search

pmayweg / sonar-groovy

SonarQube plugin for Groovy
GNU Lesser General Public License v3.0
52 stars 65 forks source link

Cannot use with codenarc gradle plugin (to specify ruleset) #70

Closed kdorff closed 6 years ago

kdorff commented 6 years ago

I'm hoping to use the sonarqube gradle plugin which, from what I can tell, uses this code to actually perform the heavy lifting. The issue I am having is this plugin's ability to leverage the gradle codenarc plugin (or how to make the pmayweg/sonar-groovy code be more configurable, especially when called from the sonarqube gradle plugin).

I have created a repo in the "final state" including a README.md that provides a simple step-by-step for how I got there. See https://github.com/kdorff/test-sonarqube

Specifically, I want to be able to run codenarc on tests as well as source AND be to specify the CodeNarc ruleset that will be used. I am able to run codenarc as expected, and I believe this plugin is seeing my report(s) (at least main.xml, probably not test.xml). I think we are both using the same codenarc (0.25.2) but this plugin doesn't understand any of the issues in the codenarc report. Output looks like:

$ ./gradlew clean codenarcMain codenarcTest sonarqube
:clean
:codenarcMain
CodeNarc rule violations were found. See the report at: file:///Users/kevi9037/save/IntelliJ/test-sonarqube/build/reports/codenarc/main.xml
:codenarcTest
CodeNarc rule violations were found. See the report at: file:///Users/kevi9037/save/IntelliJ/test-sonarqube/build/reports/codenarc/test.xml
:compileJava NO-SOURCE
:compileGroovy
:buildProperties
:processResources
:classes
:compileTestJava NO-SOURCE
:compileTestGroovy
:processTestResources NO-SOURCE
:testClasses
:test
:sonarqube
No such rule in SonarQube, so violation from CodeNarc will be ignored: ClassJavadoc
No such rule in SonarQube, so violation from CodeNarc will be ignored: FileEndsWithoutNewline
No such rule in SonarQube, so violation from CodeNarc will be ignored: NoDef
No such rule in SonarQube, so violation from CodeNarc will be ignored: TrailingWhitespace
No such rule in SonarQube, so violation from CodeNarc will be ignored: TrailingComma
No such rule in SonarQube, so violation from CodeNarc will be ignored: SpaceAroundMapEntryColon
No such rule in SonarQube, so violation from CodeNarc will be ignored: UnnecessaryReturnKeyword
No such rule in SonarQube, so violation from CodeNarc will be ignored: SpaceBeforeOpeningBrace
No such rule in SonarQube, so violation from CodeNarc will be ignored: UnnecessaryGString
Metric 'lines' is an internal metric computed by SonarQube. Provided value is ignored.
Metric 'test_success_density' is an internal metric computed by SonarQube. Provided value is ignored.
kdorff commented 6 years ago

For what it's worth, I grepped through the sonar-groovy source and each of the above errors (such as SpaceAroundMapEntryColon) are located in each of

tools/sonar-codenarc-converter/src/test/files/groovy-model.xml
tools/sonar-codenarc-converter/src/main/java/org/sonar/plugins/groovy/codenarc/Converter.java
sonar-groovy-plugin/src/main/resources/org/sonar/plugins/groovy/cost.csv
sonar-groovy-plugin/src/main/resources/org/sonar/plugins/groovy/rules.xml

so my impressions is they SHOULD be recognizable, I'd hope.

kdorff commented 6 years ago

FWIW, I'm running SonarQube Version 7.1 (build 11001), community edition

My plugins:

Clover 3.1 Git 1.4.0.1037 Groovy 1.5 SonarC# 7.0.1 SonarFlex 2.4 SonarJS 4.1 SonarJava 5.4 (build 14284) SonarPHP 2.13.0.3107 SonarPython 1.9.1 SonarTS 1.6 SonarXML 1.5 Svn 1.7.0.1017

kdorff commented 6 years ago

Additional datapoints, I downloaded the 1.6-RC1 jar from Github Releases and placed it in /opt/sonarqube/extensions/plugins (removing the 1.5 version). I restarted SonarQube. I verified that Marketplace showed the correct version (1.6-RC1).

