Sonar analysis of new features in a legacy codebase


I had a use case the other day to sonar analysis on a small subset of a large codebase.  We have a large legacy codebase and occasional feature development within this codebase.  One might argue, why the new features are developed within this codebase and not as a self-contained module outside it.  Given that it does not happen that way, the question was how to do a sonar analysis of only the new code.

Sonar has a feature called exclusions, which allows us to exclude source code from sonar analysis.  This works well when you want to exclude a subset of the source code from analysis.  But it does not make sense here, when the bulk of the source code needs to be excluded from analysis.

What was required was a way to specify inclusions, i.e. tell sonar to only analyse this subset of the source code.  Interestingly there is a long-pending feature request in sonar for this.

I created a separate pom for this feature and initially tried to exclude everything but the code I wanted to analyse through the exclusions feature, I realized it was way too laborious and error-prone since the new code was not confined to a java package or two.

I also then came across another problem - bootstrapping the sonar analysis for this new project with only a subset of source code to analyse.  Currently this is not possible from the sonar web interface , since the project gets created in sonar only after the first analysis.  This can be achieved using the sonar property sonar.exclusions - however, this is important not to put it in the global M2 settings.xml file, since the value gets used in all analysis

I could configure the maven compiler plugin to only compile the classes for the new feature.  Only these classes were compiled and unit tested.  But when it came to source code analysis, sonar included everything in the source directory and not just what was compiled.

Then I hit upon a fairly simple workaround. Copy to a new subfolder only those classes corresponding to the new feature and run the maven build as well as sonar analysis on this subfolder.  Though this sounds simple, maven does not provide a facility to copy a subset of source code to another folder.  This is where ant scores.

This was easily done using an ant task. I incorporated this task into the pom using maven antrun plugin.

I now specified this new folder as the source folder for sonar to do the analysis.  I no longer had to specify any exclusions or inclusions, either for the compiler plugin or for the analysis.  The analysis was accurate as well as less laborious.

The relevant pom snippet...
 
...

    <properties>
    ...
        <feature>${project.basedir}/feature</feature>
        <feature.src>${feature}/src</feature.src>
        <feature.test>${feature/test</feature.test>
    </properties>
    ...
   
    <plugin>
        <artifactId>maven-antrun-plugin</artifactId>
        <version>1.7</version>
        <executions>
          <execution>
            <!-- Do this as part of source generation phase-->
            <phase>generate-sources</phase>
            <configuration>
              <target>
                  <!-- Remove existing feature folder and contents.
                       This can also be done by configuring maven clean plugin
                   -->
                  <delete dir="${feature}"/>
                  <!-- Copy feature-specific source code to src subfolder -->
                  <copy todir="${feature.src}">
                      <fileset dir="src" includes="**/feature/**">
                      </fileset>
                  </copy>
                  <!-- Copy feature-specific test code to src subfolder -->
                  <copy todir="${feature.test}">
                      <fileset dir="test" includes="**/feature/**">
                      </fileset>
                  </copy>
              </target>
            </configuration>
            <goals>
              <goal>run</goal>
            </goals>
          </execution>
        </executions>
      </plugin>
      ...

Comments

Popular posts from this blog

Opening a safe deposit locker in SBI

Opening a Kannada Word document

Switching to Tatasky make my pack