feat: pmd running

Author: andrzej-janczak

.codacy/codacy.yaml

@@ -1,6 +1,6 @@
 runtimes:
     - [email protected]
 tools:
-    - eslint@9.3.0
+    - eslint@8.57.0
     - [email protected]
     - [email protected]

cmd/analyze.go

@@ -9,6 +9,7 @@ import (
 	"log"
 	"net/http"
 	"os"
+	"os/exec"
 
 	"github.com/spf13/cobra"
 )
@@ -20,6 +21,7 @@ var outputFormat string
 var sarifPath string
 var commitUuid string
 var projectToken string
+var pmdRulesetFile string
 
 type Sarif struct {
 	Runs []struct {
@@ -95,6 +97,7 @@ func init() {
 	analyzeCmd.Flags().StringVarP(&toolToAnalyze, "tool", "t", "", "Which tool to run analysis with")
 	analyzeCmd.Flags().StringVar(&outputFormat, "format", "", "Output format (use 'sarif' for SARIF format)")
 	analyzeCmd.Flags().BoolVar(&autoFix, "fix", false, "Apply auto fix to your issues when available")
+	analyzeCmd.Flags().StringVar(&pmdRulesetFile, "rulesets", "", "Path to PMD ruleset file")
 	rootCmd.AddCommand(analyzeCmd)
 }
 
@@ -207,7 +210,32 @@ func runPmdAnalysis(workDirectory string, pathsToCheck []string, outputFile stri
 	pmd := config.Config.Tools()["pmd"]
 	pmdBinary := pmd.Binaries["pmd"]
 
-	err := tools.RunPmd(workDirectory, pmdBinary, pathsToCheck, outputFile, outputFormat)
+	// Build PMD command arguments
+	args := []string{"check"}
+
+	// Add ruleset file if provided
+	if pmdRulesetFile != "" {
+		args = append(args, "--rulesets", pmdRulesetFile)
+	}
+
+	// Add format options
+	if outputFormat == "sarif" {
+		args = append(args, "--format", "sarif")
+	}
+
+	if outputFile != "" {
+		args = append(args, "--report-file", outputFile)
+	}
+
+	// Add directory to scan
+	args = append(args, "--dir", workDirectory)
+
+	cmd := exec.Command(pmdBinary, args...)
+	cmd.Dir = workDirectory
+	cmd.Stderr = os.Stderr
+	cmd.Stdout = os.Stdout
+
+	err := cmd.Run()
 	if err != nil {
 		log.Fatalf("Error running PMD: %v", err)
 	}

tools/pmdRunner.go

@@ -6,9 +6,14 @@ import (
 )
 
 // RunPmd executes PMD static code analyzer with the specified options
-func RunPmd(repositoryToAnalyseDirectory string, pmdBinary string, pathsToCheck []string, outputFile string, outputFormat string) error {
+func RunPmd(repositoryToAnalyseDirectory string, pmdBinary string, pathsToCheck []string, outputFile string, outputFormat string, rulesetFile string) error {
 	cmd := exec.Command(pmdBinary, "check")
 
+	// Add ruleset file if provided
+	if rulesetFile != "" {
+		cmd.Args = append(cmd.Args, "--rulesets", rulesetFile)
+	}
+
 	// Add format options
 	if outputFormat == "sarif" {
 		cmd.Args = append(cmd.Args, "--format", "sarif")

tools/pmdRunner_test.go

@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"log"
 	"os"
+	"os/exec"
 	"path/filepath"
 	"strings"
 	"testing"
@@ -21,17 +22,23 @@ func TestRunPmdToFile(t *testing.T) {
 		log.Fatal(err.Error())
 	}
 
-	testDirectory := "testdata/repositories/pmd"
+	// Get absolute paths for test files
+	testDirectory := filepath.Join(currentDirectory, "testdata/repositories/pmd")
 	tempResultFile := filepath.Join(os.TempDir(), "pmd.sarif")
 	defer os.Remove(tempResultFile)
 
-	repositoryToAnalyze := filepath.Join(testDirectory, "src")
+	// Use absolute paths for repository and ruleset
+	repositoryToAnalyze := testDirectory
+	rulesetFile := filepath.Join(testDirectory, "pmd-ruleset.xml")
 
 	pmdBinary := filepath.Join(homeDirectory, ".cache/codacy/tools/[email protected]/pmd-bin-7.12.0/bin/pmd")
 
-	err = RunPmd(repositoryToAnalyze, pmdBinary, nil, tempResultFile, "sarif")
+	err = RunPmd(repositoryToAnalyze, pmdBinary, nil, tempResultFile, "sarif", rulesetFile)
+	// PMD returns exit status 4 when violations are found, which is expected in our test
 	if err != nil {
-		t.Fatalf("Failed to run PMD: %v", err)
+		if exitErr, ok := err.(*exec.ExitError); ok && exitErr.ExitCode() != 4 {
+			t.Fatalf("Failed to run PMD: %v", err)
+		}
 	}
 
