Configuring a Custom Rule Set

Video Tutorial

This video demonstrates how to use a custom rule set to check code from CodeArts Repo.

Customizing a Rule Set

1. Access CodeArts Check through a project.
2. Click the Rule Sets tab.
3. Click Create Rule Set. In the displayed dialog box, enter a rule set name and description, and select a language.

   You can also copy an existing rule set by selecting it from the Replicated in drop-down list.

4. Click OK.
5. Select rule names, set Issue Level and click Save in the upper right corner.

   Customize rules if needed.

   • Click the rule set name to go to the details page.
   • Alternatively, on the details page, click Export to export the enabled rules in the rule set to the local PC and view the rule details.
   • On the details page, click Modify Basic Info to modify the rule set name or description.
     

     • The Language cannot be modified.
     • Preset rule sets cannot be modified.
     • Custom rule sets can be deleted only by the one who created them.
   • Click in the row where the rule set is located and choose Delete Set.
     

     • Custom rule sets can be deleted only by the one who created them.
     • System rule sets and custom rule sets in use cannot be deleted.
     • To delete a rule set being used by a code check task, you can either delete the task or assign another rule set to the task.

Using a Custom Rule Set

1. Go to the task details page, and choose Settings > Rule Sets.
2. If any changes are made to the code repository after you create a code check task, click in the Languages Included row to re-obtain the target language, and enable the switch of language.
3. Click to select the created custom rule set.

Customizing a Rule

• Custom rules: max. 10.
• Lines of code scanned by a rule set with only custom rules: max. 100,000. This applies when the rule set contains only custom rules.
• Duration per code check task with 100,000 LOC scanned by a rule set with only custom rules: max. 1.5 hours. This applies when the rule set contains only custom rules.

To scan more code or customize more rules, contact technical support.

1. Click the Rules tab.
2. Click Create Rule. Set parameters by referring to Table 1.

   Table 1 Rule parameters

   Parameter	Description	Mandatory
   Rule Name	Custom rule name. It can be customized. Enter 1 to 128 characters: letters, digits, underscores (_), hyphens (-), and periods (.).	Yes
   Tool Rule Name	Rule source code file (by default).	Yes
   Tool	Check tool used by a custom rule. Currently, only SecBrella is supported.	Yes
   Language	Language checked by a custom rule. Currently, only Java is supported.	Yes
   Source Code	Rule source code file. Create a .kirin file, create a domain-specific language (DSL) for rules, run the local plug-in to generate a SecH_Rule name.json file in the OutputReport directory, and upload the .json file.	Yes
   Severity	Severity of a code issue detected by a rule. The value can be Critical, Major, Minor, or Suggestion.	Yes
   Tag	Rule tag for different scenarios. Use commas (,) to separate multiple tags.	No
   Description	Rule description. The content can contain code in Markdown. Max. 10,000 characters.	Yes
   Compliant Example	Compliant code example. The content contains code in Markdown. Max. 10,000 characters.	No
   Noncompliant Example	Noncompliant code example. The content contains code in Markdown. Max. 10,000 characters.	No
   Fix Suggestions	Issue fixing suggestions. The content can contain code in Markdown. Max. 10,000 characters.	No

3. Click Create Rule.