TFS构建忽略配置的代码分析规则集 [英] TFS Build ignores configured Code Analysis ruleset
问题描述
我有一个使用混合的.csproj和project.json组合的解决方案(出于Nuget管理的目的).因此,基本上,"project.json"文件就像具有浮动版本功能的"packages.config"文件一样.
I have a solution that is using an hybrid .csproj and project.json combination (for nuget management purposes). So basically the "project.json" file is working as a "packages.config" file with a floating version capability.
此解决方案使用自定义RuleSet,该规则集通过Package分发,并自动导入.在开发机器上,可以正常工作.
This solution is using a custom RuleSet that is being distributed via Package, and is imported automatically. On the dev machine, works without a problem.
在构建机器上(也就是说,在机器内部,以用户身份工作),该解决方案也可以毫无问题地进行编译.
At the build machine (that is, inside the machine itself, working as an user) the solution also compiles without a problem.
但是,当vNext内部版本(这是新内部版本系统的名称吗?)排队时,它会完全忽略自定义规则集,而仅使用StyleCop一个(也包括在内),它会给出一系列警告.所述警告不应出现,因为自定义规则集基本上会禁止这些警告(例如:Warning SA1404: Code analysis suppression must have justification,
Warning SA1124: Do not use regions等)
However, when a vNext build (is this the name for the new build system?) is queued, it ignores completely the custom ruleset and just uses the StyleCop one (that is also included), which gives a bunch of warnings. Said warnings should not appear as the Custom RuleSet basically suppresses those warnings (ie: Warning SA1404: Code analysis suppression must have justification,
Warning SA1124: Do not use regions, etc)
据我检查,没有设置可以指定规则集,并且这适用于XAML Builds.导致此问题的新构建系统有何不同?有没有办法从定义中强制/指定代码分析规则集?
As far as I have checked, there is no setting to specify the ruleset, and this works with XAML Builds. What is different in this new build system that is causing this? Is there a way to force/specify the Code Analysis Rule Set from the definition?
预先感谢您对此事的任何帮助或建议.
Thanks in advance for any help or advice on the matter.
在jessehouwing的出色帮助下进行了反复调试之后,我必须在初始报告中包括以下详细信息(由于我不知道它的影响力,我将其忽略了):
After debugging back and forth with the wonderful help of jessehouwing I must include the following detail on my initial report (that I ignored as I did not know that it was influential):
我正在对构建定义使用SonarQube Analysis.
起初我没有提到它,因为我不知道它在构建时就代替了代码分析(而且不仅仅在它分析"时,如我所想).
I initially did not mention it as I did not know that it replaces the Code Analysis at Build Time (and not only when it "analyzes", as I thought).
推荐答案
如果您正在使用SonarQube任务
SonarQube任务会即时生成一个新的代码分析规则集文件,并将覆盖为项目配置的文件.无论您先前指定了什么,都将使用这些规则集.
If you are using the SonarQube tasks
The SonarQube tasks generate a new Code Analysis Ruleset file on the fly and will overwrite the one configured for the projects. These rulesets will be used regardless of what you've previously specified.
命名规则集有一个技巧,您可以通过该技巧包括自己的替代项.
There is a trick to the naming of the rulesets through which you can include your own overrides.
More information on the structure can be found in the blog post from the SonarQube/Visual Studio team. Basically when you Bind your solution to SonarQube it will generate 2 ruleset files. One which will be overwritten during build, the other containing your customizations.
There is a toolkit/SDK to generate a SonarQube plugin for custom analyzers which allow you to import your rules into SonarQube, so it will know what rules to activate for your project(s).
是的,您可以指定要使用的规则集并强制运行代码分析.它需要几个MsBuild参数:
Yes you can specify the ruleset you want to use and force Code Analysis to run. It requires a couple of MsBuild arguments:
/p:RunCodeAnalysis=true /p:CodeAnalysisRuleset="PathToRuleset"
或者您可以使用我的 MsBuild帮助程序扩展借助UI模板配置这些设置:
这篇关于TFS构建忽略配置的代码分析规则集的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