 	// Check if the output file was created
@@ -43,6 +50,7 @@ func TestRunPmdToFile(t *testing.T) {
 	filePrefix := "file://" + currentDirectory + "/"
 	fmt.Println(filePrefix)
 	actualSarif := strings.ReplaceAll(obtainedSarif, filePrefix, "")
+	actualSarif = strings.TrimSpace(actualSarif)
 
 	// Read the expected SARIF
 	expectedSarifFile := filepath.Join(testDirectory, "expected.sarif")

tools/testdata/repositories/pmd/RulesBreaker.java

@@ -0,0 +1,20 @@
+
+/**
+ * This class demonstrates various PMD rule violations.
+ * It is used for testing PMD's rule detection capabilities.
+ * 
+ * @author Codacy Test Team
+ * @version 1.0
+ */
+
+package com.codacy.test;
+
+/**
+ * A class that demonstrates PMD rule violations.
+ */
+public class RulesBreaker {
+
+    // Breaking naming convention rules
+    private int x;
+
+}

tools/testdata/repositories/pmd/expected.sarif

@@ -0,0 +1,203 @@
+{
+  "$schema": "https://json.schemastore.org/sarif-2.1.0.json",
+  "version": "2.1.0",
+  "runs": [
+    {
+      "tool": {
+        "driver": {
+          "name": "PMD",
+          "version": "7.12.0",
+          "informationUri": "https://docs.pmd-code.org/latest/",
+          "rules": [
+            {
+              "id": "AtLeastOneConstructor",
+              "shortDescription": {
+                "text": "Each class should declare at least one constructor"
+              },
+              "fullDescription": {
+                "text": "\n\nEach non-static class should declare at least one constructor.\nClasses with solely static members are ignored, refer to [UseUtilityClassRule](pmd_rules_java_design.html#useutilityclass) to detect those.\n\n        "
+              },
+              "helpUri": "https://docs.pmd-code.org/pmd-doc-7.12.0/pmd_rules_java_codestyle.html#atleastoneconstructor",
+              "help": {
+                "text": "\n\nEach non-static class should declare at least one constructor.\nClasses with solely static members are ignored, refer to [UseUtilityClassRule](pmd_rules_java_design.html#useutilityclass) to detect those.\n\n        "
+              },
+              "properties": {
+                "ruleset": "Code Style",
+                "priority": 3,
+                "tags": [
+                  "Code Style"
+                ]
+              }
+            },
+            {
+              "id": "UnusedPrivateField",
+              "shortDescription": {
+                "text": "Avoid unused private fields such as 'x'."
+              },
+              "fullDescription": {
+                "text": "\nDetects when a private field is declared and/or assigned a value, but not used.\n\nSince PMD 6.50.0 private fields are ignored, if the fields are annotated with any annotation or the\nenclosing class has any annotation. Annotations often enable a framework (such as dependency injection, mocking\nor e.g. Lombok) which use the fields by reflection or other means. This usage can't be detected by static code analysis.\nPreviously these frameworks where explicitly allowed by listing their annotations in the property\n\"ignoredAnnotations\", but that turned out to be prone of false positive for any not explicitly considered framework.\n        "
+              },
+              "helpUri": "https://docs.pmd-code.org/pmd-doc-7.12.0/pmd_rules_java_bestpractices.html#unusedprivatefield",
+              "help": {
+                "text": "\nDetects when a private field is declared and/or assigned a value, but not used.\n\nSince PMD 6.50.0 private fields are ignored, if the fields are annotated with any annotation or the\nenclosing class has any annotation. Annotations often enable a framework (such as dependency injection, mocking\nor e.g. Lombok) which use the fields by reflection or other means. This usage can't be detected by static code analysis.\nPreviously these frameworks where explicitly allowed by listing their annotations in the property\n\"ignoredAnnotations\", but that turned out to be prone of false positive for any not explicitly considered framework.\n        "
+              },
+              "properties": {
+                "ruleset": "Best Practices",
+                "priority": 3,
+                "tags": [
+                  "Best Practices"
+                ]
+              }
+            },
+            {
+              "id": "ShortVariable",
+              "shortDescription": {
+                "text": "Avoid variables with short names like x"
+              },
+              "fullDescription": {
+                "text": "\nFields, local variables, enum constant names or parameter names that are very short are not helpful to the reader.\n        "
+              },
+              "helpUri": "https://docs.pmd-code.org/pmd-doc-7.12.0/pmd_rules_java_codestyle.html#shortvariable",
+              "help": {
+                "text": "\nFields, local variables, enum constant names or parameter names that are very short are not helpful to the reader.\n        "
+              },
+              "properties": {
+                "ruleset": "Code Style",
