Findbugs for Git Pull Request - McMap

About

Findbugs for Git Pull Request

Asked 4/9, 2014 at 22:38 Answered 6/10, 2014 at 8:41

Solved git jenkins findbugs pull-request static-code-analysis

D

1

10

Is there a way to setup Findbugs (or any other static code analysis tool) in Jenkins to analyse the incoming pull requests and compare the result with the main branch? My goal is to reject pull requests which increase the number of static code analysis issues.

Dogeared answered 4/9, 2014 at 22:38 Comment(5)

I think.... there might be no way (I am glad...if any one can come with the way...) – Seeseebeck 5/9, 2014 at 5:24

Pull requests have Travis CI integration. Maybe you can setup a Travis configuration that does what you want. Not sure if it's possible or easy but worth a shot. – Heartbroken 5/9, 2014 at 7:22

Thanks for the suggestion. Unfortunately I'm kind of stuck with Jenkins. – Dogeared 5/9, 2014 at 15:1

Are you having a maven-job ins Jenkins? – Cantata 6/10, 2014 at 8:26

4 years later, and I'm still looking for the same thing. :-) Another alternative would be to only analyze the code changes like SonarQube, and make sure the changes does not have any (major) violations. That tool is however not free if you want Github integrations with PR comments on found issues. And for Java 10+ I have not found any working third party tool that does the github integration either as of today. – Arsenite 9/11, 2018 at 8:17

C

2

You can realize your idea by using the Maven-plugins checkstyle, findbugs and pmd (-cpd).

Each of this plugin has a ":check"-mojo, which can fail the build - based on zero or configured rule-violations.

This mojos are bound to the maven-"verify"-phase, so mvn verify will do the job - or you execute the mojos directly within your jenkins-build (job-configuration "Build" -> "Goals and options" -> mvn verfiy, or mvn test checkstyle:check).

The plugins have different ways to configure a fail.

For example, checkstyle-plugin has maxAllowedViolations-configuration-parameter. So you can set this parameter to your current violations-count, and use mvn verfiy or mvn checkstyle:check to let your build fail, if a new violation occurs. Of course, you would have to increase this parameter every time a checkstyle-violation is fixed.

In fingbugs-plugin, your build would have to be free of violations, before you can use mvn findbugs:check.

Cantata answered 6/10, 2014 at 8:41 Comment(2)

I will accept this answer, because apparently that is closest thing to a solution. Even though both solutions are not really practicable. Adjusting checkstyle maxAllowedViolations every time is maintenance I don't want to do and findbugs violations having to be at zero means there are checks I have to exclude from the Jenkins build, which is actually what I wanted to avoid. – Dogeared 6/10, 2014 at 15:22

Actually, I don't think pmd is necessary for the checks you suggest. findbugs and checkstyle have themselves options to fail a maven build. – Dogeared 6/10, 2014 at 15:25

Recommended topics

#Godot #Unity #Godot 4.X #Mongodb

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

© 2022 - 2024 — McMap. All rights reserved.