Help Center/ CodeArts Check/ Best Practices/ Checking Code from CodeArts Repo with Custom Rules
Updated on 2025-08-01 GMT+08:00

Checking Code from CodeArts Repo with Custom Rules

Scenario

As the code and development framework expand, the static analysis needs to cover additional scenarios. However, the following questions have also arisen:

  • The traditional static analysis engines cannot offer real-time scenario-based code checks by relying solely on general rules.
  • Users may not be familiar with all scenarios covered by general rules, making finding applicable rules for a newly developed service time-consuming.
  • It is challenging to develop comprehensive and effective rules to fit different users and services.

This section describes how to use custom rules to check code.

Prerequisites

Procedure

Table 1 Steps

No.

Step

Description

1

Creating a Project

Create a project.

2

Creating a Code Repository in CodeArts Repo

Create a code repository.

3

Creating a Rule File

Create a rule file to be uploaded when a custom rule is created.

4

Creating a Custom Rule

Create a custom rule.

5

Creating a Custom Rule Set

Create a custom rule set to use custom rules.

6

Creating a Task

Create a task that uses custom rules.

7

Checking Code by Using a Custom Rule Set

Configure the task with the custom rule set.

8

Viewing Check Results

View the check results to check whether the rule takes effect.

Creating a Project

  1. Log in to the Huawei Cloud console.
  2. Click in the upper left corner and choose Developer Services > CodeArts from the service list.
  3. Click Access Service.
  4. Click Create Project, and select the Scrum template. Set the project name to Scrum01 and retain the default values for other parameters.
  5. Click OK to access the project.

Creating a Code Repository in CodeArts Repo

  1. In the navigation pane, choose Code > Repo.
  2. On the CodeArts Repo homepage, click Create Repository.
  3. On the displayed page, select Template.
  4. Click Next and select the Java Maven Demo template.
  5. Click Next. Set the repository name to Repo01 and deselect Automatically create check task. Retain the default values for other parameters.
  6. Click OK.
  7. Modify the code information in the HelloWorld.java file in the com/huawei directory as follows:

    package com.huawei;
    /**
     * Generate a unique number
     *
     */
    public class HelloWorld 
    {
    //Used to print logs
      public void debugLog(List<String> msg) {
        for (String msg0 : msg) {
          System.out.println("DEBUG:"+ msg0);
        }
    }
        public static void main( String[] args )
        {
          System.out.println("Hello World!");
        }
    }

Creating a Rule File

  1. Download and install the Visual Studio Code IDE editor (version 1.67.0 or later).
  2. On the IDE editor page, click on the left and search for Huawei Cloud CodeNavi in the displayed window.
  3. Click Install to install this plug-in.
  4. Create a .kirin file in the editor workspace, for example, CheckDebugCode.kirin. The file content is as follows:

    functionDeclaration fd1 where
        and(
            fd1.hasBody,
            fd1.name startWith "debug",
            fd1.parameters.size() == 1,
            fd1.parameters[0].type.name == "java.util.List"
        );

  5. Right-click the rule file and choose CodeNavi > Format to verify the syntax.
  6. Right-click the rule file and choose CodeNavi > Scan.
  7. In the displayed dialog box, select the file or directory to be checked and click Scan.
  8. After the scanning is complete, click the defects in the lower left corner of the page to display the specific code snippet. In addition, a rule file in .json format is generated in the OutputReport file in the same directory.

Creating a Custom Rule

  1. In the navigation pane, choose Code > Check.
  2. Click the Rules tab.
  3. Click Create Rule. Set parameters by referring to Table 2.

    Table 2 Rule parameters

    Parameter

    Description

    Rule Name

    Custom rule name. It can be customized. For example, CheckDebugCode.

    Tool Rule Name

    Rule source code file (by default).

    Tool

    Check tool used by a custom rule. Currently, only SecBrella is supported.

    Language

    Language checked by a custom rule. Currently, Java and ArkTS are supported.

    Source Code

    Rule source code file. Upload the file generated in Creating a Rule File.

    Severity

    Severity of a code issue detected by a rule. The value can be Critical, Major, Minor, or Suggestion. Set this parameter to Suggestion.

    Tag

    (Optional) Rule tag for different scenarios.

    NOTE:

    Use commas (,) to separate multiple tags.

    Description

    Rule description. The content contains code in Markdown. Max. 10,000 characters. For example, check whether debugging code exists.

    Compliant Example

    (Optional) Compliant code example. The content contains code in Markdown. Max. 10,000 characters.

    Noncompliant Example

    (Optional) Noncompliant code example. The content contains code in Markdown. Max. 10,000 characters.

    Fix Suggestions

    (Optional) Issue fixing suggestions. The content contains code in Markdown. Max. 10,000 characters.

  4. Click OK.

Creating a Custom Rule Set

  1. On the task list, click the Rule Sets tab.
  2. Click Create Rule Set. In the displayed window, set Rule Set to RuleList and Language to JAVA.
  3. Click Confirm.
  4. Select the rule created in Creating a Custom Rule and click Save in the upper right corner.

Creating a Task

  1. On the task list page, click Create Task and set parameters by referring to the following table.

    Table 3 Task parameters

    Parameter

    Description

    Project

    Retain the default value (the Scrum01 project created in Creating a Project).

    Code Source

    Source of code. Select Repo.

    Name

    Enter a task name, for example, CheckTask01.

    Repository

    Select the Repo01 code repository created in Creating a Code Repository in CodeArts Repo.

    Branch

    Retain the default value master.

    Language

    Select Java.

  2. Click Confirm.

Checking Code by Using a Custom Rule Set

  1. In the Tasks page, click the task name.
  2. Click Settings.
  3. Click Rule Sets. In the right pane, click to select the RuleList rule set created in Creating a Custom Rule Set.
  4. Click Configuration, set Compiler Tools Options to , and set Build Tool to maven. Retain the default values for other parameters and click Confirm.

    Figure 1 Configuration

  5. Click Start Check in the upper right corner.

Viewing Check Results

  1. In the Tasks page, search for the CheckTask01 task created in Creating a Task.
  2. Click the task name to view the check details, including overview, issues, metrics, logs, and settings.

Related Operations