Adding FxCop rules to Sonarqube

In my posts about custom FxCop rules I mention creating rules for FxCop. In this post I’ll explain how to add the created rules to Sonarqube.

First of all, the assembly needs to be put on the server somewhere. The location doesn’t really matter too much, as long as it’s accessible for Sonarqube. In my case I just dropped it into the default FxCop Rules folder, which is located by default in C:\Program Files (x86)\Microsoft FxCop 10.0\Rules.

After that, Sonarqube needs to be told about the rules as well. The XML is actually fairly similar to the XML file we create for the FxCop rules in the first place.

<?xml version="1.0" encoding="utf-8" ?>
    <rule key="Classname">
        <name><![CDATA[Name for the rule]]></name>
        <description><![CDATA[Rule description]]></description>

So, to take the example of the GetItemUsingID rule, the XML could look something like this:

<?xml version="1.0" encoding="utf-8" ?>
    <rule key="GetItemUsingID">
        <name><![CDATA[Enforce calling the GetItem method using an ID]]></name>
        <description><!CDATA[Use GUIDS where possible instead of path / name. This will improve performance as well as prevent code breaking if content is renamed or moved in the content tree.]]></description>

When the XML has been created it has to be put in the FxCop custom rules field in Sonarqube. You can get to this by going to Sonarqube -> Settings -> Configuration -> .NET FxCop:
Sonarqube configuration settings

Before the rules can be used Sonarqube does have to be restarted. Then we can go into Sonarqube -> Settings -> Quality Profiles. Select the active code profile, and go to the inactive FxCop rules. Select the newly added rules to be active, and we’re all done.

I guess this would also be a good time to mention the source code of the 11 rules I initially created is available on Bitbucket and Sitecore’s marketplace, so feel free to create a fork and add your own rules!

If you just want to use the rules, that’s possible as well, just go to the download page on Bitbucket and download the zipfile. The zipfile contains a dll of the initial release at the moment, although I hope to steadily add new rules to the project.


9 thoughts on “Adding FxCop rules to Sonarqube

  1. Thanks for your great posts! I just want to point out a little typo in GetItemUsingId rule: The description field should start with <![CDATA[ instead of <!CDATA[
    Otherwise sonar would start reporting a 503 Error.
    After fixing that, your custom rules are working fine now in my Sonar.

    • Great to hear they are working for you! I’ll fix the GetItemUsingId rule, thanks for that! If you have any recommendations or additions to the rules, please feel free to extend it 🙂

  2. Hi All,

    I am using Sonar 4.5.1 but I am not able to see fxCop custom Rule user interface can you please inform me where can I find field to enter fxcop custom rule XML? That would be great help. Thanks

  3. Hi Trayek,
    We included sitecore.fxcop.dll from sitecore marketplace in Microsoft fxcop 10x as advised.
    But when we started the analysis, we got the error message stating “Unable to load rule assembly ‘c:\program files\microsoft fxcop 10.0\rules\sitecore.fxcop.dll’.

    Could you help me understand why this error occurs and how to solve this.

    Thanks & Regards,

    • First thing I’ll need to know is whether the dll itself is blocked – right-click on the file and go to its properties. Is there a checkbox that says the file is blocked because it’s downloaded? If so please untick that box.

      Second, are you running it as an application or through a command? If you’re running it through a command you might have to pass along the path to a couple of Sitecore assemblies (Potentially any you reference in your code). It might be easiest to run it through the FxCop application and check whether it works.

      • Thanks Trayek.

        One more thing I would like to know is, whether this is compatible with .Net Framework 4.5 and MVC 4. And our solution is built with VS 2012.

  4. I have downloaded version 1.1 from the link here, unblocked and unzipped the download and copied the Sitecore.FxCop.dll to %programfiles(x86)%\Microsoft Visual Studio 14.0\Team Tools\Static Analysis Tools\FxCop\Rules.

    I am using SonarQube 5.6. I navigate to the rules URL and from the repository select fxcop rules to configure a new custom FxCop Rule. I select the custom fx rule option, the create new custom rule has the following options now;
    – Name
    – Key
    – Description
    – Severity
    – Status
    – Check Id

    I create the new rule by adding the name as ‘CA9999: Sitecore Rules’ and add a description and select the severity and status. So far the configuration feels correct. I then activate this rule in the default C# quality profile.

    Now when I run the sonarQube analysis on the default quality profile it fails with the following message…

    ” Unable to load rule assembly ‘c:\program files (x86)\microsoft visual studio 14.0\team tools\static analysis tools\fxcop\rules\sitecore.fxcop.dll’: Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information.
    2016-07-05T11:52:14.6916013Z ##[error]CA0053 : Unable to load rule assembly ‘c:\program files (x86)\microsoft visual studio 14.0\team tools\static analysis tools\fxcop\rules\sitecore.fxcop.dll’: Unable to load one or more of the requested types. Retrieve the LoaderExceptions property for more information. ”

    Can you help troubleshoot why loading the assembly with the rule set fails? Any pointers will be appreciated…

    • I’d reckon this is a dependency thing from the looks of things. I’ve built the solution in VS2013 so if you’re using a different version that might be the issue.
      Alternatively I guess the version of FxCop might play a part as well. From the top of my head I was using FxCop 1.36.

      • I’ve upgraded it to work with VS2015 and FxCop 10. I’ll submit a pull request once I’ve tested all the rules.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.