Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/chkal/gitlab-code-quality-plugin
Maven plugin to transform SpotBugs and Checkstyle XML reports to GitLab's JSON report format
https://github.com/chkal/gitlab-code-quality-plugin
checkstyle-maven gitlab-ci java maven maven-plugins spotbugs-maven-plugin
Last synced: about 1 month ago
JSON representation
Maven plugin to transform SpotBugs and Checkstyle XML reports to GitLab's JSON report format
- Host: GitHub
- URL: https://github.com/chkal/gitlab-code-quality-plugin
- Owner: chkal
- License: apache-2.0
- Created: 2023-03-13T09:51:35.000Z (almost 2 years ago)
- Default Branch: master
- Last Pushed: 2024-11-09T13:15:23.000Z (about 2 months ago)
- Last Synced: 2024-11-09T14:23:30.854Z (about 2 months ago)
- Topics: checkstyle-maven, gitlab-ci, java, maven, maven-plugins, spotbugs-maven-plugin
- Language: Java
- Homepage: https://github.com/chkal/gitlab-code-quality-plugin
- Size: 102 KB
- Stars: 10
- Watchers: 1
- Forks: 4
- Open Issues: 0
-
Metadata Files:
- Readme: README.adoc
- License: LICENSE
Awesome Lists containing this project
README
= gitlab-code-quality-plugin
:version_stable: 1.1.0
:version_snapshot: 1.2.0-SNAPSHOT
This Maven plugin allows you to transform XML reports created by code quality tools like
https://spotbugs.github.io/[SpotBugs] and https://checkstyle.org/[Checkstyle]
into a JSON format supported by https://about.gitlab.com/[GitLab] to displayed
identified issues in the merge request widget.
image::.readme/gitlab-merge-request-widget.png[]
== Usage
=== Step 1: Set up SpotBugs and/or Checkstyle
As this plugin processes XML reports of other code quality tools, you have to set up
the Maven plugins for SpotBugs and/or Checkstyle first.
Such a setup could look like this:
[source,xml,subs="+attributes"]
----
com.github.spotbugs
spotbugs-maven-plugin
4.7.3.3
verify
spotbugs
org.apache.maven.plugins
maven-checkstyle-plugin
3.2.1
verify
checkstyle
https://raw.githubusercontent.com/checkstyle/checkstyle/master/src/main/resources/google_checks.xml
false
com.puppycrawl.tools
checkstyle
10.9.3
----
=== Step 2: Add the plugin to your pom.xml
Now add the following plugin definition to your `pom.xml`:
[source,xml,subs="+attributes"]
----
de.chkal.maven
gitlab-code-quality-plugin
{version_stable}
verify
generate
----
Without any explicit configuration, the plugin will look for XML reports in the following locations:
* `target/spotbugsXml.xml`
* `target/checkstyle-result.xml`
If corresponding XML files are found and contain at least one issue, the plugin will
generate the following JSON file:
* `target/gl-code-quality-report.json`
=== Step 3: Add the plugin to your pom.xml
Finally, you will have to tell GitLab about generated JSON file by modifying your `.gitlab-ci.yml` file like this:
[source,yaml]
----
build:
stage: build
image: ...
script:
- ...
artifacts:
reports:
codequality:
- target/gl-code-quality-report.json
----
With these changes, GitLab will show all findings in the merge request widget.
== Advanced configuration
In most cases, no explicit configuration of the plugin is required.
But depending on your needs, fine-tuning the configuration may be valuable.
The following example shows all available configuration parameters with their
default values:
[source,xml,subs="+attributes"]
----
de.chkal.maven
gitlab-code-quality-plugin
{version_stable}
generate
true
${project.build.directory}/spotbugsXml.xml
true
${project.build.directory}/checkstyle-result.xml
${project.build.directory}/gl-code-quality-report.json
----
== Multi-module configuration
If you want to use this plugin in a Maven multi-module project, you can simply add the plugin
to one of the parent POMs which ensures that the plugin is invoked for all reactor modules.
This will create one JSON output file for each module.
Unfortunately, GitLab only supports a single code quality JSON file per job
(see https://gitlab.com/gitlab-org/gitlab/-/issues/9014[this issues] for details).
To work around this limitation, you can use https://stedolan.github.io/jq/[jq] in your
pipeline to merge all JSON reports into a single one and use this instead.
See the following pipeline definition for an example:
[source,yaml]
----
build:
stage: build
image: ...
before_script:
- apt-get update && apt-get install -y jq
script:
- ...
after_script:
- find . -name gl-code-quality-report.json -print | xargs cat | jq -s "add" > merged-gl-code-quality-report.json
artifacts:
reports:
codequality:
- merged-gl-code-quality-report.json
----
== CLI usage
The plugin may also be used and configured using the Maven CLI. Available configuration properties are:
* `glcqp.spotbugsEnabled`
* `glcqp.spotbugsInputFile`
* `glcqp.checkstyleEnabled`
* `glcqp.checkstyeInputFile`
* `glcqp.outputFile`
They are used like this:
[source,shell,subs="+attributes"]
----
mvn de.chkal.maven:gitlab-code-quality-plugin:{version_stable}:check \
-Dglcqp.spotbugsEnabled=true \
-Dglcqp.spotbugsInputFile=target/spotbugsXml.xml \
-Dglcqp.checkstyleEnabled=true \
-Dglcqp.checkstyeInputFile=target/checkstyle-result.xml \
-Dglcqp.outputFile=target/gl-code-quality-report.json
----
== Using the latest snapshots
The latest snapshots of this plugin are deployed to the Sonatype OSSRH repository.
To use these latest snapshots, you will have to modify your `pom.xml` like this:
[source,xml,subs="+attributes"]
----
de.chkal.maven
gitlab-code-quality-plugin
{version_snapshot}
generate
sonatype-ossrh-snapshots
https://oss.sonatype.org/content/repositories/snapshots
----