Implement a sonar processor #54
Conversation
dopuskh3
force-pushed
the
sonar
branch
3 times, most recently
from
a15020b
to
70ad26a
Compare
|
Hi, Great work! So it's just running sonar-runner from the cli, no sonar server needed? |
| public class SonarProcessorTest { | ||
|
|
||
| @Test | ||
| public void testFilterResults() { |
There was a problem hiding this comment.
Please rename test names in "should<do_something>When<something_happens>" manner, as in rest of the project.
|
Can you resolve conflicts with master? |
dopuskh3
force-pushed
the
sonar
branch
2 times, most recently
from
7905a0f
to
6ad34fe
Compare
|
Hi, You need a sonar server to run this processor. Sonar runner pull its configuration and dependencies from the sonar server. It also pulls issues already indexed and only report the new ones to sputnik. That way sonar runnuer instance run by sputnik only reports issues that where added in the review diff - considering your run sonar running after each commit. Rebased on master, fixed the naming and TestEnvironment comments. F. |
dopuskh3
force-pushed
the
sonar
branch
2 times, most recently
from
b9eff47
to
3692c5d
Compare
|
Hi! Thank you for your submission, but I'm not sure if this is a good change. I have a few concerns about it. First, this processor requires 3rd party server to run. That's an additional integration dependency that increases complecity of a simple Sputnik. Second, running Sonar runner, that runs its own analysis (including PMD, FindBugs, Checkstyle and Squid) is redundant to Sputnik. I am not sure about third. Does running Sonar runner slow down Sputnik? My goal is to run Sputnik and all analysis in less than 30 seconds, even for 100 files. My last concern is emotional. I wrote Sputnik to get rid of Sonar. These are two tools for different purposes. Sonar is a long run project analysis that should be used for tracking progress. Sputnik is a fast static code analyser intended to support code reviewers. With this PR Sonar is getting to Sputnik and I'm spectical about it. |
|
I also think this would be useful:
I'm looking for the release with this support! |
|
Hi, Although it requires additional dependencies note that:
Regarding the running time, I don't think the sonar feedback take too much time to run (at least in incremental mode) and:
Over all this plugin allows to take advandate of the whole sonar plugin library which is really huge (http://docs.codehaus.org/display/SONAR/Plugin+Library). |
|
I agree that the fact you get all sonar plugins for free with this merge request is compelling.
Now I already have all my configuration in sonar, why wouldn't I want sputnik to run a trimmed-down (incremental) version of sonar to give me the warnings ? |
| @@ -40,6 +40,9 @@ dependencies { | |||
| compile 'ch.qos.logback:logback-classic:1.0.13' | |||
| compile 'org.projectlombok:lombok:1.12.6' | |||
| compile 'commons-cli:commons-cli:1.2' | |||
| compile 'org.codehaus.sonar.runner:sonar-runner-api:2.4' | |||
| compile 'org.codehaus.sonar-plugins:sonar-issues-report-plugin:1.3' | |||
| compile 'org.json:json:20140107' | |||
There was a problem hiding this comment.
Is this Sonar dependency? We already use Jackson's ObjectMapper to handle JSON. Is this suitable for you to use Jackson instead of a second JSON dependency?
|
Sorry for waiting so long. I still have personal issues with this change, however I've found it useful. Some users want to use Sputnik in a way I didn't think of at first. Even more - in a way that I dropped. But that's fine so I want this PR to be merged. I've commented inline some details. This PR has high quality, thank you. |
dopuskh3
force-pushed
the
sonar
branch
2 times, most recently
from
8e947e2
to
8cbe570
Compare
Change-Id: Iaf9b4565e8ac2237d5a4d70627487e6bbb4b86fc
Add a few configuration option for further sonar review. Change-Id: I82b92e291791e838b18b6c9281225ba44161cceb
| } | ||
|
|
||
| @Test(expected=IOException.class) | ||
| public void shouldRaiseWhenNoSonarFiles() throws IOException { |
|
I've found one raise, besides that it is ready to be submitted. |
Load sonar configuration specified in sputnik configuration file, build a valid sonar configuration and run sonar runner inside the same process running sputnik. This is not fully functional as we need to parse sonar issues in order to report them to sputnik. Change-Id: I6117d97541b65a8c575cd178c948632ed7fe76fc
SonarResultParser parses json result and produces a ReviewResult. Change-Id: I11e2fc20567570343b20648f8d7ae8bc04d5940b
Change-Id: I86633f86858efbe9aaea177d68492c1ff937273e
Add test fixtures that test sonar will only report new issues Change-Id: I47dd6d4c088620bd5120a07a155e75ba0687b808
Some sonar plugin do no include git path as the source file path (for example, sonar-visual-studio plugin generates filenames that are relative to the module csproj file). Using the file basename and a recursive match allows Sonar to match modified files with their indexed names in Sonar. Although this can generate useless analysis (as some files that are not included in a review may be analysed), this has a limited additional cost considering that few files have the same basename inside a repository. Change-Id: Ib74289e201098d15c618791f47b2dd657c3a1744
Add sonar as a tool for sputnik in the readme title Change-Id: I53df772174a7b0478a992dc8a45c1cf844c8958b
As this configuration directive holds multiple configuration file paths it has been renamed configurationFiles. Change-Id: I33c4e37a8ac25a81868086a9bdd7d2c62685d517
Rename test and use TestEnvironment class as a base class for test in order to use helper methods. Change-Id: I413e2b5d536201dc59059b1fdc0a0c2c1073cc67
Add the rule name so the user can access the description of this rule to fix the issue Change-Id: Icff9bdde4e520f1b6e09925ea6e03d0cd6a718ef
|
Thank you! Spread a word about your use cases with Sputnik :) |
Implement a sonar processor
Hi,
We've implemented a way for sputnik to run Sonar-runner to report issues.
We use it in conjunction with sonar-ndepend (https://github.com/criteo/sonar-ndepend) but should work with
all sonar plugins as long as they provides the line information.
Cheers