rule>
</rules>
RuleJavaAssert.java:
public class RuleJavaAssert extends AbstractJavaRule {
@Override
public Object visit(ASTAssertStatement node, Object data) {
System.err.println("Found violation");
addViolation(data, node);
return super.visit(node, data);
}
}
AssertViolation.java:
public class AssertViolation {
public static void testMethod() {
String test = "test";
assert(test != null);
}
}
The output of SonarQube analysis on the console, when run against a project which contains the class "AssertViolation.java":
[INFO] Scanning for projects...
[INFO]
[INFO] ------------------------------------------------------------------------
[INFO] Building teste-pmd 0.0.1-SNAPSHOT
[INFO] ------------------------------------------------------------------------
[INFO]
[INFO] --- sonar-maven-plugin:2.7.1:sonar (default-cli) @ teste-pmd ---
[INFO] User cache: D:\Users\x02315941199\.sonar\cache
[INFO] SonarQube version: 5.1.1
(...)
[INFO] [15:48:17.564] Sensor PmdSensor
[INFO] [15:48:17.564] Execute PMD 5.3.1...
[INFO] [15:48:17.580] Java version: 1.7
[INFO] [15:48:17.595] PMD configuration: D:\Users\x02315941199\Documents\PMD\workspace\teste-pmd\target\sonar\pmd.xml
Found violation
[INFO] [15:48:17.815] PMD configuration: D:\Users\x02315941199\Documents\PMD\workspace\teste-pmd\target\sonar\pmd-unit-tests.xml
[INFO] [15:48:17.815] Execute PMD 5.3.1 done: 251 ms
[INFO] [15:48:17.971] Sensor PmdSensor (done) | time=407ms
(...)
[INFO] ------------------------------------------------------------------------
[INFO] BUILD SUCCESS
[INFO] ------------------------------------------------------------------------
[INFO] Total time: 7.185 s
[INFO] Finished at: 2015-11-11T15:48:19-02:00
[INFO] Final Memory: 72M/741M
[INFO] ------------------------------------------------------------------------
From the console message "Found violation" I can see that the rule was executed properly, but still SonarQube indicates 0 issues.
Any thoughts? Thanks
1 answers
solution1
2 ACCPTED 2015-11-23 15:44:48
The reason SonarQube doesn't show the violations is because the violation recorder in the sonar-pmd-plugin searches for the rule by its key.
Therefore, the key attribute in the pmd-extensions.xml file must equal the name attribute of the rule in custom_rules.xml
The provided example would be fixed by changing the pmd-extensions.xml content to:
<rules>
<rule>
<key>RuleJavaAssert</key>
<name>Avoid assert in production</name>
<category name="Maintainability" />
<priority>BLOCKER</priority>
<description>Production code should not use the assert command</description>
<configKey>br/gov/tcu/rules/custom_rules.xml/RuleJavaAssert</configKey>
</rule>
</rules>
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.