+                "priority": 3,
+                "tags": [
+                  "Code Style"
+                ]
+              }
+            },
+            {
+              "id": "CommentRequired",
+              "shortDescription": {
+                "text": "Field comments are required"
+              },
+              "fullDescription": {
+                "text": "\nDenotes whether javadoc (formal) comments are required (or unwanted) for specific language elements.\n        "
+              },
+              "helpUri": "https://docs.pmd-code.org/pmd-doc-7.12.0/pmd_rules_java_documentation.html#commentrequired",
+              "help": {
+                "text": "\nDenotes whether javadoc (formal) comments are required (or unwanted) for specific language elements.\n        "
+              },
+              "properties": {
+                "ruleset": "Documentation",
+                "priority": 3,
+                "tags": [
+                  "Documentation"
+                ]
+              }
+            }
+          ]
+        }
+      },
+      "results": [
+        {
+          "ruleId": "AtLeastOneConstructor",
+          "ruleIndex": 0,
+          "message": {
+            "text": "Each class should declare at least one constructor"
+          },
+          "locations": [
+            {
+              "physicalLocation": {
+                "artifactLocation": {
+                  "uri": "testdata/repositories/pmd/RulesBreaker.java"
+                },
+                "region": {
+                  "startLine": 15,
+                  "startColumn": 8,
+                  "endLine": 15,
+                  "endColumn": 13
+                }
+              }
+            }
+          ]
+        },
+        {
+          "ruleId": "UnusedPrivateField",
+          "ruleIndex": 1,
+          "message": {
+            "text": "Avoid unused private fields such as 'x'."
+          },
+          "locations": [
+            {
+              "physicalLocation": {
+                "artifactLocation": {
+                  "uri": "testdata/repositories/pmd/RulesBreaker.java"
+                },
+                "region": {
+                  "startLine": 18,
+                  "startColumn": 17,
+                  "endLine": 18,
+                  "endColumn": 18
+                }
+              }
+            }
+          ]
+        },
+        {
+          "ruleId": "ShortVariable",
+          "ruleIndex": 2,
+          "message": {
+            "text": "Avoid variables with short names like x"
+          },
+          "locations": [
+            {
+              "physicalLocation": {
+                "artifactLocation": {
+                  "uri": "testdata/repositories/pmd/RulesBreaker.java"
+                },
+                "region": {
+                  "startLine": 18,
+                  "startColumn": 17,
+                  "endLine": 18,
+                  "endColumn": 18
+                }
+              }
+            }
+          ]
+        },
+        {
+          "ruleId": "CommentRequired",
+          "ruleIndex": 3,
+          "message": {
+            "text": "Field comments are required"
+          },
+          "locations": [
+            {
+              "physicalLocation": {
+                "artifactLocation": {
+                  "uri": "testdata/repositories/pmd/RulesBreaker.java"
+                },
+                "region": {
+                  "startLine": 18,
+                  "startColumn": 17,
+                  "endLine": 18,
+                  "endColumn": 18
+                }
+              }
+            }
+          ]
+        }
+      ],
+      "invocations": [
+        {
+          "executionSuccessful": false,
+          "toolConfigurationNotifications": [
+            {
+              "associatedRule": {
+                "id": "LoosePackageCoupling"
+              },
+              "message": {
+                "text": "No packages or classes specified"
+              }
+            }
+          ],
+          "toolExecutionNotifications": []
+        }
+      ]
+    }
+  ]
+}

tools/testdata/repositories/pmd/pmd-ruleset.xml

@@ -0,0 +1,24 @@
+<?xml version="1.0"?>
+<ruleset name="Codacy PMD Ruleset"
+         xmlns="http://pmd.sourceforge.net/ruleset/2.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://pmd.sourceforge.net/ruleset/2.0.0 https://pmd.sourceforge.io/ruleset_xml_schema.xsd"
+         xsi:noNamespaceSchemaLocation="https://pmd.sourceforge.io/ruleset_xml_schema.xsd">
+
+    <description>
+        Basic PMD ruleset for Codacy analysis
+    </description>
+
+    <!-- Import basic rules -->
+    <rule ref="category/java/bestpractices.xml">
+        <exclude name="GuardLogStatement"/>
+    </rule>
+    <rule ref="category/java/codestyle.xml"/>
+    <rule ref="category/java/design.xml"/>
+    <rule ref="category/java/documentation.xml"/>
+    <rule ref="category/java/errorprone.xml"/>
+    <rule ref="category/java/multithreading.xml"/>
+    <rule ref="category/java/performance.xml"/>
+    <rule ref="category/java/security.xml"/>
+
+</ruleset>