I changed my build.gradle line to reference both main and test .xml files.

sonarqube {
    properties {
        property "sonar.host.url", "http://localhost:9000"
        property "sonar.groovy.codenarc.reportPaths", ["build/reports/codenarc/main.xml", "build/reports/codenarc/test.xml"]
    }
}

And ran 

$ ./gradlew clean codenarcMain codenarcTest sonarqube

This produced additional CodeNarc rules that reportedly don't exist in SonarQube (DuplicateStringLiteral, MethodName, BuilderMethodWithSideEffects) but all of these I think should be known about in sonar-groovy, as mentioned before.

But I see that 1.6-RC1 now supports more than one codenarc .xml report file, so I think that is progress.

kdorff commented 6 years ago

I've been diving deeper and it seems that perhaps the issue is that many CodeNarc rules are not included in sonar-groovy-plugin/src/main/resources/org/sonar/plugins/groovy/profile-sonar-way.xml but they are included in rules.xml and they are listed elsewhere such as Converter.java.

It seems that while I get a lot messages such as No such rule in SonarQube, so violation from CodeNarc will be ignored: DuplicateStringLiteral, I did some debugging and yes SOME of the rules are matched such as EmptyMethod, ElseBlockBraces (I manually added some additional code to trigger this rule). So rules are matched. BUT, even though I know some rules matched based on the execution, SonarQube doesn't show any "issues" for this project, so the CodeNarc reports aren't ending up in SonarQube, it seems.

Any thoughts on the missing rules or the missing issues?

kdorff commented 6 years ago

Going through the plugin code, I discovered I can place a file codenarc/profile.xml which is a Codenarc ruleset XML file and allow the plugin to execute the internal Codenarc. This seems to allow me to specify my ruleset without complaints during the sonarqube task (but not run Codenarc on tests, but that can probably be added). Continuing to investigate.

The sonar-groovy plugin will write the codenarc configuration that it will use to a file build/sonar/codenarc/profile.xml. I don't see a way to specify the codenarc ruleset to use (which is why I was hoping to to use the Gradle codenarc plugin to start with). Still looking.

kdorff commented 6 years ago

OK I had a misunderstanding of how SonarQube works. I created a new QualityProfile and added the rules to that. I have a good direction forward. Will continue to update.

kdorff commented 6 years ago

OK here is what I have learned.

  1. Make sure you update to at least the 1.6-RC1 code for sonar-groovy, not the 1.5 code found in the SonarQube marketplace. Install the jar into /opt/sonar/extensions/plugins and restart sonarqube.
  2. DON'T use the codenarc gradle plugin
  3. Give up on running codenarc on your test source (at least for now)
  4. DON'T make a codenarc rules set file (because...)
  5. Within sonarqube, go to Quality Profiles and Copy the "Sonar Way" Groovy profile. Active the CodeNarc rules you are interested in in your new profile.
  6. Make that the default Quality Profile for Groovy.
  7. Allow the sonarqube-gradle-plugin / sonar-groovy to control and run the "embedded" codenarc when it runs the sonarqube task

My gradle configuration of sonarqube, jacoco, and codenarc

buildscript {
   ...
    dependencies {
        ...
        classpath "org.sonarsource.scanner.gradle:sonarqube-gradle-plugin:2.6.2"
    }
}

apply plugin: "jacoco"
apply plugin: "org.sonarqube"

jacoco {
    toolVersion = "0.8.1"
}

sonarqube {
    properties {
        property "sonar.host.url", "http://hostname:9000"
        property "sonar.java.coveragePlugin","jacoco"
        property "sonar.groovy.jacoco.reportPath", "${project.buildDir}/jacoco/test.exec"
        property "sonar.jacoco.reportPath", "${project.buildDir}/jacoco/test.exec"
    }
}