The Sonar Cobol Product has got a fairly unique feature in the fact that its rules engine can be extended. It means that by writing a small Java piece of code, it is possible to develop some new custom checks.
The Sonar Cobol Product parses the source code, creates an Abstract Syntax Tree (AST) and then walks through the entire tree. A check can subscribe to be notified every time a type of node is visited. As soon as the check is notified, it can navigate the tree all around the node and log violations if necessary.
The process
Writing new Cobol checks is a six steps process :
- Create a standard Sonar plugin
- Extend the com.sonarsource.api.ast.CobolAstCheckRepository Sonar extension point to define your own repository of Cobol checks
- Create as many custom Cobol checks as required by extending com.sonarsource.api.ast.CobolAstCheck and add them to the previous checks repository
- Generate a Sonar plugin jar file
- Place this jar file in the extensions/plugins directory
- Restart the Sonar server
A simple template
To get started, you can use a simple sample project as a template. This is a straight forward working check. This check will basically log a violation on every file at line 5. There are only three prerequisites to get it working :
- Install Maven
- Build the project by running mvn install. This will generate a Sonar plugin jar file in the target directory
- Add your newly created jar into the /extensions/plugins directory of the Sonar server and restart Sonar
If you now go to quality profiles, you will find the new check. Don’t forget to activate it ! Run an analysis, you will find out that a violation was logged on line 5 of every file.
Subscribing to a NodeType
Very often when writing a check, you will want to subscribe to a NodeType. A NodeType can be either a rule of the grammar or a keyword of the language. As an example, here is the code of the implementation of the “Avoid using Merge statement” check:
It is to be noted that CICS and SQL grammars can be accessed using getCicsGrammar() and getSqlGrammar().
Introduction to the check lifecycle
A check can optionally overrides six methods inherited from the CobolAstCheck abstract class. Those methods are called sequentially in the following order :
- public void init() {…} : This method is called only once and should be used to subscribe to one or more NodeType(s).
- public void visitFile(AstNode astNode) {…} : This method is called on each file before starting the parsing.
- public void visitNode(AstNode astNode) {…} : This method is called when an AstNode matches a subscribed NodeType (see Subscribing to a NodeType) and before analyzing its content.
- …
- public void leaveNode(AstNode astNode) {…} : This method is called when a nAstNode matches a desired NodeType (see Subscribing to a NodeType) and after analyzing its content.
- public void leaveFile(AstNode astNode) {…} : This method is called before exiting a file.
- public void destroy() {…} : This method is called before shutting down the check.
The different kind of log(…) methods, used to log a violation, should be called only inside the visitFile(…), visitNode(…), leaveNode(…) and leaveFile(…) methods. Indeed, the file context isn’t known when the init() and destroy() methods are called, so the violation can’t be associated to a file.
More advanced features are documented in the API Javadoc.
Viewing the AST (Abstract Syntax Tree) with the Cobol SSDK
When starting to write a new Cobol check, the main difficulty is to understand the Cobol AST in order to know which NodeType(s) need to be visited. This can be achieved by using the Cobol SSDK (SonarSource Development Kit), a Swing application that enable to load a Cobol file and display its representation as an Abstract Syntax Tree.
Each node in the AST tree is a Cobol grammar rule and each leaf in the AST tree is a Cobol token. Let’s say, you want to visit the node ‘ifStatement’, in that case the the init() method of your Cobol check must contains the following statement : “subscribeTo(getCobolGrammar().ifStatement);”.