Help Center/ CodeArts Check/ Best Practices/ Checking Code from CodeArts Repo with Custom Rules
Updated on 2024-10-10 GMT+08:00

Checking Code from CodeArts Repo with Custom Rules

Scenario

As the code and development framework expand, the static analysis needs to cover additional scenarios. However, the following questions have also arisen:

  • The traditional static analysis engines cannot offer real-time scenario-based code checks by relying solely on general rules.
  • Users may not be familiar with all scenarios covered by general rules, which makes finding applicable rules for a newly developed service time-consuming.
  • It is challenging to develop comprehensive and effective rules to fit different users and services.

This section describes how to use custom rules to check code.

Preparation

  • You have obtained permissions of CodeArts Check.
  • There is Java code in the Git repository.

Process

Table 1 Process

No.

Step

Description

1

Creating a Project

Create a project.

2

Creating a Code Repository in CodeArts Repo

Create a code repository.

3

Creating a Rule File

Create a rule file to be uploaded when a custom rule is created.

4

Customizing a Rule

Create a custom rule.

5

Customizing a Rule Set

Create a custom rule set to use custom rules.

6

Creating a Task

Create a task that uses custom rules.

7

Checking Code by Using a Custom Rule Set

Configure the task with the custom rule set.

8

Viewing Check Results

View the check results to check whether the rule takes effect.

Creating a Project

  1. Log in to the Huawei Cloud console.
  2. Click in the upper left corner and choose Developer Services > CodeArts from the service list.
  3. Click Access Service.
  4. Click Create Project, and select the Scrum template. Set the project name to Scrum01 and retain the default values for other parameters.
  5. Click OK to access the project.

Creating a Code Repository in CodeArts Repo

  1. In the navigation pane, choose Code > Repo.
  2. On the CodeArts Repo homepage, click New Repository and select Template.
  3. Click Next, and search for and select the Java Ant Demo template.
  4. Click Next. Set the repository name to Repo01 and deselect Automatically create Check task. Retain the default values for other parameters.
  5. Click OK.
  6. Modify the code information in the HelloWorld.java file in the com/huawei directory as follows:

    package com.huawei;
    /**
     * Generate a unique number
     *
     */
    public class HelloWorld 
    {
    //Used to print logs
      public void debugLog(List<String> msg) {
        for (String msg0 : msg) {
          System.out.println("DEBUG:"+ msg0);
        }
    }
        public static void main( String[] args )
        {
          System.out.println("Hello World!");
        }
    }

Creating a Rule File

  1. Download and install the Visual Studio Code IDE editor (version 1.67.0 or later).
  2. On the IDE editor page, click on the left and search for Huawei Cloud CodeNavi in the displayed window.
  3. Click Install to install this plug-in.
  4. Create a .kirin file in the editor workspace, for example, CheckDebugCode.kirin. The file content is as follows:

    functionDeclaration fd1 where
        and(
            fd1.hasBody,
            fd1.name startWith "debug",
            fd1.parameters.size() == 1,
            fd1.parameters[0].type.name == "java.util.List"
        );

  5. Right-click the rule file and choose CodeNavi > Format to verify the syntax.
  6. Right-click the rule file and choose CodeNavi > Scan.
  7. In the displayed dialog box, select the file or directory to be checked and click Scan.
  8. After the scanning is complete, click the defects in the lower left corner of the page to display the specific code snippet. In addition, a rule file in .json format is generated in the OutputReport file in the same directory.

Customizing a Rule

  1. In the navigation pane, choose Code > Check.
  2. Click the Rules tab.
  3. Click Create Rule. Set parameters by referring to Table 2.

    Table 2 Rule parameters

    Parameter

    Description

    Rule Name

    Custom rule name. It can be customized. For example, CheckDebugCode.

    Tool Rule Name

    Rule source code file (by default).

    Tool

    Check tool used by a custom rule. Currently, only SecBrella is supported.

    Language

    Language checked by a custom rule. Currently, only Java is supported.

    Source Code

    Rule source code file. Upload the file generated in Creating a Rule File.

    Severity

    Severity of a code issue detected by a rule. The value can be Critical, Major, Minor, or Suggestion. Set this parameter to Suggestion.

    Tag

    (Optional) Rule tag for different scenarios.

    NOTE:

    Use commas (,) to separate multiple tags.

    Description

    Rule description. The content contains code in Markdown. Max. 10,000 characters. For example, check whether debugging code exists.

    Compliant Example

    (Optional) Compliant code example. The content contains code in Markdown. Max. 10,000 characters.

    Noncompliant Example

    (Optional) Noncompliant code example. The content contains code in Markdown. Max. 10,000 characters.

    Fix Suggestions

    (Optional) Issue fixing suggestions. The content contains code in Markdown. Max. 10,000 characters.

  4. Click Create Rule.

Customizing a Rule Set

  1. On the task list, click the Rule Sets tab.
  2. Click Create Rule Set. In the displayed window, set Rule Set to RuleList and Language to Java.
  3. Click OK.
  4. Select the rule created in Customizing a Rule and click Save in the upper right corner.

Creating a Task

  1. On the task list page, click Create Task and set parameters by referring to the following table.

    Table 3 Task parameters

    Parameter

    Description

    Project

    Retain the default value (the Scrum01 project created in Creating a Project).

    Code Source

    Source of code. Select Repo.

    Name

    Customize a task name, for example, CheckTask01.

    Repository

    Select the Repo01 code repository created in Creating a Code Repository in CodeArts Repo.

    Branch

    Retain the default value master.

    Language

    Select Java.

  2. Click Create Task.

Checking Code by Using a Custom Rule Set

  1. In the Tasks page, click the task name.
  2. Click Settings.
  3. Click Rule Sets. In the right pane, click to select the RuleList rule set created in Customizing a Rule Set.
  4. Click Start Check in the upper right corner.

Viewing Check Results

  1. In the Tasks page, search for the CheckTask01 task created in Creating a Task.
  2. Click the task name to view the check details, including overview, issues, metrics, logs, and settings.