Sonar is designed to handle multiple coding rules engines (currently Checkstyle, PMD and Findbugs). Rather than managing each of those rules engines separately, Sonar manages what we call quality profiles.
A quality profile is made of two elements :
- a set of configured rules that Sonar is going to use during the analysis phase
- a set of alerts on metrics
Sonar is able to manage multiple quality profiles that can be associated to projects. When no profile is associated to a project, Sonar uses the default profile.
It is possible to use the checkstyle, pmd and FindBugs rules definitions in other application by using permalinks :
Create a profile
In order to create a new profile, first sign in and go to the configuration top right option.
There are 2 ways in Sonar to create a new quality profile. Once the profile is created, you can add alerts to it (Edit alerts) and associate projects to it (Edit associated projects).
Copy an existing profile
In order to copy an existing profile, click on the copy button next to the profile you want to copy. You are prompted to give the name of the new profile.
The profile is the exact copy of the copied one. You can then make changes to the profile.
Create a new profile
In order to create a new profile, click on the create profile button.
Enter the name of the profile. You then have the possibility to upload existing Checkstyle, PMD and FindBugs files. This allows you to save configuration time. Then click on create.
|The mechanism to upload extended coding rules is different. Check the [Extend coding rules] section for more details|
Edit coding rules
In order to edit coding rules, sign in, click on the configuration option at the top right of the page.
Then click on the name of the profile you want to edit.
It is only possible to edit a user created profile. The profiles coming by default with Sonar cannot be amended.
You can search the rule you want to modify by using the search engine at the top.
When you have found the rule to change, you can activate or deactivate it, change its priority level, configure parameters of the rules.
No extra validation is required to make changes to the profile.
To manage alerts configuration for the profile, click on the number of alerts defined for the profile.
From there it is possible to full manage alerts, by adding new one editing or deleting existing alerts. The principle is the following :
- Choose the metric you are interested in
- Choose an operator (is greater than, is less than)
- Choose the value that will trigger a warning
- Choose the value that will trigger an error
Any change to alerts will be used when the next analysis is performed
Edit associated projects
To manage the projects associated to a profile, click on the number of projects defined for the profile.
The projects associated to a profile will appear in the right hand box. It is possible to move projects around by selecting them and use one of the 4 actions listed. A project can be associated to only one profile at the time. When a project is not explicitly associated to a quality profile, Sonar will use the default quality profile to perform the next analysis.
Delete a profile
In order to delete a profile, sign in, click on the configuration option at the top right of the page.
Then click on the delete button associated to the profile to delete and confirm. When deleting a profile, it will delete the alerts defined in the profile and will remove the association of projects. If nothing else is done , Sonar will use the default profile to perform the next analysis on the (ex-)associated projects.
It is only possible to delete a user created profile. The 2 profiles coming by default with Sonar (Sun checks and Sonar way) cannot be deleted.
Extend coding rules
Checkstyle and PMD provide extension mechanisms to develop your own coding rules. Tutorials to write such custom coding rules are available online for both Checkstyle and PMD. You can for instance define your own naming conventions, forbid access to a given API or anything else that is relevant in your context.
Once this is done, you must feed the Sonar web server with those coding rules extensions. Here are the process to follow for both Checkstyle and PMD coding rules.
The Checkstyle coding rules must be packaged in a JAR file and this file must be copy in the $SONAR_HOME/extensions/rules/checkstyle/ directory.
A XML file must then be created in the same $SONAR_HOME/extensions/rules/checkstyle/ directory to "index" all available custom rules implemented in the JAR file. The name of this XML file doesn't matter but the .xml suffix must be used.
This XML file must look like the following example :
The PMD coding rules must be packaged in a JAR file and this file must be copy in the $SONAR_HOME/extensions/rules/pmd/ directory. Moreover, the JAR file must also contain the PMD ruleset XML file (in the following example, this XML file will be available through the classloader with the following path : rulesets/myruleset.xml)
A XML file must then be created in the same $SONAR_HOME/extensions/rules/pmd/ directory to "index" all available custom rules implemented in the JAR file. The name of this XML file doesn't matter but the .xml suffix must be used.
This XML file must look like the following example :